Welcome to John Terpstra's Samba Column, where you'll find the latest news on Samba. Over the next six months, John will provide a running update based on field experience and feedback, with full updates on new features and deployment options as well as hot tips for your enjoyment.

Samba-3.0.0 has finally emerged from its cage. This is news to some, while others have responded with a sigh. Open source software follows a convoluted development path – code is ready when the developers reach agreement that it's time to ship. Samba-3 has been in the works for a long time. The real roadmap was set in August 2002, at a time when many were hoping it would soon ship.

Samba is not an average open source Joe! Over the past two-year development cycle the networking environment that Samba has to interoperate with has changed significantly. Samba is not in control of MS Windows networking protocols. It's hardly surprising that Samba continually has to play "catch-up" due to the shifting sands.

The shift that has had Samba-3 in gridlock for so long has not been purely technological. The past two years have seen a phenomenal cycle of change that has taken place at the hypothetical 8th layer of the ISO network protocol stack – the political layer.

When work on Samba-3 started there was a request for better internationalization support. As it became clear that Microsoft would soon discontinue support for MS Windows NT4, there was a strong demand for tools and facilities to allow Windows NT4 domain accounts to be transferred (migrate) to a Samba-3 domain controller. Larger Windows networking sites that moved to Microsoft Active Directory started to ask for improved integration capabilities. The technological implications of these demands were not insignificant.

Samba-3 now has excellent support for native Kerberos interoperability with Microsoft Active Directory. It has vastly improved support for LDAP. It has acquired a new, flexible multiple password back-end system, as well as a new VFS module-handling infrastructure. All of these set Samba-3 apart from its predecessor.

Meanwhile, the world has witnessed a barrage of exploits of MS Windows network security vulnerabilities that brought about significant changes in core networking protocols.

The recent impact of the MSBlaster worm is a timely reminder that we must never take security and maintenance too lightly. The real cost of spam is much greater than what's anticipated. Not only does spam consume networking, storage, and management overheads, but it also consumes time from everyone who must deal with the disposal of unwanted nuisance messages. The loss of productivity caused by spam and other malicious network interference activities is immense.

Samba had security issues to deal with also. A buffer exploit was found in the Samba-2.x code base. This was fixed in the late Samba-2.x code series.

As MS Windows 200x/XP usage started to soar, the Samba-Team had to find a way to interoperate more securely with Microsoft Windows clients and servers. This brought about the introduction of support for secure channel (schannel) support, for MS NTLMv2 and NTLMSSP authentication support, and more recently for support for SMB signing. Samba-3.0.0 incorporates all of these advances and truly represents a major step forward.

Many years ago Samba was regarded as deficient of proper documentation. A few Samba-Team members were inspired to better document Samba. There were calls within the Samba-Team to find authors who might be willing to write books that would document Samba and help to explain its use. The response has been amazing, and today there are dozens of Samba books, many of which have been published in multiple languages.

During the life of Samba-2.x, the scratchy HOWTO documents were collated into an Acrobat PDF document that many people found helpful, albeit a bit out of date at times. We struggled with updating and expansion of the manual pages and finally made good progress. It's not surprising that Samba books have acquired a Unix-centric documentation style, after all, it was the Unix administrator who was deploying Samba.

As Samba-3 moved toward functional completion, the need for documentation of the new capabilities became more essential. First, the manual page production system was radically overhauled, making it much easier to maintain the source files and keep them up to date.

Second, we commenced a massive revamp of Samba documentation. A survey was conducted of Samba users and of network administrators who deploy Samba. Their feedback was scathingly cruel at times, but very necessary.

Additionally, some of the Samba-Team members discussed the recurrence of many questions on the Samba mailing lists. We came to the conclusion that there was a need to significantly revisit the way that Samba documentation is put together. In excess of 50 people were actively polled (some over and over again as new documentation updates were written) to find out how they seek out information about Samba and MS Windows networking problems in general.

The result of all this work was a complete revamp of the HOWTO document into a structure that makes sense to Microsoft network administrators. I can testify to the fact that Windows network administrators approach their task very differently from Unix networking experts. The new Samba-HOWTO-Collection PDF file that is part of the Samba-3 sources is the result. In the process of this enormous challenge, one that has taken over seven man months of effort, presents a new problem: the final document is more than 400 pages in length. This document includes live extracts from e-mail messages that have passed over the Samba mailing lists over the past two years. The e-mail extracts provide real-world solutions that will without doubt be of value for many years to come.

Network administrators who reviewed the manuscript, and who liberally contributed their experiences, suggested finding a publisher so that they did not have to print such a large document themselves. Well, we are happy to announce that Prentice Hall PTR will have The Official Samba-3 HOWTO and Reference Guide available in book stores by November this year, with 700 pages of very hot information that no network administrator can afford to miss.