I noticed that the Samba Version used in the AD DC container is pretty much outdated (4.9.18, from January 2020).
I’m observing a strange issue with RDP authentication (see other post). I’m pretty sure it is a bug in the Samba authentication - that may have long been fixed. Therefore my question: is there any way to update the Samba version inside the container?
Exactly. 4.9 is a discontinued series since 03/2020.
Current series are >4.14
Is there a way to update inside the container? At least for a quick test if the bug has been fixed?
Hi Fabian, we already discussed this issue in the past. Please see this link
12:28PM - 09 Apr 20 UTC
09:41AM - 22 Apr 20 UTC
Currently shipped Samba release is 4.9.18 which has been deprecated
Was not that hard tell “short version, no update”,
@davidep Thank you very much for this interesting pointer. The information is pretty sad though. Don’t get me wrong, I love what you do and I’m a big fan of nethserver. But it’s hard to accept that for the central authentication and authorization service it sticks to a version for which no security updates have been applied for more than two years.
Or do I understand Samba’s versioning wrong?
Are there any plans to change this in the future?
NethServer 8 is in the works, still WIP, but will be released when ready…
That will solve the Samba issue - and several others also.
Patience, and follow the News concerning Nethserver 8…
A migration path for existing installations will be available.
My 2 cents
@Andy_Wismer you cannot currently put a date for when NS 8 “not stable” will be available.
I don’t know if the dev team can put the date, at least now.
Therefore, for an issue ongoing, using “soon™” and “next®” don’t seem to me a viable option for the requester, and an advisable option for an ambassador.
I do not see “soon” in the original question:
“Are there any plans to change this in the future?”
And the answer is “no”.
NethServer 7.9 is gonna die with that version of Samba for the AD container.
NS8 is a totally different product.
And the answer is “no”.
The intentions were to stick to 4.9.18 until the end of the world, but by time plans can change. Just start with a question, then the answer may change to “yes”.
Yes, the “Future” will be the perfect place where all issues are solved
Meanwhile ns7 is pinned to 4.9.18 and yes it is really old nowadays. As Giacomo wrote in the issue,
we will stick to Samba 4.9 as long as possible.
The only reason to upgrade Samba should be a security vulnerability which can’t be fixed in current release.
If you think some known vulnerability is important, we can try to patch 4.9 with a fix backport, or re-consider the upgrade to a supported release.
In contrast to a massive automated upgrade, we could try a manual upgrade procedure to preserve existing DC installations from incompatible changes (if any).
The issue is
closed. And your words (bold my formatting) are not written into the issue.
Then. Answer still