Release Announcements
=====================
-This is the first release candidate of Samba 4.5. This is *not*
+This is the first preview release of Samba 4.6. This is *not*
intended for production environments and is designed for testing
purposes only. Please report any defects via the Samba bug reporting
system at https://bugzilla.samba.org/.
-Samba 4.5 will be the next version of the Samba suite.
+Samba 4.6 will be the next version of the Samba suite.
UPGRADING
=========
-Nothing special.
-
NEW FEATURES/CHANGES
====================
+kerberos client encryption types
+--------------------------------
+Some parts of Samba (most notably winbindd) perform Kerberos client
+operations based on a Samba-generated krb5.conf file. A new
+parameter, "kerberos encryption types" allows configuring the
+encryption types set in this file, thereby allowing the user to
+enforce strong or legacy encryption in Kerberos exchanges.
+
+The default value of "all" is compatible with previous behavior, allowing
+all encryption algorithms to be negotiated. Setting the parameter to "strong"
+only allows AES-based algorithms to be negotiated. Setting the parameter to
+"legacy" allows only RC4-HMAC-MD5 - the legacy algorithm for Active Directory.
+This can solves some corner cases of mixed environments with Server 2003R2 and
+newer DCs.
+
+
+new option for owner inheritance
+--------------------------------
+The "inherit owner" smb.conf parameter instructs smbd to set the
+owner of files to be the same as the parent directory's owner.
+Up until now, this parameter could be set to "yes" or "no".
+A new option, "unix only", enables this feature only for the UNIX owner
+of the file, not affecting the SID owner in the Windows NT ACL of the
+file. This can be used to emulate something very similar to folder quotas.
+
+
REMOVED FEATURES
================
-only user and username parameters
----------------------------------
-These two parameters have long been deprecated and superseded by
-"valid users" and "invalid users".
smb.conf changes
-----------------
+================
+
+ Parameter Name Description Default
+ -------------- ----------- -------
+ kerberos encryption types New all
+ inherit owner New option
- Parameter Name Description Default
- -------------- ----------- -------
- only user Removed
- username Removed
KNOWN ISSUES
============