diff options
Diffstat (limited to 'source4/NEWS')
-rw-r--r-- | source4/NEWS | 496 |
1 files changed, 0 insertions, 496 deletions
diff --git a/source4/NEWS b/source4/NEWS deleted file mode 100644 index f7c03c60bf..0000000000 --- a/source4/NEWS +++ /dev/null @@ -1,496 +0,0 @@ -This file aims to document the major changes since the latest released version -of Samba, 3.0. Samba 4.0 contains rewrites of several subsystems -and uses a different internal format for most data. Since this -file is an initial draft, please update missing items. - -One of the main goals of Samba 4 was Active Directory Domain Controller -support. This means Samba now implements several protocols that are required -by AD such as Kerberos and DNS. - -An (experimental) upgrade script that performs a one-way upgrade -from Samba 3 is available in source/setup/upgrade. - -Removal of nmbd and introduction of process models -================================================== -smbd now implements several network protocols other than just CIFS and -DCE/RPC. nmbd's functionality has been merged into smbd. smbd supports -various 'process models' that specify how concurrent connections are -handled (when to fork, use threads, etc). - -Introduction of LDB -=================== -Samba now stores most of its persistent data in a LDAP-like database -called LDB (see ldb(7) for more info). - -Removed SWAT -================== -Unlike previous versions, Samba4 does not provide a web interface at this time. - -Built-in KDC -============ -Samba4 ships with an integrated KDC (Kerberos Key Distribution -Center). Backed directly onto our main internal database, and -integrated with custom code to handle the PAC, Samba4's KDC is an -integral part of our support for AD logon protocols. - -Built-in LDAP Server -==================== -Like the situation with the KDC, Samba4 ships with it's own LDAP -server, included to provide simple, built-in LDAP services in an AD -(rather than distinctly standards) matching manner. The database is -LDB, and it shares that in common with the rest of Samba. - -Changed configuration options -============================= -Several configuration options have been removed in Samba4 while others have -been introduced. This section contains a summary of changes to smb.conf and -where these settings moved. Configuration options that have disappeared may be -re-added later when the functionality that uses them gets reimplemented in -Samba 4. - -The 'security' parameter has been split up. It is now only used to choose -between the 'user' and 'share' security levels (the latter is not supported -in Samba 4 yet). The other values of this option and the 'domain master' and -'domain logons' parameters have been merged into a 'server role' parameter -that can be either 'domain controller', 'member server' or 'standalone'. Note that -member server support does not work yet. - -The following parameters have been removed: -- passdb backend: accounts are now stored in a LDB-based SAM database -- update encrypted -- public -- guest ok -- client schannel -- server schannel -- allow trusted domains -- hosts equiv -- map to guest -- smb passwd file -- algorithmic rid base -- root directory -- root dir -- root -- guest account -- enable privileges -- pam password change -- passwd program -- passwd chat debug -- passwd chat timeout -- check password script -- username map -- username level -- unix password sync -- restrict anonymous -- username -- user -- users -- invalid users -- valid users -- admin users -- read list -- write list -- printer admin -- force user -- force group -- group -- write ok -- writeable -- writable -- acl check permissions -- acl group control -- acl map full control -- create mask -- create mode -- force create mode -- security mask -- force security mode -- directory mask -- directory mode -- force directory mode -- directory security mask -- force directory security mode -- force unknown acl user -- inherit permissions -- inherit acls -- inherit owner -- guest only -- only guest -- only user -- allow hosts -- deny hosts -- preload modules -- use kerberos keytab -- syslog -- syslog only -- max log size -- debug timestamp -- timestamp logs -- debug hires timestamp -- debug pid -- debug uid -- allocation roundup size -- aio read size -- aio write size -- aio write behind -- large readwrite -- protocol -- read bmpx -- reset on zero vc -- acl compatibility -- defer sharing violations -- ea support -- nt acl support -- nt pipe support -- profile acls -- map acl inherit -- afs share -- max ttl -- client use spnego -- enable asu support -- svcctl list -- block size -- change notify timeout -- deadtime -- getwd cache -- keepalive -- kernel change notify -- lpq cache time -- max smbd processes -- max disk size -- max open files -- min print space -- strict allocate -- sync always -- use mmap -- use sendfile -- hostname lookups -- write cache size -- name cache timeout -- max reported print jobs -- load printers -- printcap cache time -- printcap name -- printcap -- printing -- cups options -- cups server -- iprint server -- print command -- disable spoolss -- enable spoolss -- lpq command -- lprm command -- lppause command -- lpresume command -- queuepause command -- queueresume command -- enumports command -- addprinter command -- deleteprinter command -- show add printer wizard -- os2 driver map -- use client driver -- default devmode -- force printername -- mangling method -- mangle prefix -- default case -- case sensitive -- casesignames -- preserve case -- short preserve case -- mangling char -- hide dot files -- hide special files -- hide unreadable -- hide unwriteable files -- delete veto files -- veto files -- hide files -- veto oplock files -- map readonly -- mangled names -- mangled map -- max stat cache size -- stat cache -- store dos attributes -- machine password timeout -- add user script -- rename user script -- delete user script -- add group script -- delete group script -- add user to group script -- delete user from group script -- set primary group script -- add machine script -- shutdown script -- abort shutdown script -- username map script -- logon script -- logon path -- logon drive -- logon home -- domain logons -- os level -- lm announce -- lm interval -- domain master -- browse list -- enhanced browsing -- wins proxy -- wins hook -- wins partners -- blocking locks -- fake oplocks -- kernel oplocks -- locking -- lock spin count -- lock spin time -- level2 oplocks -- oplock break wait time -- oplock contention limit -- posix locking -- share modes -- ldap server -- ldap port -- ldap admin dn -- ldap delete dn -- ldap group suffix -- ldap idmap suffix -- ldap machine suffix -- ldap passwd sync -- ldap password sync -- ldap replication sleep -- ldap suffix -- ldap ssl -- ldap timeout -- ldap page size -- ldap user suffix -- add share command -- change share command -- delete share command -- eventlog list -- utmp directory -- wtmp directory -- utmp -- default service -- default -- message command -- dfree cache time -- dfree command -- get quota command -- set quota command -- remote announce -- remote browse sync -- homedir map -- afs username map -- afs token lifetime -- log nt token command -- time offset -- NIS homedir -- preexec -- exec -- preexec close -- postexec -- root preexec -- root preexec close -- root postexec -- set directory -- wide links -- follow symlinks -- dont descend -- magic script -- magic output -- delete readonly -- dos filemode -- dos filetimes -- dos filetime resolution -- fake directory create times -- panic action -- vfs objects -- vfs object -- msdfs root -- msdfs proxy -- host msdfs -- enable rid algorithm -- passdb expand explicit -- idmap backend -- idmap uid -- winbind uid -- idmap gid -- winbind gid -- template homedir -- template shell -- winbind separator -- winbind cache time -- winbind enum users -- winbind enum groups -- winbind use default domain -- winbind trusted domains only -- winbind nested groups -- winbind max idle children -- winbind nss info - -The following parameters have been added: -+ rpc big endian (G) - Make Samba fake it is running on a bigendian machine when using DCE/RPC. - Useful for debugging. - - Default: no - -+ case insensitive filesystem (S) - Set to true if this share is located on a case-insensitive filesystem. - This disables looking for a filename by trying all possible combinations of - uppercase/lowercase characters and thus speeds up operations when a - file cannot be found. - - Default: no - -+ setup directory - Path to data used by provisioning script. - - Default: Set at compile-time - -+ ncalrpc dir - Directory to use for UNIX sockets used by the 'ncalrpc' DCE/RPC transport. - - Default: Set at compile-time - -+ ntvfs handler - Backend to the NT VFS to use (more than one can be specified). Available - backends include: - - - posix: - Maps POSIX FS semantics to NT semantics - - - simple: - Very simple backend (original testing backend). - - - unixuid: - Sets up user credentials based on POSIX gid/uid. - - - cifs: - Proxies a remote CIFS FS. Mainly useful for testing. - - - nbench: - Filter module that saves data useful to the nbench benchmark suite. - - - ipc: - Allows using SMB for inter process communication. Only used for - the IPC$ share. - - - print: - Allows printing over SMB. This is LANMAN-style printing (?), not - the be confused with the spoolss DCE/RPC interface used by later - versions of Windows. - - Default: unixuid default - -+ ntptr providor - FIXME - -+ dcerpc endpoint servers - What DCE/RPC servers to start. - - Default: epmapper srvsvc wkssvc rpcecho samr netlogon lsarpc spoolss drsuapi winreg dssetup - -+ server services - Services Samba should provide. - - Default: smb rpc nbt wrepl ldap cldap web kdc - -+ spoolss database - Spoolss (printer) DCE/RPC server database. This should be a LDB URL. - - Default: set at compile-time - -+ wins config database - WINS configuration database location. This should be a LDB URL. - - Default: set at compile-time - -+ wins database - WINS database location. This should be a LDB URL. - - Default: set at compile-time - -+ client use spnego principal - Tells the client to use the Kerberos service principal specified by the - server during the security protocol negotation rather than - looking up the principal itself (cifs/hostname). - - Default: false - -+ nbt port - TCP/IP Port used by the NetBIOS over TCP/IP (NBT) implementation. - - Default: 137 - -+ dgram port - UDP/IP port used by the NetBIOS over TCP/IP (NBT) implementation. - - Default: 138 - -+ cldap port - UDP/IP port used by the CLDAP protocol. - - Default: 389 - -+ krb5 port - IP port used by the kerberos KDC. - - Default: 88 - -+ kpasswd port - IP port used by the kerberos password change protocol. - - Default: 464 - -+ web port - TCP/IP port SWAT should listen on. - - Default: 901 - -+ tls enabled - Enable TLS support for SWAT - - Default: true - -+ tls keyfile - Path to TLS key file (PEM format) to be used by SWAT. If no - path is specified, Samba will create a key. - - Default: none - -+ tls certfile - Path to TLS certificate file (PEM format) to be used by SWAT. If no - path is specified, Samba will create a certificate. - - Default: none - -+ tls cafile - Path to CA authority file Samba will use to sign TLS keys it generates. If - no path is specified, Samba will create a self-signed CA certificate. - - Default: none - -+ tls crlfile - Path to TLS certificate revocation lists file. - - Default: none - -+ swat directory - SWAT data directory. - - Default: set at compile-time - -+ large readwrite - Indicate the CIFS server is able to do large reads/writes. - - Default: true - -+ unicode - Enable/disable unicode support in the protocol. - - Default: true |