- WHATS NEW IN Samba 3.0.0 beta4
- July 16 2003
+ WHATS NEW IN Samba 3.0.1pre3
+ November 14, 2003
==============================
-This is the third beta release of Samba 3.0.0. This is a
-non-production release intended for testing purposes. Use
-at your own risk.
+This is a preview release of the Samba 3.0.1 code base and is
+provided for testing only. This release is *not* intended for
+production servers. Use at your own risk.
-The purpose of this beta release is to get wider testing of the major
-new pieces of code in the current Samba 3.0 development tree. We have
-officially ceased development on the 2.2.x release of Samba and are
-concentrating on Samba 3.0. To reduce the time before the final
-Samba 3.0 release we need as many people as possible to start testing
-these beta releases, and to provide high quality feedback on what
-needs fixing.
+There have been several bug fixes since the 3.0.0 release that
+we feel are important to make available to the Samba community
+for wider testings. See the "Changes" section for details on
+exact updates.
-Samba 3.0 is feature complete. However there is still some final
-work to be done on certain pieces of functionality. Please refer to
-the section on "Known Issues" for more details.
+
+######################################################################
+Changes
+#######
+Changes since 3.0.1pre2
+-----------------------
+
+Please refer to the CVS log for the SAMBA_3_0 branch for complete
+details:
+
+1) Skip over the winbind separator when looking up a user.
+ This fixes the bug that prevented local users from
+ matching an AD user when not running winbindd (bug 698).
+2) Fix a problem with configure on *BSD systems. Make sure
+ we add -liconv etc to LDFLAGS.
+3) Fix core dump bug when "security = server" and the authentication
+ server goes away.
+4) Correct crash bug due to an empty munged dial string.
+5) Show files locked by a specific user (smbstatus -u 'user')
+ (bug 590).
+6) Fix bug preventing print jobs from display in the queue
+ monitor used by Windows NT and later clients (bug 660).
+7) Fix several reported problems with point-n-print from
+ Windows 2000/XP clients due to a bug in the EnumPrinterDataEx()
+ reply (bug 338, 527 & 643).
+8) Fix a handful of potential memory leaks in the LDAP code used
+ by ldapsam[_compat] and the LDAP idmap backend.
+
+
+Changes since 3.0.1pre1
+-----------------------
+
+1) Match Samba 2.2 behavior; make ACB_NORMAL the default ACB value.
+2) Updated Japanese welcome file in SWAT.
+3) Fix to nt-time <-> unix-time functions reversible.
+4) Ensure that winbindd uses the the escaped DN when querying
+ an AD ldap server.
+5) Fix portability issues when compiling (bug 505, 550)
+6) Compile fix for tdbbackup when Samba needs to override
+ non-C99 compliant implementations of snprintf().
+7) Use @PICSUFFIX@ instead of .po in Makefile.in (bug 574).
+8) Make sure we break out of samsync loop on error.
+9) Ensure error code path doesn't free unmalloc()'d memory
+ (bug 628).
+10) Add configure test for krb5_keytab_entry keyblock vs key
+ member (bug 636).
+11) Fixed spinlocks.
+12) Modified testparm so that all output so all debug output goes
+ to stderr, and all file processing goes to stdout.
+13) Fix error return code for BUFFER_TOO_SMALL in smbcacls
+ and smbcquotas.
+14) Fix "NULL dest in safe_strcpy()" log message by ensuring that
+ we have a devmode before copying a string to the devicename.
+15) Support mapping REALM.COM\user to a local user account (without
+ running winbindd) for compatibility with 2.2.x release.
+16) Ensure we don't use mmap() on blacklisted systems.
+17) fixed a number of bugs and memory leaks in the AIX
+ winbindd shim
+18) Call initgroups() in SWAT before becomming the user so that
+ secondary group permissions can be used when writing to
+ smb.conf.
+19) Fix signing problems when reverse connecting back to a
+ client for printer notify
+20) Fix signing problems caused by a miss-sequence bug.
+21) Missing map in errormap for ERROR_MORE_DATA -> ERRDOS, ERRmoredata.
+ Fixes NEXUS tools running on Win9x clients (bug 64).
+22) Don't leave the domain field uninitialized in cli_lsa.c if some
+ SID could not be mapped.
+23) Fix segfault in mount.cifs helper when there is no options
+ specified during mount.
+24) Change the \n after the password prompt to go to tty instead
+ of stdout (bug 668).
+25) Stop net -P from prompting for machine account password (bug 451).
+26) Change in behavior to Not only change the effective uid but also
+ the real uid when becoming unprivileged.
+27) Cope with Exchange 5.5 cleartext pop password auth.
+28) New files for support of initshutdown pipe. Win2k doesn't
+ respond properly to all requests on the winreg pipe, so we need
+ to handle this new pipe (bug 534).
+29) Added more va_copy() checks in configure.in.
+30) Include fixes for libsmbclient build problems.
+31) Missing UNIX -> DOS codepage conversion in lanman.c.
+32) Allow DFMS-S filenames can now have arbitrary case (bug 667).
+33) Parameterize the listen backlog in smbd and make it larger by
+ default. A backlog of 5 is way too small these days.
+34) Check for an invalid fid before dereferencing the fsp pointer
+ (bug 696).
+35) Remove invalid memory frees and return codes in pdb_ldap.c.
+36) Prompt for password when invoking --set-auth-user and no
+ password is given.
+37) Bind the nmbd sending socket to the 'socket address'.
+38) Re-order link command for smbd, rpcclient and smbpasswd to ensure
+ $LDFLAGS occurs before any library specification (bug 661).
+39) Fix large number of printf() calls for 64-bit size_t.
+40) Fix AC_CHECK_MEMBER so that SLES8 does correctly finds the
+ keyblock in the krb5 structs.
+41) Remove #include <compat.h> in hopes to avoid problems with
+ apache header files.
+42) COrrect winbindd build problems on HP-UX 11
+43) Lowercase netgroups lookups (bug 703).
+44) Use the actual size of the buffer in strftime instead of a made
+ up value which just happens to be less than sizeof(fstring).
+ (bug 713).
+45) Add ldaplibs to pdbedit link line (bug 651).
+46) Fix crash bug in smbclient completion (bug 659).
+47) Fix packet length for browse list reply (bug 771).
+48) Fix coredump in cli_get_backup_list().
+49) Make sure that we expand %N (bug 612).
+50) Allow rpcclient adddriver command to specify printer driver
+ version (bug 514).
+51) Compile tdbdump by default.
+52) Apply patches to fix iconv detection for FreeBSD.
+53) Do not allow the 'guest account' to be added to a passdb backend
+ using smbpasswd or pdbedit (bug 624).
+54) Save LDFLAGS during iconv detection (bug 57).
+55) Run krb5 logins through the username map if the winbindd
+ lookup fails (bug 698).
+56) Add const for lp_set_name_resolve_order() to avoid compiler
+ warnings (bug 471).
+57) Add support for the %i macro in smb.conf to stand in for the for
+ the local IP address to which a client connected.
+58) Allow winbindd to match local accounts to domain SID when
+ 'winbind trusted domains only = yes' (bug 680).
+59) Remove code in idmap_ldap that searches the user suffix and group
+ suffix. It's not needed and provides inconsistent functionality
+ from the tdb backend.
+60) Patch to handle munged dial string for Windows 200 TSE.
+61) Correct the "smbldap_open: cannot access when not root error"
+ messages when looking up group information (bug 281).
+
+
+
+Changes since 3.0.0
+-------------------
+
+Modified parameters
+ * mangled map (deprecated)
+
+Removed Parameters
+ * mangled stack (unused)
+
+
+1) Change the interface for init_unistr2 to not take a length
+ but a flags field. We were assuming that
+ 2*strlen(mb_string) == length of ucs2-le string. (bug 480).
+2) Allow d_printf() to handle strings with escaped quotation
+ marks since the msg file includes the escape character (bug 489).
+3) Fix bad html table row termination in SWAT wizard code (bug 413).
+4) Fix to parse the level-2 strings.
+5) Fix for "valid users = %S" in [homes]. Fix read/write
+ list as well.
+6) Change AC_CHECK_LIB_EXT to prepend libraries instead of append.
+ This is the same way AC_CHECK_LIB works (bug 508).
+7) Testparm output fixes for clarity.
+8) Fix broken wins hook functionality -- i18n bug (bug 528).
+9) Take care of condition where DOS and NT error codes must differ.
+10) Default to using only built-in charsets when a working iconv
+ implementation cannot be located.
+11) Wrap internals of sys_setgroups() so the sys_XX() call can
+ be done unconditionally (bug 550).
+12) Remove duplicate smbspool link on SWAT's front page (bug 541).
+13) Save and restore CFLAGS before/after AC_PROG_CC. Ensures that
+ --enable-debug=[yes|no] works correctly.
+14) Allow ^C to interrupt smbpasswd if using our getpass
+ (e.g. smbpasswd command).
+15) Support signing only on RPC's (bug 167).
+16) Correct bug that prevented Excel 2000 clients from opening
+ files marked as read-only.
+17) Portability fix bugs 546 - 549).
+18) Explicitly initialize the value of AR for vendor makes that don't
+ do this (e.g. HPUX 11). (bug 552).
+19) More i18n fixes for SWAT (bug 413).
+20) Change the cwd before the postexec script to ensure that a
+ umount will succeed.
+21) Correct double free that caused winbindd to crash when a DC
+ is rebooted (bug 437).
+22) Fix incorrect mode sum (bug 562).
+23) Canonicalize SMB_INFO_ALLOCATION in the same was as
+ SMB_FS_FULL_SIZE_INFORMATION (bug 564).
+24) Add script to generate *msg files.
+25) Add Dutch SWAT translation file.
+26) Make sure to call get_user_groups() with the full winbindd
+ name for a user if he/she has one (bug 406).
+27) Fix up error code returns from Samba4 tester. Ensure invalid
+ paths are validated the same way.
+28) Allow Samba3 to pass the Samba4 RAW-READ tests.
+29) Refuse to configure if --with-expsam=$BACKEND was used but no
+ libraries were found for $BACKEND.
+30) Move sysquotas autoconf tests to a separate file.
+31) Match W2K w.r.t. writelock and writeclose. Samba4 torture
+ tester
+32) Make sure that the files that contain the static_init_$subsystem;
+ macro get recompiled after configure by removing the object
+ files.
+33) Ensure canceling a blocking lock returns the correct error
+ message.
+34) Match Samba 2.2, and make ACB_NORMAL the default ACB value.
+
+
+
+######################################################################
+
+ =======================================
+ The original 3.0.0 release notes follow
+ =======================================
Major new features:
-------------------
1) Active Directory support. Samba 3.0 is now able to
- to join a ADS realm as a member server and authenticate
+ join a ADS realm as a member server and authenticate
users using LDAP/Kerberos.
-2) Unicode support. Samba will now negotiate UNICODE on the wire and
- internally there is now a much better infrastructure for multi-byte
- and UNICODE character sets.
+2) Unicode support. Samba will now negotiate UNICODE on the wire
+ and internally there is now a much better infrastructure for
+ multi-byte and UNICODE character sets.
-3) New authentication system. The internal authentication system has
- been almost completely rewritten. Most of the changes are internal,
- but the new auth system is also very configurable.
+3) New authentication system. The internal authentication system
+ has been almost completely rewritten. Most of the changes are
+ internal, but the new auth system is also very configurable.
-4) New filename mangling system. The filename mangling system has been
- completely rewritten. An internal database now stores mangling maps
- persistently. This needs lots of testing.
+4) New default filename mangling system.
5) A new "net" command has been added. It is somewhat similar to
the "net" command in windows. Eventually we plan to replace
6) Samba now negotiates NT-style status32 codes on the wire. This
improves error handling a lot.
-7) Better Windows 2000/XP/2003 printing support including publishing
+7) Better Windows 2000/XP/2003 printing support including publishing
printer attributes in active directory.
-8) New loadable RPC modules.
+8) New loadable module support for passdb backends and character
+ sets.
-9) New dual-daemon winbindd support for better performance.
+9) New default dual-daemon winbindd support for better performance.
10) Support for migrating from a Windows NT 4.0 domain to a Samba
domain and maintaining user, group and domain SIDs.
13) Major updates to the Samba documentation tree.
+14) Full support for client and server SMB signing to ensure
+ compatibility with default Windows 2003 security settings.
+
+15) Improvement of ACL mapping features based on code donated by
+ Andreas Grünbacher.
+
+
Plus lots of other improvements!
Additional Documentation
------------------------
-Please refer to Samba documentation tree (including in the docs/
+Please refer to Samba documentation tree (included in the docs/
subdirectory) for extensive explanations of installing, configuring
and maintaining Samba 3.0 servers and clients. It is advised to
begin with the Samba-HOWTO-Collection for overviews and specific
tasks (the current book is up to approximately 400 pages) and to
refer to the various man pages for information on individual options.
+We are very glad to be able to include the second edition of
+"Using Samba" by Jay Ts, Robert Eckstein, and David Collier-Brown
+(O'Reilly & Associates) in this release. The book is available
+on-line at http://samba.org/samba/docs/ and is included with
+the Samba Web Administration Tool (SWAT). Thanks to the authors and
+publisher for making "Using Samba" under the GNU Free Documentation
+License.
+
+
######################################################################
-Changes since 3.0beta2
-######################
-
-Please refer to the CVS log for the SAMBA_3_0 branch for complete
-details
-
-1) Added fix for Japanese case names in statcache code;
- these can change size on upper casing.
-2) Correct issues with iconv detection in configure script
- (support needed to find iconv libraries on FreeBSD).
-3) Fix bug that caused a WINS server to be marked as dead
- incorrectly (bug #190).
-4) Removing additional deadlocks conditions that prevented
- winbindd from running on a Samba PDC (used for trust
- relationships).
-5) Add support for searching for Active Directory for
- published printers (net ads printer search).
-6) Separate UNIX username from DOMAIN\username in pipe
- credentials.
-7) Auth modules now support returning NT_STATUS_NOT_IMPLEMENTED
- for cases that they cannot handle.
-8) Flush winbindd connection cache when the machine trust account
- password is changed while a connection is open (bug #200).
-9) Add support for 'OSVersion' server printer data string
- (corrects problem with uploading printer drivers from
- WinXP clients).
-10) Numerous memory leak fixes.
-11) LDAP fixes ("passdb backend = ldapsam" & "idmap backend = ldap"):
- - Store domain SID in LDAP directory.
- - store idmap information in existing entries (use sambaSID=...
- if adding a new entry).
-12) Fix incorrect usage of primary group SID when looking up user
- groups (bug #109).
-13) Remove idmap_XX_to_XX calls from smbd. Move back to the the
- winbind_XXX and local_XXX calls used in 2.2.
-14) All uid/gid allocation must involve winbindd now
- (we no attempt to map unknown SIDs to a UNIX identify).
-15) Add 'winbind trusted domains only' parameter to force a domain
- member. The server to use matching users names from /etc/passwd
- for its domain (needed for domain member of a Samba domain).
-16) Rename 'idmap only' to 'enable rid algorithm' for better clarity
- (defaults to "yes").
-17) Add support for multi-byte statcache code (bug #185)
-18) Fix open mode race condition.
-19) Implement winbindd local account management functions. Refer to
- the "Winbind Changes" section for details.
-20) Move RID allocation functions into idmap backend.
-21) Fix parsing error that prevented publishing printers from a
- Samba server in an AD domain.
-22) Revive NTLMSSP support for named pipes.
-23) More SCHANNEL fixes.
-24) Correct SMB signing with NTLMSSP.
-25) Fix coherency bug in print handle/printer object caching code
- that could cause XP clients to infinitely loop while updating
- their local printer cache.
-26) Make winbindd use its dual-daemon mode by default (use -Y to
- start as a single process).
-27) Add support to nmbd and winbindd for 'smbcontrol <pid>
- reload-config'.
-28) Correct problem with smbtar when dealing with files > 8Gb
- (bug #102).
-
-
-
-Changes since 3.0beta1
-######################
-
-1) Rework our smb signing code again, this factors out some of
- the common MAC calculation code, and now supports multiple
- outstanding packets (bug #40).
-2) Enforce 'client plaintext auth', 'client lanman auth' and 'client
- ntlmv2 auth'.
-3) Correct timestamp problem on 64-bit machines (bug #140).
-4) Add extra debugging statements to winbindd for tracking down
- failures.
-5) Fix bug when aliased 'winbind uid/gid' parameters are used.
- ('winbind uid/gid' are now replaced with 'idmap uid/gid').
-6) Added an auth flag that indicates if we should be allowed
- to fall back to NTLMSSP for SASL if krb5 fails.
-7) Fixed the bug that forced us not to use the winbindd cache when
- we have a primary ADS domain and a secondary (trusted) NT4
- domain.
-8) Use lp_realm() to find the default realm for 'net ads password'.
-9) Removed editreg from standard build until it is portable..
-10) Fix domain membership for servers not running winbindd.
-11) Correct race condition in determining the high water mark
- in the idmap backend (bug #181).
-12) Set the user's primary unix group from usrmgr.exe (partial
- fix for bug #45).
-13) Show comments when doing 'net group -l' (bug #3).
-14) Add trivial extension to 'net' to dump current local idmap
- and restore mappings as well.
-15) Modify 'net rpc vampire' to add new and existing users to
- both the idmap and the SAM. This code needs further testing.
-16) Fix crash bug in ADS searches.
-17) Build libnss_wins.so as part of nsswitch target (bug #160).
-18) Make net rpc vampire return an error if the sam sync RPC
- returns an error.
-19) Fail to join an NT 4 domain as a BDC if a workstation account
- using our name exists.
-20) Fix various memory leaks in server and client code
-21) Remove the short option to --set-auth-user for wbinfo (-A) to
- prevent confusion with the -a option (bug #158).
-22) Added new 'map acl inherit' parameter.
-23) Removed unused 'privileges' code from group mapping database.
-24) Don't segfault on empty passdb backend list (bug #136).
-25) Fixed acl sorting algorithm for Windows 2000 clients.
-26) Replace universal group cache with netsamlogon_cache
- from APPLIANCE_HEAD branch.
-27) Fix autoconf detection issues surrounding --with-ads=yes
- but no Krb5 header files installed (bug #152).
-28) Add LDAP lookup for domain sequence number in case we are
- joined using NT4 protocols to a native mode AD domain.
-29) Fix backend method selection for trusted NT 4 (or 2k
- mixed mode) domains.
-30) Fixed bug that caused us to enumerate domain local groups
- from native mode AD domains other than our own.
-31) Correct group enumeration for viewing in the Windows
- security tab (bug #110).
-32) Consolidate the DC location code.
-33) Moved 'ads server' functionality into 'password server' for
- backwards compatibility.
-34) Fix winbindd_idmap tdb upgrades from a 2.2 installation.
- ( if you installed beta1, be sure to
- 'mv idmap.tdb winbindd_idmap.tdb' ).
-35) Fix pdb_ldap segfaults, and wrong default values for
- ldapsam_compat.
-36) Enable negative connection cache for winbindd's ADS backend
- functions.
-37) Enable address caching for active directory DC's so we don't
- have to hit DNS so much.
-38) Fix bug in idmap code that caused mapping to randomly be
- redefined.
-39) Add tdb locking code to prevent race condition when adding a
- new mapping to idmap.
-40) Fix 'map to guest = bad user' when acting as a PDC supporting
- trust relationships.
-41) Prevent deadlock issues when running winbindd on a Samba PDC
- to handle allocating uids & gids for trusted users and groups
-42) added LOCALE patch from Steve Langasek (bug #122).
-43) Add the 'guest' passdb backend automatically to the end of
- the 'passdb backend' list if 'guest account' has a valid
- username.
-44) Remove samstrict_dc auth method. Rework 'samstrict' to only
- handle our local names (or domain name if we are a PDC).
- Move existing permissive 'sam' method to 'sam_ignoredomain'
- and make 'samstrict' the new default 'sam' auth method.
-45) Match Windows NT4/2k behavior when authenticating a user with
- and unknown domain (default to our domain if we are a DC or
- domain member; default to our local name if we are a
- standalone server).
-46) Fix Get_Pwnam() to always fall back to lookup 'user' if the
- 'DOMAIN\user' lookup fails. This matches 2.2. behavior.
-47) Fix the trustdom_cache code to update the list of trusted
- domains when operating as a domain member and not using
- winbindd.
-48) Remove 'nisplussam' passdb backend since it has suffered for
- too long without a maintainer.
-
+Upgrading from a previous Samba 3.0 beta
+########################################
+Beginning with Samba 3.0.0beta3, the RID allocation functions
+have been moved into winbindd. Previously these were handled
+by each passdb backend. This means that winbindd must be running
+to automatically allocate RIDs for users and/or groups. Otherwise,
+smbd will use the 2.2 algorithm for generating new RIDs.
+If you are using 'passdb backend = tdbsam' with a previous Samba
+3.0 beta release (or possibly alpha), it may be necessary to
+move the RID_COUNTER entry from /usr/local/samba/private/passdb.tdb
+to winbindd_idmap.tdb. To do this:
-######################################################################
+1) Ensure that winbindd_idmap.tdb exists (launch winbindd at least
+ once)
+2) build tdbtool by executing 'make tdbtool' in the source/tdb/
+ directory
+3) run: (note that 'tdb>' is the tool's prompt for input)
+
+ root# ./tdbtool /usr/local/samba/private/passdb.tdb
+ tdb> show RID_COUNTER
+ key 12 bytes
+ RID_COUNTER
+ data 4 bytes
+ [000] 0A 52 00 00 .R.
+
+ tdb> move RID_COUNTER /usr/local/samba/var/locks/winbindd_idmap.tdb
+ ....
+ record moved
+
+If you are using 'passdb backend = ldapsam', it will be necessary to
+store idmap entries in the LDAP directory as well (i.e. idmap backend
+= ldap). Refer to the 'net idmap' command for more information on
+migrating SID<->UNIX id mappings from one backend to another.
+
+If the RID_COUNTER record does not exist, then these instructions are
+unneccessary and the new RID_COUNTER record will be correctly generated
+if needed.
+
+
+
+########################
Upgrading from Samba 2.2
########################
* domain guest group
* force unknown acl user
* nt smb support
- * post script
+ * postscript
* printer driver
* printer driver file
* printer driver location
* status
+ * strip dot
* total print jobs
* use rhosts
* valid chars
* ntlm auth
* paranoid server security
* server schannel
+ * server signing
* smb ports
* use spnego
* ldap idmap suffix
* ldap machine suffix
* ldap passwd sync
- * ldap trust ids
* ldap user suffix
General Configuration
---------------------
* preload modules
- * privatedir
+ * private dir
Modified Parameters (changes in behavior):
* restrict anonymous (integer value)
* security (new 'ads' value)
* strict locking (enabled by default)
+ * unix extensions (enabled by default)
* winbind cache time (increased to 5 minutes)
* winbind uid (deprecated in favor of 'idmap uid')
* winbind gid (deprecated in favor of 'idmap gid')
upgrade databases as they are opened (if necessary), but downgrading
from 3.0 to 2.2 is an unsupported path.
-Name Description Backup?
----- ----------- -------
-account_policy User policy settings yes
-gencache Generic caching db no
-group_mapping Mapping table from Windows yes
- groups/SID to unix groups
-winbindd_idmap ID map table from SIDS to UNIX yes
- uids/gids.
-namecache Name resolution cache entries no
-netsamlogon_cache Cache of NET_USER_INFO_3 structure no
- returned as part of a successful
- net_sam_logon request
-printing/*.tdb Cached output from 'lpq no
- command' created on a per print
- service basis
-registry Read-only samba registry skeleton no
- that provides support for exporting
- various db tables via the winreg RPCs
+Name Description Backup?
+---- ----------- -------
+account_policy User policy settings yes
+gencache Generic caching db no
+group_mapping Mapping table from Windows yes
+ groups/SID to unix groups
+winbindd_idmap ID map table from SIDS to UNIX yes
+ uids/gids.
+namecache Name resolution cache entries no
+netsamlogon_cache Cache of NET_USER_INFO_3 structure no
+ returned as part of a successful
+ net_sam_logon request
+printing/*.tdb Cached output from 'lpq no
+ command' created on a per print
+ service basis
+registry Read-only samba registry skeleton no
+ that provides support for exporting
+ various db tables via the winreg RPCs
Changes in Behavior
with an Active Directory domain using the native Windows
Kerberos 5 and LDAP protocols.
+ MIT kerberos 1.3.1 supports the ARCFOUR-HMAC-MD5 encryption
+ type which is neccessary for servers on which the
+ administrator password has not been changed, or kerberos-enabled
+ SMB connections to servers that require Kerberos SMB signing.
+ Besides this one difference, either MIT or Heimdal Kerberos
+ distributions are usable by Samba 3.0.
+
+
Samba 3.0 also includes the possibility of setting up chains
of authentication methods (auth methods) and account storage
backends (passdb backend). Please refer to the smb.conf(5)
Known Issues
############
-* The smbldap perl scripts for managing user entries in an LDAP
- directory have not be updated to function with the Samba 3.0
- schema changes. This (or an equivalent solution) work is planned
- to be completed prior to the stable 3.0.0 release.
+* There are several bugs currently logged against the 3.0 codebase
+ that affect the use of NT 4.0 GUI domain management tools when run
+ against a Samba 3.0 PDC. This bugs should be released in an early
+ 3.0.x release.
Please refer to https://bugzilla.samba.org/ for a current list of bugs
filed against the Samba 3.0 codebase.
A new bugzilla installation has been established to help support the
Samba 3.0 community of users. This server, located at
-https://bugzilla.samba.org/, will replace the existing jitterbug server
-and the old http://bugs.samba.org now points to the new bugzilla server.
+https://bugzilla.samba.org/, has replaced the older jitterbug server
+previously located at http://bugs.samba.org/.