Users who were using the wrong spelling "ressource" with two "s" can keep the
setting, but are advised to switch to the correct spelling.
+ID Mapping
+----------
+We discovered that the majority of users have an invalid or incorrect
+ID mapping configuration. We implemented checks in the 'testparm' tool to
+validate the ID mapping configuration. You should run it and check if it prints
+any warnings or errors after upgrading! If it does you should fix them. See the
+'IDENTITY MAPPING CONSIDERATIONS' section in the smb.conf manpage.
+There are some ID mapping backends which are not allowed to be used for the
+default backend. Winbind will no longer start if an invalid backend is
+configured as the default backend.
+
+To avoid problems in future we advise all users to run 'testparm' after
+changing the smb.conf file!
+
NEW FEATURES/CHANGES
====================
This can solves some corner cases of mixed environments with Server 2003R2 and
newer DCs.
+Printing
+--------
+Support for uploading printer drivers from newer Windows clients (Windows 10)
+has been added until our implementation of [MS-PAR] protocol is ready.
+Several issues with uploading different printing drivers have been addressed.
+
+The OS Version for the printing server has been increased to announce
+Windows Server 2003 R2 SP2. If a driver needs a newer version then you should
+check the smb.conf manpage for details.
new option for owner inheritance
--------------------------------
of the file, not affecting the SID owner in the Windows NT ACL of the
file. This can be used to emulate something very similar to folder quotas.
+Multi-process Netlogon support
+------------------------------
+
+The Netlogon server in the Samba AD DC can now run as multiple
+processes. The Netlogon server is a part of the AD DC that handles
+NTLM authentication on behalf of domain members, including file
+servers, NTLM-authenticated web servers and 802.1x gateways. The
+previous restriction to running as a single process has been removed,
+and it will now run in the same process model as the rest of the
+'samba' binary.
+
+As part of this change, the NETLOGON service will now run on a distinct
+TCP port, rather than being shared with all other RPC services (LSA,
+SAMR, DRSUAPI etc).
+
+new options for controlling TCP ports used for RPC services
+-----------------------------------------------------------
+
+The new 'rpc server port' option controls the default port used for
+RPC services other than Netlogon. The Netlogon server honours instead
+the 'rpc server port:netlogon' option. The default value for both
+these options is the first available port including or after 1024.
+
+Improve AD performance and replication improvements
+---------------------------------------------------
+
+Samba's LDB and replication code continues to improve, particularly in
+respect to the handling of large numbers of linked attributes. We now
+respect an 'uptodateness vector' which will dramatically reduce the
+over-replication of links from new DCs. We have also made the parsing
+of on-disk linked attributes much more efficient.
+
+DNS improvements
+---------------------------
+
+The samba-tool dns subcommand is now much more robust and can delete
+records in a number of situations where it was not possible to do so
+in the past.
+
+On the server side, DNS names are now more strictly validated.
+
+
+CTDB changes
+------------
+
+* "ctdb event" is a new top-level command for interacting with event scripts
+
+ "ctdb event status" replaces "ctdb scriptstatus" - the latter is
+ maintained for backward compatibility but the output format has been
+ cleaned up
+
+ "ctdb event run" replaces "ctdb eventscript"
+
+ "ctdb event script enable" replaces "ctdb enablescript"
+
+ "ctdb event script disable" replaces "ctdb disablescript"
+
+ The new command "ctdb event script list" lists event scripts.
+
+* CTDB's back-end for running event scripts has been replaced by a
+ separate, long-running daemon ctdbd_eventd.
+
+* Running ctdb interactively will log to stderr
+
+* CTDB logs now include process id for each process
+
+* CTDB tags log messages differently. Changes include:
+
+ ctdb-recoverd: Messages from CTDB's recovery daemon
+ ctdb-recovery: Messages from CTDB database recovery
+ ctdb-eventd: Messages from CTDB's event daemon
+ ctdb-takeover: Messgaes from CTDB's public IP takeover subsystem
+
+* The mapping between symbolic and numeric debug levels has changed
+
+ Configurations containing numeric debug levels should be updated.
+ Symbolic debug levels are recommended. See the DEBUG LEVEL section
+ of ctdb(7) for details.
+
+* Tunable IPAllocAlgorithm replaces LCP2PublicIPs, DeterministicIPs
+
+ See ctdb-tunables(7) for details
+
+* CTDB's configuration tunables should be consistently set across a cluster
+
+ This has always been the cases for most tunables but this fact is
+ now documented.
+
+* CTDB ships with recovery lock helper call-outs for etcd and Ceph RADOS
+
+ To build/install these, use the --enable-etcd-reclock and
+ --enable-ceph-reclock configure options.
+
REMOVED FEATURES
================
kerberos encryption types New all
inherit owner New option
fruit:resource Spelling correction
+ lsa over netlogon New (deprecated) no
+ rpc server port New 0
KNOWN ISSUES