1 WHATS NEW IN Samba 3.0 alphaX
2 =============================
5 - Virtual registry framework with printing hooks (jerry)
6 - Heavy registry updates (jerry)
7 - Use 850 as the default DOS character set in smb.conf (tpot)
8 - printer fixes - removed encoding of queueid in job number (jra)
9 - A lot of small fixes (jra)
10 - Don't crash on setfileinfo on printer fsp(jra)
11 - fixed line buffer mode in XFILE(jra)
12 - update samba.schema from 2.2 (jerry,idra)
13 - Fix problem with oplock breaks and win2k -
14 noticed by Lev Iserovich <lev@ciprico.com> (jra)
15 - Update smbgroupedit to document -d - thanks to metze (abartlet)
16 - Support weird behaviour used by win9x pass-through auth (abartlet,tpot)
17 - Support for duplicating stderr in log files (abartlet)
18 - Move startup time initialisation to server.c (abartlet)
19 - *A lot* of fixes and cleanups (abartlet)
20 - Fix up compiler warnings (abartlet)
21 - Few small fixes (tpot)
22 - Renamed new_cli_netlogon_* -> cli_netlogon_* (tpot)
23 - Fixed segfault in net time when host is unavailable (tridge)
24 - Ensure to be root when opening printer backend tdb (jra)
25 - Merges from APPLIANCE_HEAD (tpot,jerry)
26 - configure updates (tridge)
27 - getgrouplist() updates (tridge)
28 - Support for pdbedit to query account policy values (abartlet)
29 - Allow one to create trusting domain account using smbpasswd (mimir,abartlet)
30 - 'Net rpc trustdom list' (mimir, abartlet)
31 - Fix fallback to anonymous connection (mimir, abartlet)
32 - Fix for pdb_ldap and OpenLDAP 2.1
33 - Added support in swat to determine whether winbind is running (idra)
34 - Add 'hide unwritable' option (idra)
35 - Correct pickup of [homes] share after subsequent session setups (abartlet)
36 - Update rebind code in pdb_ldap (abartlet)
37 - Add some info levels to RPC srvsvc code -
38 thanks to Nigel Williams" <nigel@veritas.com> (abartlet)
39 - Small doc fixes (tridge)
40 - good security patch from Timothy.Sell@unisys.com (tridge)
41 - fix minor nits in nmbd from adtam@cup.hp.com (tridge)
42 - make sure async dns nmbd child dies (tridge)
43 - interim fix for nmbd not registering DOMAIN#1b (tridge)
44 - fix for smbtar filename matching (tridge)
45 - Better quote handling in smb.conf (abartlet)
46 - Support browsers setting multiple languages in swat (idra)
47 - Changed str_list_make to be able to use a different separator string (idra)
48 - Samsync support to insert account info into the pdb (tpot)
49 - Don't hide unwritable dirs when 'hide unwritable' is enabled -
50 suggested by Alexander Oswald <oswald@is.haw-hamburg.de> (idra)
51 - Fix for handling sparse files in smbd (tridge)
52 - Merges from 2_2 (jerry)
53 - Minor printer fixes (jerry)
54 - Add some checks to SID lookup code (abartlet)
55 - Cascaded VFS (Alexander Bokovoy, idra)
56 - Some netbios-less connections support in ADS mode (tridge)
58 - Fix plaintext passwords with win2k (tridge)
59 - 'net ads info' reports IP of LDAP server (tridge)
60 - Add some more RPC functions (jmcd)
61 - Add 'smb ports = ' option (tridge)
62 - Various small fixes (tridge)
63 - Passdb security checks (abartlet)
64 - Large winbind updates (abartlet)
65 - Moved rpc client routines from libsmb to rpc_client (tpot)
66 - Few nmbd fixes (jmcd)
67 - Fix swat to handle new debug level code (idra)
68 - Fix name length bug in namequeries (tridge)
69 - Don't have client binaries depend on libs they don't use -
70 patch from Steve Langasek <vorlon@netexpress.net> (abartlet)
71 - Printing change notification (merged from HEAD_APPLIANCE) (jerry)
72 - fix delete printer driver (from HEAD_APPLIANCE) (jerry)
73 - Added pdb_xml and pdb_mysql (jelmer)
74 - Update pdb_test (jelmer)
75 - Fix security issues with %m (abartlet)
76 - Support for service joins from win2k AND use SPNEGO (jmcd)
77 - pdbedit -i and -e fix, add -b (idra)
78 - textdocs converted to sgml (jelmer, jerry)
79 - Merge netbios namecache code from APPLIANCE_HEAD (tpot)
80 - Fix segs in new NTLMSSP code (abartlet)
81 - Always make guest rid 501 (abartlet)
84 - huge number of changes! really too many to list ... (and its 1am
85 here, and I'm too tired)
86 See the cvs tree at http://build.samba.org/
90 - OpenLinux packaging updates (jht)
91 - Locking updates - fix zero timeout (tridge, jra)
92 - Default ACL support (jra, based on code from Olaf Frczyk <olaf@cbk.poznan.pl>)
93 - printing updates - spoolss stuff (tpot)
94 - 'make install' directory creation fixes (abartlet)
95 - Lots of fixes for SID handling, local v domain sids etc
96 - better mangle debugging (abartlet)
97 - fixes to allow 'net' to return more than 1000 users from ADS (jmcd)
98 - winbind support to come very shortly
99 - lock some more tdbs to allow concurrent access for backups
100 - 'net' help cleanups (jmcd)
101 - 'net join' automatic transport detection
104 - LDAP schema updates (jerry)
105 - initial ADS LDAP printer advertising (jmcd)
106 - spoolss and printing updates (tpot, jerry)
107 (the is the major update in this alpha, and work continues)
108 - Winbindd connection cache improvements (abartlet)
109 - spnego segfault fixes (abartlet)
110 - net ads segfault fixes ( Alexander Bokovoy <a.bokovoy@sam-solutions.net>)
111 - header cleanups (tpot)
112 - Serialise domain auth requests - win2k bug (tridge)
113 - fix winbind talloced memory leak (dleducq@arkoon.net, tridge)
114 - call unmangle in don_unmangle (abartlet)
115 - UTF8 Charset functions - for ADS LDAP calls (Hasch@t-online.de)
116 - Fix security tab for mapped drives on unicode clients (tridge)
117 - Better configure tests for snprintf and immidiate structures (abartlet)
118 - allow 'passdb backend = plugin : /path/to/plugin.so : plguin args'
119 (loads a passdb module) (Jelmer Vernooij <jelmer@nl.linux.org>)
120 - change the way we store our domain join info - you will need to
121 rejoin the domain (tridge)
122 - xcopy /o fixes (tridge)
123 - fix the 'convert_string' level 0 debugs.
124 - Patch for Domain users not showing up from "Ivan Zhakov" <vunny@mail.ru>
126 - The beginning of trusted and trusting domain support - net commands
127 (Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl>)
128 - nmbd signal processing fixes (jra)
129 - lseek-on-pipe support (jra)
130 - Allow Samba to trust NT4 Domains (abartlet)
131 - LDAPsam updates (abartlet):
132 - Now runtime selectable (when configured)
133 - ldap user suffix and ldap group suffix support.
134 - non unix account support
135 - select with 'passdb backend = ldapsam' or 'passdb backend =
137 - start to allow NT4 domains to trust Samba, netlogon fixes (abartlet)
138 - make default unix charset UTF8 (tridge)
139 - Fix SIGSEGV on error message when trying to add a user to smbpasswd
140 file without a unix account (jmcd)
141 - better detection of dead ADS connections, so we have some chance of
142 reconnecting (tridge)
143 - removed bogus prepend_domain() call which was screwing up getpwuid()
144 with the new default domain code
145 - Domain/workstation SID fixes.
146 - patch from Alexey Kotovich <a.kotovich@sam-solutions.net> that adds
147 the security decsriptor code for ADS workstation accounts.
148 (allow self password change, self remove)
149 (after much review and disscussion with abartlet and tridge)
152 - Improvements in pam_winbind/winbindd_pam.c: (abartlet)
153 - Much better error reporting
154 - Password changing is now stackable
155 - now returns multiple PAM errors based on the NTSTATUS
157 - returns an error string the client can use in their own logs.
158 - Print form updates (tpot)
159 - added 'wbinfo --sequence' to show sequence numbers of
161 - better winbind memory mangement (tridge)
162 - make signal processing work correctly in winbindd
163 Michael Steffens <michael_steffens@hp.com>
164 - Inital ADS printer publishing work. (jmcd)
166 - large debian packaging checking from Eloy. (merge by jerry)
167 - Make smbgroupedit a little easier on the user (select groups
168 by name rather than by sid) (abartlet)
169 - rework parts of smbtorture (tridge)
172 - 'Winbind Default Domain' support:
173 This allows winbind to supply usernames without a 'DOMAIN\'
174 prefix. Particularly handy for shell and e-mail servers,
175 as well as Unix workstations in NT domains.
176 - Associated cleanups in winbindd and smbd.
177 (Alexander Bokovoy <a.bokovoy@sam-solutions.net> and
179 - Winbind protocol changes for better Squid intergration
180 (current version is 3) (abartlet)
181 - pam_winbind password changing
182 (Samuel Ziegler <sam@xpedion.com>, tpot)
183 - runtime selectable pluggable passdb interface.
185 - 'non unix account' support (abartlet)
186 (This allows machines and even users not to exist
188 - Inital implementation of the WINS replication deamon
190 - Changes for better winbind PDC/BDC failover support
192 - Various Winbind/ADS mode stabilty and flexablity fixes
194 - Mangle names like .bashrc properly (trige)
195 - CIFS UNIX extensions (client and server) (jra)
196 - Universal group support outside smbd (via a cache)
197 (Alexander Bokovoy <a.bokovoy@sam-solutions.net>)
198 - Write cache fixes (jra)
201 - updates to try to get more out-of-the-box compiles
202 (mostly kerberos and ldap stuff) (various)
203 - 'net rpc shutdown' remote shutdown of servers
204 (abartlet, original code from idra)
205 - authentication subsystem rework, including move to
206 new RPC client code (abartlet)
208 - use new client code (abartlet)
209 - change winbind_auth_pam_crap interface for squid's
211 - new interface versioning functionality (abartlet)
212 - cope better when inteface does change (tpot)
213 - better winbind trusted domain code (tpot)
214 - doc updates (jerry)
215 - new NTSTAUS -> DOS error map (abartlet)
216 - large user list (> 1500) enumeration (jra)
217 - dmalloc support (mbp)
218 - spoolss changes (tpot)
219 - talloc accounting (mbp)
221 - smbmount trivial fixup (abartlet)
222 - start of new unix extenions to CIFS (jra)
225 - doc updates (jerry)
226 - store domain sid on ADS join (tridge)
227 - allow a winbind username on ADS connection (tridge)
230 - fixed fallback to "ads server" option (tridge)
231 - fix ACL failure on HP HFS (jra)
232 - net ads password and net ads chostpass commands (Remus Koos)
233 - fixed valid char array generation (tridge)
234 - fixed QFS_INFO for win98 long filenames (tridge)
235 - added net lookup command (tridge)
236 - fixed map to guest with spnego (tridge)
237 - fixed irix warnings (tridge)
241 - hide unreadable fix using acl fns (jra)
242 - lsa_open_policy cleanup (jfm)
243 - mangled directories fix (jra)
244 - fix error return on bad pipe (jra)
245 - fix homes share with no home dir (tpot)
246 - fixed handling of dead or empty domains in winbindd (tridge)
247 - added talloc torture program (mbp)
248 - talloc debug code (mbp)
249 - added trusted domains to winbindd/ADS (tridge)
250 - fix trusted domains in auth code (tridge)
251 - new gss error handling code (a.bokovoy@sam-solutions.net & tridge)
252 - support mixed ADS/NT4 domains (tridge)
255 - nicer net error messages (tpot)
256 - trust account patches (mimir)
257 - solaris link option update (davecb)
258 - added lsa_query_secobj() server fn (jfm)
259 - spoolss changeid fix (jerry)
260 - domain auth error fix (jmcd)
261 - HPUX acl code (jra)
262 - set filetime on close fix (jra)
263 - allow select of org unit in ads join (tridge)
266 - fixed compile of wb_client.c (tridge)
267 - fixed net time to use localtime (tridge)
268 - net help cleanups (jmcd)
269 - debug level fix (tpot)
270 - utmp string length fixes (monyo)
275 - added "net ads info" to probe basic into on your ads server without
277 - improved some error handling
281 - added "net time zone" command (tridge)
282 - pam_smbpass updates (a.bokovoy@sam-solutions.net)
283 - irix updates (herb)
284 - net rpc join handles existing machine acct (tridge)
288 - added "net time" command (tridge)
289 - allow client tools to specify a hostname of form HOST#xx (tridge)
290 - added wbinfo --set-auth-user (tpot)
291 - added lsaquerysecobj to rpcclient (tpot)
295 - fixed nexus/win9x user list (jfm)
296 - fixed large user/group lists in winbindd (tridge)
297 - fixed gssapi headers in redhat (jmcd)
298 - fixed rap error code handling (jra)
299 - more usermanager rpc calls (jfm)
300 - re-added RAP calls at top level to net command (tridge)
304 - fixed a silly tdb bug in alpha2 that affected internal databases
308 - we no longer use cyrus-sasl for LDAP SASL/gssapi. This makes our ADS
309 code much more robust.
310 - winbindd cache code rewritten to be much more efficient. It also
311 copes much better with server outages.
312 - jfm implemented full group mapping and smb.conf option 'domain admin
313 group' is now gone. Consult the GROUP-MAPPING-HOWTO.txt to know how
314 to gain back administrator rights.
315 - docs update started
316 - numerous small bugfixes
320 - winbindd now uses LDAP and works correctly with an ADS server in
322 - XFS quotas code on Linux
323 - group mapping code from JFM
324 - "net rpc join" command replaces smbpasswd -j
325 - fixed winbind initgroups
329 This is a pre-release of Samba 3.0 alpha0. This is NOT a stable
330 release. Use at your own risk.
332 The purpose of this alpha release is to get wider testing of the major
333 new pieces of code in the current Samba 3.0 development tree. We are
334 planning on ceasing development on the 2.2.x release of Samba very
335 shortly and after that we will be concentrating on Samba 3.0. To
336 reduce the time before the final Samba 3.0 release we need as many
337 poeple as possible to start testing these alpha releases, and
338 hopefully giving us some high quality feedback on what needs fixing.
340 Note that Samba 3.0 is not anywhere near feature complete yet. There
341 is a lot more coding we have planned, but unless we get what we have
342 done already more widely tested we will have a hard time doing a
343 stable release in a reasonable time frame.
345 This release is also missing major pieces of documentation, and there
346 are many parts of the docs that have not been updated to reflect the
347 new options and features in 3.0.
352 - Active Directory support. This release is able to join a ADS realm
353 as a member server and authenticate users using
354 LDAP/kerberos. Please read ADS-HOWTO.txt in the release for a very
355 rough guide on how to set this up.
357 - Unicode support. Samba will now negotiate unicode on the wire and
358 interally there is now a much better infrastructure for multi-byte
359 and unicode character sets. You may need the "dos charset", "unix
360 charset" and "display charset" options. The unicode support is not
363 - New authentication system. The internal authentication system has
364 been almost completely rewritten. Most of the changes are internal,
365 but the new auth system is also very configurable. Not documented
368 - new filename mangling system. The filename mangling system has been
369 completely rewritten. An internal database now stores mangling maps
370 persistantly. This needs lots of testing.
372 - new "net" command. A new "net" command has been added. It is
373 somewhat similar to the "net" command in windows. Eventually we plan
374 to replace a bunch of other utilities (such as smbpasswd) with
375 subcommands in "net", at the moment only a few things are
378 - Samba now negotiates NT-style status32 codes on the wire. This
379 improves error handling a lot.
381 - better w2k printing support. The support for printing from win2000
382 clients has improved greatly.
384 Plus lots of other changes!
386 Note that many new features are not documented. Don't let this stop
387 you from using Samba 3.0. It is particularly important that the basic
388 file/print serving abilities of Samba 3.0 are widely tested to ensure
389 that we have not broken any of the basic functionality. As we do more
390 alpha releases we will start to document the new features.
393 Reporting bugs & Development Discussion
394 ---------------------------------------
396 Please discuss this release on the samba-technical mailing list or by
397 joining the #samba-technical IRC channel on irc.openprojects.net
399 If you do report problems then please try to send high quality
400 feedback. If you don't provide vital information to help us track down
401 the problem then you will probably be ignored.