diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 4b20449d100..dd5b1856e14 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,28 +1,24 @@ - WHATS NEW IN 1.9.18alpha12 Nov 27th 1997 + WHATS NEW IN 1.9.18alpha13 Dec 15th 1997 ======================================== This is NOT a production release of Samba code. For production servers please run Samba 1.9.17p4 or later releases in the 1.9.17 series. -This release contains some experimental features and -changes and is being made available so people can -test and provide feedback and patches for ongoing -Samba development. +In this release (1.9.18alpha13) the Domain controller +code should not be turned on. The Domain controller +code stream is now being developed in a separate code +development branch. To participate in this important +work, send an email to : -Please note that only the Domain controller code -is truly experimental. The other changes have -been extensively tested and are of the same -quality as normal Samba alpha releases. The -Domain controller code is disabled in the Makefile -by default and is being made available to Samba -programmers in the interests of advancing a -public implementation of this important protocol. +samba-bugs@samba.anu.edu.au + +to get instructions on how to gain access to +the latest Domain controller code. This release contains three major changes to the 1.9.17 series and much re-written code. - The main changes are : 1). Oplock support now operational. @@ -36,42 +32,37 @@ makes locally, and greatly improves performance. Windows NT has this feature and prior to this release this was one of the reasons Windows NT -could be faster in some situations. +could be faster in some situations. Samba has +now been benchmarked as out performing Windows +NT on equivalently priced hardware. The oplock code in Samba has been extensively tested and is believed to be completely stable. Please report any problems to the samba-bugs alias. +2). NetBIOS name daemon re-written. +----------------------------------- -2). Experimental Primary Domain controller code. ------------------------------------------------- +The old nmbd that has caused some users problems +has now been completely re-written and now is +much easier to maintain and add changes to. -Samba now contains a *VERY* experimental client and -server implementation of part of the Windows NT -4.x Domain Controller specification, as -published by Paul Ashton (now a Samba Team -member). - -This code is not enabled in the Makefile by default, -and to work on this code you must read the file : - - docs/NTDOMAIN.txt - -Please note that as this code is not complete, -it is being made available as part of this release -to allow interested parties to contribute and help -the Samba Team in documenting and implementing -this important feature. - -Please do not expect to be able to replace your -NT Domain Controllers with Samba until this code -is finished, tested and an announcement is made. - -At present the Domain Controller code is for -programmers and people interested in Microsoft -protocols only. +Changes include support for multi-homed hosts +in the same way as an NT Server with multiple +IP interfaces behaves (registers with the WINS +server as a multi-homed name type), and also +support for multi-homed name registration in +the Samba WINS server. Another added feature +is robustness in the face of WINS server failure, +nmbd will now keep trying to contact the WINS +server until it is successful, in the same +way as an NT Server. +Also in this release is an implementation +of the Lanman announce protocol used by +OS/2 clients. Thanks to Jacco de Leeuw for +this code. 3). New Internationalization support. ------------------------------------- @@ -108,24 +99,39 @@ may now be used without recompiling. Much of the internals of Samba has been re-structured to support the oplock and Domain controller changes. -The WINS client and WINS server capabilities in nmbd -are also being restructured, to make it easier to -understand and maintain. - Samba supports the NT 3.51 and 4.0 Domain Authentication Protocol to a degree sufficient to download Profiles to an NT 3.51 or 4.0 Workstation ("Welcome to the SAMBA Domain"). -There is also code in smbclient to generate the same -requests as an NT Workstation would when doing an NT -Domain Logon. This has only been tested against a Samba -"Experimental" PDC so far. +An implementation of the Windows 95 automatic printer +driver installation has been added to smbd. To use this +new feature please read the document: + +docs/PRINTER_DRIVER.txt + +Thanks to Jean-Francois Micouleau for this new code. + +Printer support on System V systems (notably Solaris) +has been improved with the addition of code generously +donated by Norm Jacobs of Sun Microsystems. Sun have +also made a Solaris SPARC workstation available to the +Samba Team to aid in their porting efforts. + +Samba now contains an implementation of share modes +using System V shared memory as well as the mmap() +based code. This was done to allow the 'FAST_SHARE_MODES' +to be used on more systems (especially HPUX 9.x) that +have System V shared memory, but not the mmap() call. + +The System V shared memory code is used by default on +many systems as it has benchmarked as faster on many +systems. Some of the new parameters for NT Domain Logons and Profile support are now also used by the Win95 Domain Logons and Profile support. -The Automount code has been slightly reshuffled, such +The Automount code has been slightly re-shuffled, such that the home directory (and profile location) can be specified by \\%N\homes and \\%N\homes\profiles respectively, which are the defaults for these values. @@ -135,49 +141,30 @@ you will need to be running Samba on the user's home server as well as the one they just logged in on. The RPC Domain code has been moved into a separate directory -rpc_pipe/, and a GLPL License issued specifically for code +rpc_pipe/, and a LGPL License issued specifically for code in this directory. This is so that people can use this code in other projects. -New workstation accounts are added to the smbpasswd file, -when a user first logs in from that workstation. The -default machine password is used. NTDOMAIN.txt has been -updated to reflect this (you used to have to add workstation -accounts manually). - -The "domain hosts allow/deny" parameters have been added -to control access to the domain from specific workstations. - - New parameters in smb.conf. --------------------------- New Global parameters. ---------------------- -Documented in the smb.conf man pages : +Documented in the smb.con man pages : "bind interfaces only" - "username level" - "domain hosts allow" - "domain hosts deny" - - "domain sid" - "domain groups" + "lm announce" + "lm interval" "logon drive" "logon home" + "min wins ttl" + "max wins ttl" -Not yet documented in the smb.conf man page, please -read docs/NTDOMAIN.txt or examine the source code for -information on the next parameters : - - "domain other sids" - "domain admin users" - "domain guest users" - + "username level" New Share level parameters. --------------------------- diff --git a/docs/manpages/smb.conf.5 b/docs/manpages/smb.conf.5 index 74167a738ae..44620e0cbb4 100644 --- a/docs/manpages/smb.conf.5 +++ b/docs/manpages/smb.conf.5 @@ -362,24 +362,12 @@ dfree command dns proxy -domain allow hosts - domain controller -domain deny hosts - -domain group - -domain hosts allow - -domain hosts deny - domain logons domain master -domain sid - encrypt passwords getwd cache @@ -1269,53 +1257,6 @@ logons from Win95 machines to. You should never need to set this parameter. .B Default: domain controller = no -.SS domain groups (G) - -Specifies the NT Domain groups that the user belongs to, and the attributes -associated with that group. This parameter is a white-space separated list -of group ids (in decimal), followed by an option attribute (in decimal) which -defaults to a value of 7 if not specified. A group id and the user attributes -associated with it are separated by "/". - -.B -It is known that attributes are ignored by NT 4.0 Workstation, but not by -NT 3.51 Workstation. Furthermore, no information on the exact meaning of -NT Domain groups is presently known. - -.B Default: - domain groups = 776/7 - -.B Example: - domain groups = 776 1024/7 777 - -.SS domain hosts allow (G) -A synonym for this parameter is 'domain allow hosts'. - -This parameter is a comma delimited set of hosts which are permitted to access -a Domain. - -Note that access still requires suitable user-level passwords for the Domain. -See 'allow hosts' for a description of the syntax of this parameter. - -.B Default: - none (i.e., all hosts permitted login access to the domain) - -.B Example: - domain hosts allow = 150.203.5. myhost.mynet.edu.au - -.SS domain hosts deny (G) -A synonym for this parameter is 'domain deny hosts'. - -The opposite of 'domain hosts deny' - hosts listed here are NOT permitted -to Login to the Domain from those NT Workstations. Where the lists conflict, -the 'allow' list takes precedence. - -.B Default: - none (i.e., no hosts specifically excluded login access to the domain) - -.B Example: - domain hosts deny = guest_wksta 150.203.4. badhost.mynet.edu.au - .SS domain logons (G) If set to true, the Samba server will serve Windows 95 domain logons @@ -1337,18 +1278,6 @@ broadcast-isolated subnet. .B Default: domain master = no -.SS domain sid (G) - -Specifies the SID when using Samba as a Logon Server for NT Workstations. -The format of SIDs supported by samba at present is S-1-N-nnn-nnn-nnn-nnn-nnn. -The number N indicates the number of sub-authorities (nnn). - -.B Default: - domain sid = none - -.B Example: - domain sid = S-1-5-21-123-456-789-123 - .SS dont descend (S) There are certain directories on some systems (eg., the /proc tree under Linux) that are either not of interest to clients or are infinitely deep diff --git a/source3/nmbd/nmbd_become_lmb.c b/source3/nmbd/nmbd_become_lmb.c index 6496a2f9e58..6dcd61d76c1 100644 --- a/source3/nmbd/nmbd_become_lmb.c +++ b/source3/nmbd/nmbd_become_lmb.c @@ -544,6 +544,11 @@ void set_workgroup_local_master_browser_name( struct work_record *work, char *ne DEBUG(5,("set_workgroup_local_master_browser_name: setting local master name to '%s' \ for workgroup %s.\n", newname, work->work_group )); +#if 0 + /* + * Apparently some sites use the workgroup name as the local + * master browser name. Arrrrggghhhhh ! (JRA). + */ if(strequal( work->work_group, newname)) { DEBUG(5, ("set_workgroup_local_master_browser_name: Refusing to set \ @@ -551,6 +556,7 @@ local_master_browser_name for workgroup %s to workgroup name.\n", work->work_group )); return; } +#endif StrnCpy(work->local_master_browser_name, newname, sizeof(work->local_master_browser_name)-1); diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 277430ecc44..47faefc571a 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -471,6 +471,7 @@ static struct parm_struct {"passwd chat", P_STRING, P_GLOBAL, &Globals.szPasswdChat, NULL, NULL}, {"valid chars", P_STRING, P_GLOBAL, &Globals.szValidChars, handle_valid_chars, NULL}, {"workgroup", P_USTRING, P_GLOBAL, &Globals.szWorkGroup, NULL, NULL}, +#ifdef NTDOMAIN {"domain sid", P_USTRING, P_GLOBAL, &Globals.szDomainSID, NULL, NULL}, {"domain other sids",P_STRING, P_GLOBAL, &Globals.szDomainOtherSIDs, NULL, NULL}, {"domain groups", P_STRING, P_GLOBAL, &Globals.szDomainGroups, NULL, NULL}, @@ -481,6 +482,7 @@ static struct parm_struct {"domain allow hosts",P_STRING, P_GLOBAL, &Globals.szDomainHostsallow, NULL, NULL}, {"domain hosts deny", P_STRING, P_GLOBAL, &Globals.szDomainHostsdeny, NULL, NULL}, {"domain deny hosts", P_STRING, P_GLOBAL, &Globals.szDomainHostsdeny, NULL, NULL}, +#endif /* NTDOMAIN */ {"username map", P_STRING, P_GLOBAL, &Globals.szUsernameMap, NULL, NULL}, {"character set", P_STRING, P_GLOBAL, &Globals.szCharacterSet, handle_character_set, NULL}, {"logon script", P_STRING, P_GLOBAL, &Globals.szLogonScript, NULL, NULL}, @@ -898,6 +900,7 @@ FN_GLOBAL_STRING(lp_announce_version,&Globals.szAnnounceVersion) FN_GLOBAL_STRING(lp_netbios_aliases,&Globals.szNetbiosAliases) FN_GLOBAL_STRING(lp_driverfile,&Globals.szDriverFile) +#ifdef NTDOMAIN FN_GLOBAL_STRING(lp_domain_sid,&Globals.szDomainSID) FN_GLOBAL_STRING(lp_domain_other_sids,&Globals.szDomainOtherSIDs) FN_GLOBAL_STRING(lp_domain_groups,&Globals.szDomainGroups) @@ -905,7 +908,7 @@ FN_GLOBAL_STRING(lp_domain_admin_users,&Globals.szDomainAdminUsers) FN_GLOBAL_STRING(lp_domain_guest_users,&Globals.szDomainGuestUsers) FN_GLOBAL_STRING(lp_domain_hostsallow,&Globals.szDomainHostsallow) FN_GLOBAL_STRING(lp_domain_hostsdeny,&Globals.szDomainHostsdeny) - +#endif /* NTDOMAIN */ FN_GLOBAL_BOOL(lp_dns_proxy,&Globals.bDNSproxy) FN_GLOBAL_BOOL(lp_wins_support,&Globals.bWINSsupport)