SAMBA eXPerience archive

In our archive you will find impressions and information gathered at the past SAMBA eXPerience conferences:

  • talks as MP3 audio files
  • slides from the conference as PDF
  • tals as MP4 video files (NEW in 2020!)

Conference program 2020


This year's tutorial will cover CTDB. In one day you will see how to set up GlusterFS with two nodes as an active-active cluster.

After setting up the Gluster cluster comes the main part of this year's tutorial: Setting up CTDB on two nodes. We will take a look at the new way of configuring CTDB since version 4.9 of Samba the CTDB configuration changed a lot.

Here are the topics of the one day tutorial:

  • Setting up a Gluster replicated volume with two nodes
  • Activating the new Samba settings in Gluster
  • See how you can mount the Gluster volume into a Samba CTDB file server
  • Joining the cluster into a Samba4 domain
  • Looking at the log-files
  • See how CTDB is managing the failover

At the end of the day you will have a CTDB cluster with GlusterFS as the storage. You will be able to replace or add a node from the CTDB cluster. We will not take a closer look at GlusterFS, we will just use it for the CTDB-cluster.

Welcome Note from SerNet

The one track session takes place in Track 1.

Chairman’s note

Also happening in Track 1!


You are still in Track 1 :-)

CTDB Report 2020

This is a report in conference track 1 on the status of CTDB, similar to that presented at recent SambaXP conferences. The report will focus on 2 main areas: progress and plans. What is new upstream in CTDB? What do our plans look like compared to those presented in recent years? There is also the intersection of progress and plans: what useful things are sitting in development branches but are not merged?

Progress includes: Clustered Samba testing is now in Samba's test suite and autobuild, CTDB's inter-node TCP transport is now more resilient (with some pain along the way), database vacuuming has been simplified, the recovery lock has been enhanced, code is generally cleaner (largely due to csbuild showing issues) and there have been many improvements in testing.

Plans include: splitting CTDB into multiple daemons (as previously presented), a transport using datagram messaging and simple code for new developers to understand and embrace.


You are entering the multi tracked conference right after the break. Use different browsers if you want to follow both sessions!

The Samba Files Server in IBM Spectrum Scale – Use cases and requirements of Enterprise customers

IBM has deployed Samba as part of file storage solutions for many years now. The current product of IBM is called Spectrum Scale and it delivers clustered Samba to a world-wide base of Enterprise customers on top of IBM's clustered file system known as gpfs.

The first part of the talk is supposed to describe selected requirements, use cases and enhancements this mission has been driving over the last years. This could include topics like file contention, access control lists, and Mac support.

The second part of the talk will address the new challenging requirements with respect to identity mapping like the server side group resolution for NFS clients and the increasing demand to add sssd to the clustered Samba server nodes.

FreeIPA Global Catalog challenges

At SambaXP 2017, we reported an initial progress into making Global Catalog service available as a part of FreeIPA deployment. Three years later, Global Catalog in FreeIPA is becoming a reality. In this talk we are going to demo a working Global Catalog service and dive into challenges we faced in mapping FreeIPA to Active Directory world without being an Active Directory domain controller. FreeIPA's use of Samba services continues to exercise Samba infrastructure from a perspective not commonly experienced and well tested. Finally, semantic differences we encountered across multiple protocols and their implementations in open source and proprietary products represent a good lesson in interoperability efforts.

Lessons learned from using Samba in IBM Spectrum Scale

IBM Spectrum Scale is a software defined storage offering of a clustered file system bundled together with other services. Samba is included as part of the product to provide a clustered SMB file server and integration into Active Directory. This talk discusses from a development point of view the integration of Samba into a storage product and what the development team has learned over the years. Topics will include the requirement for automated testing on multiple levels and the collaboration with the upstream Samba project. Examples will be used to illustrate problems encountered over time and how they have been solved. Further topics will be challenges that have been solved and gaps that have been seen with the usage of Samba.

A stage for Samba in the era of the container platform!?

In recent times, container application platforms, in particular kubernetes, have become extremely popular, have for instance overtaken the virtual machine centric cloud operating system OpenStack in popularity. In contrast to virtual machine environments which run a variety of operating systems and therefore also have natural use cases for Samba, container platforms are usually running one operating system (kernel) only, and thus don’t offer a very obvious space for Samba, whose main purpose is to act as an agent between different operating systems. Is there still a stage for Samba in container land?

This presentation will start with an introduction to the storage concepts of kubernetes and the container storage interface standard CSI, which generalizes these to other container platforms. It will explain the roles of file, block, and object storage in kubernetes and then shows how a distributed software defined storage system like ceph or gluster is brought into kubernetes, running alongside the consuming applications and managed by so called “operators”, providing storage self service for the applications. Time permitting, the presentation may include a demo of what is possibly the easiest installation of a ceph cluster so far.

From here on, the presentation will explore some very interesting and possibly surprising opportunities for Samba in this environment. Details are omitted in this abstract in order to keep up the suspense.


The way to modern Kerberos features

  • Using S4U2Self in winbindd
  • The limitations of existing kerberos libraries
  • The challenges of adding new features to kerberos libraries
  • Kerberos testing with plain python

Report from the field: Samba clustering with GlusterFS

Samba supports building a clustered SMB storage solution using the Gluster filesystem for several years now. While Samba and it’s cluster component CTDB are well established components for SMB clustering, the Gluster filesystem itself needed to adapt in various areas to provide all necessary features.

The talk will cover the lessons learned during the process of maturing the Samba and GlusterFS setup and explore the architecture of Samba and GlusterFS in general. Based on support experiences we want to point out the importance of sometimes overseen prerequisites in the area of networking and DNS. Driven by customer demands several important performance improvements have been made in the past months. Users of the glusterfs fuse filesystem now can use a new Samba VFS module that provides enhanced guarantees for accessing files within the cluster. It also implements a mechanism to circumvent expensive case folding pathname operations. The older Samba VFS module which consumes Gluster’s gfapi library now uses Samba’s threadpool implementation based on pthreads which lead to significant performance improvements. The presentation will conclude with an outlook for the ongoing work related to SMB3 features such as multichannel and transparent failover.

Developers guide to smbd: SMB2 packet processing

From the network down to the filesystem and back. This talk will give an overview on Samba's SMB2 packet processing with the goal of giving novice smbd hackers a starting point to the most important source code subsystems involved when a client sends a "create a file" request to the server.

Testing, testing, one, two, one, two...

Testing is an extremely important part of the software development process. Luckily, a lot of the testing work is automated today. Continuous integration (CI) is a buzzword. In Samba, we have come a long way from manually running tests (sometimes) to our own autobuild system enforcing a full run of the test-suite as a push-gate to running various tests in parallel in the gitlab ci system for each merge request.

While testing server client systems like Samba in an automated way is demanding already, testing a cluster is even more complicated and resource hungry. CTDB itself has been tested in isolation with local processes since the beginning, and recently a test-environment has been added to Samba’s selftest that helps test the samba+ctdb stack entirely with local process and socket wrapper. But an automated, periodic test of a samba and ctdb setup on top of a real clustered file system is still missing. One aspect why this is not so easy to implement is the fact that it would usually require a couple of virtual machines to set up such a test cluster.

This presentation will introduce a project that we recently started to investigate and work on. It aims to create a periodic test run pulling the latest bits of Samba and Gluster, setting up a cluster and running test suites against it. Errors would be reported to both projects. As compute resources for the test runs, the centos-ci is used. This project provides jenkins-managed bare metal server resources for open source projects to integrate into their CI systems. These servers are powerful enough to run realistic cluster setups in virtual machines. The presentation will demonstrate how the centos-ci resources are integrated into this test system. Furthermore, possibilities will be explored, how to integrate centos-ci resources as additional runners for Samba’s gitlab CI runners.

Slides (PDF)


Samba Active Directory tools for Windows Admins

This is a follow up to last years talk about managing AD via an ncurses gui. This talk will cover additional improvements to the ADUC and ADSI Edit modules, as well as covering a new DNS Manager. ADUC and ADSI Edit now communicate with AD via samba python bindings, and the DNS Manager interacts with samba-tool calls. The tools have also been wrapped in a redistributable AppImage, which can run on multiple distros. Automated testing has also been written.

Ceph Samba Gateway and transparent failover improvements

CephFS and Samba can be combined to provide a highly scalable filesystem which can be accessed from SMB clients such as Linux, Windows and macOS.

This talk will look at Samba clustering features under development, which aim to provide improved availability and performance, with a focus on:

  • New RADOS dbwrap backend as an alternative to CTDB
  • Fast Client failover with Witness Protocol as an alternative to tickles ACKs

Closing Remarks First Day

Welcome Note

The Psychology of Multifactor Authentication

Multi Factor Authentication is becoming more important in our infrastructure, with organisations starting to require it for sensitive accounts and more. So why does Multi Factor Authentication ... work? How does human behaviour influence our security and interact with threats that exist online? How can design and human interaction extend to making safer systems?

Come along and learn about human interaction and design, the psychology of how humans interact with systems. We'll extend this into security to understand why human error is really the fault of poor systems design. Finally we'll talk about different threats and how MFA works to protect us from them - at a psychological level.

Python has got better for Samba

Samba, particularly the AD part, is riddled with Python. The transition from Python 2 to Python 3 was painful. Now that is over and we have the sudden benefit from a decade of language and library development. Some of the changes are actually quite useful, including an improved debugging infrastructure and built-in asynchronous concepts.

smbcmp improvements from Google Summer of Code 2019

Smbcmp is a cli tool for making diffs between two pcap files containing SMB packets and rendering them using curses. For the first part of the project we had to make better diffs by using the pdml output of Tshark and for the second part we added a GUI and ported smbcmp to Windows.

Slides (PDF)

The Future of Accessing Files Remotely: Linux SMB3 update

The SMB3 kernel client has become the most active network/cluster file system on Linux over the past few years, and continues to add new features and optimizations at a rapid pace. These allow Linux to better access Samba server, as well as the Cloud (Azure), NAS appliances and Windows and Macs and an ever increasing number of embedded Linux devices.

Performance has dramatically improved, not just with the addition of GCM support, but also with continued improvements to compounding, and better parallelization, and also with the addition of multichannel support which allows Linux to spread I/O better across many network devices. New features continue to be added such as the ability to boot diskless systems from Samba, and even swap over SMB3 mounts. Sparse file support over SMB3 mounts is now much better. POSIX compatibility of the kernel client also has been improving with the SMB3 POSIX Extensions to the protocol and with improved testing (the "buildbot" automated testing framework has been invaluable and continues to improve quality). New security features like "modefromsid" allow Linux to better handle common scenarios over SMB3 mounts. In addition the new Linux Kernel server will enable even more use cases for SMB3 on Linux. This has been a very exciting year for SMB3 support in the Linux kernel!

This presentation will describe and demonstrate the progress that has been made over the past year in the Linux kernel SMB3 support in accessing Samba and also the Cloud (Azure) using Linux clients. In addition recommendations on common configuration choices, and troubleshooting techniques will be discussed. 


Hardwired: A SMB2/SMB3 Hardware Offload Engine

SmartNICs -- programmable network offload cards -- are now very much "a thing", with several vendors in or entering the market. Storage acceleration is one of the most common use-cases cited by proponents, but what that actually means is not entirely clear. This talk addresses some of the ways in which the performance of the SMB2/SMB3 stack can be improved by SmartNICs, and the design criteria that needs to be considered in order to make SMB Offload viable. We will also cover the following questions:

  • Which SMB transports can be supported?
  • What state information, if any, should be maintained by the offload engine?
  • How can the engine be tested while it is being developed?
  • How will the upper levels of the stack connect to the offload layer?
  • Is this just a dream, or is there some skin in the game?

Slides (PDF)

Migration story of 515 server from AD to Samba

Turkish Government decided to move open source technology around 2013. After this decision Profelis work on desktop server migration project and developed OpenSuse based distribution called Gibux.

37.000+ desktop migrated in 3 years. After this migration, Ministry approved AD servers migration to Samba4. Today 515 servers on countrywide using Samba as Authentication. This is one of the biggest open source migration projects in Turkey. 

Slides (PDF)

Stretching WSP

Recently spotlight got support for elasticsearch, what about the experimental WSP support?

1. Can it do the same?

2. What's involved

3. How does it affect the existing implementation.

Optimizing Linux Access to Samba: POSIX Protocol Extensions for SMB3.1.1

Accessing files on Samba servers optimally from Linux clients is essential to a wide variety of workloads. Linux continues to evolve, with new file system features and syscalls being added every year. This presentation will provide an update on the status of the Linux/POSIX protocol extensions to the SMB3.1.1 protocol, what has been added to the specification, what the implementation status is for the Linux kernel client and for Samba server and client tools (like smbclient for example). We will show examples of what works today and why these extensions are so exciting and useful. Looking forward - we will also discuss any changes and suggestions for future versions to enable Linux to continue to improve its ability to access network storage.


SMB3 Protocol Update

The SMB3 protocol has updated in the past year, with compression in 2019 and further updates in the Windows "20H1" Spring release. We'll review and recap the protocol since the last SambaXP, and also provide a look forward, including an update on recent developments in RDMA to enable "Push Mode" for ultra-low-latency remote access to persistent Storage Class Memory via SMB3 and SMB Direct.

Slides (PDF)

Panel Discussion

Conference program 2019

Creating and managing Trusts with Samba 4.9

In this tutorial you will setup a trust between two active directory-domains. You will learn how to manage the trust and how to add users and groups from a trusted domain to a trusting domain.


  • How do trusts work 
  • Different kind of trusts 
  • Samba supported trust
  • Samba limitations 
  • Setting up a DNS-Proxy
  • Creating a forest-trust between two domains 
  • Manging trusts
  • Testing the trusts und authentication 
  • Managing users and groups between trusts

Welcome Note from SerNet

Chairman’s note


SMB3 Protocol Update

Slides (PDF)


Improve S4U2Self in Samba

  • Why s4u2self is important and how it could be useful.
  • Implementation challenges in MIT, Heimdal and Samba.
  • Open issues, help wanted, etc

Slides (PDF)

Linux 5 - SMB3 reborn. Access to Samba, Azure, Windows and the World from Linux

The release of Linux version 5 earlier this year, coincides with the "rebirth of SMB3" as the Linux SMB3 client has become the most active network/cluster file system with a wealth of new features and fixes added. Access to Samba, and the Cloud (e.g. Azure) and network storage from Linux is better than ever. Dramatically improved performance of large files access, especially with the integration of RDMA support (“SMB Direct” support), improved direct I/O support and also with many metadata and compounding optimizations which help access to large directories, especially in the cloud (like Azure Files).

In addition support for directory leases (and many other caching improvements) has also helped performance. The ability to do new workloads, more efficient compounding of complex operations for improved performance, changes to more easily recover from failures, improvements to DFS/Global Namespace support, improved metadata handling, many security enhancements, and changes to the default protocol dialects, have made this a great year for improvements to Linux's SMB3/SMB3.11 support. In addition, the POSIX extensions to the SMB3.11 protocol have greatly improved with testing over the past year, especially from Linux and Samba, and are leading to additional workloads being possible now over SMB3.11.

This presentation will demonstrate and describe some of the new features and progress over the past year in accessing Samba and also the cloud (Azure) via SMB3/SMB3.11 using Linux clients, as well as how to configure this optimally.

Slides (PDF)

Speeding up Samba by backing up

The team at Catalyst IT has been busy implementing quite a range of new features to Samba Active Directory. In doing so, there have been some unintended, but generally positive, consequences which have changed the way we have been developing new features. One such consequence has been from our new backup tools which has resulted in a huge improvement in our ability to test networks more reliably. Particularly at larger scales, it has made identifying performance issues significantly easier.

For users, these side-effects should also be appreciated like the potential for more reproducible lab networks, as we continue to build tools and features like Windows but a little differently (and maybe a little better).

This talk will go over some of the basics of the new backup and restore tools for AD domains, and cover some of the work that was done to make simple group policy objects (GPO) portable. It will also include some of the changes in how we have been doing testing and some of the impacts to the selftest system. Hopefully there'll be something interesting to everyone.

Slides (PDF)

Dive into Pathname Processing

How Samba processes incoming pathnames is a black art, and very old code that has been developed over twenty years. Listen to one of the developers go through the pathname processing code, function by function and explain how and why it got to be this way, and what we can do about it. This talk will be of interest for Samba VFS developers as well as general SMB1/2/3 fileserver developers.

Slides (PDF)


What should we do with our UI

To the newcomer, Samba's command line user interface appears to be a haphazard jumble of scripts and binaries with options and design principles that fade in and out of use according to some esoteric pattern. The tools report back to the user with a eclectic mixture of python tracebacks, NT_STATUS error codes, and friendly messages that sometimes neglect to say what was attempted and if it worked.

To the expert it is actually worse, because in the time it took them to become an expert another layer of new functionality has settled over the UI. The expert realises there is no underlying principle--the interface just collects up like leaves in a drain--and memorises the minimal set of finger-patterns to get their job done.

Can we do better? Without breaking anybody's scripts and finger habits? Could samba-tool provide consistently useful feedback? Is automatic shell-completion possible? Can we get beyond a simple text UI without falling into a horrific expanse of GTK checkboxes or web based graph visualisations?

Some of these questions might be answered.

Slides (PDF)

Hardwired: An SMB3 Offload Engine

What can be achieved, in terms performance and reliability, by isolating SMB3 message marshalling and unmarshalling into a separate layer? This talk will describe experimentation with a low-level SMB2/3 message handling engine.

Slides (PDF)

Samba Active Directory tools for Windows Admins

Managing AD via terminal commands can be alien to many Windows users and admins, so providing them with familiar tools could ease their transition. This talk will demonstrate new GUI tools, which can run via either qt in a graphical environment, or also via ncurses in the terminal, which simplify the administration of users and groups in an AD domain. These tools emulate the familiar ADUC and ADSI tools in a Windows environment.

Slides (PDF)

Introduce New In-kernel SMB3 server called CIFSD

CIFSD is a new SMB server implementation for the Linux kernel, intended to provide higher performance than user-space analogues.  This talk will start with a brief introduction to CIFSD architecture (high level) and its main design goals: outline components, their responsibilities and communication protocols. In the second part of the talk we will focus on current state of affairs and our future development plans.

Slides (PDF)


Samba and the road to Python3

Samba 4.10 is the first release to support Python3 (and also Python2)

The talk will cover

  • The reasons why we are moving to Python3
  • Some details that attempt to explain what will be supported and in which version.
  • Some of the challenges encountered migrating to Python3
  • Lessons learned

Slides (PDF)

Spotlight: Samba and Elasticsearch

Where is that file when you need it? This presentation will give an overview of the current status of macOS Spotlight support in Samba with a brief detour on Microsoft WSP and an outlook on the ongoing work to replace the current search backend Gnome Tracker with something more scalable: Elasticsearch.

Social Event

will be announced at the conference

One DCE/RPC server to serve them all

On the way to Samba 4.0 a more feature-complete DCE/RPC server was designed and implemented which allows asynchronous execution, a fundamental requirement for some services such as the witness protocol.

This talk will present an approach to DCE/RPC server reunification where the server core has been extracted from the samba4 implementation and a new PIDL compiler class generates code able to invoke samba3 RPC interfaces implementations.

The topics will cover the dissection of the DCE/RPC server to present the components that compose it, the analysis of the initialization to identify the parts that can not be shared, the execution of the common processing loop, the new PIDL compiler class and finally some problems such as the local dispatching (rpcint vs irpc binding handles) and how they have been solved.

Slides (PDF)

SMB debugging tools

In this talk the speaker will give an overview of the existing tools to help debug SMB issues (smbcmp, smblog-mode,wireshark, ...) and some of their recent new features.

Slides (PDF)

Samba in love with GnuTLS

With Samba 4.10 and older versions, Samba is currently implementing its own cryptography primitives for commonly used ciphers and hashes(AES, RC4, SHA-1/SHA-2, MD4 and MD5). Writing cryptographic functions is not that hard, you do not even need to understand the math behind a cryptographic primitive you want to implement to be able to construct a set of functions that correctly encrypts and decrypts a ciphertext. 

Cryptographers keep saying you should not implement your own crypto. History of Samba shows why it is indeed a sensible suggestion to anyone.We look into why we implemented our own crypto primitives and why it was a bad idea. 

This talk will explain the benefits of moving to a proper crypto library for an open source project implementing a complex network-facing protocol set. We also will look into how this helps us to become a predictable code base to be able to pass a FIPS 140-2 certification.

Slides (PDF)

SMB3 Multichannel update

Adding SMB3 multichannel as a fully supported feature to the Samba SMB server has been a long and difficult journey. Not only some aspects of the protocol regarding oplocks and leases needed to be properly

researched and tested - also the implementation design needed to be adapted to the way SMB clusters are run with CTDB. The talk will give an update to the completeness of the multichannel feature and also explore other aspects of clustered SMB with Samba and CTDB using the Gluster filesystem.

Slides (PDF)


Samba as the default directory

In the Microsoft world, AD is well established as "the only" source of identity information for workstations and servers. However, in the opensource world, we have a variety of artisinal solutions to identity management, every one with pros, cons, complexities and hurdles. Sadly as a result, almost no business gets the arcane system right, and wide issues exist.

We want our Linux and BSD machines to "just work" in the same way that Windows "just works" with AD. But surely this is a dream? I'll explore the current changing landscape of services and authentication in opensource and application deployment. From there I will talk about the ways that Samba 4 can be turned into the default LDAP server for use in opensource environments. Finally I'll talk about the future of applications and how Samba 4 could step up to be the default directory server in any environment.

Slides (PDF)

Improvements in CTDB and Clustered Samba testing

This presentation will provide details of improvements to CTDB's testing infrastructure and to Autocluster.

CTDB's test suite was created in an ad hoc manner to run a limited range of test cases. This included running multiple "local daemons" to allow CTDB's clustering, messaging and database capabilities to be tested. As more test cases appeared, the local daemons functionality was extended in more ad hoc ways, but was still embedded in the "simple" test suite. The "local daemons" support was recently extracted into a standalone script that relies on CTDB's test mode. While this is still used by the "simple" test suite, it can also be used for standalone debugging and could be integrated into Samba's autobuild to test some Clustered Samba capabilities.

Autocluster is a tool for generating virtual clusters for testing Clustered Samba. It has now been rewritten as a small Python script that reads configuration from a YAML file, creates a cluster with Vagrant and configures it with Ansible.  As a result it is now about 5.5K lines smaller and much more maintainable.

Slides (PDF)

More Fancy Talk about Rust

In the third talk talk of the quest to get a more modern programming language supported in Samba we are re-visiting the re-visit to finally get it right (tm).

Last year, we saw a proof of principle project implementing a DNS-like protocol in Rust, and then using the server-side parser for it from a C server providing the rest of the business logic. When the time came to figure out how to handle memory ownership between C and Rust functions, my solution was to implement a Rust wrapper to Samba's Talloc memory management library and keeping the C process in charge of all allocated memory. This turned out to be an unpopular design decision.

So this time around we'll stick to handling the Rust-allocated memory in Rust while giving the project another go. In addition, the talk gives an overview of the current state of automatic C binding generation from Rust and other features relevant for integrating Rust into a real world project.

Slides (PDF)

The CTDB report

This is a report on the status of CTDB, similar to that presented at recent SambaXP conferences.

We will review design and associated plans, including those presented at SambaXP 2018 - some of those still aren't in a release. We will discuss how the design as evolved over time and the summarise the current state of the design, including protocol, transport, messaging and use of sockets.

The circumstances of CTDB's lead developers have changed, so there is less time available for development. We will discuss the consequences of these changes, including some musings about competing philosophies for achieving our design and implementation goals.

New requirements appear, so are worthy of mention. This will include the SMB Witness Protocol and some potential database performance optimisations.

We will close by discussing some long term goals for CTDB.

Slides (PDF)


Windows Hello Internals

A protocol level deep dive into how Windows Hello Authentication works.

Slides (PDF)

SMB3 POSIX Extensions

For SMB3 (and Samba) to be used even more broadly, it is critical to improve the experience of Linux users (running POSIX applications). The SMB3 POSIX Extensions, a set of protocol extensions to allow for optimal Linux and Unix interoperability with Samba, NAS and Cloud file servers, have greatly improved with feedback and test results from expermental implementations in Samba and now merged into the Linux kernel. These

extensions address various compatibility problems for Linux and Unix clients (such as case sensitivity, locking, delete semantics and mode bits among others). This presentation will review the state of the protocol extensions, what was learned in the implementations in Samba and also in the Linux kernel (including from running exhaustive Linux file system functional tests to try to better match local file system

behavior over SMB3 mounts) and what it means for real applications.

With the deprecation of older less secure dialects like CIFS (which had standardized POSIX Extensions documented by SNIA), these SMB3 POSIX Extensions are urgently needed to be more broadly deployed to avoid functional or security problems and to optimally access Samba from Linux.

Slides (PDF)


A journey from 170 Samba3-NT4 domains to 1 unified Samba-AD domain with 8000 users

"They did not know it was impossible so they did it" had written Mark TWAIN. This quote is such a perfect fit for the French Ministry of Culture.

In this talk, we want to tell you about the tools and methods that Tranquil IT used to merge 170 Samba3-NT4 domains into 1 Samba-AD domain for 8000 users quickly and with very little manpower. Beside the most practical tool in IT which is loving your users, we'll show you how python scripts, Ansible, our tool WAPT, and Samba's legendary flexibility helped achieve that.

Along the way, we have improved security, upgraded all systems and normalized their network. That's one more happy client to put on Samba's scoreboard.

Slides (PDF)

GitLab: One year on

Andrew Bartlett will look back at the year since the introduction of GitLab in the Samba Team, first for CI and then also for merge requests, and then look forward to future opportunities to improve the Samba Development process.

Samba started to use GitLab, hosted at in June 2018. Thiscame after a failed attempt to integrate GitHub with our workflow, but was motivated by the same desire: To make contributing to Samba easy for a new generation of Samba developers, as well as a pleasure for existing developers.

Slides (PDF)

Panel Discussion

Past Conferences

Looking for slides, audio files or pictures older than 2018? Please visit the directory preserving our old sambaXP archive and browse through the years.


sambaXP archive