mirror of
https://github.com/samba-team/samba.git
synced 2024-12-25 23:21:54 +03:00
178 lines
7.1 KiB
Plaintext
178 lines
7.1 KiB
Plaintext
What's new in Samba 4 alpha13
|
|
=============================
|
|
|
|
Samba 4 is the ambitious next version of the Samba suite that is being
|
|
developed in parallel to the stable 3.x series. The main emphasis in
|
|
this branch is support for the Active Directory logon protocols used
|
|
by Windows 2000 and above.
|
|
|
|
Samba4 alpha13 follows on from the alpha release series we have been
|
|
publishing since September 2007. Since this file has referred to alpha 12
|
|
for a while before any release happened and since Debian packages
|
|
have been published that presumed the existance of a alpha12 release
|
|
we are skipping alpha12 and going straight to alpha13.
|
|
|
|
WARNINGS
|
|
========
|
|
|
|
Samba4 alpha13 is not a final Samba release. That is more a reference
|
|
to Samba4's lack of the features we expect you will need than a
|
|
statement of code quality, but clearly it hasn't seen a broad
|
|
deployment yet. If you were to upgrade Samba3 (or indeed Windows) to
|
|
Samba4, you would find many things work, but that other key features
|
|
you may have relied on simply are not there yet.
|
|
|
|
For example, while Samba 3 is an excellent member of a Active
|
|
Directory domain, Samba4 is happier as a domain controller, and it is
|
|
in this role where it has seen deployment into production.
|
|
|
|
Samba4 is subjected to an awesome battery of tests on an
|
|
automated basis, we have found Samba4 to be very stable in it's
|
|
behaviour. We have to recommend against upgrading production servers
|
|
from Samba 3 to Samba 4 at this stage, because there may be the features on
|
|
which you may rely that are not present, or the mapping of
|
|
your configuration and user database may not be complete.
|
|
|
|
If you are upgrading, or looking to develop, test or deploy Samba4, you should
|
|
backup all configuration and data.
|
|
|
|
NEW FEATURES
|
|
============
|
|
|
|
Samba4 supports the server-side of the Active Directory logon environment
|
|
used by Windows 2000 and later, so we can do full domain join
|
|
and domain logon operations with these clients.
|
|
|
|
Our Domain Controller (DC) implementation includes our own built-in
|
|
LDAP server and Kerberos Key Distribution Center (KDC) as well as the
|
|
Samba3-like logon services provided over CIFS. We correctly generate
|
|
the infamous Kerberos PAC, and include it with the Kerberos tickets we
|
|
issue.
|
|
|
|
The new VFS features in Samba 4 adapts the filesystem on the server to
|
|
match the Windows client semantics, allowing Samba 4 to better match
|
|
windows behaviour and application expectations. This includes file
|
|
annotation information (in streams) and NT ACLs in particular. The
|
|
VFS is backed with an extensive automated test suite.
|
|
|
|
A new scripting interface has been added to Samba 4, allowing
|
|
Python programs to interface to Samba's internals.
|
|
|
|
The Samba 4 architecture is based around an LDAP-like database that
|
|
can use a range of modular backends. One of the backends supports
|
|
standards compliant LDAP servers (including OpenLDAP), and we are
|
|
working on modules to map between AD-like behaviours and this backend.
|
|
We are aiming for Samba 4 to be powerful frontend to large
|
|
directories.
|
|
|
|
CHANGES SINCE alpha11
|
|
=====================
|
|
|
|
We have continued our commitment to provide a full DRS implementation for our
|
|
AD implementation and therefore achieved also this time big steps forward.
|
|
|
|
Our progress on DRS is being tracked in the Samba wiki:
|
|
http://wiki.samba.org/index.php/Samba4_DRS_TODO_List
|
|
|
|
Beside this the release includes (among a lot of other things):
|
|
|
|
* a new build system based on WAF
|
|
Andrew Tridgell (tridge) invested much time to bring this up. He achieved a
|
|
marvellous work which brings us faster building, easier management and smaller
|
|
binaries.
|
|
|
|
* enhancements in Samba4 winbind to provide a fairly good implementation of the
|
|
most important functions needed by "libnss_winbind" and "pam_winbind"
|
|
This two components allow a user/group mapping for Windows accounts on UNIX and
|
|
UNIX-like systems. Therefore also these accounts can be used to connect to
|
|
services as "ssh", "login", "Xsession" and so on.
|
|
More informations available at http://wiki.samba.org/index.php/Samba4/Winbind
|
|
and for winbind in general, "libnss_winbind" and "pam_winbind" in the Samba 3.X
|
|
documentation.
|
|
|
|
* server side NT ACLs manipulation
|
|
These can now also be set on the command line directly on the server. See
|
|
"net acl" for further informations.
|
|
|
|
* dynamic DNS updates
|
|
Up-to-date DNS entries are essential for Active Directory deployments. As for
|
|
the moment Samba4 isn't yet capable to interoperate with Microsofts AD DNS
|
|
server (regarding RPCs, ADs zone entries...) a kind of update script has been
|
|
developed. It also permits the update of the "grant" and "resource" lists.
|
|
|
|
* registry improvements
|
|
The registry code was reworked, improved and retested. This was achieved by the
|
|
new torture tests written by gd and some additional testing against Windows
|
|
("regedit" - Windows Registry Editor and "regedt32" - Windows NT Registry Editor).
|
|
Also some real bugs were fixed.
|
|
|
|
* new Kerberos HEIMDAL release
|
|
Andrew Bartlett (abartlet) imported a new release with various bugfixes
|
|
|
|
* DCE/RPC code unification work
|
|
Stefan Metzmacher (metze) started his work to unify these codebases between s3
|
|
and s4
|
|
|
|
* And much more
|
|
We always try to fix bugs and keep improving the (source) quality of our
|
|
program.
|
|
|
|
CHANGES
|
|
=======
|
|
|
|
Those familiar with Samba 3 can find a list of user-visible changes
|
|
since that release series in the NEWS file.
|
|
|
|
KNOWN ISSUES
|
|
============
|
|
|
|
- Domain member support is in it's infancy, and is not comparable to
|
|
the support found in Samba3.
|
|
|
|
- There is no printing support in the current release.
|
|
|
|
- There is no NetBIOS browsing support in the current release
|
|
|
|
- The Samba4 port of the CTDB clustering support is not yet complete
|
|
|
|
- Clock Synchronisation is critical. Many 'wrong password' errors are
|
|
actually due to Kerberos objecting to a clock skew between client
|
|
and server. (The NTP work in the previous alphas are partly to assist
|
|
with this problem).
|
|
|
|
- The DRS replication code often fails, and is very new
|
|
|
|
- Users upgrading existing databases to Samba4 should carefully
|
|
consult upgrading-samba4.txt. We have made a number of changes in
|
|
this release that should make it easier to upgrade in future.
|
|
Btw: there exists also a script under the "setup" directory of the
|
|
source distribution called "upgrade_from_s3" which should allow a step-up
|
|
from Samba3 to Samba4. It's not included yet in the binary distributions
|
|
since it's completely experimental!
|
|
|
|
RUNNING Samba4
|
|
==============
|
|
|
|
A short guide to setting up Samba 4 can be found in the howto.txt file
|
|
in root of the tarball.
|
|
|
|
DEVELOPMENT and FEEDBACK
|
|
========================
|
|
|
|
We need your help! Projects as Samba 4 live from the community feedback. If you
|
|
provide expressive bug reports, some documentation snippets on the wiki or some
|
|
real code patches - all is appreciated if it meets our quality criterias. Here
|
|
you can find further references:
|
|
|
|
Bugs can be filed at https://bugzilla.samba.org/ but please be aware
|
|
that many features are simply not expected to work at this stage.
|
|
|
|
The Samba Wiki at http://wiki.samba.org should detail some of these
|
|
development plans.
|
|
|
|
Development and general discussion about Samba 4 happens mainly on
|
|
the #samba-technical IRC channel (on irc.freenode.net) and
|
|
the samba-technical mailing list (see http://lists.samba.org/ for
|
|
details).
|
|
|