blob: 23885c7723f1576e62bd030c48baa30794a1137d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
|
WHATS NEW IN Samba 3.0 alpha24
14th May 2003
==============================
This is a pre-release of Samba 3.0. This is NOT a stable release.
Use at your own risk.
The purpose of this alpha release is to get wider testing of the major
new pieces of code in the current Samba 3.0 development tree. We have
officially ceased development on the 2.2.x release of Samba and are
concentrating on Samba 3.0. To reduce the time before the final Samba 3.0
release we need as many people as possible to start testing these alpha
releases, and hopefully giving us some high quality feedback on what needs
fixing.
Note that Samba 3.0 is not feature complete yet. There is a more
coding we have planned, but unless we get what we have done already more
widely tested we will have a hard time doing a stable release in a
reasonable time frame.
Major new features:
-------------------
- Active Directory support. This release is able to join a ADS realm
as a member server and authenticate users using LDAP/kerberos.
- Unicode support. Samba will now negotiate UNICODE on the wire and
internally there is now a much better infrastructure for multi-byte
and UNICODE character sets.
- New authentication system. The internal authentication system has
been almost completely rewritten. Most of the changes are internal,
but the new auth system is also very configurable.
- new filename mangling system. The filename mangling system has been
completely rewritten. An internal database now stores mangling maps
persistently. This needs lots of testing.
- new "net" command. A new "net" command has been added. It is
somewhat similar to the "net" command in windows. Eventually we plan
to replace a bunch of other utilities (such as smbpasswd) with
subcommands in "net", at the moment only a few things are
implemented.
- Samba now negotiates NT-style status32 codes on the wire. This
improves error handling a lot.
- better w2k printing support including publishing printer
attributes in active directory
- new loadable RPC modules
- new dual-daemon winbindd support for better performance
- support for migrating from a Windows NT 4.0 domain
- support for establishing trust relationships with Windows NT 4.0
domain controllers
Plus lots of other changes!
Reporting bugs & Development Discussion
---------------------------------------
Please discuss this release on the samba-technical mailing list or by
joining the #samba-technical IRC channel on irc.freenode.net.
If you do report problems then please try to send high quality
feedback. If you don't provide vital information to help us track down
the problem then you will probably be ignored.
Changes in alpha23:
-------------------
LDAP Schema Changes
-------------------
A new objectclass (sambaSamAccount) has been introduced to replace the old
sambaAccount. This change aids us in the renaming of attributes to prevent
clashes with attributes from other vendors. There is a conversion script
(examples/LDAP/convertSambaAccount) to modify and LDIF file to the new schema.
Example:
$ ldapsearch .... -b "ou=people,dc=..." > old.ldif
$ convertSambaAccount <DOM SID> old.ldif new.ldif
The <DOM SID> can be obtained by running 'net getlocalsid <DOMAINNAME>'
on the Samba PDC as root.
The sambaDomain and sambaGroupMapping objects have also been modified
to use the new attribute naming conventions as well. There are no
conversion scripts for this data since the old schema was never published
in a stable release.
The old sambaAccount schema may still be used by specifying the
"ldapsam_compat" passdb backend.
Parameters
----------
Removed Parameters
* total print jobs
Known Issues
------------
The following are known issues with this release and will be corrected
in future versions:
1) Automatically generating accounts for users and groups from
trusted domains when Samba is acting as a PDC
2) Maintaining idmap ID's in a LDAP directory in order to implement
a distributed winbind solution
ChangeLog
---------
See cvs log for SAMBA_3_0 for complete details. There are many
smaller numerous changes that would clutter the release notes.
1) Fix policy handle leak and crash bug in rpc printing code
2) Changed the order of checking whether a SID is a UID or a GID
in posix acls
3) Merge of winbind nss cleanup from HEAD branch
4) Inclusion of idmap backend for mapping SIDs to uids/gids
5) Fix for very subtle POSIX lock interaction race condition
6) Re-fix close of delete semantics
7) Inclusion of schannel functionality (merged from SAMBA_TNG)
8) Remove unixsam passdb
9) Add debugging code to decode the Win2k PAC
10) Very large amounts of documentation fixes (including the move from
SGML->XML DocBook)
11) Fix support for local_password_change() in pam_smbpass
12) Ensure we have WinXP-like semantics for checking TIDs and FIDs
13) More print job change notify fixes
14) Handle deep referrals in MS-DFS code
15) Add echo named pipe for testing purposes
16) Workaround streams leak on SCO openserver 5.0.x
17) Lots of popt changes to command line tools
18) Use the new modules system for passdb (merge from HEAD)
19) Inclusion of editreg.c for editing Windows NT+registry files off line
20) Fix byte ordering when using CIDR notation in hosts allow/deny (again)
21) Replace smbgroupedit tool with 'net groupmap'
22) Merge SMB Signing, NTLMv2 and NTLMSSP fixes from HEAD branch
23) Merge of trusted domain code from HEAD branch
24) Fix up crashes in lanman printing code (e.g. disable spoolss = yes)
25) Store the IP address in the utmp record when possible
26) Fix bug in FindFirst code and OS/2 clients
27) Fix local master browsing bug when synchronizing browse lists
28) Fix browse synchronization when primary interface is no listed
in the interfaces list and "bind interfaces only" is enabled.
29) removed ldapsam_nua and tdbsam_nua passdb backends (replaced by idmap)
30) Include support for storing next rid value in LDAP using a
sambaDomain object
31) Removed "printing = SOFTQ" option
32) Fix winbindd dual mode
33) Revert from wins.tdb back to wins.dat (flat text file)
34) More Trust relationship fixes
35) More quota fixes (including server support for NT quota info levels)
|