Where to for Samba4?

[Matthias Dieter Wallnöfer]

Hi Andrew!

Andrew Bartlett schrieb:
> Now that we have an alpha release, I thought I would try and start a
> discussion about where Samba4 should go.
>
> Clear targets we already have on the Wiki are:
>  - Clustering support.  This code started in Samba4, and I hope that in
> time, Samba4 can use these features.
>  - Schema enforcement.  One, not unreasonable, suggestion has been to
> make this become the responsibility of an OpenLDAP (or Fedora DS)
> backend. 
>  - Access control.  We now store NT ACLs in LDAP, and honouring them
> (rather than kludge_acls) should not be that hard.  Likewise on the
> registry (should have been done for the alpha...)
>  - One-off active Directory migration.  
>
> Some other tasks I see for the near future:
>  - Kill the LDB browser and move back to SWAT1 in Samba4, with
> phpldapadmin either run inside SWAT, or with apache. 
>
> A list of targets is useless, if they bear no resemblance to what is
> likely to be achieved.  Similarly, most of the work done on Samba4 in
> the past few months has not been on the roadmap, but just the response
> to well-filed bugs in bugzilla.
>
> One particular thought I've had suggested is to try using OpenLDAP to
> handle schema validation and subtree renames (by always using an
> OpenLDAP hdb backend).  Likewise, should we trim unlikely features such
> as NetBIOS browsing from the list of features folks may expect from
> Samba4?
>
> Finally, I've heard all manner of different people give views in the
> press about where Samba4 is heading - a separate release, a DC only,
> just another head of a Samba3 borg?  
>
> From my point of view, I'm expecting to make a release, with good DC,
> and hopefully good file-server capabilities.  But I would like to
> discuss what (if anything) Samba4 means to more than just myself.
>
> Thoughts?
>
> Andrew Bartlett
>   
Yes, I think your thought are basically good. But I wouldn't give up to 
implement more RPCs to be more compatible with mainly older Windows 
networking software (and also NT Administration Tools).
We should then also start to divide/implement other roles to SAMBA 4. 
Because now it seems only to be an AD domain controller, I'm right? 
Because for a normal user-level security machine (similar to a NT 
workstation) we don't really need the LDB backend.
The schema checking I wouldn't let only do external components. Or we 
change internally to the OpenLDAP HDB backend or we have to do some 
check in LDB, I think.
The NetBIOS browsing support is needed at one stage. The printing 
services also (if they are also difficult to implement).
And the bug chasing we should also keep up!

Matthias