- WHATS NEW IN 1.9.18alpha10 Nov 1st 1997
- =======================================
+ WHATS NEW IN Samba 3.0 alphaX
+ =============================
+
+Changes in alpha17
+- OpenLinux packaging updates (jht)
+- Locking updates - fix zero timeout (tridge, jra)
+- Default ACL support (jra, based on code from Olaf Frczyk <olaf@cbk.poznan.pl>)
+- printing updates - spoolss stuff (tpot)
+- 'make install' directory creation fixes (abartlet)
+- Lots of fixes for SID handling, local v domain sids etc
+- better mangle debugging (abartlet)
+- fixes to allow 'net' to return more than 1000 users from ADS (jmcd)
+ - winbind support to come very shortly
+- lock some more tdbs to allow concurrent access for backups
+- 'net' help cleanups (jmcd)
+- 'net join' automatic transport detection
+
+Changes in alpha16
+- LDAP schema updates (jerry)
+- initial ADS LDAP printer advertising (jmcd)
+- spoolss and printing updates (tpot, jerry)
+ (the is the major update in this alpha, and work continues)
+- Winbindd connection cache improvements (abartlet)
+- spnego segfault fixes (abartlet)
+- net ads segfault fixes ( Alexander Bokovoy <a.bokovoy@sam-solutions.net>)
+- header cleanups (tpot)
+- Serialise domain auth requests - win2k bug (tridge)
+- fix winbind talloced memory leak (dleducq@arkoon.net, tridge)
+- call unmangle in don_unmangle (abartlet)
+- UTF8 Charset functions - for ADS LDAP calls (Hasch@t-online.de)
+- Fix security tab for mapped drives on unicode clients (tridge)
+- Better configure tests for snprintf and immidiate structures (abartlet)
+- allow 'passdb backend = plugin : /path/to/plugin.so : plguin args'
+ (loads a passdb module) (Jelmer Vernooij <jelmer@nl.linux.org>)
+- change the way we store our domain join info - you will need to
+rejoin the domain (tridge)
+- xcopy /o fixes (tridge)
+- fix the 'convert_string' level 0 debugs.
+- Patch for Domain users not showing up from "Ivan Zhakov" <vunny@mail.ru>
+- tdb backup support
+- The beginning of trusted and trusting domain support - net commands
+ (Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl>)
+- nmbd signal processing fixes (jra)
+- lseek-on-pipe support (jra)
+- Allow Samba to trust NT4 Domains (abartlet)
+- LDAPsam updates (abartlet):
+ - Now runtime selectable (when configured)
+ - ldap user suffix and ldap group suffix support.
+ - non unix account support
+ - select with 'passdb backend = ldapsam' or 'passdb backend =
+ ldapsam_nua'
+- start to allow NT4 domains to trust Samba, netlogon fixes (abartlet)
+- make default unix charset UTF8 (tridge)
+- Fix SIGSEGV on error message when trying to add a user to smbpasswd
+file without a unix account (jmcd)
+- better detection of dead ADS connections, so we have some chance of
+reconnecting (tridge)
+- removed bogus prepend_domain() call which was screwing up getpwuid()
+with the new default domain code
+- Domain/workstation SID fixes.
+- patch from Alexey Kotovich <a.kotovich@sam-solutions.net> that adds
+ the security decsriptor code for ADS workstation accounts.
+ (allow self password change, self remove)
+ (after much review and disscussion with abartlet and tridge)
+
+Changes in alpha15
+- Improvements in pam_winbind/winbindd_pam.c: (abartlet)
+ - Much better error reporting
+ - Password changing is now stackable
+ - now returns multiple PAM errors based on the NTSTATUS
+ that winbind got.
+ - returns an error string the client can use in their own logs.
+- Print form updates (tpot)
+- added 'wbinfo --sequence' to show sequence numbers of
+ all domains (tridge)
+- better winbind memory mangement (tridge)
+- make signal processing work correctly in winbindd
+ Michael Steffens <michael_steffens@hp.com>
+- Inital ADS printer publishing work. (jmcd)
+- Debian packaging
+- large debian packaging checking from Eloy. (merge by jerry)
+- Make smbgroupedit a little easier on the user (select groups
+ by name rather than by sid) (abartlet)
+- rework parts of smbtorture (tridge)
+
+Changes in alpha14
+- 'Winbind Default Domain' support:
+ This allows winbind to supply usernames without a 'DOMAIN\'
+ prefix. Particularly handy for shell and e-mail servers,
+ as well as Unix workstations in NT domains.
+- Associated cleanups in winbindd and smbd.
+ (Alexander Bokovoy <a.bokovoy@sam-solutions.net> and
+ abartlet)
+- Winbind protocol changes for better Squid intergration
+ (current version is 3) (abartlet)
+- pam_winbind password changing
+ (Samuel Ziegler <sam@xpedion.com>, tpot)
+- runtime selectable pluggable passdb interface.
+ (abartlet)
+- 'non unix account' support (abartlet)
+ (This allows machines and even users not to exist
+ in /etc/passwd)
+- Inital implementation of the WINS replication deamon
+ (jfm)
+- Changes for better winbind PDC/BDC failover support
+ (tpot)
+- Various Winbind/ADS mode stabilty and flexablity fixes
+ (tridge)
+- Mangle names like .bashrc properly (trige)
+- CIFS UNIX extensions (client and server) (jra)
+- Universal group support outside smbd (via a cache)
+ (Alexander Bokovoy <a.bokovoy@sam-solutions.net>)
+- Write cache fixes (jra)
+
+Changes in alpha13
+- updates to try to get more out-of-the-box compiles
+ (mostly kerberos and ldap stuff) (various)
+- 'net rpc shutdown' remote shutdown of servers
+ (abartlet, original code from idra)
+- authentication subsystem rework, including move to
+ new RPC client code (abartlet)
+- winbind changes:
+ - use new client code (abartlet)
+ - change winbind_auth_pam_crap interface for squid's
+ benifit. (abartlet)
+ - new interface versioning functionality (abartlet)
+ - cope better when inteface does change (tpot)
+ - better winbind trusted domain code (tpot)
+- doc updates (jerry)
+- new NTSTAUS -> DOS error map (abartlet)
+- large user list (> 1500) enumeration (jra)
+- dmalloc support (mbp)
+- spoolss changes (tpot)
+- talloc accounting (mbp)
+- rename fixes (jra)
+- smbmount trivial fixup (abartlet)
+- start of new unix extenions to CIFS (jra)
+
+Changes in alpha12
+- doc updates (jerry)
+- store domain sid on ADS join (tridge)
+- allow a winbind username on ADS connection (tridge)
+
+Changes in alpha11
+- fixed fallback to "ads server" option (tridge)
+- fix ACL failure on HP HFS (jra)
+- net ads password and net ads chostpass commands (Remus Koos)
+- fixed valid char array generation (tridge)
+- fixed QFS_INFO for win98 long filenames (tridge)
+- added net lookup command (tridge)
+- fixed map to guest with spnego (tridge)
+- fixed irix warnings (tridge)
+
+
+Changes in alpha10
+- hide unreadable fix using acl fns (jra)
+- lsa_open_policy cleanup (jfm)
+- mangled directories fix (jra)
+- fix error return on bad pipe (jra)
+- fix homes share with no home dir (tpot)
+- fixed handling of dead or empty domains in winbindd (tridge)
+- added talloc torture program (mbp)
+- talloc debug code (mbp)
+- added trusted domains to winbindd/ADS (tridge)
+- fix trusted domains in auth code (tridge)
+- new gss error handling code (a.bokovoy@sam-solutions.net & tridge)
+- support mixed ADS/NT4 domains (tridge)
+
+Changes in alpha9
+- nicer net error messages (tpot)
+- trust account patches (mimir)
+- solaris link option update (davecb)
+- added lsa_query_secobj() server fn (jfm)
+- spoolss changeid fix (jerry)
+- domain auth error fix (jmcd)
+- HPUX acl code (jra)
+- set filetime on close fix (jra)
+- allow select of org unit in ads join (tridge)
+
+Changes in alpha8
+- fixed compile of wb_client.c (tridge)
+- fixed net time to use localtime (tridge)
+- net help cleanups (jmcd)
+- debug level fix (tpot)
+- utmp string length fixes (monyo)
+
+
+Changes in alpha7
+
+- added "net ads info" to probe basic into on your ads server without
+ any authentication
+- improved some error handling
+
+Changes in alpha6
+
+- added "net time zone" command (tridge)
+- pam_smbpass updates (a.bokovoy@sam-solutions.net)
+- irix updates (herb)
+- net rpc join handles existing machine acct (tridge)
+
+Changes in alpha5
+
+- added "net time" command (tridge)
+- allow client tools to specify a hostname of form HOST#xx (tridge)
+- added wbinfo --set-auth-user (tpot)
+- added lsaquerysecobj to rpcclient (tpot)
+
+Changes in alpha4
+
+- fixed nexus/win9x user list (jfm)
+- fixed large user/group lists in winbindd (tridge)
+- fixed gssapi headers in redhat (jmcd)
+- fixed rap error code handling (jra)
+- more usermanager rpc calls (jfm)
+- re-added RAP calls at top level to net command (tridge)
+
+Changes in alpha3
+
+- fixed a silly tdb bug in alpha2 that affected internal databases
+
+Changes in alpha2
+
+- we no longer use cyrus-sasl for LDAP SASL/gssapi. This makes our ADS
+ code much more robust.
+- winbindd cache code rewritten to be much more efficient. It also
+ copes much better with server outages.
+- jfm implemented full group mapping and smb.conf option 'domain admin
+ group' is now gone. Consult the GROUP-MAPPING-HOWTO.txt to know how
+ to gain back administrator rights.
+- docs update started
+- numerous small bugfixes
+
+Changes in alpha1
+
+ - winbindd now uses LDAP and works correctly with an ADS server in
+ native mode
+ - XFS quotas code on Linux
+ - group mapping code from JFM
+ - "net rpc join" command replaces smbpasswd -j
+ - fixed winbind initgroups
+
+--------------
+
+This is a pre-release of Samba 3.0 alpha0. This is NOT a stable
+release. Use at your own risk.
+
+The purpose of this alpha release is to get wider testing of the major
+new pieces of code in the current Samba 3.0 development tree. We are
+planning on ceasing development on the 2.2.x release of Samba very
+shortly and after that we will be concentrating on Samba 3.0. To
+reduce the time before the final Samba 3.0 release we need as many
+poeple as possible to start testing these alpha releases, and
+hopefully giving us some high quality feedback on what needs fixing.
+
+Note that Samba 3.0 is not anywhere near feature complete yet. There
+is a lot more coding we have planned, but unless we get what we have
+done already more widely tested we will have a hard time doing a
+stable release in a reasonable time frame.
+
+This release is also missing major pieces of documentation, and there
+are many parts of the docs that have not been updated to reflect the
+new options and features in 3.0.
+
+Major new features:
+-------------------
+
+- Active Directory support. This release is able to join a ADS realm
+ as a member server and authenticate users using
+ LDAP/kerberos. Please read ADS-HOWTO.txt in the release for a very
+ rough guide on how to set this up.
+
+- Unicode support. Samba will now negotiate unicode on the wire and
+ interally there is now a much better infrastructure for multi-byte
+ and unicode character sets. You may need the "dos charset", "unix
+ charset" and "display charset" options. The unicode support is not
+ yet documented.
-This is NOT a production release of Samba code.
-For production servers please run Samba 1.9.17p4
-or later releases in the 1.9.17 series.
+- New authentication system. The internal authentication system has
+ been almost completely rewritten. Most of the changes are internal,
+ but the new auth system is also very configurable. Not documented
+ yet.
-This release contains some experimental features and
-changes and is being made available so people can
-test and provide feedback and patches for ongoing
-Samba development.
+- new filename mangling system. The filename mangling system has been
+ completely rewritten. An internal database now stores mangling maps
+ persistantly. This needs lots of testing.
-Please note that only the Domain controller code
-is truly experimental. The other changes have
-been extensively tested and are of the same
-quality as normal Samba alpha releases. The
-Domain controller code is disabled in the Makefile
-by default and is being made available to Samba
-programmers in the interests of advancing a
-public implementation of this important protocol.
+- new "net" command. A new "net" command has been added. It is
+ somewhat similar to the "net" command in windows. Eventually we plan
+ to replace a bunch of other utilities (such as smbpasswd) with
+ subcommands in "net", at the moment only a few things are
+ implemented.
-This release contains three major changes to the
-1.9.17 series and much re-written code.
+- Samba now negotiates NT-style status32 codes on the wire. This
+ improves error handling a lot.
+- better w2k printing support. The support for printing from win2000
+ clients has improved greatly.
-The main changes are :
+Plus lots of other changes!
-1). Oplock support now operational.
------------------------------------
+Note that many new features are not documented. Don't let this stop
+you from using Samba 3.0. It is particularly important that the basic
+file/print serving abilities of Samba 3.0 are widely tested to ensure
+that we have not broken any of the basic functionality. As we do more
+alpha releases we will start to document the new features.
-Samba now supports 'exclusive' and 'batch' oplocks.
-These are an advanced networked file system feature
-that allows clients to obtain a exclusive use of a
-file. This allows a client to cache any changes it
-makes locally, and greatly improves performance.
-Windows NT has this feature and prior to this
-release this was one of the reasons Windows NT
-could be faster in some situations.
-
-The oplock code in Samba has been extensively
-tested and is believed to be completely stable.
-
-Please report any problems to the samba-bugs alias.
-
-
-2). Experimental Primary Domain controller code.
-------------------------------------------------
-
-Samba now contains a *VERY* experimental client and
-server implementation of part of the Windows NT
-4.x Domain Controller specification, as
-published by Paul Ashton (now a Samba Team
-member).
-
-This code is not enabled in the Makefile by default,
-and to work on this code you must read the file :
-
- docs/NTDOMAIN.txt
-
-Please note that as this code is not complete,
-it is being made available as part of this release
-to allow interested parties to contribute and help
-the Samba Team in documenting and implementing
-this important feature.
-
-Please do not expect to be able to replace your
-NT Domain Controllers with Samba until this code
-is finished, tested and an announcement is made.
-
-At present the Domain Controller code is for
-programmers and people interested in Microsoft
-protocols only.
-
-
-3). New Internationalization support.
--------------------------------------
-
-With this release Samba no longer needs to be
-separately compiled for Japanese (Kanji) support,
-the same binary will serve both Kanji and non-Kanji
-clients.
-
-A new method of dynamically loading client code pages
-has been added to allow the case insensitivity to
-be done dependent on the code page of the client.
-
-Note that Samba still will only handle one client
-code page at a time. This will be fixed when
-Samba is fully UNICODE enabled.
-
-Please see the new man page for make_smbcodepage
-for details on adding additional client code page
-support.
-
-
-Changed code.
--------------
-
-Samba no longer needs the libdes library to support
-encrypted passwords. Samba now contains a restricted
-version of DES that can only be used for authentication
-purposes (to comply with the USA export encryption
-regulations and to allow USA Mirror sites to carry
-Samba source code). The 'encrypt passwords' parameter
-may now be used without recompiling.
-
-Much of the internals of Samba has been re-structured
-to support the oplock and Domain controller changes.
-
-The WINS client and WINS server capabilities in nmbd
-are also being restructured, to make it easier to
-understand and maintain.
-
-Samba supports the NT 3.51 and 4.0 Domain Authentication
-Protocol to a degree sufficient to download Profiles to an
-NT 3.51 or 4.0 Workstation ("Welcome to the SAMBA Domain").
-
-There is also code in smbclient to generate the same
-requests as an NT Workstation would when doing an NT
-Domain Logon. This has only been tested against a Samba
-"Experimental" PDC so far.
-
-Some of the new parameters for NT Domain Logons and
-Profile support are now also used by the Win95 Domain
-Logons and Profile support.
-
-The Automount code has been slightly reshuffled, such
-that the home directory (and profile location) can be
-specified by \\%N\homes and \\%N\homes\profiles
-respectively, which are the defaults for these values.
-If -DAUTOMOUNT is enabled, then %N is the server
-component of the user's NIS auto.home entry. Obviously,
-you will need to be running Samba on the user's home
-server as well as the one they just logged in on.
-
-
-New parameters in smb.conf.
----------------------------
-
-New Global parameters.
-----------------------
-
-Documented in the smb.con man pages :
-
-"bind interfaces only"
-"username level"
-
-"domain sid"
-"domain groups"
-
-"logon drive"
-"logon home"
-
-
-Not yet documented in the smb.conf man page, please
-read docs/NTDOMAIN.txt or examine the source code for
-information on the next parameters :
-
-"domain other sids"
-"domain admin users"
-"domain guest users"
-
-
-New Share level parameters.
----------------------------
-
-Documented in the smb.con man pages :
-
-"delete veto files"
-"oplocks"
-
-
-Reporting bugs.
----------------
-
-If you have problems, or think you have found a
-bug please email a report to :
-
-samba-bugs@samba.anu.edu.au
-
-Please state the version number of Samba that
-you are running, and *full details* of the steps
-we need to reproduce the problem.
-
-As always, all bugs are our responsibility.
-
-Regards,
-
- The Samba Team.
+Reporting bugs & Development Discussion
+---------------------------------------
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.openprojects.net
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored.
git.samba.org / kai / samba.git / blobdiff