Blog

The next webinar in the "Setting up Samba on AIX with SAMBA+" series will be held on February 22, 2024, from 3 to 4 p.m. (CET). Registration for the event and more information can be found here. The platform used is GoTo Webinar.

In the webinar, participants will learn from our expert Björn Jacke how to set up Samba with SAMBA+ on AIX, IBM's Unix operating system, and integrate it into an Active Directory environment. Among other things, they will receive tips on how to overcome frequently occurring difficulties. Special attention will also be paid to parameter settings in AIX. There will also be an opportunity to clarify any questions.

This webinar will be held in English. Further dates will be announced shortly.

"Backup of Windows AD and how to migrate it to Samba" was presented by Björn Jacke and Volker Lendecke on December 7, 2023 in the auditorium of the Jacob-und-Wilhelm-Grimm-Zentrum at Humboldt-Universität zu Berlin. The two long-standing members of the Samba team at SerNet and the Samba Core Team contributed the talk to the Adminstammtisch Berlin event series.

The – German only – talk offers the opportunity to benefit from extensive knowledge of migrating and securing Windows Active Directory to Samba: Most Active Directory installations are Windows-based. Samba allows such an AD installation to be backed up using Unix means and the backup then made to run with a Samba DC. This can be useful not only for backups but also for a Windows to Samba migration, which Jacke and Lendecke demonstrated. A recording is available.

They also gave valuable insights into Samba and the SAMBA+ software packages offered by SerNet for various Linux distributions and IBM AIX. The Adminstammtisch Berlin is organized by and for IT professionals who are committed to sharing knowledge and experience and discussing current IT topics.

SAMBA+ 4.19.3-5 and SAMBA+ 4.18.9-9 have just been released by SerNet's Samba team. Packages for various SUSE and Red Hat platforms as well as for Debian GNU/Linux, Ubuntu and AIX are available now.

Please see the release history here:

• https://www.samba.org/samba/history/samba-4.19.3.html
• https://www.samba.org/samba/history/samba-4.18.9.html

The fix for CVE-2018-14628, which is now part of the upstream 4.19.3 and 4.18.9 releases was already fixed in SAMBA+ 4.19.2 and SAMBA+ 4.18.8. For completeness we describe once more how to apply the actual fix for the AD database. If you did that already along with the previous SAMBA+ update, then you don't have to do the following steps again.

Action required in order to resolve CVE-2018-14628

The patched Samba does NOT protect existing domains!

The administrator needs to run the following command (on only one domain controller) in order to apply the protection to an existing domain:

  samba-tool dbcheck --cross-ncs --attrs=nTSecurityDescriptor --fix

The above requires manual interaction in order to review the changes before they are applied. Typicall question look like this:

  Reset nTSecurityDescriptor on CN=Deleted Objects,DC=samba,DC=org back to provision default?
        Owner mismatch: SY (in ref) DA(in current)
        Group mismatch: SY (in ref) DA(in current)
        Part dacl is different between reference and current here is the detail:
                (A;;LCRPLORC;;;AU) ACE is not present in the reference
                (A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;SY) ACE is not present in the reference
                (A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;DA) ACE is not present in the reference
                (A;;CCDCLCSWRPWPSDRCWDWO;;;SY) ACE is not present in the current
                (A;;LCRP;;;BA) ACE is not present in the current
   [y/N/all/none] y
  Fixed attribute 'nTSecurityDescriptor' of 'CN=Deleted Objects,DC=samba,DC=org' 

The change should be confirmed with 'y' for all objects starting with

'CN=Deleted Objects'.

SAMBA+ 4.17.11 has just been released. Packages for various SUSE and Red Hat platforms as well as for Debian GNU/Linux, Ubuntu and AIX are available now.

These packages address several issues, which are listed in the release notes:
https://www.samba.org/samba/history/samba-4.17.11.html

The process on how to access the SAMBA+ Software Packages has changed. Please consult our SAMBA+ HowTo to learn more. 

SerNet Inc. will be participating as a Silver Sponsor at this year's Storage Developer Conference (SDC). The conference is hosted by the Storage Networking Industry Association (SNIA) in Fremont, CA on September 18-21.

Our Samba team will be presenting on September 20: 

Topic: Reparse Points Current Status
Speaker: Volker Lendecke, Developer at SerNet/Samba Team
8:30am - 9:20am (PST)

Topic: Samba io_uring Status Update
Speaker: Stefan Metzmacher, Developer at SerNet/Samba-Team
9:30am - 10:20am (PST)

Topic: net use //samba/cloud: Scaling Samba
Speaker: Ralph Böhme, Samba Team Lead at SerNet/Samba Team
10:35am - 11:25am (PST)

In addition to these sessions, we invite all attendees to meet our team, discuss our recent endeavors, and explore potential collaborations. To ensure in-depth discussions and address specific inquiries, we are offering scheduled appointments. Those interested can contact us in advance to secure a meeting slot. Please use the contact form or mail us at sales@remove-this.sernet.com – we look forward to a constructive dialogue and a successful conference.