Photo by rawpixel on Unsplash
Protecting Samba file servers in heterogeneous environments
Teamwork
Whether you run Active Directory (AD) with Windows servers or Samba 4 domain controllers, you will always want to provide at least one server for file and print services. If the choice is a Samba server, you have to bring two worlds together. The first step will always be to select and install the distribution; only then can you think about configuring the Samba server. The first part of this article deals with the criteria for choosing a distribution and installing the system safely. The second section then deals with the secure configuration of the Samba service.
A Suitable Distribution
When choosing a distribution, you should consider the following points:
- Which distribution is already used in your company? Don't create a distribution zoo.
- Which distribution do you know best?
- Which distribution offers the right Samba version for you?
- How long will updates be available?
The topic of the Samba version is very important. At the time of testing, Samba versions 4.2 to 4.5 were available directly [1] and from SerNet [2]. (At the time of print, versions 4.6 to 4.8 were available.) If you always want to use the latest version (e.g., the pre-release or release candidate), you can compile Samba yourself. Another important point when choosing the Samba version, and therefore also the distribution, is support from the Samba team.
Every fall and spring a new Samba version is released. Maintenance and updates directly from the Samba team are available for the last three versions; at the time of testing, this meant versions 4.7, 4.6, and 4.5. With all other versions, you are dependent on the publishers of the distributions promptly delivering patches in case of vulnerabilities. Updating can be difficult on NAS boxes, because they are
...
Buy this article as PDF
(incl. VAT)
Buy ADMIN Magazine
US / Canada
UK / Australia
Related content
-
What's new in Samba 4
In December 2012, the open source world received the first, and very long awaited, release of the Samba 4.x series. -
Save money with Samba as the domain controller on a legacy Windows NT-style domain
Samba can act as a PDC or BDC on a Windows NT4-style domain. Compared with a Windows-only solution, Samba saves money on licensing, and users can log in from Linux or OS X. -
Samba domain controller in a heterogeneous environment
The open source Samba service can act as an Active Directory domain controller in a heterogeneous environment. -
Linux for Windows Admins: Samba Shuffle
Interoperability between *nix and Windows is always a problem for Windows Admins, but it doesn’t have to be. With a small effort, the two can comfortably share and share alike.
-
Samba 4 appliances by SerNet and Univention
Shortly after the Samba team finalized Samba 4 in December 2012, SerNet and Univention integrated the new Samba into their appliances that give administrators an easy way to set up and test a Samba 4-based Active Directory domain controller.