- WHATS NEW IN Samba 2.0.0 beta1
- ==============================
+ WHATS NEW IN Samba 3.0 alphaX
+ =============================
+
+Changes in alpha17
+- OpenLinux packaging updates (jht)
+- Locking updates - fix zero timeout (tridge, jra)
+- Default ACL support (jra, based on code from Olaf Frczyk <olaf@cbk.poznan.pl>)
+- printing updates - spoolss stuff (tpot)
+- 'make install' directory creation fixes (abartlet)
+- Lots of fixes for SID handling, local v domain sids etc
+- better mangle debugging (abartlet)
+- fixes to allow 'net' to return more than 1000 users from ADS (jmcd)
+ - winbind support to come very shortly
+- lock some more tdbs to allow concurrent access for backups
+- 'net' help cleanups (jmcd)
+- 'net join' automatic transport detection
+
+Changes in alpha16
+- LDAP schema updates (jerry)
+- initial ADS LDAP printer advertising (jmcd)
+- spoolss and printing updates (tpot, jerry)
+ (the is the major update in this alpha, and work continues)
+- Winbindd connection cache improvements (abartlet)
+- spnego segfault fixes (abartlet)
+- net ads segfault fixes ( Alexander Bokovoy <a.bokovoy@sam-solutions.net>)
+- header cleanups (tpot)
+- Serialise domain auth requests - win2k bug (tridge)
+- fix winbind talloced memory leak (dleducq@arkoon.net, tridge)
+- call unmangle in don_unmangle (abartlet)
+- UTF8 Charset functions - for ADS LDAP calls (Hasch@t-online.de)
+- Fix security tab for mapped drives on unicode clients (tridge)
+- Better configure tests for snprintf and immidiate structures (abartlet)
+- allow 'passdb backend = plugin : /path/to/plugin.so : plguin args'
+ (loads a passdb module) (Jelmer Vernooij <jelmer@nl.linux.org>)
+- change the way we store our domain join info - you will need to
+rejoin the domain (tridge)
+- xcopy /o fixes (tridge)
+- fix the 'convert_string' level 0 debugs.
+- Patch for Domain users not showing up from "Ivan Zhakov" <vunny@mail.ru>
+- tdb backup support
+- The beginning of trusted and trusting domain support - net commands
+ (Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl>)
+- nmbd signal processing fixes (jra)
+- lseek-on-pipe support (jra)
+- Allow Samba to trust NT4 Domains (abartlet)
+- LDAPsam updates (abartlet):
+ - Now runtime selectable (when configured)
+ - ldap user suffix and ldap group suffix support.
+ - non unix account support
+ - select with 'passdb backend = ldapsam' or 'passdb backend =
+ ldapsam_nua'
+- start to allow NT4 domains to trust Samba, netlogon fixes (abartlet)
+- make default unix charset UTF8 (tridge)
+- Fix SIGSEGV on error message when trying to add a user to smbpasswd
+file without a unix account (jmcd)
+- better detection of dead ADS connections, so we have some chance of
+reconnecting (tridge)
+- removed bogus prepend_domain() call which was screwing up getpwuid()
+with the new default domain code
+- Domain/workstation SID fixes.
+- patch from Alexey Kotovich <a.kotovich@sam-solutions.net> that adds
+ the security decsriptor code for ADS workstation accounts.
+ (allow self password change, self remove)
+ (after much review and disscussion with abartlet and tridge)
+
+Changes in alpha15
+- Improvements in pam_winbind/winbindd_pam.c: (abartlet)
+ - Much better error reporting
+ - Password changing is now stackable
+ - now returns multiple PAM errors based on the NTSTATUS
+ that winbind got.
+ - returns an error string the client can use in their own logs.
+- Print form updates (tpot)
+- added 'wbinfo --sequence' to show sequence numbers of
+ all domains (tridge)
+- better winbind memory mangement (tridge)
+- make signal processing work correctly in winbindd
+ Michael Steffens <michael_steffens@hp.com>
+- Inital ADS printer publishing work. (jmcd)
+- Debian packaging
+- large debian packaging checking from Eloy. (merge by jerry)
+- Make smbgroupedit a little easier on the user (select groups
+ by name rather than by sid) (abartlet)
+- rework parts of smbtorture (tridge)
+
+Changes in alpha14
+- 'Winbind Default Domain' support:
+ This allows winbind to supply usernames without a 'DOMAIN\'
+ prefix. Particularly handy for shell and e-mail servers,
+ as well as Unix workstations in NT domains.
+- Associated cleanups in winbindd and smbd.
+ (Alexander Bokovoy <a.bokovoy@sam-solutions.net> and
+ abartlet)
+- Winbind protocol changes for better Squid intergration
+ (current version is 3) (abartlet)
+- pam_winbind password changing
+ (Samuel Ziegler <sam@xpedion.com>, tpot)
+- runtime selectable pluggable passdb interface.
+ (abartlet)
+- 'non unix account' support (abartlet)
+ (This allows machines and even users not to exist
+ in /etc/passwd)
+- Inital implementation of the WINS replication deamon
+ (jfm)
+- Changes for better winbind PDC/BDC failover support
+ (tpot)
+- Various Winbind/ADS mode stabilty and flexablity fixes
+ (tridge)
+- Mangle names like .bashrc properly (trige)
+- CIFS UNIX extensions (client and server) (jra)
+- Universal group support outside smbd (via a cache)
+ (Alexander Bokovoy <a.bokovoy@sam-solutions.net>)
+- Write cache fixes (jra)
+
+Changes in alpha13
+- updates to try to get more out-of-the-box compiles
+ (mostly kerberos and ldap stuff) (various)
+- 'net rpc shutdown' remote shutdown of servers
+ (abartlet, original code from idra)
+- authentication subsystem rework, including move to
+ new RPC client code (abartlet)
+- winbind changes:
+ - use new client code (abartlet)
+ - change winbind_auth_pam_crap interface for squid's
+ benifit. (abartlet)
+ - new interface versioning functionality (abartlet)
+ - cope better when inteface does change (tpot)
+ - better winbind trusted domain code (tpot)
+- doc updates (jerry)
+- new NTSTAUS -> DOS error map (abartlet)
+- large user list (> 1500) enumeration (jra)
+- dmalloc support (mbp)
+- spoolss changes (tpot)
+- talloc accounting (mbp)
+- rename fixes (jra)
+- smbmount trivial fixup (abartlet)
+- start of new unix extenions to CIFS (jra)
+
+Changes in alpha12
+- doc updates (jerry)
+- store domain sid on ADS join (tridge)
+- allow a winbind username on ADS connection (tridge)
+
+Changes in alpha11
+- fixed fallback to "ads server" option (tridge)
+- fix ACL failure on HP HFS (jra)
+- net ads password and net ads chostpass commands (Remus Koos)
+- fixed valid char array generation (tridge)
+- fixed QFS_INFO for win98 long filenames (tridge)
+- added net lookup command (tridge)
+- fixed map to guest with spnego (tridge)
+- fixed irix warnings (tridge)
+
+
+Changes in alpha10
+- hide unreadable fix using acl fns (jra)
+- lsa_open_policy cleanup (jfm)
+- mangled directories fix (jra)
+- fix error return on bad pipe (jra)
+- fix homes share with no home dir (tpot)
+- fixed handling of dead or empty domains in winbindd (tridge)
+- added talloc torture program (mbp)
+- talloc debug code (mbp)
+- added trusted domains to winbindd/ADS (tridge)
+- fix trusted domains in auth code (tridge)
+- new gss error handling code (a.bokovoy@sam-solutions.net & tridge)
+- support mixed ADS/NT4 domains (tridge)
+
+Changes in alpha9
+- nicer net error messages (tpot)
+- trust account patches (mimir)
+- solaris link option update (davecb)
+- added lsa_query_secobj() server fn (jfm)
+- spoolss changeid fix (jerry)
+- domain auth error fix (jmcd)
+- HPUX acl code (jra)
+- set filetime on close fix (jra)
+- allow select of org unit in ads join (tridge)
+
+Changes in alpha8
+- fixed compile of wb_client.c (tridge)
+- fixed net time to use localtime (tridge)
+- net help cleanups (jmcd)
+- debug level fix (tpot)
+- utmp string length fixes (monyo)
+
+
+Changes in alpha7
+
+- added "net ads info" to probe basic into on your ads server without
+ any authentication
+- improved some error handling
+
+Changes in alpha6
+
+- added "net time zone" command (tridge)
+- pam_smbpass updates (a.bokovoy@sam-solutions.net)
+- irix updates (herb)
+- net rpc join handles existing machine acct (tridge)
+
+Changes in alpha5
+
+- added "net time" command (tridge)
+- allow client tools to specify a hostname of form HOST#xx (tridge)
+- added wbinfo --set-auth-user (tpot)
+- added lsaquerysecobj to rpcclient (tpot)
+
+Changes in alpha4
+
+- fixed nexus/win9x user list (jfm)
+- fixed large user/group lists in winbindd (tridge)
+- fixed gssapi headers in redhat (jmcd)
+- fixed rap error code handling (jra)
+- more usermanager rpc calls (jfm)
+- re-added RAP calls at top level to net command (tridge)
+
+Changes in alpha3
+
+- fixed a silly tdb bug in alpha2 that affected internal databases
+
+Changes in alpha2
+
+- we no longer use cyrus-sasl for LDAP SASL/gssapi. This makes our ADS
+ code much more robust.
+- winbindd cache code rewritten to be much more efficient. It also
+ copes much better with server outages.
+- jfm implemented full group mapping and smb.conf option 'domain admin
+ group' is now gone. Consult the GROUP-MAPPING-HOWTO.txt to know how
+ to gain back administrator rights.
+- docs update started
+- numerous small bugfixes
+
+Changes in alpha1
+
+ - winbindd now uses LDAP and works correctly with an ADS server in
+ native mode
+ - XFS quotas code on Linux
+ - group mapping code from JFM
+ - "net rpc join" command replaces smbpasswd -j
+ - fixed winbind initgroups
+
+--------------
+
+This is a pre-release of Samba 3.0 alpha0. This is NOT a stable
+release. Use at your own risk.
+
+The purpose of this alpha release is to get wider testing of the major
+new pieces of code in the current Samba 3.0 development tree. We are
+planning on ceasing development on the 2.2.x release of Samba very
+shortly and after that we will be concentrating on Samba 3.0. To
+reduce the time before the final Samba 3.0 release we need as many
+poeple as possible to start testing these alpha releases, and
+hopefully giving us some high quality feedback on what needs fixing.
+
+Note that Samba 3.0 is not anywhere near feature complete yet. There
+is a lot more coding we have planned, but unless we get what we have
+done already more widely tested we will have a hard time doing a
+stable release in a reasonable time frame.
+
+This release is also missing major pieces of documentation, and there
+are many parts of the docs that have not been updated to reflect the
+new options and features in 3.0.
+
+Major new features:
+-------------------
+
+- Active Directory support. This release is able to join a ADS realm
+ as a member server and authenticate users using
+ LDAP/kerberos. Please read ADS-HOWTO.txt in the release for a very
+ rough guide on how to set this up.
+
+- Unicode support. Samba will now negotiate unicode on the wire and
+ interally there is now a much better infrastructure for multi-byte
+ and unicode character sets. You may need the "dos charset", "unix
+ charset" and "display charset" options. The unicode support is not
+ yet documented.
-This is a MAJOR new release of Samba, the UNIX based SMB/CIFS file
-and print server for Windows systems.
+- New authentication system. The internal authentication system has
+ been almost completely rewritten. Most of the changes are internal,
+ but the new auth system is also very configurable. Not documented
+ yet.
-There have been many changes in Samba since the last major release,
-1.9.18. These have mainly been in the areas of performance and
-SMB protocol correctness. In addition, a Web based GUI interface
-for configuring Samba has been added.
+- new filename mangling system. The filename mangling system has been
+ completely rewritten. An internal database now stores mangling maps
+ persistantly. This needs lots of testing.
-In addition, Samba has been re-written to help portability to
-other POSIX-based systems, based on the GNU autoconf tool.
+- new "net" command. A new "net" command has been added. It is
+ somewhat similar to the "net" command in windows. Eventually we plan
+ to replace a bunch of other utilities (such as smbpasswd) with
+ subcommands in "net", at the moment only a few things are
+ implemented.
-Major changes in Samba 2.0
---------------------------
+- Samba now negotiates NT-style status32 codes on the wire. This
+ improves error handling a lot.
-There are many major changes in Samba for version 2.0. Here are
-some of them:
+- better w2k printing support. The support for printing from win2000
+ clients has improved greatly.
-=====================================================================
+Plus lots of other changes!
-1). Speed
----------
+Note that many new features are not documented. Don't let this stop
+you from using Samba 3.0. It is particularly important that the basic
+file/print serving abilities of Samba 3.0 are widely tested to ensure
+that we have not broken any of the basic functionality. As we do more
+alpha releases we will start to document the new features.
-Samba has been benchmarked on high-end UNIX hardware as out-performing
-all other SMB/CIFS servers using the Ziff-Davis NetBench benchmark.
-Many changes to the code to optimise high-end performance have been made.
-2). Correctness
----------------
-
-Samba now supports the Windows NT specific SMB requests. This
-means that on platforms that are capable Samba now presents a
-64 bit view of the filesystem to Windows NT clients and is
-capable of handling very large files.
-
-3). Portability
----------------
-
-Samba is now self-configuring using GNU autoconf, removing
-the need for people installing Samba to have to hand configure
-Makefiles, as was needed in previous versions.
-
-You now configure Samba by running "./configure" then "make". See
-docs/textdocs/UNIX_INSTALL.txt for details.
-
-4). Web based GUI configuration
--------------------------------
-
-Samba now comes with SWAT, a web based GUI config system. See
-the swat man page for details on how to set it up.
-
-5). Cross protocol data integrity
----------------------------------
-
-An open function interface has been defined to allow
-"opportunistic locks" (oplocks for short) granted by Samba
-to be seen by other UNIX processes. This allows complete
-cross protocol (NFS and SMB) data integrety using Samba
-with platforms that support this feature.
-
-6). Domain client capability
-----------------------------
-
-Samba is now capable of using a Windows NT PDC for user
-authentication in exactly the same way that a Windows NT
-workstation does, i.e. it can be a member of a Domain. See
-docs/textdocs/DOMAIN_MEMBER.txt for details.
-
-7). Documentation Updates
--------------------------
-
-All the reference parts of the Samba documentation (the
-manual pages) have been updated and converted to a document
-format that allows automatic generation of HTML, SGML, and
-text formats. These documents now ship as standard in HTML
-and manpage format.
-
-=====================================================================
-
-NOTE - Some important option defaults changed
----------------------------------------------
-
-Several parameters have changed their default values. The most
-important of these is that the default security mode is now user
-level security rather than share level security.
-
-This (incompatible) change was made to ease new Samba installs
-as user level security is easier to use for Windows 95/98 and
-Windows NT clients.
-
-********IMPORTANT NOTE****************
-
-If you have no "security=" line in the [global] section of
-your current smb.conf and you update to Samba 2.0 you will
-need to add the line :
-
-security=share
-
-to get exactly the same behaviour with Samba 2.0 as you
-did with previous versions of Samba.
-
-********END IMPORTANT NOTE*************
-
-In addition, Samba now defaults to case sensitivity options that
-match a Windows NT server precisely, that is, case insensitive
-but case preserving.
-
-=====================================================================
-
-NOTE - Primary Domain Controller Functionality
-----------------------------------------------
-
-This version of Samba contains code that correctly implements
-the undocumented Primary Domain Controller authentication
-protocols. However, there is much more to being a Primary
-Domain Controller than serving Windows NT logon requests.
-
-A useful version of a Primary Domain Controller contains
-many remote procedure calls to do things like enumerate users,
-groups, and security information, only some of which Samba currently
-implements. For this reason we have chosen not to advertise
-and actively support Primary Domain Controller functionality
-with this release.
-
-This work is being done in the CVS (developer) versions of Samba,
-development of which continues at a fast pace. If you are
-interested in participating in or helping with this development
-please join the Samba-NTDOM mailing list. Details on joining
-are available at :
-
-http://samba.anu.edu.au/listproc/
-
-Details on obtaining CVS (developer) versions of Samba
-are available at:
-
-http://samba.anu.edu.au/cvs.html
-
-=====================================================================
-
-If you have problems, or think you have found a bug please email
-a report to :
-
- samba-bugs@samba.anu.edu.au
-
-As always, all bugs are our responsibility.
-
-Regards,
-
- The Samba Team.
+Reporting bugs & Development Discussion
+---------------------------------------
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.openprojects.net
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored.
git.samba.org / kai / samba.git / blobdiff