Mike Brodbelt m.brodbelt at
Fri Sep 29 10:29:03 GMT 2000

"Cole, Timothy D." wrote:
> > -----Original Message-----
> > From: Mike Brodbelt [SMTP:m.brodbelt at]
> > Sent: Tuesday, September 26, 2000 13:06
> > To:   Samba NT Domains Mailing List
> > Subject:      Re: TNG-stable
> >
> > > The problem here is that people have come to EXPECT that you can plug
> > Samba
> > > in as a replacement for Win2k for file and print service.
> >
> > Then people are idiots. No such claim with regard to Win2k has ever been
> > mentioned.
> >
>         Unfortunately, the expectation of the outside world (and as far as I
> can tell this is pretty much universal) is that Samba will be able to do
> precisely this, relatively soon.

The expectations I've seen are admittedly based on wish lists as opposed
to reality.
>         If it doesn't after a while, a lot of Unix and Samba installations
> are going away, by necessity.

I hope not, but I definitely agree that at least NT4 domain support is
needed in the relatively short term. As time goes by, there are places
where Samba becomes less viable without this. I have an NT4 PDC here
that I've been waiting to get rid of for a while - it's not drastically
important to me, but I know people who are holding out for domain
support. The fact that many people are using TNG as a domain controller
and 2.0.7 as the file server really does demonstrate that the
functionality is very much in demand. I haven't heard nearly as many
people expressing concern over Win2k interoperability yet...
> >
> > If you need Exchange, run it on an NT server. You can't run Exchange on
> > Un*x anyway, so what's the problem here?
> >
>         The problem here is, simply put, that Windows services, including
> Exchange, are more or less a package deal.

Ball and chain deal, don't you mean :-)
>         If there isn't some realistic expectation of eventually being to
> replace ALL services hosted on NT, including Exchange, then it's really not
> worth the extra pain of continuing to maintainin NT and Unix installations
> side-by-side.  

But even running MS only involves admin pain. My Samba box hasn't been
rebooted since October last year - my NT box lasts a few weeks at most.
I run Samba/Unix systems at work for reasons of reliability/flexibility,
and to a lesser extent, cost. I use Linux at home for philosophical
reasons, but that alone would not be adequate justification for my
professional recommendation.

>         This doesn't mean that Samba should worry about being an Exchange
> server itself, but it does mean that right now is a good time to be thinking
> about (and implementing!!!) the necessary hooks to allow things like a Unix
> Exchange replacement to play nicely with Samba.

I have been hoping that if the RPC's for User Manager/Server Manager and
such like to work are implemented, then Exchange compatibility and
similar will just sort of "fall out" of the process.


>         In general, Samba development as of late (particularly the past 6
> months) has been severely hampered by two aspects of the Samba development
> "culture":
>          1. the expectation that implementations should spring "fully formed
> from the head of Zeus" in their ideal form

Yes, I see this on the lists. I appreciate Jeremy's position in terms of
feeling it to be *necessary* to avoid any sacrifice in stability though.
Far more Samba installations would vanish if the software was unstable.
The complexities of the SMB protocol server to make Samba (and NT)
quirky enough to set up right. If there were instabilities after set up,
then Samba would be damaged far more than it is by some (admittedly
important) missing functionality.

>          2. a refusal to make forward-looking decisions, because the future
> hasn't happened yet
>         This doesn't mean the development isn't getting done, and these
> statements, being generalizations, are not universally true.  A lot of
> significant stuff is in HEAD.  But it's been moving at a glacially slow
> pace.  I will guarantee you that by the time Samba has a full NT4 domain
> implementation in a _stable_ mainline samba release, NT4 domains will no
> longer be relevent.

I agree entirely that the progress towards full domain implementation
has taken a while coming, and isn't here yet. The fact that there are
very good technical reasons for the time taken to get here hasn't helped
the end user in this regard. There is one good point though - many
organisations are not upgrading to Windows 2000 - the cost, necessity
for hardware upgrades, and hassle involves has passed a lot of pain
thresholds this time. I recently spent time with someone at a MS only
shop who had evaluated Windows 2000. He didn't like what he saw, and
came to me to learn about Linux. He sees his upgrade path at the server
as being from NT4 to Linux/Samba and the rest. So, I don't think the
importance of the NT4 domain implementation shoul be underestimated, as
I think NT4 domains will have relevance for quite some time to come.
Active directory is overkill for a *lot* of people out there, and Win2k
has a great many drawbacks as an upgrade path.
>         We haven't even really started on Win2K domains, either, as far as I
> know.

What are the plans with regard to this? Are there any? The mess MS made
of Kerberos caused a lot of discussion a while ago, but I've heard
little since. Is anyone working from the MS document on the grounds that
their position that it is a trade secret is legally untenable, or is
anyone trying to clean room reverse engineer the protocol? Or is it just
too soon for anything to happen in this arena yet?


> > Those who use pre-alpha software
> > like TNG have no right to expect production level support for it from
> > the developers, who have better things to do than hand hold.
> >
>         You're right; it's a stupid expectation, and it shouldn't have ever
> come to that.  People are desparate, though, and mainline Samba hasn't been
> delivering.  They have nowhere else to go.

And that, I think is the key to much of this. Many people out there are
getting desperate. They really need a solution to the domain problems. I
think this underlies most (if not all) of the noise on the lists
regarding a roadmap/timeline. If they can't have it now, they'd at least
like to know when they can hope to expect it....

>         Sadly, idealists don't build bridges.



More information about the samba-ntdom mailing list