diff options
Diffstat (limited to 'README')
-rw-r--r-- | README | 128 |
1 files changed, 115 insertions, 13 deletions
@@ -1,20 +1,122 @@ -Samba 4 is the ambitious next version of the Samba suite that is being -developed in parallel to the stable 3.0 series. The main emphasis in -this branch is full support for being a Active Directory domain controller. +Samba 4 is the ambitious next version of the Samba suite that is being +developed in parallel to the stable 3.0 series. The main emphasis in +this branch is support for the Active Directory logon protocols used +by Windows 2000 and above. -Samba 4 is currently not yet in a state where it is usable in production -environments. The STATUS file aims to document what should and should not -work. +Samba 4 is currently not yet in a state where it is usable in +production environments. Note the WARNINGS below, and the STATUS file, +which aims to document what should and should not work. -Those familiar with Samba 3 can find a list of user-visible changes -since that release series in the NEWS file. A short guide to setting up -Samba 4 can be found in the howto.txt file in this directory. +With 3 years of development under our belt since Tridge first proposed +a new Virtual File System (VFS) layer for Samba3 (a project which +eventually lead to our Active Directory efforts), it was felt that we +should create something we could 'show off' to our users. This is a +Technology Preview (TP), aimed at allowing users, managers and +developers to see how we have progressed, and to invite feedback and +support. +WARNINGS +======== + +Samba4 TP is currently a pre-alpha technology. It may eat your cat, but +is far more likely to choose to munch on your password database. We +recommend against upgrading any production servers from Samba 3 to +Samba 4 at this stage. If you are upgrading an experimental server, +you should backup all configuration and data. + +We expect that format changes will require that the user database be +rebuilt from scratch a number of times before we make a final release, +losing password data each time. + +Samba 4 Technology Preview includes basic Access Control List (ACL) +protection on the main user database, but due to time constraints, +none on the registry at this stage. We also do not currently have +ACLs on the SWAT web-based management tool. This means that Samba 4 +Technology Preview is not secure. + +File system access should occur as the logged in user, much as Samba3 +does. + +Again, we strongly recommend against use in a production environment +at this stage. + +NEW FEATURES +============ + +Samba4 supports the server-side of the Active Directory logon environment +used by Windows 2000 and later, so we can do full domain join +and domain logon operations with these clients. + +Our Domain Controller (DC) implementation includes our own built-in +LDAP server and Kerberos Key Distribution Center (KDC) as well as the +Samba3-like logon services provided over CIFS. We correctly generate +the infamous Kerberos PAC, and include it with the Kerberos tickets we +issue. + +SWAT is now integrated into Samba 4 as the user-friendly interface to +Samba server management. SWAT provides easy access to our +setup and migration tools. Using SWAT, you can migrate windows +domains in Samba 4, allowing easy setup of initial user databases, and +upgrades from Samba 3. + +The new VFS features in Samba 4 adapts the filesystem on the server to +match the Windows client semantics, allowing Samba 4 to better match +windows behaviour and application expectations. This includes file +annotation information (in streams) and NT ACLs in particular. The +VFS is backed with an extensive automated test suite. + +A new scripting interface has been added to Samba 4, allowing +JavaScript programs to interface to Samba's internals. + +The Samba 4 architecture is based around an LDAP-like database that +can use a range of modular backends. One of the backends supports +standards compliant LDAP servers (including OpenLDAP), and we are +working on modules to map between AD-like behaviours and this backend. +We are aiming for Samba 4 to be powerful frontend to large +directories. + +CHANGES +======= + +Those familiar with Samba 3 can find a list of user-visible changes +since that release series in the NEWS file. + + - An optional password is no longer supported as the second argument to + smbclient. + + - The default location of smb.conf in non-FHS builds has changed from the + PREFIX/lib directory to the PREFIX/etc directory. + +KNOWN ISSUES +============ + +- Standalone server and domain member roles are not currently + supported. While we have much of the infrastructure required, we + have not collected these pieces together. + +- There is no printing support in the current release. + +- SWAT can be painful with <TAB> and forms. Just use the mouse, as + the JavaScript layer doing this will change. + +- Domain logons (using Kerberos) from windows clients incorrectly + state that the password expires today. + +RUNNING Samba4 +============== + +A short guide to setting up Samba 4 can be found in the howto.txt file +in root of the tarball. + +DEVELOPMENT and FEEDBACK +======================== Bugs can be filed at https://bugzilla.samba.org/. Please -look at the STATUS file before filing a bug to see if a particular +look at the STATUS file before filing a bug to see if a particular is supposed to work yet. -Development and general discussion about Samba 4 happens mainly on -the #samba-technical IRC channel (on irc.freenode.net) and -the samba-technical mailing list (see http://lists.samba.org/ for +Development and general discussion about Samba 4 happens mainly on +the #samba-technical IRC channel (on irc.freenode.net) and +the samba-technical mailing list (see http://lists.samba.org/ for details). + + |