2003-03-31 06:29:19 +04:00
WHATS NEW IN Samba 3.0 alpha23
31st March 2003
2003-03-04 22:18:23 +03:00
==============================
2002-11-26 22:11:22 +03:00
2002-11-26 19:00:49 +03:00
This is a pre-release of Samba 3.0. This is NOT a stable release.
Use at your own risk.
2001-11-30 04:38:49 +03:00
The purpose of this alpha release is to get wider testing of the major
2003-03-31 06:21:37 +04:00
new pieces of code in the current Samba 3.0 development tree. We have
officially ceased development on the 2.2.x release of Samba and are
concentrating on Samba 3.0. To reduce the time before the final Samba 3.0
release we need as many people as possible to start testing these alpha
releases, and hopefully giving us some high quality feedback on what needs
2002-11-26 19:00:49 +03:00
fixing.
Note that Samba 3.0 is not feature complete yet. There is a more
2003-03-31 06:21:37 +04:00
coding we have planned, but unless we get what we have done already more
widely tested we will have a hard time doing a stable release in a
2002-11-26 19:00:49 +03:00
reasonable time frame.
2001-11-30 04:38:49 +03:00
Major new features:
-------------------
- Active Directory support. This release is able to join a ADS realm
2003-03-31 06:21:37 +04:00
as a member server and authenticate users using LDAP/kerberos.
2001-11-30 04:38:49 +03:00
2002-11-27 05:51:29 +03:00
- Unicode support. Samba will now negotiate UNICODE on the wire and
internally there is now a much better infrastructure for multi-byte
and UNICODE character sets.
2001-11-30 04:38:49 +03:00
- New authentication system. The internal authentication system has
been almost completely rewritten. Most of the changes are internal,
2003-03-31 06:21:37 +04:00
but the new auth system is also very configurable.
2001-11-30 04:38:49 +03:00
- new filename mangling system. The filename mangling system has been
completely rewritten. An internal database now stores mangling maps
2002-11-27 05:51:29 +03:00
persistently. This needs lots of testing.
2001-11-30 04:38:49 +03:00
- new "net" command. A new "net" command has been added. It is
somewhat similar to the "net" command in windows. Eventually we plan
to replace a bunch of other utilities (such as smbpasswd) with
subcommands in "net", at the moment only a few things are
implemented.
- Samba now negotiates NT-style status32 codes on the wire. This
improves error handling a lot.
2003-03-04 22:18:23 +03:00
- better w2k printing support including publishing printer
attributes in active directory
- new loadable RPC modules
- new dual-daemon winbindd support for better performance
2003-03-31 06:21:37 +04:00
- support for migrating from a Windows NT 4.0 domain
2003-03-04 22:18:23 +03:00
- support for establishing trust relationships with Windows NT 4.0
domain controllers
2001-11-30 04:38:49 +03:00
Plus lots of other changes!
Reporting bugs & Development Discussion
---------------------------------------
Please discuss this release on the samba-technical mailing list or by
2003-03-05 18:32:50 +03:00
joining the #samba-technical IRC channel on irc.freenode.net.
2001-11-30 04:38:49 +03:00
If you do report problems then please try to send high quality
feedback. If you don't provide vital information to help us track down
the problem then you will probably be ignored.
1997-10-24 18:36:10 +04:00
2002-11-26 19:00:49 +03:00
2003-03-31 06:21:37 +04:00
Changes in alpha23:
-------------------
LDAP Group Mapping
------------------
pdbedit -i -e sets all SAM_ACCOUNT elements to CHANGED to
satisfy the new pdb_ldap.c handling. pdbedit -g transfers group
mappings. I made this separate from the user database, as current
installations have to live with a split backend. So, if you are
running 3_0 alphas with LDAP as a backend and upgrade to 3.0alpha23,
you must call
root# pdbedit -i tdbsam -e ldapsam -g
to transfer your group mapping database to LDAP.
All groups must be represented as posixGroup objects in
the directory and adapt the LDAP schema to support the
sambaGroupMapping before running this command. Refer to
examples/LDAP/samba.schema for details on the objectclass.
Parameters
----------
Modified Parameters (see smb.conf(5) for details):
* passdb backend
Added Parameters
* ldap del only sam attr
* ldap delete dn
ChangeLog
---------
See cvs log for SAMBA_3_0 for complete details. There are many
smaller numerous changes that would clutter the release notes.
0) Include security fix from Samba 2.2.8
1) Fix interop bug in tconX on port 445 with Windows 2000
2) Interpret missing SMB_ACL_USER_OBJ, SMB_ACL_GROUP_OBJ, or
SMB_ACL_OTHER as "preserve current value" instead of attempting
to build one ourself.
3) Rearrange set_nt_acl() such that chown is only done before
setting ACLs if there is either no change of owning user, or
change of owning user is towards the current user. Otherwise
chown is done after setting ACLs.
4) Continuing work on NTLMSSP-based SMB signing
5) When opening an existing DB, don't require the hash_size
specified to the open call to be the same as that of the
existing tdb. The specified hash_size is only used if the
tdb needs to be (re)created.
6) Add support for "WinXP" and "Win2K3" client architectures.
7) Fixed the unmarshalling of the queryaliasmem SAMR call
8) Windows 2000 can take much longer than the specified time to
respond to a lock - so to make the torture tests valid I give
it a grace time of 10 seconds instead of 2
9) Continued work on string handling paranoia
10) Merge new statcache.c from HEAD
11) Add new 'net ads dn' option
12) Sync up SessionSetup code to HEAD, including Luke Howard's
session key and auth verifier patches
13) Work on cleaning up winbindd's mutex locking
14) Add support for LDAP based Windows group mapping
15) Improve LDAP update routines
16) Fix memory leaks found by Valgrind
17) Add a 'privileged' mode to Winbindd
18) Work around platforms that have broken getgrnam() implementations
19) Merge real time signal fixes for kernel oplock code from HEAD
20) fix CIDR hosts allow/deny notation
21) Fixup tcon&X server responses and error codes
22) Set domain for users in passdb created by "net rpc vampire"
2003-03-31 06:36:31 +04:00
23) More scalable printing updates
2003-03-31 06:21:37 +04:00
===============================
Changes in older alpha releases follow:
---------------------------------------------------------------------
2002-11-26 22:11:22 +03:00
2003-03-04 22:18:23 +03:00
Changes in alpha22:
-------------------
2002-11-26 19:00:49 +03:00
2003-03-04 22:18:23 +03:00
Added Parameters
2002-11-26 19:00:49 +03:00
2003-03-04 22:18:23 +03:00
* client NTLMv2 auth
* client lanman auth
* client signing
* client use spnego
* max reported print jobs
* msdfs proxy
2002-11-27 05:51:29 +03:00
2003-03-04 22:18:23 +03:00
1) remove the global_myname string and replace with wrapper function
global_myname()
2) create vfs/ and pdb/ subdirectories for library installs
3) Fixup of ordered cleanup of get_dc_list()
4) Added more autoconf tests for Stratus VOS
2003-03-31 06:21:37 +04:00
5) Fixed nasty bug where file writes with start offsets in the
range 0x80000000 -> 0xFFFFFFFF would fail as they were being cast
from IVAL (uint32) to SMB_OFF_T (off_t or off64_t, both *signed*
types). The sign extension would cause the offset to be treated
2003-03-04 22:18:23 +03:00
as negative.
6) Add support to automatically retrieve the dns host name and domain
name of an AD server
7) Add support for PRINTER_INFO_7 and publishing printer attributes
in active directory
8) Fix for 64 bit issues with oplocks and allocation size
2003-03-31 06:21:37 +04:00
9) Remove assert(count ==1) for multi-homed PDCs when resolving
2003-03-04 22:18:23 +03:00
DOMAIN<0x1b>
2003-03-31 06:21:37 +04:00
10) Ensure that change_trust_account_password() always talks to
2003-03-04 22:18:23 +03:00
the PDC
11) Add some docs on CUPS printing
12) Fix rpcclient querygroup command
13) The _abs time functions should not be converting from/to GMT
14) Fix broken incremental tar in smbclient
15) Adding supporting code for better testing using Valgrind
16) Fix for old DOS client when veto files is set to /.*/
17) Add win32 utility to query driver capabilities to publish
(examples/printing/prtpub.c)
2003-03-31 06:21:37 +04:00
18) Fix memory leak when constructing an driver_level_6 structure and
no dependent files
2003-03-04 22:18:23 +03:00
19) Add some friendly versions of NT_STATUS codes
20) Protect nmbd against malformed reply packets
21) Removal of unpopular winbind client environment variable
2003-03-31 06:21:37 +04:00
22) Add msdfs proxy functionality; a CIFS share can directly be a
stand-in for another share, and when clients connect to the first
2003-03-04 22:18:23 +03:00
share, they will be redirected to the proxied share
23) Make Samba compile cleanly with -Wwrite-strings
24) Add new timegm() that actually works on solaris
25) Add support for running smbd, nmbd, & winbindd under the daemontools
package
2003-03-31 06:21:37 +04:00
26) Move user password changes into the NTSTATUS era, and add support
2003-03-04 22:18:23 +03:00
for the 'min password age' and 'min passwd len' concepts
27) Add new gencache based namecache code
28) Add profiles utility support to Samba 3.0.x
29) Fix open problem with changing attributes on an existing file
2003-03-04 22:22:54 +03:00
30) Efficiency fixes for internal messaging system
2003-03-04 22:18:23 +03:00
31) Make sure to update print queue cache during timeout_processing()
to send notify events
32) Make -i flag work like it did in 2.2
33) Merge some rpcclient and net functionality from HEAD
34) Add support for compiling with Heimdal kerberos libraries
35) Connect to the actual netbios name in smb.conf and not LOCALHOST
36) Add support for CUPS-PRINTER_CLASS
37) Add ntlm_auth tool and update NTLMSSP support
38) require Autoconf 2.53 and remove configure from CVS
39) Check for too many processes *before* the fork
2003-03-31 06:21:37 +04:00
40) Fix delete on close semantics to match W2K.
41) merge desired_access for open_printer_ex from HEAD, allowing
2003-03-04 22:18:23 +03:00
cupsaddsmb to work again!
2003-03-04 22:22:54 +03:00
42) Add support for dynamic RPC modules
2003-03-31 06:21:37 +04:00
43) wrap all cm_get_XX calls and their subsequent requests in a retry loop
in case we've temporarily lost connection to the DC. Makes winbindd
2003-03-04 22:18:23 +03:00
more reliable
44) Optimize user_ok() and user_in_group() when verifying group membership
45) Add NTLMv2 client code (that works) and some SMB signing fixes
46) Add caching of PRINTER_INFO_2 structures to open printer handles
47) Add 1/3 second delay in OpenPrinter() reply to trigger a LAN/WAN
optimization in Windows 2000 clients
48) Add "WinXP" to the possible values of the %a variable
2003-03-31 06:21:37 +04:00
49) Fix to allow blocking lock notification to be done rapidly (no wait for
smb -> smb lock release). Adds new PENDING_LOCK type to lockdb (does
2003-03-04 22:18:23 +03:00
not interfere with existing locks)
2003-03-31 06:21:37 +04:00
50) Limit the unix domain sockets used by winbindd (also solves FD_SETSIZE
2003-03-04 22:18:23 +03:00
problem in winbindd to boot !). Adds a "last_access" field to winbindd
2003-03-31 06:21:37 +04:00
connections, and will close the oldest idle connection once the number
of open connections goes over WINBINDD_MAX_SIMULTANEOUS_CLIENTS (defined
2003-03-04 22:18:23 +03:00
in local.h as 200 currently)
51) Limit the number of print jobs returned in EnumJobs()
2002-11-26 19:00:49 +03:00