ProHoster > Ibhulogi > iindaba ze-intanethi > Samba 4.11.0 ukukhululwa

Samba 4.11.0 ukukhululwa

Yaziswa ukukhulula ISamba 4.11.0, owaqhubeka nophuhliso lwesebe ISamba 4 ngokuphunyezwa ngokupheleleyo komlawuli wendawo kunye nenkonzo ye-Active Directory, ehambelana nokuphunyezwa kwe-Windows 2000 kwaye ekwazi ukunika iinkonzo zonke iinguqulelo zabaxhasi be-Windows ezixhaswa nguMicrosoft, kuquka Windows 10. I-Samba 4 yimveliso yeseva esebenzayo ekwabonelela ngokuphunyezwa iseva yefayile, inkonzo yoshicilelo kunye neseva yesazisi (winbind).

Isitshixo utshintsho kwiSamba 4.11:

  • Ngokungagqibekanga, imodeli yokuphehlelelwa kwenkqubo ye "prefork" yenziwe, ekuvumela ukuba ugcine iqela leenkqubo zokuphatha eziqaliswe ngaphambili. Xa uqalisa iSamba, i '--model' ukhetho ngoku luthatha ixabiso 'prefork' endaweni 'yomgangatho'. Ngaphambili, inkqubo yomntwana eyahlukileyo yasungulwa kwi-LDAP nganye kunye ne-NETLOGON yoqhagamshelwano lomxumi, obangele ukusetyenziswa kwememori ebalulekileyo xa kukho inani elikhulu loqhagamshelwano oluqhubekayo. Xa usebenzisa imodeli ye-'prefork' ye-LDAP, i-NETLOGON kunye neenkonzo ze-KDC, inani elimiselweyo leenkqubo zisungulwa ezisebenza ngokudibeneyo uqhagamshelo lwabathengi kwaye zisasazwe phakathi kwabaphathi (ngokungagqibekanga, abaphangi aba-4 baqalisiwe);
  • I-Winbind iqinisekisa ukuba i-PAM_AUTH kunye ne-NTLM_AUTH iziganeko zoqinisekiso zigcinwe kwilogi, kwaye yongeze imbonakalo kwiirekhodi zobungqina kunye nogqithiso kwi-SamLogon ye-"logonId" yophawu loyelelwano oluqulethe isichazi sokungena esiveliswe kwi-PAM_AUTH kunye nezicelo ze-NTLM_AUTH;
  • Iskim samakhonkco e-LDAP abuyisiweyo (ukuthunyelwa) ngoku sibonisa iskim esisuka kwisicelo sokuqala, umzekelo, amakhonkco afunyenwe nge-ldap axhonywe ngo-“ldap://”, kwaye nge-ldaps - “ldaps://”;
  • Ukongezwa ukukwazi ukuloga ixesha lemisebenzi ye-DNS eyenziwa yi-Bind 9. Imveliso inikwe amandla ngokucacisa inqanaba lelog "dns:10" kwi-smb.conf;
  • I-schema ye-Active Directory engagqibekanga ihlaziywe ukuze
    2012_R2.
    I-schema esidala sinokukhethwa kusetyenziswa ingxabano '--base-schema'. Ukuphucula ufakelo olusele lukhona, ungasebenzisa isixhobo sesamba "i-domain schemaupgrade" yomyalelo.
  • Ukuxhomekeka okufunekayo kuquka ilayibrari ye-cryptographic ye-GnuTLS 3.2, ethatha indawo yemisebenzi ye-cryptographic eyakhelwe-ngaphakathi;
  • Yongeza umyalelo we-"samba-tool contact" ukukhangela kunye nokuhlela amangeniso kwincwadi yeedilesi egcinwe kwi-LDAP;
  • Umyalelo we "samba-tool [umsebenzisi|iqela|computer|iqela|contact] hlela" umyalelo uphucule inkxaso yokusebenza ngeekhowudi zelizwe;
  • I-Samba yaphuculwa ukuba isebenze kwimibutho emikhulu kakhulu enabasebenzisi abangamawaka ali-100 kunye nezinto ezingamawaka angama-120;
  • Ukusebenza okuphuculweyo kwe-reindexing ("samba-tool dbcheck -reindex") kunye nemisebenzi yokujoyina i-domain ("i-samba-tool domain join") kwiinkalo ezinkulu ze-AD;
  • Umncedisi we-LDAP uphucule ukusebenza kakuhle kwememori xa uvelisa iimpendulo ezinkulu ze-LDAP (umzekelo, xa ukhangela zonke izinto) ngokuphelisa ukuphindaphinda kweekopi zedatha kwimemori;
  • I-"-backend-store-size" inketho yongezwe kwi-"samba-tool" ukumisela ubukhulu obuvunyelweyo besiseko sedatha (imephu ye-lmdb);
  • Inketho ethi "batch_mode" yongezwe kwi-LDB, ekuvumela ukuba ukhulise ukwenziwa kwemisebenzi yebhetshi ngokuyenza ngaphakathi kwentengiselwano enye. Ukusebenza kokukhangela kwii-LDB ezinkulu kuye kwaphuculwa kwaye ukusebenza ngokutsha kwe-subtree kuphuculwe;
  • Yongeza imodyuli ye-ceph_snapshots ye-VFS, esebenzisa inkxaso yee-snapshots ze-CephFS zokusebenza ngeenguqulelo zangaphambili zeefayile;
  • Indlela yokugcina i-Active Directory database kwidiski itshintshiwe. Ifomathi entsha iya kusetyenziswa ngokuzenzekelayo emva kokuphucula ukukhulula i-4.11, kodwa kwimeko yokwehliswa kwe-Samba 4.11 ukuya kukukhutshwa kwezinto ezindala oza kuyidinga. inguqu ifomathi ngesandla;
  • Ngokungagqibekanga, inkxaso yeSMB1 yeprothokholi ivaliwe (i-'client min protocol' kunye ne'server min protocol' useto zisetelwe ku-SMB2_02), eyehlisiwe kwaye ayisasetyenziswa nguMicrosoft;
  • Uninzi lwezinto eziluncedo zelayini yomyalelo, njenge smbclient kunye ne smbcacls, inokhetho olutsha '--ukhetho' olukuvumela ukuba ubhale ngaphezulu smb.conf useto. Umzekelo, ukutshintsha iprotocol encinci exhaswayo, ungakhankanya "--option='client min protocol=NT1′" ukubuyisela i-SMB1;
  • I-LanMan kunye neendlela zoqinisekiso lokubhaliweyo okungenanto zichazwe njengeziphelelwe lixesha. Inkxaso ye-NTLM, NTLMv2 kunye neendlela ze-Kerberos zihlala zingatshintshi;
  • I-BIND9_FLATFILE DNS yangasemva iyekisiwe kwaye iya kususwa kukhupho oluzayo. Kwakhona iyekisiwe "umyalelo we-rndc" kwi-smb.conf;
  • Ikhowudi yomncedisi we-http eyakhelwe ngaphakathi (i-Python WSGI), eyayisetyenziselwa ukuqinisekisa ukusebenza kwe-SWAT web interface, isusiwe;
  • Ngokungagqibekanga, inkxaso yePython 2 ivaliwe kwaye iPython 3 yenziwe yasebenza (ukubuyisela inkxaso yePython 2, kufuneka usete ukuguquguquka kwemekobume 'PYTHON=python2′ phambi kokuba usebenze ./configure' kwaye 'yenza' ngexesha lenkqubo yokwakha isamba.

umthombo: opennet.ru

Yongeza izimvo