ProHoster > Blog > internet nhau > Samba 4.11.0 kuburitswa

Samba 4.11.0 kuburitswa

Introduced kusunungura Samba 4.11.0, uyo akapfuuridzira kukudziridzwa kwebazu Samba 4 nekushandiswa kuzere kwedomeine controller uye Active Directory sevhisi, inofambirana nekushandiswa kweWindows 2000 uye inokwanisa kusevhisi mavhezheni ese eWindows macustomer anotsigirwa neMicrosoft, kusanganisira Windows 10. Samba 4 is a multifunctional server chigadzirwa chinopawo kushandiswa kwe. sevha yefaira, sevhisi yekudhinda uye identity server (winbind).

Key change muSamba 4.11:

  • Nekumisikidza, iyo "prefork" process yekumisikidza modhi inogoneswa, iyo inokutendera iwe kuchengetedza dziva rekutanga-kunotangwa mubato maitiro. Kana uchitanga Samba, iyo '--model' sarudzo ikozvino yatora kukosha 'prefork' pane 'standard'. Kare, chirongwa chemwana chakasiyana chakatangwa kune yega yega LDAP uye NETLOGON mutengi wekubatanidza, izvo zvakaguma nekukosha kwekurangarira kushandiswa apo paive nenhamba huru yekuramba yakabatana. Paunenge uchishandisa 'prefork' modhi yeLDAP, NETLOGON uye KDC masevhisi, nhamba yakatarwa yemaitiro inotangwa iyo yakabatana inogadzirisa makiyitanirwo evatengi uye nekuagovera pakati pevanobata (nekusagadzika, mana ekubata anotangwa);
  • Winbind inova nechokwadi chekuti PAM_AUTH uye NTLM_AUTH zviitiko zvechokwadi zvinochengetwa mulogi, uye zvakare yakawedzera ratidziro mumarekodhi echokwadi uye kutapurirana kuSamLogon ye "logonId" hunhu hune chiziviso chekupinda chakagadzirwa PAM_AUTH uye NTLM_AUTH zvikumbiro;
  • Chirongwa chezvakadzoserwa LDAP links (referral) zvino chinoratidza chirongwa kubva pachikumbiro chepakutanga, semuenzaniso, zvinongedzo zvakagamuchirwa kuburikidza neldap zvakanamirwa ne"ldap://", uye kuburikidza neldaps - "ldaps://";
  • Yakawedzera kukwanisa kuisa nguva yeDNS maitiro akaitwa neBind 9. Kubuda kunogoneswa nekutsanangura danho regi "dns:10" mu smb.conf;
  • Iyo default Active Directory schema yakagadziridzwa kuti
    2012_R2.
    Iyo yekare schema inogona kusarudzwa uchishandisa iyo '--base-schema' nharo. Kuti uvandudze zvigadziriso zviripo, unogona kushandisa samba-chishandiso "domain schemaupgrade" kuraira.

  • Zvinodiwa zvinotsamira zvinosanganisira iyo GnuTLS 3.2 cryptographic library, inotsiva Samba yakavakirwa-mukati cryptographic mabasa;
  • Yakawedzera murairo we "samba-tool contact" yekutsvaga nekugadzirisa zvinyorwa mubhuku rekero rakachengetwa muLDAP;
  • Murairo weβ€œsamba-tool [user|group|computer|group|contact] edit” wavandudza rutsigiro rwekushanda nemaencodings enyika;
  • Samba yakagadziridzwa kushanda mumasangano makuru kwazvo ane vashandisi vanosvika zviuru zana uye zviuru zve100 zvinhu;
  • Kuvandudzwa kwekuita kwe reindexing ("samba-tool dbcheck -reindex") uye domain join operations ("samba-tool domain join") yenzvimbo huru dzeAD;
  • Sevha yeLDAP yakavandudza ndangariro pakuita mhinduro hombe dzeLDAP (semuenzaniso, pakutsvaga zvinhu zvese) nekubvisa kudzokororwa kwemakopi edata mundangariro;
  • Iyo "-backend-store-size" sarudzo yawedzerwa ku "samba-tool" kuti uone huwandu hwepamusoro hunobvumirwa saizi yedatabase (lmdb mepu);
  • Iyo "batch_mode" sarudzo yakawedzerwa kuLDB, iyo inokutendera iwe kukwidziridza maitirwo ebasa rebatch nekuaita mukati mekutengesa kumwe chete. Kutsvaga kushanda muLDBs hombe kwakagadziridzwa uye subtree renaming performance yakagadziridzwa;
  • Yakawedzera ceph_snapshots VFS module, iyo inoshandisa tsigiro yeCephFS snapshots yekushanda neshanduro dzakapfuura dzemafaira;
  • Iyo nzira yekuchengetedza iyo Active Directory dhatabhesi pane diski yakashandurwa. Iyo fomati nyowani inozoiswa otomatiki mushure mekusimudzira kuburitsa 4.11, asi kana yadzikisira kubva kuSamba 4.11 kusvika kuzvinyorwa zvekare zvauchazoda. kutendeuka fomati nemaoko;
  • Nekumisikidza, tsigiro yeSMB1 protocol yakadzimwa (iyo 'client min protocol' uye 'server min protocol' marongero akaiswa kuSMB2_02), iyo yakaregwa uye haichashandiswi neMicrosoft;
  • Zvizhinji zvezvishandiso zvemitsara yekuraira, senge smbclient uye smbcacls, ine itsva '--option' sarudzo inobvumidza iwe kudarika smb.conf marongero. Semuyenzaniso, kuti uchinje vhezheni yeprotocol shoma shoma, unogona kudoma "--option='client min protocol=NT1β€²" kuti udzose SMB1;
  • LanMan uye plaintext authentication nzira dzakanzi hadzichashandi. Tsigiro yeNTLM, NTLMv2 uye Kerberos nzira dzinoramba dzisina kuchinjika;
  • Iyo BIND9_FLATFILE DNS backend yaregwa uye ichabviswa mune ramangwana kuburitswa. Yakarasawo sarudzo ye "rndc command" mu smb.conf;
  • Iyo kodhi yeyakavakirwa-mukati http server (Python WSGI), iyo yakamboshandiswa kuve nechokwadi chekushanda kweSWAT web interface, yakabviswa;
  • Nekutadza, tsigiro yePython 2 yakaremara uye Python 3 inogoneswa (kudzosera Python 2 rutsigiro, unofanirwa kuseta nharaunda inoshanduka 'PYTHON=python2β€² isati yamhanya ./configure' uye 'ita' panguva yekugadzira samba.

Source: opennet.ru

Voeg