ProHoster > Блог > ozi ịntanetị > Mwepụta Samba 4.17.0

Mwepụta Samba 4.17.0

E gosipụtara ntọhapụ nke Samba 4.17.0, nke gara n'ihu na mmepe nke alaka Samba 4 na mmejuputa zuru oke nke onye na-ahụ maka ngalaba na ọrụ Active Directory, dakọtara na mmejuputa Windows 2008 ma nwee ike ịrụ ọrụ ụdị niile nke ndị ahịa Windows. Microsoft kwadoro, gụnyere Windows 11. Samba 4 bụ ngwaahịa nkesa multifunctional, nke na-enyekwa mmejuputa nkesa faịlụ, ọrụ mbipụta, na ihe nkesa njirimara (winbind).

Mgbanwe dị mkpa na Samba 4.17:

  • Emeela ọrụ iji kpochapụ nlọghachi azụ na arụmọrụ nke sava SMB na-arụsi ọrụ ike bụ nke pụtara n'ihi ịgbakwụnye nchebe megide adịghị ike nke symlink. N'ime nkwalite ndị a rụrụ, a na-ekwu maka ibelata oku sistemu mgbe ị na-elele aha ndekọ na ịghara iji mmemme ịkpọte mgbe ị na-ahazi ọrụ asọmpi na-eduga n'egbu oge.
  • Enyerela ikike iji wuo Samba na-enweghị nkwado maka protocol SMB1 na smbd. Iji gbanyụọ SMB1, a na-emejuputa nhọrọ "--without-smb1-server" na nhazi nhazi ederede (na-emetụta naanị smbd; nkwado maka SMB1 na-edobe na ụlọ akwụkwọ ndị ahịa).
  • Mgbe ị na-eji MIT Kerberos 1.20, a na-emejuputa ikike iji gbochie mwakpo Bronze Bit (CVE-2020-17049) site na ịnyefe ozi ndị ọzọ n'etiti ihe KDC na KDB. Na ndabara Heimdal Kerberos nke KDC, edoziziri okwu ahụ na 2021.
  • Mgbe ejiri MIT Kerberos 1.20 rụọ ya, onye na-ahụ maka ngalaba Samba na-akwado mgbakwunye Kerberos S4U2Self na S4U2Proxy, ma gbakwunyekwa ikike maka Resource Based Constrained Delegation (RBCD). Iji jikwaa RBCD, agbakwunyere subcommands 'add-principal' na 'del-principal' na iwu "samba-tool representative". KDC dabere na Heimdal Kerberos akwadobeghị ụdị RBCD.
  • Ọrụ DNS arụnyere n'ime ya na-enye ikike ịgbanwe ọdụ ụgbọ mmiri nke na-enweta arịrịọ (dịka ọmụmaatụ, iji mee ihe nkesa DNS ọzọ n'otu usoro ahụ na-emegharị ụfọdụ arịrịọ na Samba).
  • Na mpaghara CTDB, nke na-ahụ maka ọrụ nhazi nhazi, ihe ndị a chọrọ maka syntax nke faịlụ ctdb.tunables ebelatala. Mgbe ị na-ewu Samba na nhọrọ "-with-cluster-support" na "-systemd-install-services", a na-ahụ na ntinye nke ọrụ sistemụ maka CTDB. Akwụsịla edemede ctdbd_wrapper - a na-ewepụta usoro ctdbd ozugbo site na ọrụ sistemu ma ọ bụ site na edemede init.
  • E mejuputa ntọala 'nt hash store = mgbe', nke machibidoro nchekwa "ọtọ" (na-enweghị nnu) hashes nke okwuntughe onye ọrụ Directory Active. N'ụdị na-esote, a ga-edobe ntọala 'nt hash store' nke ndabara ka ọ bụrụ "auto", nke a ga-etinye ọnọdụ "mgbe ọ bụla" ma ọ bụrụ na ntọala 'ntlm auth = nkwarụ' dị.
  • Atụpụtala njide maka ịnweta API ọba akwụkwọ smbconf site na koodu Python.
  • Mmemme smbstatus na-emejuputa ikike iwepụta ozi na usoro JSON (nyere ya na nhọrọ “-json”).
  • Onye na-ahụ maka ngalaba na-akwado otu nchekwa "Ndị ọrụ echedoro", nke pụtara na Windows Server 2012 R2 ma ghara ikwe ka iji ụdị ezoro ezo na-adịghị ike (maka ndị ọrụ nọ n'ìgwè ahụ, nkwado maka nkwenye NTLM, Kerberos TGT dabere na RC4, na-egbochi na enweghị ike. ndị nnọchiteanya nwere nkwarụ).
  • Akwụsịla nkwado ụlọ ahịa okwuntughe dabere na LanMan na usoro nyocha (ntọala "lanman auth=ee" enweghị mmetụta ugbu a).

    isi: opennet.ru

Tinye a comment