Blog

First Milestone for Samba STF project

The Samba team at SerNet GmbH has reached the first milestone (1/17) in its project funded by Sovereign Tech Agency. This milestone focuses on strengthening the security of the MS-NRPC component and hardening Netlogon communication, addressing critical requirements in upcoming Windows versions. By transitioning domain controller communication and client-controller interactions to Kerberos-based authentication, the Samba team is ensuring enhanced security and interoperability. This work has been made possible through funding secured by SerNet and funds assigned by the Sovereign Tech Agency (STA, formerly known as Sovereign Tech Fund).

The Samba development team has successfully implemented and published the following improvements and optimizations:

The implemented security enhancements will be available in the public Samba software repositories, ensuring that all users of Samba benefit from the ongoing development work. This milestone represents not only a technical achievement but also a commitment to the open-source community, made possible through SerNet’s efforts in securing funding and providing development leadership.

For further information about the project, have a look at the project overview. The Samba STA project is an initiative to enhance the functionality, security, and scalability of Samba, a critical open-source software for interoperability and identity access management in mixed-OS environments. The project, funded by the STA, focuses on completing 17 milestones over 18 months, covering areas such as modern security protocols, failover functionality, and UNIX extensions. Development results are continuously made publicly available.


Ralph Böhme giving his talk at SDC 2024

The SerNet Samba team’s contributions from this year’s SNIA Developer Conference (SDC 2024) are now available to watch online. Ralph Böhme, Volker Lendecke, and Stefan Metzmacher – all also key members of the international Samba team – shared valuable insights during their sessions. 

Whether you missed the event or want to revisit the content, you can now access the recordings here:

Check out this opportunity to explore the latest innovations in Samba and storage technologies.


sambaXP

SerNet is excited to announce that sambaXP 2025 will take place on April 7th and 8th on-site in Göttingen, Germany once again. This annual event promises to bring together Samba enthusiasts and experts for an interesting and enjoyable two-day conference. Please note that this date has changed!

For those eager to contribute to the conference, now is a great time to start thinking about topics for talks. The call for papers will open shortly, and we invite innovative and engaging submissions. If you have ideas, questions, or any issues related to your participation, please do not hesitate to reach out to the Local Organizing Committee. We are ready to assist and make your Samba eXPerience as smooth as possible.

For updates on ticketing, and other event details, be sure to visit sambaxp.org. To get into the Samba spirit ahead of sambaXP 2025, check out the recordings from the 2024 conference available on YouTube. The sessions are a great way to gain insights and inspiration.

We look forward to welcoming you to an engaging and fruitful sambaXP 2025 in Göttingen!


SerNet has secured significant funding from the German Sovereign Tech Fund (STF) to advance the Samba project, a vital open-source software that enables identity and access management (IAM) and seamless interoperability between Windows, Linux, and Unix systems via the SMB protocol. Over the next 18 months, Samba core developers will tackle 17 key milestones in six target groups aimed at enhancing Samba’s security, scalability, and functionality. The project's focus is on areas like transparent failover, SMB3 UNIX extensions, and modern security protocols such as SMB over QUIC. These improvements are designed to ensure that Samba remains a robust and secure solution for organizations that rely on a sovereign IT infrastructure that is as independent as possible of proprietary software regimes, but including optimal interoperability.

This project aligns perfectly with the mission of the Sovereign Tech Fund. By funding work on Samba the fund is bolstering one of the most critical technologies that underpin global IT infrastructures, particularly in sectors where cross-platform compatibility is vital.

Jeremy Allison, long standing member of the Samba core team said: "I'm very pleased that the Sovereign Tech Fund has recognised the importance of Samba in providing critical open source infrastructure to enterprises worldwide. The commissioned work will ensure that Samba remains a competitive and secure choice to create data storage and authentication services for all users."

Johannes Loxen, founder of SerNet and long-time fundraiser for the Samba project, was very impressed by the constructive and targeted work at the STF: "We are very grateful for the support of everyone at the Sovereign Tech Fund and their efforts in making this funding possible."

After the contract was signed, development work began as early as September 1 and is expected to be completed by the end of February 2026 for all milestones. Work results will be uploaded to the public Samba software repositories for public use immediately after the milestones and tests have been completed. A detailed project report will be published after the first milestone is reached in November 2024 and will be continuously updated.

About Samba:
Samba is an essential free and open-source implementation of the SMB protocol, enabling seamless interoperability between systems running Windows, Linux, and Unix. It is a cornerstone in Identity and Access Management (IAM), playing a crucial role in Active Directory environments by facilitating file sharing and authentication across mixed-OS networks. As part of all major Linux distributions, Samba’s wide adoption spans public institutions, enterprises, and educational facilities worldwide. For more input refer to https://samba.org.

About Sovereign Tech Fund:
The Sovereign Tech Fund supports the development, improvement, and maintenance of open digital infrastructure. The funds' goal is to sustainably strengthen the open source ecosystem with focus on security, resilience, technological diversity, and the people behind the code. Read more on https://www.sovereigntechfund.de.

About SerNet:
SerNet is part of the Open Source community and offers products and services for commercial users of Samba like software subscriptions, support, consulting and development services. SerNet GmbH has been founded in Germany in 1997 together with members of Samba Team. SerNet, Inc. in California is a 100% subsidiary of SerNet GmbH. Get more information about Samba by SerNet here: https://samba.plus.


Slide in the SMB Witness presentation

With the Samba 4.20 release in March 2024, SerNet-developer Stefan Metzmacher introduced significant enhancements to the SMB Witness Protocol, a crucial component for maintaining high availability in SMB server environments. SMB Witness continuously monitors the health and status of server clusters, alerting SMB clients about node or network failures and effectively minimizing downtime through dynamic connection failover.

At the recent sambaXP 2024, Metzmacher, a veteran in open-source networking technologies, highlighted these advancements. He discussed peculiarities and previously undocumented behaviors within the Windows Witness Protocol, aiming for improved interoperability and reinforcing the importance of open-source collaboration for digital sovereignty.

A significant portion of Metzmacher's presentation focused on configuring the witness service using the new command-line management interface. He emphasized essential steps, such as initiating the daemon before other services for optimal performance, and provided practical examples of managing connected Windows clients.

Watch the full conference session on YouTube: SMB Witness Service in Samba CTDB Clusters

Through these open-source innovations, SerNet continues to advocate for digital sovereignty by providing scalable, robust, and resilient network solutions for IT infrastructures.


Contact us
Contact
Deutsch English Français