Loading AI tools
Free software re-implementation of the SMB networking protocol From Wikipedia, the free encyclopedia
Samba is a free software re-implementation of the SMB networking protocol, and was originally developed by Andrew Tridgell. Samba provides file and print services for various Microsoft Windows clients[5] and can integrate with a Microsoft Windows Server domain, either as a Domain Controller (DC) or as a domain member. As of version 4, it supports Active Directory and Microsoft Windows NT domains.
Initial release | 1992[1] |
---|---|
Stable release | |
Repository | |
Written in | C, Python |
Operating system | Multiplatform |
Type | Network file system |
License | 2008: GPL-3.0-or-later[a] 1993: GPL-2.0-or-later[b] 1992: Proprietary[c] |
Website | www |
Samba runs on most Unix-like systems, such as Linux, Solaris, AIX and the BSD variants, including Apple macOS (Mac OS X 10.2 and greater) and macOS Server. Samba also runs on a number of other operating systems such as OpenVMS and IBM i. Samba is standard on nearly all distributions of Linux and is commonly included as a basic system service on other Unix-based operating systems as well. Samba is released under the terms of the GNU General Public License. The name Samba comes from SMB (Server Message Block), the name of the proprietary protocol used by the Microsoft Windows network file system.
Andrew Tridgell developed the first version of Samba Unix in December 1991 and January 1992, as a PhD student at the Australian National University, using a packet sniffer to do network analysis of the protocol used by DEC Pathworks server software. It did not have a formal name at the time of the first releases, versions 0.1, 0.5, and 1.0, all from the first half of January 1992; Tridgell simply referred to it as "a Unix file server for Dos Pathworks." He understood that he had "in fact implemented the netbios protocol" at the time of version 1.0 and that "this software could be used with other PC clients."[citation needed]
With a focus on interoperability with Microsoft's LAN Manager, Tridgell released "netbios for unix", observer, version 1.5 in December 1993. This release was the first to include client-software as well as a server. Also, at this time GPL2 was chosen as license.[citation needed]
Midway through the 1.5-series, the name was changed to smbserver. However, Tridgell got a trademark notice from the company "Syntax", who sold a product named TotalNet Advanced Server and owned the trademark for "SMBserver". The name "Samba" was derived by running the Unix command grep through the system dictionary looking for words that contained the letters S, M, and B, in that order (i.e. grep -i '^s.*m.*b' /usr/share/dict/words
).[6]
Versions 1.6, 1.7, 1.8, and 1.9 followed relatively quickly, with the latter being released in January 1995. Tridgell considers the adoption of CVS in May 1996 to mark the birth of the Samba Team, though there had been contributions from other people, especially Jeremy Allison, previously.[7]
Version 2.0.0, released in January 1999, was a major release, support for authentication from Windows NT Primary Domain Controller, 64 bit filesystem support for very large files, and exposure of OPLOCKS to unix systems.[citation needed] Version 2.2.0 released in April 2001.[citation needed]
Date | Version | Description |
---|---|---|
23 September 2003 | 3.0 | Active Directory support.[8] The 3.0.x series officially reached end-of-life on 5 August 2009.[9] |
1 July 2008 [10] | 3.2 | It will be updated on an as-needed basis for security issues only.[11][12] There was a change of license from GPL2 to GPL3, with some parts released under LGPL3.[4] The 3.2.x series officially reached EOL 1 March 2010.[10] |
27 January 2009 | 3.3 | |
3 July 2009 | 3.4 | This was the first release to include both Samba 3 and Samba 4 source code.[13] |
1 March 2010 | 3.5 | This was the first release to include experimental support for SMB2.[14] |
9 August 2011 | 3.6 | This is the first branch which includes full support for SMB2.[15] |
11 December 2012 | 4.0 | It is a major rewrite that enables Samba to be an Active Directory domain controller, participating fully in a Windows Active Directory Domain. Its first technical preview (4.0.0TP1) was released in January 2006 after 3 years of development.[16][17] |
10 October 2013 | 4.1 | support for SMB3 |
4 March 2015 | 4.2 | Btrfs based file compression, snapshots and winbind integration[18] |
8 September 2015 | 4.3 | New Logging features, SMB 3.1.1 support[19] |
22 March 2016 | 4.4 | Asynchronous flush requests[20] |
7 September 2016 | 4.5 | NTLM v1 disabled by default, Virtual List View, Various performance improvements |
7 March 2017 | 4.6 | Multi-process Netlogon support |
21 September 2017 | 4.7 | Samba AD with MIT Kerberos |
13 March 2018 | 4.8 | Apple Time Machine Support. Setups using 'domain' or 'ads' security modes now require 'winbindd' to be running.[21] |
13 September 2018 | 4.9 | Many changes[22] |
19 March 2019 | 4.10 | |
17 September 2019 | 4.11 | SMB1 is disabled by default as a mitigation for the WannaCry vulnerability. |
3 March 2020 | 4.12 | |
22 September 2020 | 4.13 | Samba 4.13 raises the minimum version of Python to 3.6. |
9 March 2021 | 4.14 | Major overhaul of VFS subsystem and more.[23] |
20 September 2021 | 4.15 | Many changes.[24] |
21 March 2022 | 4.16 | Many changes.[25] |
13 September 2022 | 4.17 | Many changes.[26] |
8 March 2023 | 4.18 | Many changes.[27] |
4 September 2023 | 4.19 | Many changes.[28] |
27 March 2024 | 4.20 | Many changes.[29] |
Some versions of Samba 3.6.3 and lower suffer serious security issues which can allow anonymous users to gain root access to a system from an anonymous connection, through the exploitation of an error in Samba's remote procedure call.[30]
On 12 April 2016, Badlock,[31] a crucial security bug in Windows and Samba, was disclosed. Badlock for Samba is referenced by CVE|2016-2118 (SAMR and LSA man in the middle attacks possible).[32]
On 24 May 2017, it was announced that a remote code execution vulnerability had been found in Samba named EternalRed or SambaCry, affecting all versions since 3.5.0.[33] This vulnerability was assigned identifier CVE|2017-7494.[33][34]
On 14 September 2020, a proof-of-concept exploit for the netlogon vulnerability called Zerologon (CVE|2020-1472) for which a patch exists since August was published.[35] Some federal agencies using the software have been ordered to install the patch.[36]
Samba allows file and print sharing between computers running Microsoft Windows and computers running Unix. It is an implementation of dozens of services and a dozen protocols, including:
All these services and protocols are frequently incorrectly referred to as just NetBIOS or SMB. The NBT (NetBIOS over TCP/IP) and WINS protocols, and their underlying SMB version 1 protocol, are deprecated on Windows. Since Windows Vista the WS-Discovery protocol has been included along with SMB2 and its successors, which supersede these. (WS-Discovery is implemented on Unix-like platforms by third party daemons which allow Samba shares to be discovered when the deprecated protocols are disabled).
Samba sets up network shares for chosen Unix directories (including all contained subdirectories). These appear to Microsoft Windows users as normal Windows folders accessible via the network. Unix users can either mount the shares directly as part of their file structure using the mount.cifs command or, alternatively, can use a utility, smbclient (libsmb) installed with Samba to read the shares with a similar interface to a standard command line FTP program. Each directory can have different access privileges overlaid on top of the normal Unix file protections. For example: home directories would have read/write access for all known users, allowing each to access their own files. However they would still not have access to the files of others unless that permission would normally exist. Note that the netlogon share, typically distributed as a read only share from /etc/samba/netlogon
, is the logon directory for user logon scripts.
Samba services are implemented as two daemons:
Samba configuration is achieved by editing a single file (typically installed as /etc/smb.conf
or /etc/samba/smb.conf
). Samba can also provide user logon scripts and group policy implementation through poledit
.
Samba is included in most Linux distributions and is started during the boot process. On Red Hat, for instance, the /etc/rc.d/init.d/smb
script runs at boot time, and starts both daemons. Samba is not included in Solaris 8, but a Solaris 8-compatible version is available from the Samba website. The OS/2-based ArcaOS includes Samba to replace the old IBM LAN Server software.[38]
Samba includes a web administration tool called Samba Web Administration Tool (SWAT).[39][40] SWAT was removed starting with version 4.1.[41]
This section needs to be updated. (January 2016) |
Samba TNG (The Next Generation) was forked in late 1999, after disagreements between the Samba Team leaders and Luke Leighton about the directions of the Samba project. They failed to come to an agreement on a development transition path which allowed the research version of Samba he was developing (known at the time as Samba-NTDOM) to slowly be integrated into Samba.[42] Development has been minimal, due to a lack of developers. The Samba TNG team frequently directed potential users towards Samba because of its better support and development.[43]
A key goal of the Samba TNG project was to rewrite all of the NT Domains services as FreeDCE projects.[44] This was made difficult as the services were developed manually through network reverse-engineering, with limited or no reference to DCE/RPC documentation.[citation needed]
A key difference from Samba was in the implementation of the NT Domains suite of protocols and MSRPC services. Samba makes all the NT Domains services available from a single place, whereas Samba TNG separated each service into its own program.[citation needed]
ReactOS started using Samba TNG services for its SMB implementation. The developers of both projects were interested in seeing the Samba TNG design used to help get ReactOS talking to Windows networks. They worked together to adapt the network code and build system. The multi-layered and modular approach made it easy to port each service to ReactOS.[45]
Seamless Wikipedia browsing. On steroids.
Every time you click a link to Wikipedia, Wiktionary or Wikiquote in your browser's search results, it will show the modern Wikiwand interface.
Wikiwand extension is a five stars, simple, with minimum permission required to keep your browsing private, safe and transparent.