Removal of nmbd and introduction of process models
==================================================
-smbd now implements several network protocols other then just CIFS and
+smbd now implements several network protocols other than just CIFS and
DCE/RPC. nmbd's functionality has been merged into smbd. smbd supports
various 'process models' that specify how concurrent connections are
handled (when to fork, use threads, etc).
Samba now stores most of its persistent data in a LDAP-like database
called LDB (see ldb(7) for more info).
-Much improved SWAT
+Removed SWAT
==================
-SWAT has had some rather large improvements and is now more then just a
-direct editor for smb.conf. Its layout has been improved. SWAT can now also
-be used for editing run-time data - maintaining user information, provisioning,
-etc. TLS is supported out of the box.
+Unlike previous versions, Samba4 does not provide a web interface at this time.
Built-in KDC
============
between the 'user' and 'share' security levels (the latter is not supported
in Samba 4 yet). The other values of this option and the 'domain master' and
'domain logons' parameters have been merged into a 'server role' parameter
-that can be either 'bdc', 'pdc', 'member server' or 'standalone'. Note that
+that can be either 'domain controller', 'member server' or 'standalone'. Note that
member server support does not work yet.
The following parameters have been removed:
- domain master
- browse list
- enhanced browsing
-- dns proxy
- wins proxy
- wins hook
- wins partners
- locking
- lock spin count
- lock spin time
-- oplocks
- level2 oplocks
- oplock break wait time
- oplock contention limit
Default: Set at compile-time
+ ntvfs handler
- Backend to the NT VFS to use (more then one can be specified). Available
+ Backend to the NT VFS to use (more than one can be specified). Available
backends include:
- posix:
+ client use spnego principal
Tells the client to use the Kerberos service principal specified by the
- server during the security protocol negotation rather then
+ server during the security protocol negotation rather than
looking up the principal itself (cifs/hostname).
Default: false