default FILE SERVER change for EXISTING Samba4 installs (was Re: Is a 'flag day' OK for a move from ntvfs to s3fs by default?)

Jelmer Vernooij jelmer at
Thu Jun 14 06:24:50 MDT 2012

On Thu, Jun 14, 2012 at 09:54:12AM +1000, Andrew Bartlett wrote:
> Excuse the shouting, but if we decided not to do this, it is hard(er) to
> go back, so I would appreciate some careful thought.  (The alternative
> isn't great either, and presumably would need to be maintained for some
> time). 
> On Mon, 2012-06-11 at 12:06 +1000, Andrew Bartlett wrote:
> > At the moment, for existing installations, Samba4 uses the ntvfs file
> > server.  These users seem keen to continue using it for the timebeing
> > (rather than find the differences between the implementations the hard
> > way).
> > 
> > The new s3fs default has been put in place for new users by writing into
> > the smb.conf the equivalent of this:
> > 
> > server services = -smb +s3fs
> > dcerpc endpoint servers = -winreg -srvsvc
> > 
> > (actually more verbose, as the provision script expands it)
> > 
> > However, for the Samba 4.0 release we really need to make it the real
> > default.
> > 
> > What I need to know is:  Can we have a flag day, where for the next
> > release we make it clear that users wishing to keep ntvfs have to add:
> > 
> > server services = +smb -s3fs
> > dcerpc endpoint servers = +winreg +srvsvc
> > 
> > If not, then we need to work out a way to make this automatic.  The
> > obvious candidate would seem to be the 'server role' change I'm also
> > proposing.  It's ugly, but instead of being a synonym of 'active
> > directory domain controller', we could make 'domain
> > controller' (currently written into smb.conf files) mean 'AD DC with
> > ntvfs' (and give a deprecation warning), possibly then overridden by any
> > other 'server services' and 'dcerpc endpoint services' values set. 
> > 
> > What do folks think?
Thanks for bringing this up.

I haven't really involved in the file serving side of things much, so
please excuse my ignorance..

Having a flag day doesn't seem too bad; let's do it now rather than
later. If we would still allow reverting back to the old behaviour by
setting a few configuration options, even better.

I guess one of the underlying questions also is: why would users want
to stick to ntvfs at this point? Just the fact that it's been tested
better with e.g. GPOs?



More information about the samba-technical mailing list