-Transparent File Compression
-============================
-
-Samba 4.2.0 adds support for the manipulation of file and folder
-compression flags on the Btrfs filesystem.
-With the Btrfs Samba VFS module enabled, SMB2+ compression flags can
-be set remotely from the Windows Explorer File->Properties->Advanced
-dialog. Files flagged for compression are transparently compressed
-and uncompressed when accessed or modified.
-
-Previous File Versions with Snapper
-===================================
-
-The newly added Snapper VFS module exposes snapshots managed by
-Snapper for use by Samba. This provides the ability for remote
-clients to access shadow-copies via Windows Explorer using the
-"previous versions" dialog.
-
-Winbindd/Netlogon improvements
-==============================
-
-The whole concept of maintaining the netlogon secure channel
-to (other) domain controllers is rewritten in order to maintain
-global state in a netlogon_creds_cli.tdb. This is the proper fix
-for a large number of bugs:
-
- https://bugzilla.samba.org/show_bug.cgi?id=6563
- https://bugzilla.samba.org/show_bug.cgi?id=7944
- https://bugzilla.samba.org/show_bug.cgi?id=7945
- https://bugzilla.samba.org/show_bug.cgi?id=7568
- https://bugzilla.samba.org/show_bug.cgi?id=8599
-
-In addition a strong session key is required by default now,
-which means that communication to older servers or clients
-might be rejected by default.
-
-For the client side we the following new options:
-"require strong key" (yes by default), "reject md5 servers" (no by default).
-E.g. for Samba 3.0.37 you need "require strong key = no" and
-for NT4 DCs you need "require strong key = no" and "client NTLMv2 auth = no",
-
-On the server side (as domain controller) we have the following new options:
-"allow nt4 crypto" (no by default), "reject md5 client" (no by default).
-E.g. in order to allow Samba < 3.0.27 or NT4 members to work
-you need "allow nt4 crypto = yes"
-
-winbindd does not list group memberships for display purposes
-(e.g. getent group <domain\<group>) anymore by default.
-The new default is "winbind expand groups = 0" now,
-the reason for this is the same as for "winbind enum users = no"
-and "winbind enum groups = no". Providing this information is not always
-reliably possible, e.g. if there're trusted domains.
-
-Please consult the smb.conf manpage for more details of this new options.
-
-Larger IO sizes for SMB2/3 by default
-=====================================
-
-The default values for "smb2 max read", "smb2 max write" and "smb2 max trans"
-have been changed to 8388608 (8MiB) in order to match the default of
-Windows 2012R2.
-
-Improved DCERPC man in the middle detection
-===========================================
-
-The DCERPC header signing has been implemented
-in addition to the dcerpc_sec_verification_trailer
-protection.
-
-Overhauled "net idmap" command
-==============================
-
-The command line interface of the "net idmap" command has been
-systematized and subcommands for reading and writing the autorid idmap
-database have been added. Note that the writing commands should be
-used with great care. See the net(8) manual page for details.
-
-tdb improvements
-================
-
-The tdb library, our core mechanism to store Samba-specific data on disk and
-share it between processes, has been improved to support process shared robust
-mutexes on Linux. These mutexes are available on Linux and Solaris and
-significantly reduce the overhead involved with tdb. To enable mutexes for
-tdb, set
-
-dbwrap_tdb_mutexes:* = yes
-
-in the [global] section of your smb.conf.
-
-Tdb has furthermore improved to manage its file space more efficiently. This
-will lead to smaller and less fragmented databases.
-
-Messaging improvements
-======================
-
-Our internal messaging subsystem, used for example for things like oplock
-break messages between smbds or setting a process debug level dynamically, has
-been rewritten to use unix domain datagram messages.