What is Samba 4 meant to accomplish? In simplest terms, Samba 4 is an ambitious, yet achievable, reworking of the Samba code. Major features for Samba 4 already include:
- support of the 'Active Directory' logon and administration protocols
- new 'full coverage' testsuites
- full NTFS semantics for sharing backends
- Internal LDAP server, with AD semantics
- Internal Kerberos server, including PAC support
- fully asynchronous internals
- flexible process models
- better scalablilty from micro to very large installations
- new RPC infrastructure (PIDL)
- flexible database architecture (LDB)
- embedded scripting language (ejs)
- generic security subsystem (GENSEC)
- over 50% auto-generated code!
One of the goals of Samba4 is to implement an Active Directory compatible Domain Controller. Andrew Bartlett has written an excellent thesis on issues involved in developing an AD DC, which is also a good resource on Samba4's development in this area. The thesis was published on news.samba.org and is available here (in PDF).
Volker Lendecke has also written an excellent Advances in Samba4 paper (in PDF), and in May 2005, Tridge gave a Samba4 Progress report and Roadmap. Since that time, we have implemented an embedded web server, a KDC and made vast improvements to the embedded LDAP server.
In short, you can join a WinNT, Win2000, WinXP or Win2003 member server to a Samba4 domain, and it will behave much as it does in AD, including Kerberos domain logins where applicable.
Samba4 development is moving very rapidly, but there is still much work to be done. A date has not been set for an official release, but the current source is available from our Git repository. To browse the source via a web browser, see Samba4's gitweb pages. For more info on obtaining the sources via a Git client, see the samba.org devel page.
Samba 4 is currently not yet in a state where it can replace existing production deployments.
- Fedora DS LDAP backend HOWTO
- OpenLDAP LDAP backend HOWTO
- Smart Card login (to windows clients) HOWTO
- Shared Library plans
- Test status
- Gtk+ frontends
- Active Directory plans
- Domain Member plans
- LDAP directory server backend plans