X-Git-Url: http://git.samba.org/?p=samba.git;a=blobdiff_plain;f=WHATSNEW.txt;h=4446832fd473a0b3a5fc493120a06540fae20f6f;hp=6228cc3e7aa9aa1e098089fb2ad75deadf093fcb;hb=c992f66d733d230bc71f61ab4d13c08354ec0685;hpb=751eb54b6b71c01f0e55d82a95b1e45dd1aaae00 diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 6228cc3e7aa..4446832fd47 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,88 +1,378 @@ - WHATS NEW IN 1.9.17alpha4 - July 3rd 1997. - ========================================== + WHATS NEW IN Samba 3.0 alpha21 + 26th November 2002 + =============================== -Improved browsing support. --------------------------- +This is a pre-release of Samba 3.0. This is NOT a stable release. +Use at your own risk. -Samba now should support propagation of browse lists -across subnets correctly. Look in the file docs/BROWSING.txt -as it has been largely re-written to explain how to do this. +The purpose of this alpha release is to get wider testing of the major +new pieces of code in the current Samba 3.0 development tree. We have +officially ceased development on the 2.2.x release of Samba and are +concentrating on Samba 3.0. To reduce the time before the final Samba 3.0 +release we need as many people as possible to start testing these alpha +releases, and hopefully giving us some high quality feedback on what needs +fixing. -*IMPORTANT* All Samba servers acting as local/domain master -browsers must be running 1.9.17alpha3 (or later). +Note that Samba 3.0 is not feature complete yet. There is a more +coding we have planned, but unless we get what we have done already more +widely tested we will have a hard time doing a stable release in a +reasonable time frame. -Samba 1.9.17alpha4 should now keep global and authoritative -browse lists separate - see docs/BROWSING.txt for full details. +Major new features: +------------------- -Thanks to Silicon Graphics for allowing us to test the new -code on their corporate network. +- Active Directory support. This release is able to join a ADS realm + as a member server and authenticate users using LDAP/kerberos. +- Unicode support. Samba will now negotiate UNICODE on the wire and + internally there is now a much better infrastructure for multi-byte + and UNICODE character sets. -Improved share mode handling ----------------------------- +- New authentication system. The internal authentication system has + been almost completely rewritten. Most of the changes are internal, + but the new auth system is also very configurable. -The handling of share modes has been completely rewritten. -Samba can now run agressive PC Benchmarks (Ziff-Davis -NetBench) correctly with many hundreds of concurrent PC's. -The confidence level on share mode handling in Samba -is now much higher than it was previously. PC database -packages should be much safer when run against a -Samba share. Thanks to Silicon Graphics for testing -this code for us. +- new filename mangling system. The filename mangling system has been + completely rewritten. An internal database now stores mangling maps + persistently. This needs lots of testing. -If at all possible compile Samba to use the new share -mode handling with shared memory (set the flags -FAST_SHARE_MODES in the Makefile). This will be *much* faster -than old file-based share modes. FAST_SHARE_MODES have -been turned on by default on the following platforms in -the Makefile : +- new "net" command. A new "net" command has been added. It is + somewhat similar to the "net" command in windows. Eventually we plan + to replace a bunch of other utilities (such as smbpasswd) with + subcommands in "net", at the moment only a few things are + implemented. - Linux - Solaris - BSDI - IRIX 5.x.x - FreeBSD +- Samba now negotiates NT-style status32 codes on the wire. This + improves error handling a lot. -A crash bug with slow share modes in 1.9.17alpha3 has been -corrected. +- better w2k printing support. The support for printing from win2000 + clients has improved greatly. -Updated smb.conf documentation ------------------------------- -All options are now documented we believe. +Plus lots of other changes! -Many bugfixes and improvements ------------------------------- -From around the 'net around the world. Many -thanks to everyone who contributed. -A list of the new code since alpha3 includes : +Reporting bugs & Development Discussion +--------------------------------------- -*** Fix for roaming profiles hanging on a Samba drive. -*** smbclient can now query Win95/NT print queues. -*** smbd can now rename across filesystem mount points. -*** New 'force xxx mode' options allow more control over - Unix file permissions. -*** New 'client code page' option for internationalization - support. -*** Documentation update. +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.openprojects.net -Remaining known issues with cross-subnet browsing. --------------------------------------------------- -When nmbd is acting as a WINS server it doesn't handle -de-registering of members of a WORKGROUP<1e> name correctly. -The first machine to de-register will remove the name. This -should be fixed in a later release when group names are -handled correctly in the WINS code. +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. -Remember - this is new code so there may be -bugs or problems. -As always, all bugs are our responsibility - -please report them to : +Removed Parameters +------------------ + + * postscript + * printer driver + * printer driver location + * printer driver file + +Added Parameters +--------------- + + * ldap trust ids + * acl compatibility + * mangle prefix + + +Modified Parameters +------------------- + + * restrict anonymous + * password server + + +Changes in alpha21: + + See cvs log for SAMBA_3_0 for complete details. There are many + smaller numerous changes that would clutter the release notes. + +1) Numerous documentation updates including new Samba FAQ +2) Fixed logic error in checking wins server lists +3) Added more Solaris sendfile checks +4) Added --with-ldapsam for compatibility with 2.2.x Samba/LDAP setups +5) Add new client side support the Win2k LSARPC UUID in rpcbinds + Detect a native mode Win2k DC when in "security = domain" +6) Include Domain Local Groups in listing when a member of a native + mode Win2k domain +7) Fix ACL inheritance problem +8) Register <0x1c> name on unicast subnet +9) Removed stat() call in lp_add_home() +10) Change default of max_xmit to match W2K. Ensure NT negprot uses it +11) Merge the new ACL mapping code from Andreas Gruenbacher +12) Removed make_printerdef tool from build +13) Fix fd leak on printer queue tdb's +14) Better error/status loggin in both the pam_winbind client and + winbindd_pam +15) Fix fd leak with kernel change notify +16) Fix slowdown because of enumerating all print queues on every smbd startup +17) Fix --set-auth-user command to delete entries from the secrets file + when an empty username/password is passed on the command line +18) Added --get-auth-user to wbinfo for displaying account information + used to enumerate users and groups +19) Numerous updates for 'net rpc vampire' to migrate from an NT 4.0 Domain +20) Merge of scalable printing code from APP_HEAD +21) Numerous changes the passdb layer +22) More work on printer publishing in Active Directory +23) Enable "make modules" to build VFS libraries +24) Enable print notify messages on printer attributes from smbcontrol +25) Enable auto lookup of domain controllers when adding '*' to + "password server" parameter. Allows to have preferred list + of DC's, but not authoritative (e.g. password server = DC1 DC2 *) + + + + =============================== + +Changes in older alpha releases follow: + +--------------------------------------------------------------------- + +Changes in alpha20: + +1) Rework the 'guest account gets RID 501' code again... +2) Change to use NT-based session key negotiated for Win2k SPNEGO +3) Support printer data registry keys other than the default + PrinterDriverData +4) Moved internal printerdata to REGISTRY_VALUE object +5) Corrected bug in dependentfiles list of DRIVER_INFO_3 +6) fixed logic bug in blocking locks code +7) Updated registry api code to work with new printer data key + support +8) Added vfstest tool +9) round lock timeouts in lockingX upwards to multiples of 1 second +10) Fixed bugs in Printer Change Notify code +11) added a 'net ads lookup' command that does a CLDAP NetLogon + query to a win2000 server +12) Added script to find undocumented smb.conf parameters +13) Added missing parameters to smb.conf(5) +14) receive & parse main CLDAP reply from win2k server +15) removed "admin log" & "alternate permissions" parameters from smb.conf +16) added a generic print_guid utility, and get the byte order handing +17) fixed memory corruption in cli_full_connection() +18) remove unused 'max packet' and 'packet size' options +19) add support for the "value,OID" format described in MSDN for Printer + Data values +20) moves NT_TOKEN generation into our authentication code +21) Update documentation build system +22) Several fixes for IRIX compiler +23) Correctly handle "max data count" value in smb transacts +24) Fix for permissions error when adding/modifying using a Print + server handle +25) Fix pam_smbpass to always check the return value of pdb_getsampwnam() +26) Use the 'init' flag to determine if the UID is set, rather than testing + the uid for -1 +27) Cope with non-unix accounts ) we just won't get the groups for those users +28) Add 'net rpc getsid' to fetch the PDC's SID into the local secrets.tdb. + Print domain SID on 'net rpc info' +29) don't use lp_passwd_file() to retrieve NIS domain name, but use location + instead +30) Various POSIX compatibility fixes +31) Show only non-default values in testparm +32) Fix longstanding bug in Win2k clients by clearing the shortname + buffer before returning ascii short name. +33) Add example backtrace script +34) Added NETLOGON NetServerAuthenticate3 include and parser file +35) fix for difference in strsep and strtok semantics in nmbd +36) Ensure we don't change to a user that we can't get an NT_TOKEN for +37) Put back in BDC support in set_server_role() +38) added a 'net rpc samdump' command for dumping the whole sam via + samsync operations (as a BDC) +39) don't use spnego in the client unless enabled in smb.conf +40) Added some new delta types discovered by Ronnie from ethereal +41) Cope with negative cache dns entries better +42) do not expose special files, only files, directories and links +43) attempts to simplify Samba's external lib dependencies +44) support non-root-mode systems without getgrouplist() +45) Some fixes for SMB signing +46) Pass the object name down to the enum_printers client rpc +47) add the netatalk VFS module +48) Ensure we have at least smb_size bytes before processing a packet +49) Allow us to "lock" printer tdb entries in memory to stop them being + re-used as cache +50) fix 2 byte alignment/offset bug that prevented Win2k/XP clients + from receiving all the printer data in EnumPrinterDataEx() +51) Add option to compile new sam system can be enabled with the + configure option --with-sam +52) Added SGML/DocBook version of developer oriented docs to build process +53) Return correct FILE_SUPERSEDED response +54) Added example sam module (skeleton) +55) Add plugin support for the sam system (based on passdb code) +56) show builtin groups in samdump +57) Adding samtest utility used to test sam backends +58) fix connecting to a BDC when the PDC is down but in WINS and no bcast + can be used to find a BDC +58) convert the LDAP/SASL code to use GSS-SPNEGO if possible +59) added cli_net_auth_3 client code +60) merge of phant0m key fix from APP_HEAD +61) allow rpcclient's samlogon command to use cli_net_3() +62) Added attribute specific OPEN tests +63) Fix bug with stat mode open being done on read-only open with + truncate +64) Add lots of const casts to function parameters +65) Implemented some more client side spoolss functions +66) usrmgr expects UNICODE as ProductType +67) Change JOB_INFO_CTR to return a pointer to an array rather than array of + pointers in client code +68) Various NTLMSSP fixes +69) fixed crash bug in cli_connection code +70) DeletePrinterDriver[Ex]() fixes from APP_HEAD +71) remove some inet_aton() calls for portability +72) Set default ACB attributes on 'unixsam' accounts +73) Add bcast_msg_flags to connection struct +74) aggregate change notify events in the smbd sender and when transmitting +75) Added better error code on out of space in printer spool directory +76) Removed total jobs check ) not applicable any more +77) fixed bug in share enumeration RPC code +78) extend the ADS_STATUS system to include NTSTATUS +79) commit trusted domain patch n+3 +80) remove block VFS module +81) restrict readline headers to readline.c +82) merge of various recycle bin VFS patches +83) Winbind client-side cleanups +84) change parametric option name to vfs_recycle_bin it is more + sane and do not pollute standard options namespace too much +85) added --enable-python configure option for building the samba-python + unit tests +86) correct trans2 bugs in client for enumerating files/directories +87) Re-add OS/2 EA error codes +88) Added patch for required attributes in directory listings to reply code +89) Fix browse synchronization bug by noticing that W2K DMB's return empty + NetServerEnum2 on port 445, but not on port 139 +90) Fix semantics of AbortPrinter() spoolss call in server code +91) Ensure we've failed a lock with a lock denied message before automatically + pushing it onto the blocking queue +92) Added experimental sendfile code +93) Initialize user_rid value in WINBIND_USERINFO structure returned by + the rpc version of query_user() +94) added gencache implementation +95) Merge the cli_shutdown change from 2_2 +96) Fixes for DeletePrinterDriverEx() +97) Fixed alignment error in spoolss code +98) Changed Major/Minor version info reported to Server Manager to 4.9 +99) Applied new display mode FLAGS for SWAT +100) Update to add DEVELOPER option to more parameters +101) Added --with-ads option, defaults to yes +102) Added --with-ldap option to configure +103) Add clock skew handling to our kerberos code +104) correct race condition in password change code for out machine account + when a member of a domain +105) First implementation for 'net rpc vampire' +106) store current handle's Device Mode with print job +107) Move functionality to check whether entries for lp_workgroup() and + "BUILTIN" exist and add them if necessary from check_correct_backend_entries + into sam_context_check_default_backends +108) allow --with-krb5 to override the location of the kerberos libs on + redhat +109) unlink spool file after submitting print job when using CUPS api +110) Add framework for samtest commands +111) Add the ability to view/set the current local domain SIDs to net command +112) When creating a group you have to take care of the fact that the + underlying unix might not like the group name +113) Don't uppercase the username and domain in a session setup +114) Merge of "profile acls" code from SAMBA_2_2 +115) Check for existing of security descriptor in PRINTER_INFO_2 structure + in rpc client code +116) Move to common user token debugging, and ensure we always print both the + NT_TOKEN and the unix credentials +117) If adding a user to ldap, make sure we have the 'account' structural class, + or else we can't add to OpenLDAP 2.1 +118) Kill of Get_Pwnam_Modify and smb_getpwnam() +119) add a 'ldap passwd sync' option to smb.conf +120) Whenever we deal with adding machine/trusted domain accounts, always reset + the flag to what we expect +121) Fix the circular dependency that was preventing 'domain master = auto' (the + default) from working +122) move all the passdb internal interface to NTSTATUS +123) to expand % values (ie we go \\%L\%U -> \\server\user, we don't want to + store \\server\user back) and to correctly notice 'not set' compared to 'null + string' etc. +124) get some more of our access control bits right on the SAMR pipe +125) Add -r parameter to smbgroupedit. With -r you can manually choose + a rid + +Changes in alpha19 +1) Virtual registry framework with printing hooks (jerry) +2) Heavy registry updates (jerry) +3) Use 850 as the default DOS character set in smb.conf (tpot) +4) printer fixes ) removed encoding of queueid in job number (jra) +5) A lot of small fixes (jra) +6) Don't crash on setfileinfo on printer fsp(jra) +7) fixed line buffer mode in XFILE(jra) +8) update samba.schema from 2.2 (jerry,idra) +9) Fix problem with oplock breaks and win2k ) + noticed by Lev Iserovich (jra) +10) Update smbgroupedit to document -d ) thanks to metze (abartlet) +11) Support weird behaviour used by win9x pass-through auth (abartlet,tpot) +12) Support for duplicating stderr in log files (abartlet) +13) Move startup time initialisation to server.c (abartlet) +14) *A lot* of fixes and cleanups (abartlet) +15) Fix up compiler warnings (abartlet) +16) Few small fixes (tpot) +17) Renamed new_cli_netlogon_* -> cli_netlogon_* (tpot) +18) Fixed segfault in net time when host is unavailable (tridge) +19) Ensure to be root when opening printer backend tdb (jra) +20) Merges from APPLIANCE_HEAD (tpot,jerry) +21) configure updates (tridge) +22) getgrouplist() updates (tridge) +23) Support for pdbedit to query account policy values (abartlet) +24) Allow one to create trusting domain account using smbpasswd (mimir,abartlet) +25) 'Net rpc trustdom list' (mimir, abartlet) +26) Fix fallback to anonymous connection (mimir, abartlet) +27) Fix for pdb_ldap and OpenLDAP 2.1 +28) Added support in swat to determine whether winbind is running (idra) +29) Add 'hide unwritable' option (idra) +30) Correct pickup of [homes] share after subsequent session setups (abartlet) +31) Update rebind code in pdb_ldap (abartlet) +32) Add some info levels to RPC srvsvc code ) + thanks to Nigel Williams" (abartlet) +33) Small doc fixes (tridge) +34) good security patch from Timothy.Sell@unisys.com (tridge) +35) fix minor nits in nmbd from adtam@cup.hp.com (tridge) +36) make sure async dns nmbd child dies (tridge) +37) interim fix for nmbd not registering DOMAIN#1b (tridge) +38) fix for smbtar filename matching (tridge) +39) Better quote handling in smb.conf (abartlet) +40) Support browsers setting multiple languages in swat (idra) +41) Changed str_list_make to be able to use a different separator string (idra) +42) Samsync support to insert account info into the pdb (tpot) +43) Don't hide unwritable dirs when 'hide unwritable' is enabled ) + suggested by Alexander Oswald (idra) +44) Fix for handling sparse files in smbd (tridge) +45) Merges from 2_2 (jerry) +46) Minor printer fixes (jerry) +47) Add some checks to SID lookup code (abartlet) +48) Cascaded VFS (Alexander Bokovoy, idra) +49) Some netbios-less connections support in ADS mode (tridge) +50) ADS tweaks (tridge) +51) Fix plaintext passwords with win2k (tridge) +52) 'net ads info' reports IP of LDAP server (tridge) +53) Add some more RPC functions (jmcd) +54) Add 'smb ports = ' option (tridge) +55) Various small fixes (tridge) +56) Passdb security checks (abartlet) +57) Large winbind updates (abartlet) +58) Moved rpc client routines from libsmb to rpc_client (tpot) +59) Few nmbd fixes (jmcd) +60) Fix swat to handle new debug level code (idra) +61) Fix name length bug in namequeries (tridge) +62) Don't have client binaries depend on libs they don't use ) + patch from Steve Langasek (abartlet) +63) Printing change notification (merged from HEAD_APPLIANCE) (jerry) +64) fix delete printer driver (from HEAD_APPLIANCE) (jerry) +65) Added pdb_xml and pdb_mysql (jelmer) +66) Update pdb_test (jelmer) +67) Fix security issues with %m (abartlet) +68) Support for service joins from win2k AND use SPNEGO (jmcd) +69) pdbedit -i and -e fix, add -b (idra) +70) textdocs converted to sgml (jelmer, jerry) +71) Merge netbios namecache code from APPLIANCE_HEAD (tpot) +72) Fix segs in new NTLMSSP code (abartlet) +73) Always make guest rid 501 (abartlet) -samba-bugs@samba.anu.edu.au -Regards, - The Samba Team.