-Samba 4 is the ambitious next version of the Samba suite that is being
-developed in parallel to the stable 3.0 series. The main emphasis in
-this branch is full support for being a Active Directory domain controller.
+Samba 4 is the ambitious next version of the Samba suite that is being
+developed in parallel to the stable 3.0 series. The main emphasis in
+this branch is support for the Active Directory logon protocols used
+by Windows 2000 and above.
-Samba 4 is currently not yet in a state where it is usable in production
-environments. The STATUS file aims to document what should and should not
-work.
+Samba 4 is currently not yet in a state where it is usable in
+production environments. Note the WARNINGS below, and the STATUS file,
+which aims to document what should and should not work.
-Those familiar with Samba 3 can find a list of user-visible changes
-since that release series in the NEWS file. A short guide to setting up
-Samba 4 can be found in the howto.txt file in this directory.
+With 3 years of development under our belt since Tridge first proposed
+a new Virtual File System (VFS) layer for Samba3 (a project which
+eventually lead to our Active Directory efforts), it was felt that we
+should create something we could 'show off' to our users. This is a
+Technology Preview (TP), aimed at allowing users, managers and
+developers to see how we have progressed, and to invite feedback and
+support.
+WARNINGS
+========
+
+Samba4 TP is currently a pre-alpha technology. It may eat your cat, but
+is far more likely to choose to munch on your password database. We
+recommend against upgrading any production servers from Samba 3 to
+Samba 4 at this stage. If you are upgrading an experimental server,
+you should backup all configuration and data.
+
+We expect that format changes will require that the user database be
+rebuilt from scratch a number of times before we make a final release,
+losing password data each time.
+
+Samba 4 Technology Preview includes basic Access Control List (ACL)
+protection on the main user database, but due to time constraints,
+none on the registry at this stage. We also do not currently have
+ACLs on the SWAT web-based management tool. This means that Samba 4
+Technology Preview is not secure.
+
+File system access should occur as the logged in user, much as Samba3
+does.
+
+Again, we strongly recommend against use in a production environment
+at this stage.
+
+NEW FEATURES
+============
+
+Samba4 supports the server-side of the Active Directory logon environment
+used by Windows 2000 and later, so we can do full domain join
+and domain logon operations with these clients.
+
+Our Domain Controller (DC) implementation includes our own built-in
+LDAP server and Kerberos Key Distribution Center (KDC) as well as the
+Samba3-like logon services provided over CIFS. We correctly generate
+the infamous Kerberos PAC, and include it with the Kerberos tickets we
+issue.
+
+SWAT is now integrated into Samba 4 as the user-friendly interface to
+Samba server management. SWAT provides easy access to our
+setup and migration tools. Using SWAT, you can migrate windows
+domains in Samba 4, allowing easy setup of initial user databases, and
+upgrades from Samba 3.
+
+The new VFS features in Samba 4 adapts the filesystem on the server to
+match the Windows client semantics, allowing Samba 4 to better match
+windows behaviour and application expectations. This includes file
+annotation information (in streams) and NT ACLs in particular. The
+VFS is backed with an extensive automated test suite.
+
+A new scripting interface has been added to Samba 4, allowing
+JavaScript programs to interface to Samba's internals.
+
+The Samba 4 architecture is based around an LDAP-like database that
+can use a range of modular backends. One of the backends supports
+standards compliant LDAP servers (including OpenLDAP), and we are
+working on modules to map between AD-like behaviours and this backend.
+We are aiming for Samba 4 to be powerful frontend to large
+directories.
+
+CHANGES
+=======
+
+Those familiar with Samba 3 can find a list of user-visible changes
+since that release series in the NEWS file.
+
+ - An optional password is no longer supported as the second argument to
+ smbclient.
+
+ - The default location of smb.conf in non-FHS builds has changed from the
+ PREFIX/lib directory to the PREFIX/etc directory.
+
+KNOWN ISSUES
+============
+
+- Standalone server and domain member roles are not currently
+ supported. While we have much of the infrastructure required, we
+ have not collected these pieces together.
+
+- There is no printing support in the current release.
+
+- SWAT can be painful with <TAB> and forms. Just use the mouse, as
+ the JavaScript layer doing this will change.
+
+- Domain logons (using Kerberos) from windows clients incorrectly
+ state that the password expires today.
+
+RUNNING Samba4
+==============
+
+A short guide to setting up Samba 4 can be found in the howto.txt file
+in root of the tarball.
+
+DEVELOPMENT and FEEDBACK
+========================
Bugs can be filed at https://bugzilla.samba.org/. Please
-look at the STATUS file before filing a bug to see if a particular
+look at the STATUS file before filing a bug to see if a particular
is supposed to work yet.
-Development and general discussion about Samba 4 happens mainly on
-the #samba-technical IRC channel (on irc.freenode.net) and
-the samba-technical mailing list (see http://lists.samba.org/ for
+Development and general discussion about Samba 4 happens mainly on
+the #samba-technical IRC channel (on irc.freenode.net) and
+the samba-technical mailing list (see http://lists.samba.org/ for
details).
+
+
git.samba.org / sfrench / samba-autobuild / .git / blobdiff