This page describes the bigger next steps in the development of Samba. The purpose is to point out the broader direction into which Samba is heading.
File Server (smbd)
- SMB2 leases - WIP (Volker)
- See Samba3/SMB2#SMB_3.0
- multi-channel - WIP (Metze, Obnox)
- persistent file handles
- witness notification protocol - WIP (Metze)
- prerequisite: asynchronous RPC server. See DCERPC
- RDMA (SMB direct) - Planning (Metze, Rsharpe, Obnox)
- directory leases
- clustering - Planning/WIP (Obnox)
- continuously available shares, scale-out shares
Clustering - CTDB
- integrate CTDB master into samba master:
- Performance on small-CPU platforms (like ARM)
- reduce CPU usage
- performance in clusters, TDB/CTDB
- Parallel, small I/O (HyperV) workload
Active Directory Server
- sysvol replication (file system replication)
- FRS / DFSR
- See DCERPC
- use source3/winbindd in AD server
- forest trusts
- FRS / DFSR
- MIT Kerberos support in AD server
- Create preloadable wrappers (IN_PROGRESS)
- Re-test existing MIT KDC glue around the hdb backend
- Use the OpenLDAP Database engine and LDAP protocol handlers in AD server
A lot of DCE/RPC work needs to be done before we can really finish this task.
- async schannel (NETLOGON) client (Metze)
- merged crypto handling for samlogon cred validation (Günther/Metze)
- merged libnetjoin interfaces (Günther/Metze)
- DCE/RPC client API changes (Günther/Metze)
- tevent based async infrastructure (new services: witness, replication, snapshot, PAR)
- client context (get rid of lp_ usage and globals for client details)
- association group implementation
- DCE/RPC server API merge and cleanup
- See DCERPC
Abstract data model
We might want to implement the abstract data model as outlined in MS-ADPS and other specs. This would allow to abstract the existing interfaces (dsdb/passdb) which both are not the best match for trust handling. Once we have that, and we have the common DCE/RPC infrastructure, we can easily plug implementations for trusts (e.g. from s3) into s4 (and vice-versa).
- We need to find a way to setup multi-trust environments during make test to test more compelx scenarios (e.g. the forst trust test from Sumit Bose).
- We need to test trust calls on MEMBER and DC configurations.
- Samba4 lacks support for some LSA and Netlogon calls related to trusts, some of them exist in s3 some are in my master-netlogon branch.
The RPC server is an infrastructure component that is of crucial importance for both the file server and the active directory server. A few tasks in for the RPC server are prerequisites for higher level features in the file server and the active directory server.
- See DCERPC for details
- Reconcile source3 source4 server and client implementations
- Make RPC server (and client) implementation fully asynchronuous