ProHoster > Π‘Π»ΠΎΠ³ > xov xwm hauv internet > Tso tawm Samba 4.15.0

Tso tawm Samba 4.15.0

Qhov kev tso tawm ntawm Samba 4.15.0 tau nthuav tawm, uas txuas ntxiv kev txhim kho ntawm Samba 4 ceg nrog kev ua tiav tag nrho ntawm kev tswj hwm tus tswj hwm thiab Active Directory cov kev pabcuam, sib xws nrog kev siv Windows 2000 thiab muaj peev xwm ua haujlwm rau tag nrho cov qauv ntawm Windows cov neeg siv khoom. kev txhawb nqa los ntawm Microsoft, suav nrog Windows 10. Samba 4 yog cov khoom siv ntau yam khoom siv server, uas tseem muab kev siv cov ntaub ntawv server, kev pabcuam luam tawm, thiab tus neeg siv khoom ntiag tug (winbind).

Cov kev hloov pauv tseem ceeb hauv Samba 4.15:

  • Kev ua haujlwm ntawm kev txhim kho cov txheej txheem VFS tau ua tiav. Rau cov laj thawj keeb kwm, cov cai nrog kev siv cov ntaub ntawv server tau raug khi rau kev ua cov ntaub ntawv paths, uas kuj tau siv rau SMB2 raws tu qauv, uas tau pauv mus rau kev siv cov lus piav qhia. Kev hloov kho tshiab koom nrog hloov cov cai uas muab kev nkag mus rau lub server cov ntaub ntawv siv cov ntaub ntawv piav qhia es tsis txhob siv cov ntaub ntawv (piv txwv li, hu fstat() es tsis txhob stat() thiab SMB_VFS_FSTAT() es tsis txhob SMB_VFS_STAT()).
  • Kev siv BIND DLZ (Dynamically-loaded zones) thev naus laus zis, uas tso cai rau cov neeg siv khoom xa tuaj rau DNS cheeb tsam hloov kev thov mus rau BIND server thiab tau txais cov lus teb los ntawm Samba, tau ntxiv lub peev xwm los txheeb xyuas cov npe nkag uas tso cai rau koj los txiav txim siab cov neeg siv khoom twg. tso cai li kev thov thiab uas tsis yog. DLZ DNS plugin tsis txhawb khi ceg 9.8 thiab 9.9.
  • Kev them nyiaj yug rau SMB3 ntau-channel txuas ntxiv (SMB3 Multi-Channel raws tu qauv) yog qhib los ntawm lub neej ntawd thiab ruaj khov, tso cai rau cov neeg siv khoom tsim kom muaj ntau yam kev sib txuas los sib piv cov ntaub ntawv hloov pauv hauv ib zaug SMB. Piv txwv li, thaum nkag mus rau ib qho ntaub ntawv, I / O cov haujlwm tuaj yeem muab faib rau ntau qhov kev sib txuas qhib ib zaug. Hom no tso cai rau koj los ua kom dhau los thiab ua rau muaj kev tiv thaiv tsis ua haujlwm. Txhawm rau lov tes taw SMB3 Multi-Channel, koj yuav tsum hloov qhov "server multi channel txhawb" kev xaiv hauv smb.conf, uas tam sim no tau qhib los ntawm lub neej ntawd ntawm Linux thiab FreeBSD platforms.
  • Tam sim no nws muaj peev xwm siv samba-tool hais kom ua nyob rau hauv Samba configurations ua tsis muaj Active Directory domain controller txhawb nqa (thaum lub "--tsis-ad-dc" kev xaiv tau teev tseg). Tab sis nyob rau hauv cov ntaub ntawv no, tsis yog tag nrho functionality yog muaj; piv txwv li, lub peev xwm ntawm 'samba-tool domain' hais kom ua yog txwv.
  • Txhim kho kab hais kom ua interface: Ib qho kev hais kom ua kab tshiab parser tau raug npaj rau siv hauv ntau yam khoom siv samba. Cov kev xaiv zoo sib xws uas sib txawv hauv cov khoom siv sib txawv tau sib koom ua ke, piv txwv li, kev ua haujlwm ntawm cov kev xaiv cuam tshuam txog kev encryption, ua haujlwm nrog cov kos npe digital, thiab siv kerberos tau koom ua ke. smb.conf txhais cov chaw rau kev teeb tsa qhov tseem ceeb rau kev xaiv. Txhawm rau tso tawm qhov yuam kev, txhua qhov kev siv hluav taws xob siv STDERR (rau cov zis rau STDOUT, qhov "--debug-stdout" kev xaiv muaj).

    Ntxiv "--client-protection=off|sign|encrypt" xaiv.

    Cov kev xaiv hloov npe: --kerberos --> --use-kerberos=required|xav tau|tawm --krb5-ccache --> --use-krb5-ccache=CCACHE --scope --> --netbios-scope=SCOPE --use -ccache -> --use- winbind-ccache

    Tshem tawm cov kev xaiv: "-e|-encrypt" thiab "-S|-kos npe".

    Ua haujlwm tau ua tiav los ntxuav cov kev xaiv duplicate hauv ldbadd, ldbdel, ldbedit, ldbmodify, ldbrename thiab ldbsearch, ndrdum, net, sharesec, smbcquotas, nmbd, smbd thiab winbind utilities.

  • Los ntawm lub neej ntawd, luam theej duab cov npe Trusted Domains thaum khiav winbindd yog neeg xiam oob qhab, uas ua rau muaj kev nkag siab zoo nyob rau hnub NT4, tab sis tsis cuam tshuam rau Active Directory.
  • Ntxiv kev txhawb nqa rau ODJ (Offline Domain Join) mechanism, uas tso cai rau koj tuaj yeem koom nrog lub khoos phis tawj mus rau lub chaw sau npe yam tsis tau hu ncaj qha rau tus tswj hwm. Hauv Samba-raws li Unix-zoo li OSes, 'net offlinejoin' hais kom ua yog muaj rau kev koom nrog, thiab hauv Windows koj tuaj yeem siv tus qauv djoin.exe program.
  • 'samba-tool dns zoneoptions' cov lus txib muab cov kev xaiv rau kev teeb tsa lub sijhawm hloov tshiab thiab tswj kev tshem tawm cov ntaub ntawv DNS uas tsis tu ncua. Yog tias tag nrho cov ntaub ntawv rau lub npe DNS raug muab tshem tawm, cov node tau muab tso rau hauv lub xeev tombstone.
  • DNS server DCE/RPC tam sim no tuaj yeem siv los ntawm samba-tool thiab Windows utilities los tswj DNS cov ntaub ntawv ntawm tus neeg rau zaub mov sab nraud.
  • Thaum ua tiav "samba-tool domain backup offline" hais kom ua, kev kaw kom raug ntawm LMDB database yog xyuas kom tiv thaiv kev hloov pauv ntawm cov ntaub ntawv thaum lub sijhawm thaub qab.
  • Kev them nyiaj yug rau kev sim cov lus ntawm SMB raws tu qauv - SMB2_22, SMB2_24 thiab SMB3_10, uas tau siv tsuas yog hauv kev sim tsim ntawm Windows, tau txiav tawm.
  • Hauv kev tsim nrog kev sim ua tiav ntawm Active Directory raws li MIT Kerberos, qhov yuav tsum tau muaj rau version ntawm pob no tau raug tsa. Tsim tam sim no yuav tsum muaj tsawg kawg yog MIT Kerberos version 1.19 (xa nrog Fedora 34).
  • NIS kev txhawb nqa tau raug tshem tawm.
  • Txhim kho qhov tsis zoo CVE-2021-3671, uas tso cai rau tus neeg siv tsis raug lees paub los tsoo Heimdal KDC-raws li tus tswj hwm sau npe yog tias pob ntawv TGS-REQ raug xa mus uas tsis suav nrog lub npe server.

Tau qhov twg los: opennet.ru

Ntxiv ib saib