After six months of development, the launch of the new version of Samba 4.22, which comes with a series of improvements in performance, compatibility and efficiency of the SMB3 protocol, in addition to introducing optimizations in Active Directory and new authentication options.
For those who do not know about Samba, you should know that this is a multifunctional server product, which also provides the implementation of a file server, print service and authentication server (winbind). Samba as such implements a domain controller y Active Directory Compatible with all recent versions of Microsoft Windows, including Windows 11.
Main new features of Samba 4.22
In this new version of Samba 4.22 one of the improvements that stands out is the Addition of Directory Leases, an extension that allows caching metadata directory on the client. This Improves access speed and reduces load on the server, as updates to directories are automatically notified to clients when there are changes.
This function It is particularly useful in two scenarios:
- Individual access: When a user works with a home directory on an SMB partition without sharing files with others.
- Shared read-only access: Allows you to reduce the number of requests to the server in collaborative environments with read access.
By default, Directory Leases is enabled on systems where clustering is disabledIts configuration can be adjusted via the “smb3 directory leases” parameter.
In addition to this, in Samba 4.22 Improvements have been implemented in domain controller verification, well now, Samba allows sending Netlogon Ping requests via LDAP and LDAPS, which expands the options for checking the availability of domain controllers.
Previously, this process It was only possible via UDP port 389, but with this update, "rootdse" LDAP queries can be made over TCP, which is especially useful in environments where UDP traffic is restricted by the firewall. This behavior can be configured via the parameter "client netlogon ping protocol", allowing greater control over how Samba obtains information about domain controllers.
Experimental support for Azure Enter ID
Another of the most important novelties of this release is the introduction of support experimental for Azure Enter ID, Microsoft's cloud identity system. This has been achieved by implementing the background process himmelblaud. To enable this functionality, you need to compile Samba with the options:
--enable-rust --with-himmelblau
Additionally, new configuration parameters have been added:
"himmelblaud_sfa_fallback" "himmelblaud_hello_enabled" "himmelblaud_hsm_pin_path"
These settings allow for greater flexibility in authentication with Azure Entra ID, facilitating integration with hybrid environments.
Optimization in Active Directory
On the other hand, in Samba 4.22 Performance of schema update and configuration in Active Directory domains has been improvedIt is mentioned that this was achieved by increasing the size of the LDB index cache in some offline operations, which reduces processing times and improves service efficiency.
Samba 4.22 It also includes the removal of certain parameters and deprecated configurations:
- nmbd proxy logon: Removed because it is no longer needed since the introduction of the NBT server in Samba.
- cldap port: This parameter has been removed, as CLDAP always uses UDP port 389 by default.
- fruit:posix_rename in VFS module vfs_fruit: Removed due to compatibility issues with Windows clients.
If you are interested in knowing more about it, you can check the details In the following link.
How to install or upgrade to Samba on Ubuntu and derivatives?
If you are interested in installing the new version of Samba or if you already have Samba installed and want to upgrade your previous version to this new one, you can do it by following the steps we share below.
To install or upgrade Samba on Ubuntu and its derivatives to the latest available version, you can follow these steps:
Open a terminal, you can do this by searching for “Terminal” in the applications menu or by using the shortcut Ctrl + Alt + T. With this we will add the repository. Since official packages may not be updated immediately, we will use a PPA repository that contains the most recent version of Samba:
sudo add-apt-repository ppa:linux-schools/samba-latest
Update repository list:
sudo apt-get update
Install or upgrade Samba
If you already have Samba installed, this command will upgrade your current version. Otherwise, it will install Samba for the first time:
sudo apt install samba
Once the installation is complete, you can check the installed Samba version with the following command:
samba --version
This will give you the latest version of Samba on your system.
Last but not least, I invite you to check out the posts about Samba implementation:
How to implement a simple Samba Server on Ubuntu 24.04?
How to implement a complete Samba Server in Ubuntu 24.04?