Andrew Bartlett

Photo of Andrew Bartlett
and 'Gem'

Who Am I?

As an active member of the Samba Team I am currently focused on development of the new Samba4 release.

I am currently employed at Catalyst IT providing Samba support and development services with a focus on Samba's Active Directory implementation and the Samba 4.x release series.

As a student, I graduated with a BSEng, from the Australian National University in 2005.

From time to time I may also maintain a blog, which may or may not provide further enlightenment.

Development

Samba

I work primarily on the Samba4 development project, particularly in the area of integrated authentication. I am the primary maintainer of the GENSEC provider of authentication related services (providing NTLMSSP, SPNEGO, Kerberos and SCHANNEL to the rest of Samba4).

In the past, I have been involved in the Samba 3.0 authentication subsystem, and the pdb_ldap passdb backend.

I have a particular interest in Samba's role as a PDC, and I used this capability extensively at Hawker College

My most recent changes to Samba4, Samba 3.0 and the lorikeet associated repository are continuously logged.

A number of useful scripts from my life as a sysadmin are available

Beyond Samba

I worked actively with the Squid development team to bring Winbind based NTLMSSP authentication to Squid. I created the ntlm_auth utility for this purpose. I continue to work with the Squid team on authentication issues, including Negotiate/SPNEGO support

I am the current maintainer of mod_ntlm_winbind, an Apache httpd 1.3 module for NLTM authentication, based on ntlm_auth, and therefore Samba's NTLM connectivity.

I was the original author of a patch to Heimdal Kerberos to allow the hdb-ldap backend to read Samba passwords out of an LDAP directory. This is included in current Heimdal snapshots (after 0.6)

I created a patch to PPP to support MSCHAP and MSCHAPv2 authentication via ntlm_auth and Samba.

Writings

As much of my work over the past four years has involved authentication services, I took some time recently to write a white paper on GENSEC, describing what GENSEC is, and how it and the credentials management code works.

After spending a lot of time with consulting clients looking at integrating the new Samba4 development code with the Samba 3.0 they were hoping to deploy, I have written a white paper on the topic.

As part of my final year studies, I completed a research project into Samba4 and Active Directory. The resulting thesis is available as a PDF. The work, while offering an excellent overview of the protocols involved in Active Directory Domains, also serves as a nice resource on Samba4's development as an Active Directory Domain Controller. I have also made the thesis source available through SVN.

As part of an earlier research project, I investigated Integrated VPN Authentication between PPTP clients and Samba or Windows domains.

I have written magazine articles, and the article on using Samba 2.2 as PDC is old, but still referred to regularly.

I can also be found regularly posting to the samba and samba-technical mailing lists.

Presentations

At the RedHat Developer's day (August 2006) in Melbourne, I recounted some war stories from Samba4 development.

I have spoken at each SambaXP conference. My 2006 Presentations included a Samba4 Status Update (with Jelmer) and a presentation on integration between Samba4 and Directory Servers and my 2005 presentation on Samba4's GENSEC (PDF), was based on my white paper mentioned above.

WineConf 2005 provided an execelent venue for discussions between the Samba and Wine teams, and my short presentation slides (PDF) (which as expected degraded into a much more intresting discussion with the audience) is available.

Like in 2004, I presented at the EducationLinux miniconference attached to linux.conf.au 2005. My talk was on both the pain and gain of using Directory Services in an Educational Environment (PDF).

At the annual CIFS Conference I have presented tutorials on CIFS Authentication. My 2004 presentation is available (in OpenOffice format). I also presented on this topic in 2003 and 2002

At EducationLinux 2004 (a miniconf attached to linux.conf.au 2004) I presented on the use of Linux and Samba at Hawker College

I gave a shorter talk on a similar topic at the 2003 CEGACT/AUUG Symposium on Linux and Open Source in Education

Awards

As part of my studies towards my BSEng I won (with the rest of my group) the Telstra Enterprise Services Award for the best overall result in the 2003 Software Engineering Group Project.

Contact Details

The best way to contact me is by email at abartlet@samba.org. However, please direct Samba questions to the appropriate lists.

I am also available much of the time on IRC.

Become a Conservancy Supporter!

Valid XHTML 1.0!