-'Samba4 TP5' presents you with a snapshot into Samba4's ongoing
-development, as we move towards our first alpha releases. This Technology
-Preview (TP) is snapshot of Samba4's development, as at June 2007.
-
-In the time since TP4 was released in January 2007, Samba has
-continued to evolve, but you may particularly notice these areas:
-
- Work has continued on SWAT, the the libnet API behind it. These we
- hope will grow into a full web-based management solution for both
- local and remote Samba and windows servers.
-
- The DRAUAPI research effort has largely concluded, and an initial
- implementation of AD replication is present, included in torture
- test-cases. This includes the decryption of the AD passwords, which
- were specially and separately encrypted. This should be recognised
- as vital milestone.
-
- Likewise, the LDAP Backend project has moved from a research
- implementation into something that can be easily deployed outside
- the test infrastructure.
-
- Testing has been an area of great work, with renewed vigour to
- increase our test coverage over the past few months. In doing so,
- we now demonstrate PKINIT and many other aspects of kerberos, as
- well as command-line authentication handling in our testsuite.
-
- The testsuite infrastructure has been rewritten in perl and
- extended, to setup multiple environments: allowing testing of the
- domain member, as well as the domain controller, roles. Samba4's
- initial implementation of winbind has been revived, to fill in these
- tests.
-
- In clustering, work on CTDB (an implementation of a clustered Samba)
- has moved ahead very well, but the current code has not
- been merged into Samba4 in time for this release.
-
- To support better management, we have investigated group policy
- support, and include the infrastructure required. Unfortunately
- without MMC write support, you will need to place the polices into
- the directory by hand.
-
-As we move forward, we have many of the features we feel are required
-for a Samba4 Alpha. Similarly, we know enough about the data
-formats (particularly those that are encrypted) to be confident that
-we won't need to change the LDB format. Our plan is to publish a
-Samba4 alpha in the next few months.
-
-These are just some of the highlights of the work done in the past few
-months. More details can be found in our SVN history.
-
-
+ =================================
+ Release Notes for Samba 3.4.0pre1
+
+ =================================
+
+This is the first preview release of Samba 3.4. This is *not*
+intended for production environments and is designed for testing
+purposes only. Please report any defects via the Samba bug reporting
+system at https://bugzilla.samba.org/.
+
+Major enhancements in Samba 3.4.0 include:
+
+Authentication Changes:
+o Changed the way smbd handles untrusted domain names given during user
+ authentication
+
+Authentication Changes
+======================
+
+Previously, when Samba was a domain member and a client was connecting using an
+untrusted domain name, such as BOGUS\user smbd would remap the untrusted
+domain to the primary domain smbd was a member of and attempt authentication
+using that DOMAIN\user name. This differed from how a Windows member server
+would behave. Now, smbd will replace the BOGUS name with it's SAM name. In
+the case where smbd is acting as a PDC this will be DOMAIN\user. In the case
+where smbd is acting as a domain member server this will be WORKSTATION\user.
+Thus, smbd will never assume that an incoming user name which is not qualified
+with the same primary domain, is part of smbd's primary domain.
+
+While this behavior matches Windows, it may break some workflows which depended
+on smbd to always pass through bogus names to the DC for verification. A new
+parameter "map untrusted to domain" can be enabled to revert to the legacy
+behavior.
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.4 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
git.samba.org / amitay / samba.git / blobdiff