Roadmap: Difference between revisions

From SambaWiki
Line 15: Line 15:
** Create preloadable wrappers (IN_PROGRESS)
** Create preloadable wrappers (IN_PROGRESS)
** Re-test existing MIT KDC glue around the hdb backend
** Re-test existing MIT KDC glue around the hdb backend
* OpenLDAP support in AD server
* [[Samba4/LDAP Backend|OpenLDAP support in AD server]]


=== Trust support ===
=== Trust support ===

Revision as of 21:33, 5 September 2013

Introduction

This page describes the bigger next steps in the development of Samba. It is not named roadmap since it does presently not provide a timeline. The purpose is to point out the broader direction into which Samba is heading.

Active Directory Server

  • sysvol replication (file system replication)
    • FRS / DFSR
    • use source3/winbindd in AD server
    • subdomains
    • forest trusts
  • MIT Kerberos support in AD server
    • Create preloadable wrappers (IN_PROGRESS)
    • Re-test existing MIT KDC glue around the hdb backend
  • OpenLDAP support in AD server

Trust support

A lot of DCE/RPC work needs to be done before we can really finish this task.

  • async schannel (NETLOGON) client (Metze)
  • merged crypto handling for samlogon cred validation (Günther/Metze)
  • merged libnetjoin interfaces (Günther/Metze)
  • DCE/RPC client API changes (Günther/Metze)
    • tevent based async infrastructure (new services: witness, replication, snapshot, PAR)
    • client context (get rid of lp_ usage and globals for client details)
    • association group implementation
  • DCE/RPC server API merge and cleanup

Some of the existing work can be found already here:

   https://gitweb.samba.org/?p=metze/samba/wip.git;a=shortlog;h=refs/heads/master4-dcerpc
   https://gitweb.samba.org/?p=metze/samba/wip.git;a=shortlog;h=refs/heads/master4-schannel

Abstract data model

We might want to implement the abstract data model as outlined in MS-ADPS and other specs. This would allow to abstract the existing interfaces (dsdb/passdb) which both are not the best match for trust handling. Once we have that, and we have the common DCE/RPC infrastructure, we can easily plug implementations for trusts (e.g. from s3) into s4 (and vice-versa).

Testing

  • We need to find a way to setup multi-trust environments during make test to test more compelx scenarios (e.g. the forst trust test from Sumit Bose).
  • We need to test trust calls on MEMBER and DC configurations.

LSA/Netlogon

  • Samba4 lacks support for some LSA and Netlogon calls related to trusts, some of them exist in s3 some are in my master-netlogon branch.

File Server (smbd)

SMB2

  • SMB2 leases

SMB3

  • multi-channel
  • persistent file handles
  • witness notification protocol
    • asynchronous RPC server
  • RDMA (SMB direct)
  • directory leases
  • clustering
    • continuously available shares, scale-out shares

CTDB

  • integrate CTDB master into samba master