This page describes the bigger next steps in the development of Samba. The purpose is to point out the broader direction into which Samba is heading.
File Server (smbd)
- See Samba3/SMB2#SMB_3.0
- multi-channel - WIP (Metze, Michael)
- persistent file handles
- witness notification protocol - WIP (Metze)
- prerequisite: asynchronous RPC server. See DCERPC
- RDMA (SMB direct) - Planning (Metze, Richard, Michael)
- directory leases
- clustering - Planning/WIP (Michael)
- continuously available shares, scale-out shares
Clustering - CTDB
- integrate CTDB master into samba master:
- Performance on small-CPU platforms (like ARM)
- reduce CPU usage
- performance in clusters, TDB/CTDB
- Parallel, small I/O (HyperV) workload
Active Directory Server
- sysvol replication (file system replication)
- FRS / DFSR
- See DCERPC
- use source3/winbindd in AD server
- forest trusts
- FRS / DFSR
- MIT Kerberos support in AD server (IN_PROGRESS, HELP NEEDED, TESTING NEEDED! Talk to Günther and Andreas to help with resources)
- Create preloadable wrappers (DONE)
- Re-test existing MIT KDC glue around the hdb backend (this has been completely rewritten)
A lot of DCE/RPC work needs to be done before we can really finish this task.
- async schannel (NETLOGON) client (Metze)
- merged crypto handling for samlogon cred validation (Günther/Metze)
- merged libnetjoin interfaces (Günther/Metze)
- DCE/RPC client API changes (Günther/Metze)
- tevent based async infrastructure (new services: witness, replication, snapshot, PAR)
- client context (get rid of lp_ usage and globals for client details)
- association group implementation
- DCE/RPC server API merge and cleanup
- See DCERPC
Abstract data model
We might want to implement the abstract data model as outlined in MS-ADPS and other specs. This would allow to abstract the existing interfaces (dsdb/passdb) which both are not the best match for trust handling. Once we have that, and we have the common DCE/RPC infrastructure, we can easily plug implementations for trusts (e.g. from s3) into s4 (and vice-versa).
- We need to find a way to setup multi-trust environments during make test to test more compelx scenarios (e.g. the forst trust test from Sumit Bose).
- We need to test trust calls on MEMBER and DC configurations.
- Samba4 lacks support for some LSA and Netlogon calls related to trusts, some of them exist in s3 some are in my master-netlogon branch.
The RPC server is an infrastructure component that is of crucial importance for both the file server and the active directory server. A few tasks in for the RPC server are prerequisites for higher level features in the file server and the active directory server.