[Samba] Samba 3 vs 4, User Maintenance

Andrew Bartlett abartlet at samba.org
Tue Feb 26 03:35:20 GMT 2008

On Mon, 2008-02-25 at 15:54 -0500, Richard Hurt wrote:
> Hey all,
> We are currently using an Apple XServe G5 as a PDC for 150 Windows XP  
> Pro machines.  Everything worked well (sorta) under OS X 10.4 (Tiger)  
> but when we upgraded to 10.5 (Leopard) it just fell apart.  I  
> reinstalled the OS several times and tried everything I could to get  
> it to work properly (i.e. log in more than 20 machines at once).  We  
> have even opened a ticket with Apple to get some help, but they  
> haven't been very responsive at all.
> So, I am going to set up my own stand-along Samba box (Debian 4) to  
> replace the old XServe.  My question is should I use Samba 3 or 4?  I  
> know that 4 is still alpha but we really don't need much - a PDC and  
> half a dozen file shares.  What do you think, would 4 be stable enough  
> for this?  If not now, any thought as to when the beta period might  
> begin?  I probably have until next Fall to really nail this down so I  
> am willing to 'play' for a little bit.

If you are willing the spend the time, and want to see Samba4 move
forward, I'm very happy to help with any issues you come across along
the way.  Samba4 supports Group policy and Kerberos logins, so this may
be a useful upgrade from the Samba3 world. 

The issues with Samba4 are not 'stability' (I've not seen it crash
randomly), but instead in lack of feature completeness.  This
fortunately can be offset by using Samba3 for (say) printing functions,
if this is a problem. 

> On a related note, I noticed that SWAT was being dropped (or at least  
> not worked on) for Samba 4.  What is a good replacement?  phpLDAPAdmin  
> is great for what it does but it does *not work* in the education  
> environment.  That's the one thing that Apple's solution has going for  
> it - it looks darn pretty and is easy to use.  What does everyone else  
> use for user, group, and share point management?  Is the AD tool kit  
> (whatever that is) on Windows an option?

Much as I hate Microsoft's tools on windows being a primary
administration tool, it is one of the more complete options (because we
must support it anyway).

SWAT needs the love and long-term care of a good web developer.  There
was an almost functional LDB browser, which can be found in the SVN
history, but it didn't get the maintainence it required.  

Other than that, someone could probably write up a good set of simple,
form-submit based user management tools in python (or ejs), and
integrate them. 

Andrew Bartlett

Andrew Bartlett
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20080226/1977aae8/attachment.bin

More information about the samba mailing list