Forgot your password?
typodupeerror
Networking Linux

Microsoft Working For Samba Interoperability 221

Posted by CmdrTaco
from the this'll-end-well dept.
JP writes "Andrew Bartlett of Samba fame has written a document describing their recent collaboration with Microsoft's Active Directory team. In brief, it would seem that the sky is falling, as Microsoft's engineers seem to be really committed to making Samba fully interoperable with AD. They have organized interoperability fests and have knowledgeable engineers answering technical questions without legal or marketing drones getting in the way. However according to Andrew the Samba AD team is currently very short on manpower, so if you have network experience, now is the time to get coding."
This discussion has been archived. No new comments can be posted.

Microsoft Working For Samba Interoperability

Comments Filter:
  • by Anonymous Coward on Thursday October 23, 2008 @11:08AM (#25482289)

    This is not a new thing. They have been working with samba for a couple of years at least.

    http://blogs.msdn.com/oldnewthing/search.aspx?q=samba&p=1

    They even try to think about how it will work with OLDER already released versions that are in firmware that will never be updated again.

  • by partenon (749418) on Thursday October 23, 2008 @11:42AM (#25482743) Homepage

    Right, and they are doing that because they are good, right? I know that nobody RTFA, but here is an excerpt, just for you :-)

    In September 2007 Microsoft lost it's appeal of the 2004 anti-trust
    Decision by the European Commission. As as result, Microsoft was
    required to make protocol documentation available to competitors.

  • by Shados (741919) on Thursday October 23, 2008 @12:05PM (#25483063)

    Normally I'd agree, but right now it seems there's more to it than that. Microsoft is trying to stop the whole "getting sued to oblivion because of their monopoly" thing.

    -They open source .NET (notice I'm not using capital letters here. Its not real open source, but you can see the code)
    -Silverlight running on multiple platform, and they're helping out the Linux version, plus are funding efforts to make a cross-platform eclipse-based set of tools.
    -Many of their new .NET projects are fully open source (for real)
    -They are packaging and distributing open source (even GPL in some cases) apps in easy installers (not code they control: the installer pull it from the original web site, so its not "extended)
    -They are embedding LGPL (I think thats the license) stuff in some of their core products (jquery in Visual Studio)
    -There's more that I forget.

    All of this aside the first one happened in the last couple of -months- (weeks in many cases). The first one is fairly recent.

    Part of it, like I said, is because of all the lawsuits over their monopoly. Another part (some of the above fit in that category) are from the inside: some of MS' own employees with influence want to see better open source integration.

  • You are confused. (Score:5, Informative)

    by Zombie Ryushu (803103) on Thursday October 23, 2008 @12:26PM (#25483369)

    You have confused SMB, NMB, and SMBX, which Microsoft calls CIFS.

    SMB is not all that different in how it works from FTP. Its a TCP Protocol that operates on Port 139.

    NMB (NetBios Message Block) is how Windows provides SMB with services like Name Resolution. It also handles things called Browser elections which determine who the Domain Controllers will be.

    Windows NT4 and 9x is hard Coded to only allow use of NMB to resolve SMB names. This was a horrible lockin tactic for Windows NT4 Server. Windows 2000 on can use NMB or DNS.

    SMBX operates on port 445, and acts independantly of NMB and SMB.

    Linux machines from Samba 2.2 on could use DNS to resolve SMB paths. Even though Windows machines are hard coded not to allow that.

    Another lockin tactic with SMB was the use of the UNC (Universal Name Convention) which was FAR from Universal. The proper URI for smb is smb://. Konqueror has it right.

    So, that should clear that up.

    The worst offense Microsoft ever did was when they added the PAC to Kerberos. If there is a beacon shining in the night why the GPL is superior to the BSD liscence, the Kerberos PAC that has kept Active Directory Dominant for almost ten years should be a becon in the night. MS Kerberos PAC is incompatible with virtually EVERY SINGLE Kerberos server out there.

  • Re:about time.. (Score:4, Informative)

    by Anonymous Coward on Thursday October 23, 2008 @12:28PM (#25483403)
    Camera/flash memory makers and the FAT32 file system.
    Not saying it's a big deal or even a trend, but it's not "never."
  • Re:about time.. (Score:5, Informative)

    by PitaBred (632671) <slashdot@NoSPaM.pitabred.dyndns.org> on Thursday October 23, 2008 @01:09PM (#25484027) Homepage

    They don't attack people with patents outright. They say "Hey, Novell... we've got patents covering shit you're doing. It'd be in your best interests [techdirt.com] to work with us on the terms we specify". Microsoft doesn't need the money from the lawsuits, they aren't looking at it as a revenue stream. They look at it as a pointy stick to get people to do what they want, and license the patents BEFORE the lawsuits happen.

  • Not a client? (Score:5, Informative)

    by HonoredMule (1031236) on Thursday October 23, 2008 @01:12PM (#25484075)

    [Services For Unix] allows Windows to act as a server but not a client with respect to standard *nix protocols like NFS.

    I use SFU solely for enabling my Windows boxes to connect to NFS shares...so what are you talking about?

  • Re:about time.. (Score:5, Informative)

    by segedunum (883035) on Thursday October 23, 2008 @01:16PM (#25484129)

    Not only have they not tried to sink Mono with patent lawsuits. I can't think of ANYONE they've EVER attacked with patents.

    It hasn't stopped Ballmer and others at Microsoft talking about it incessantly, and it hasn't stopped them and won't stop them grabbing patents on fundamental .Net technology and telling everyone they need a patent grant. Most of Microsoft's patents thus far quite cleverly tell you that it applies to anything running within a CLR at the top, which means that they are not the general things everyone tells you they are when this is brought up. The only reason why the ECMA stuff is made available under RAND terms is because the ECMA requires it, but there is no guarantee that things will stay that way at all.

    That's the state of play. Once .Net has reached critical mass they have the luxury of killing off any compatibility through technological changes, telling everyone that they now need a license grant, and if push comes to shove, patents that apply to .Net technology and nothing else if it needs to be enforced. Microsoft does not want people using their technology unless money ends up flowing into their coffers, and Microsoft employees on more than one occasion have called this a give-get scenario, where you give now and get more later. I am aghast that people haven't grokked that yet.

    I'm tired of hearing this lame FUD scenario from the Slashdot crowd every time MS dabbles in open source.

    Heh. Regardless of what the Slashdot crowd says, I don't know if you've noticed but Microsoft has had a certain degree of scepticism, and at times, outright hostility to this whole open source thing from their own lips. Are you seriously trying to tell me that you haven't noticed that yet and are you seriously wondering why people are sceptical right back?

  • Re:about time.. (Score:2, Informative)

    by tearmeapart (674637) on Thursday October 23, 2008 @01:25PM (#25484263) Homepage Journal

    Ummm... there are many network file systems out there that have worked fine for a long time. See http://en.wikipedia.org/wiki/Network_File_System [wikipedia.org]
    .

    I know it may be from the 1980's, but my NFS is working just fine between my Solaris/Linux/FreeBSD machines. And yes, I do have plans to migrate to ZFS.

  • by SgtChaireBourne (457691) on Thursday October 23, 2008 @01:37PM (#25484469) Homepage

    This is not a new thing. They have been working with samba for a couple of years at least.

    Why is it that the Samba crew does all the work, including taking the case all the way through the courts [groklaw.net], and shot down the appeals [groklaw.net], and shooting down disinformation [groklaw.net], and dealing with the anti-FOSS documentation NDAs [groklaw.net], only for "JP" to give the headlines to M$?

    The headline should reflect the content of the article and that is about the rapid headway that the Samba team is making. It's not the first time, nor even one of the first times, that the M$ developers have had to rely on the Samba team. Let's give credit where credit is due.

  • by partenon (749418) on Thursday October 23, 2008 @01:56PM (#25484741) Homepage

    For them not to defend their IP would open them up to lawsuits from their stakeholders. And for that matter, giving away their IP as others have suggested would also create the same outcome.

    The thing is: they are not giving away their IP. Their products are *not* being opened. Only the protocols their products uses needs to be documented. And let me show you another excerpt of TFA, as it seems you didn't read as well:

    The EU mandated a set of minimum terms (now known as the WSPP) that the Samba Team (and others) would be able to access the documentation
    under. By early 2008 the Free Software community gained access to this documentation under NDA, and by May 2008 Microsoft made all their protocol documentation public.

    That means: their trade-secrets are still protected. They are forced to change only their monopolistics acts.

  • by Dog-Cow (21281) on Thursday October 23, 2008 @02:22PM (#25485157)

    I've never configured samba to use unencrypted passwords unless I had to connect from Win9x (which won't do encrypted passwords). I really have no idea what you are talking about.

  • by Ayanami Rei (621112) * <rayanami.gmail@com> on Thursday October 23, 2008 @03:24PM (#25486185) Journal

    http://linux.ittoolbox.com/documents/popular-q-and-a/how-to-set-up-a-samba-server-with-encrypted-passwords-2278 [ittoolbox.com]

    Samba has supported LM, NTLM, NTLM v2, and kerberos authentication for quite a long time (since v2.2 at least). Your gripe with "unencrypted passwords" is only valid if you want to use PAM for password authentication (which requires the password to be sent over the wire to be "applied" at the server side as if you typed it into the login prompt) and you are not using kerberos or LDAP, as you should be. This feature of windows is purposely disable in XP SP1 and greater because it is retarded and you don't know how to properly set up your linux box in a sane way.

  • Re:Bill Gates (Score:3, Informative)

    by Allador (537449) on Thursday October 23, 2008 @03:46PM (#25486613)

    Unless they're making it easy for people to replace Windows AD servers with Samba servers running on Linux, this is not a big deal.

    Did you not read the article you're posting about?

    The bulk of the article is about precisely that. He's the lead dev on samba building an AD server, and talking about the wonderful level of support ms is (now) giving them.

    He specifically mentioned that since they're the only ones working on an AD server replacement, at one of the 'plug fests' at MS' redmond campus, they were the only ones there to take advantage of it.

    In addition, he mentions that the team on samba for building an AD server is short on developers, and is asking for help.

  • Re:about time.. (Score:3, Informative)

    by Jeremy Allison - Sam (8157) on Thursday October 23, 2008 @07:56PM (#25490983) Homepage

    Read this :

    http://www.samba.org/samba/PFIF/PFIF_agreement.html [samba.org]

    for details on patent issues. It's not as black as you paint it.

    Jeremy.

  • by Jeremy Allison - Sam (8157) on Thursday October 23, 2008 @08:31PM (#25491353) Homepage

    Sigh. The misinformation level in these threads is amazing :-(.

    Yes, Win9x does encrypted passwords. They're not very good (lanman) but it is an encrypted password authentication.

    Jeremy.

  • by Jeremy Allison - Sam (8157) on Thursday October 23, 2008 @08:33PM (#25491385) Homepage

    > SHARE the SMB password system, make it available, so not every friggin windows machine has to do unencrypted passwords across the network to access SAMBA shares /
    > printers / whatever.

    Troll. This hasn't been the case since Samba 1.x.

    Jeremy.

  • by Jeremy Allison - Sam (8157) on Thursday October 23, 2008 @08:39PM (#25491481) Homepage

    "and Andrew just had to leave Novel in a storm to push the idea"

    No, that would be me, not Andrew Bartlett. Andrew has been happily working at Red Hat for many years now.

    Jeremy.

A CONS is an object which cares. -- Bernie Greenberg.

Working...