Filter articles
Samba and the French government
Learn how Catalyst and Tranquil IT collaborated to provide an expert open source solution to the French Government.
For many years, several French Ministries have entrusted Samba with authentication for Windows desktop machines – using Samba’s Domain Controller capability.
Opportunity
As modern versions of Windows began phasing out the NT4 Domain Control protocols, it became imperative for the French Ministries to upgrade to Active Directory. Thanks to the long-standing success with Samba, the Ministries were keen to continue to use Samba, this time as an Active Directory (AD) Domain Controller (DC).
However, the French Ministries faced a problem: the new AD domains would need to be combined so that a single domain serves a whole ministry, not just a single site. This meant that Samba needed to upscale.
Samba was successfully operating in the smaller ministries of the French Government, however, scaling from a thousand users up to 100,000 users for the Ministry of Finance was a new challenge that required Catalyst’s Samba experts.
Solution
Simply adding more hardware was not an option. Testing had shown that some databases were dangerously full, and changes to the Samba AD DC codebase needed to be carried out carefully, and diligently, by experts.
Catalyst and Tranquil IT, in France, collaborated to provide an expert open source solution.
The Catalyst Samba team broke the work into parts:
- replacing the TDB NoSQL database layer under Samba with the 64-bit LMDB
- reworking the LDAP server to be memory efficient when returning the whole DB
- reworking and restructuring the server process model to enable efficient parallel processing of requests
- repacking the data in the database in a more efficient format
- removing poor algorithms and data structures in data replication.
At all stages, tests were carried out to measure progress and address hot spots and bottlenecks. We used a performance test tool (traffic_replay), written at Catalyst and contributed to Samba, to provide a realistic traffic load. Samba operated with 300,000 accounts.
Expert Samba support
At Catalyst, our Samba Active Directory team has decades of experience with Samba support and development. Contact us to discuss your organisation's goals.