ProHoster > Blog > nkhani zapaintaneti > Samba 4.11.0 kumasulidwa

Samba 4.11.0 kumasulidwa

Yovomerezedwa ndi kumasula Samba 4.11.0, amene anapititsa patsogolo chitukuko cha nthambi Samba 4 ndi kukhazikitsa kwathunthu kwa domain controller ndi Active Directory service, yogwirizana ndi kukhazikitsidwa kwa Windows 2000 komanso yokhoza kutumizira mitundu yonse yamakasitomala a Windows mothandizidwa ndi Microsoft, kuphatikiza Windows 10. Samba 4 ndi seva yamitundu yambiri yomwe imaperekanso kukhazikitsa seva yamafayilo, ntchito yosindikiza ndi seva yodziwika (winbind).

Chinsinsi kusintha mu Samba 4.11:

  • Mwachikhazikitso, "prefork" ndondomeko yoyambitsa ndondomeko imayatsidwa, yomwe imakulolani kuti mukhalebe ndi njira zothandizira zomwe zakhazikitsidwa kale. Mukayamba Samba, njira ya '--model' tsopano imatenga mtengo wa 'prefork' m'malo mwa 'standard'. M'mbuyomu, njira yosiyana ya ana idakhazikitsidwa pa LDAP iliyonse ndi NETLOGON yolumikizana ndi kasitomala, zomwe zidapangitsa kuti pakhale kukumbukira kwambiri pakakhala kuchuluka kwa kulumikizana kosalekeza. Mukamagwiritsa ntchito chitsanzo cha 'prefork' cha ntchito za LDAP, NETLOGON ndi KDC, njira zingapo zokhazikika zimayambika zomwe zimagwirizanitsa mgwirizano wamakasitomala ndikugawa pakati pa othandizira (mwachisawawa, othandizira 4 amayambitsidwa);
  • Winbind imawonetsetsa kuti PAM_AUTH ndi NTLM_AUTH zochitika zotsimikizira zasungidwa mu chipika, komanso kuwonjezera kuwunikira muzolemba zotsimikizira ndikutumiza ku SamLogon za "logonId" yomwe ili ndi chizindikiritso cholowera chopangira PAM_AUTH ndi pempho la NTLM_AUTH;
  • Chiwembu cha maulalo a LDAP omwe abwezedwa (otumiza) tsopano akuwonetsa chiwembu chochokera ku pempho loyambirira, mwachitsanzo, maulalo olandilidwa kudzera pa ldap amalembedwa ndi “ldap://”, komanso kudzera pa ldaps - “ldaps://”;
  • Anawonjezera luso lolemba nthawi ya ntchito za DNS zochitidwa ndi Bind 9. Zomwe zimatulutsidwa zimathandizidwa ndi kufotokozera mulingo wa chipika "dns:10" mu smb.conf;
  • Dongosolo lokhazikika la Active Directory lasinthidwa kukhala
    2012_R2.
    Chiwembu chakale chikhoza kusankhidwa pogwiritsa ntchito mkangano wa '-base-schema'. Kuti mukweze makhazikitsidwe omwe alipo, mutha kugwiritsa ntchito chida cha samba "domain schemaupgrade".
  • Zomwe zimafunikira zikuphatikiza laibulale ya GnuTLS 3.2 cryptographic, yomwe imalowa m'malo mwa ntchito za Samba zomangidwa;
  • Anawonjezera lamulo la "samba-tool contact" kuti mufufuze ndikusintha zolemba mu bukhu la adilesi losungidwa mu LDAP;
  • Lamulo la "samba-tool [user|group|computer|group|contact] edit" lathandiza kwambiri pogwira ntchito ndi ma encoding a dziko;
  • Samba idakonzedwa kuti igwire ntchito m'mabungwe akulu kwambiri okhala ndi ogwiritsa ntchito mpaka 100 ndi zinthu 120;
  • Kupititsa patsogolo kachitidwe ka reindexing ("samba-tool dbcheck -reindex") ndi ntchito zojowina madambwe ("samba-tool domain join") pamadomeni akulu akulu a AD;
  • Seva ya LDAP yasintha bwino kukumbukira popanga mayankho akulu a LDAP (mwachitsanzo, pofufuza zinthu zonse) pochotsa kubwereza kwa makopi a data pamtima;
  • Njira ya "-backend-store-size" yawonjezedwa ku "samba-chida" kuti mudziwe kukula kwake kololedwa (mapu a lmdb);
  • Njira ya "batch_mode" yawonjezedwa ku LDB, yomwe imakulolani kuti muwongolere magwiridwe antchito a batch powachita munthawi imodzi. Kufufuza mu ma LDB akuluakulu kwakonzedwanso ndipo kusintha kwamtundu wapansi kwasinthidwa;
  • Anawonjezera ceph_snapshots VFS module, yomwe imagwiritsa ntchito kuthandizira kwazithunzi za CephFS pogwira ntchito ndi mafayilo am'mbuyomu;
  • Njira yosungiramo nkhokwe ya Active Directory pa disk yasinthidwa. Mtundu watsopano udzangogwiritsidwa ntchito pokhapokha mutakweza kuti mutulutse 4.11, koma ngati mutatsitsidwa kuchokera ku Samba 4.11 kupita kuzinthu zakale zomwe mudzafunika. kutembenuka kupanga pamanja;
  • Mwachisawawa, kuthandizira kwa protocol ya SMB1 kuzimitsidwa (zokonda za 'client min protocol' ndi 'server min protocol' zakhazikitsidwa ku SMB2_02), zomwe zatsitsidwa ndipo sizikugwiritsidwanso ntchito ndi Microsoft;
  • Zida zambiri zama mzere wamalamulo, monga smbclient ndi smbcacls, zili ndi njira yatsopano ya '--option' yomwe imakupatsani mwayi wopitilira makonda a smb.conf. Mwachitsanzo, kuti musinthe mtundu wa protocol wocheperako, mutha kutchula "--option='client min protocol=NT1′" kuti mubweze SMB1;
  • LanMan ndi njira zotsimikizira mawu osamveka zanenedwa kuti ndi zachikale. Thandizo la njira za NTLM, NTLMv2 ndi Kerberos sizisintha;
  • BIND9_FLATFILE DNS backend yatsitsidwa ndipo ichotsedwa ikatulutsidwa mtsogolo. Anasiyanso njira ya "rndc command" mu smb.conf;
  • Khodi ya seva yomangidwa mu http (Python WSGI), yomwe idagwiritsidwa ntchito kale kuti iwonetsetse kuti mawonekedwe a intaneti a SWAT, yachotsedwa;
  • Mwachikhazikitso, chithandizo cha Python 2 chimakhala cholephereka ndipo Python 3 imayatsidwa (kubwezera Python 2 chithandizo, muyenera kukhazikitsa kusintha kwa chilengedwe 'PYTHON=python2′ musanayambe ./configure' ndi 'kupanga' panthawi yomanga samba.

Source: opennet.ru

Kuwonjezera ndemanga