WHATS NEW IN Samba 3.0 alpha24 14th May 2003 ============================== This is a pre-release of Samba 3.0. This is NOT a stable release. Use at your own risk. The purpose of this alpha release is to get wider testing of the major new pieces of code in the current Samba 3.0 development tree. We have officially ceased development on the 2.2.x release of Samba and are concentrating on Samba 3.0. To reduce the time before the final Samba 3.0 release we need as many people as possible to start testing these alpha releases, and hopefully giving us some high quality feedback on what needs fixing. Note that Samba 3.0 is not feature complete yet. There is a more coding we have planned, but unless we get what we have done already more widely tested we will have a hard time doing a stable release in a reasonable time frame. Major new features: ------------------- - Active Directory support. This release is able to join a ADS realm as a member server and authenticate users using LDAP/kerberos. - Unicode support. Samba will now negotiate UNICODE on the wire and internally there is now a much better infrastructure for multi-byte and UNICODE character sets. - New authentication system. The internal authentication system has been almost completely rewritten. Most of the changes are internal, but the new auth system is also very configurable. - new filename mangling system. The filename mangling system has been completely rewritten. An internal database now stores mangling maps persistently. This needs lots of testing. - new "net" command. A new "net" command has been added. It is somewhat similar to the "net" command in windows. Eventually we plan to replace a bunch of other utilities (such as smbpasswd) with subcommands in "net", at the moment only a few things are implemented. - Samba now negotiates NT-style status32 codes on the wire. This improves error handling a lot. - better w2k printing support including publishing printer attributes in active directory - new loadable RPC modules - new dual-daemon winbindd support for better performance - support for migrating from a Windows NT 4.0 domain - support for establishing trust relationships with Windows NT 4.0 domain controllers Plus lots of other changes! Reporting bugs & Development Discussion --------------------------------------- Please discuss this release on the samba-technical mailing list or by joining the #samba-technical IRC channel on irc.freenode.net. If you do report problems then please try to send high quality feedback. If you don't provide vital information to help us track down the problem then you will probably be ignored. Changes in alpha24: ------------------- LDAP Schema Changes ------------------- A new objectclass (sambaSamAccount) has been introduced to replace the old sambaAccount. This change aids us in the renaming of attributes to prevent clashes with attributes from other vendors. There is a conversion script (examples/LDAP/convertSambaAccount) to modify and LDIF file to the new schema. Example: $ ldapsearch .... -b "ou=people,dc=..." > old.ldif $ convertSambaAccount old.ldif new.ldif The can be obtained by running 'net getlocalsid ' on the Samba PDC as root. The sambaDomain and sambaGroupMapping objects have also been modified to use the new attribute naming conventions as well. There are no conversion scripts for this data since the old schema was never published in a stable release. The old sambaAccount schema may still be used by specifying the "ldapsam_compat" passdb backend. Parameters ---------- Removed Parameters * total print jobs Known Issues ------------ The following are known issues with this release and will be corrected in future versions: 1) Automatically generating accounts for users and groups from trusted domains when Samba is acting as a PDC 2) Maintaining idmap ID's in a LDAP directory in order to implement a distributed winbind solution ChangeLog --------- See cvs log for SAMBA_3_0 for complete details. There are many smaller numerous changes that would clutter the release notes. 1) Fix policy handle leak and crash bug in rpc printing code 2) Changed the order of checking whether a SID is a UID or a GID in posix acls 3) Merge of winbind nss cleanup from HEAD branch 4) Inclusion of idmap backend for mapping SIDs to uids/gids 5) Fix for very subtle POSIX lock interaction race condition 6) Re-fix close of delete semantics 7) Inclusion of schannel functionality (merged from SAMBA_TNG) 8) Remove unixsam passdb 9) Add debugging code to decode the Win2k PAC 10) Very large amounts of documentation fixes (including the move from SGML->XML DocBook) 11) Fix support for local_password_change() in pam_smbpass 12) Ensure we have WinXP-like semantics for checking TIDs and FIDs 13) More print job change notify fixes 14) Handle deep referrals in MS-DFS code 15) Add echo named pipe for testing purposes 16) Workaround streams leak on SCO openserver 5.0.x 17) Lots of popt changes to command line tools 18) Use the new modules system for passdb (merge from HEAD) 19) Inclusion of editreg.c for editing Windows NT+registry files off line 20) Fix byte ordering when using CIDR notation in hosts allow/deny (again) 21) Replace smbgroupedit tool with 'net groupmap' 22) Merge SMB Signing, NTLMv2 and NTLMSSP fixes from HEAD branch 23) Merge of trusted domain code from HEAD branch 24) Fix up crashes in lanman printing code (e.g. disable spoolss = yes) 25) Store the IP address in the utmp record when possible 26) Fix bug in FindFirst code and OS/2 clients 27) Fix local master browsing bug when synchronizing browse lists 28) Fix browse synchronization when primary interface is no listed in the interfaces list and "bind interfaces only" is enabled. 29) removed ldapsam_nua and tdbsam_nua passdb backends (replaced by idmap) 30) Include support for storing next rid value in LDAP using a sambaDomain object 31) Removed "printing = SOFTQ" option 32) Fix winbindd dual mode 33) Revert from wins.tdb back to wins.dat (flat text file) 34) More Trust relationship fixes 35) More quota fixes (including server support for NT quota info levels) 36) VFS API has been stabilized and is feature full for final release