add idmap_winbind unless I made a better way to solve SID type for domain

[Samba/nascimento.git] / WHATSNEW.txt

                  WHATS NEW IN Samba 3.0 alpha24
                          14th May 2003
                  ==============================

This is a pre-release of Samba 3.0. This is NOT a stable release.
Use at your own risk. 

The purpose of this alpha release is to get wider testing of the major
new pieces of code in the current Samba 3.0 development tree. We have
officially ceased development on the 2.2.x release of Samba and are
concentrating on Samba 3.0. To reduce the time before the final Samba 3.0
release we need as many people as possible to start testing these alpha
releases, and hopefully giving us some high quality feedback on what needs
fixing.

Note that Samba 3.0 is not feature complete yet. There is a more
coding we have planned, but unless we get what we have done already more
widely tested we will have a hard time doing a stable release in a
reasonable time frame.

Major new features:
-------------------

- Active Directory support. This release is able to join a ADS realm
  as a member server and authenticate users using LDAP/kerberos.

- Unicode support. Samba will now negotiate UNICODE on the wire and
  internally there is now a much better infrastructure for multi-byte
  and UNICODE character sets.

- New authentication system. The internal authentication system has
  been almost completely rewritten. Most of the changes are internal,
  but the new auth system is also very configurable.

- new filename mangling system. The filename mangling system has been
  completely rewritten. An internal database now stores mangling maps
  persistently. This needs lots of testing.

- new "net" command. A new "net" command has been added. It is
  somewhat similar to the "net" command in windows. Eventually we plan
  to replace a bunch of other utilities (such as smbpasswd) with
  subcommands in "net", at the moment only a few things are
  implemented.

- Samba now negotiates NT-style status32 codes on the wire. This
  improves error handling a lot.

- better w2k printing support including publishing printer
  attributes in active directory

- new loadable RPC modules

- new dual-daemon winbindd support for better performance

- support for migrating from a Windows NT 4.0 domain

- support for establishing trust relationships with Windows NT 4.0
  domain controllers

Plus lots of other changes!


Reporting bugs & Development Discussion
---------------------------------------

Please discuss this release on the samba-technical mailing list or by
joining the #samba-technical IRC channel on irc.freenode.net.

If you do report problems then please try to send high quality
feedback. If you don't provide vital information to help us track down
the problem then you will probably be ignored.


Changes in alpha23:
-------------------

  LDAP Schema Changes
  -------------------
  A new objectclass (sambaSamAccount) has been introduced to replace the old
  sambaAccount.  This change aids us in the renaming of attributes to prevent
  clashes with attributes from other vendors.  There is a conversion script
  (examples/LDAP/convertSambaAccount) to modify and LDIF file to the new schema.
  
  Example:
  
        $ ldapsearch .... -b "ou=people,dc=..." > old.ldif
        $ convertSambaAccount <DOM SID> old.ldif new.ldif
        
  The <DOM SID> can be obtained by running 'net getlocalsid <DOMAINNAME>' 
  on the Samba PDC as root.
  
  The sambaDomain and sambaGroupMapping objects have also been modified
  to use the new attribute naming conventions as well.  There are no 
  conversion scripts for this data since the old schema was never published 
  in a stable release.
  
  The old sambaAccount schema may still be used by specifying the 
  "ldapsam_compat" passdb backend.
  
  Parameters
  ----------

  Removed Parameters

  * total print jobs

  Known Issues
  ------------
  
  The following are known issues with this release and will be corrected
  in future versions:
  
  1) Automatically generating accounts for users and groups from 
     trusted domains when Samba is acting as a PDC
  2) Maintaining idmap ID's in a LDAP directory in order to implement 
     a distributed winbind solution
  
  ChangeLog
  ---------

  See cvs log for SAMBA_3_0 for complete details.  There are many
  smaller numerous changes that would clutter the release notes.

1)  Fix policy handle leak and crash bug in rpc printing code
2)  Changed the order of checking whether a SID is a UID or a GID 
    in posix acls
3)  Merge of winbind nss cleanup from HEAD branch
4)  Inclusion of idmap backend for mapping SIDs to uids/gids
5)  Fix for very subtle POSIX lock interaction race condition
6)  Re-fix close of delete semantics
7)  Inclusion of schannel functionality (merged from SAMBA_TNG)
8)  Remove unixsam passdb
9)  Add debugging code to decode the Win2k PAC
10) Very large amounts of documentation fixes (including the move from 
    SGML->XML DocBook)
11) Fix support for local_password_change() in pam_smbpass
12) Ensure we have WinXP-like semantics for checking TIDs and FIDs
13) More print job change notify fixes
14) Handle deep referrals in MS-DFS code
15) Add echo named pipe for testing purposes
16) Workaround streams leak on SCO openserver 5.0.x
17) Lots of popt changes to command line tools
18) Use the new modules system for passdb (merge from HEAD)
19) Inclusion of editreg.c for editing Windows NT+registry files off line
20) Fix byte ordering when using CIDR notation in hosts allow/deny (again)
21) Replace smbgroupedit tool with 'net groupmap'
22) Merge SMB Signing, NTLMv2 and NTLMSSP fixes from HEAD branch
23) Merge of trusted domain code from HEAD branch
24) Fix up crashes in lanman printing code (e.g. disable spoolss = yes)
25) Store the IP address in the utmp record when possible
26) Fix bug in FindFirst code and OS/2 clients
27) Fix local master browsing bug when synchronizing browse lists
28) Fix browse synchronization when primary interface is no listed
    in the interfaces list and "bind interfaces only" is enabled.
29) removed ldapsam_nua and tdbsam_nua passdb backends (replaced by idmap)
30) Include support for storing next rid value in LDAP using a 
    sambaDomain object
31) Removed "printing = SOFTQ" option
32) Fix winbindd dual mode
33) Revert from wins.tdb back to wins.dat (flat text file)
34) More Trust relationship fixes
35) More quota fixes (including server support for NT quota info levels)