[ANNOUNCE] Samba 4.0 beta1
Michael Adam
obnox at samba.org
Tue Jun 5 07:12:32 MDT 2012
Hi Andrew,
I am thrilled - this is an important step towards the 4.0 release!
I am really glad to see us move forward.
Thanks for all the work go get this out of the door!
I hope our users will share our excitement and do even more
testing than before, and give us a good amount of feed-back.
Cheers - Michael
Andrew Bartlett wrote:
> We are proud to a announce our first beta release of Samba 4.0, beta 1
>
> What's new in Samba 4 beta1
> =============================
>
> Samba 4.0 will be the next version of the Samba suite and incorporates
> all the technology found in both the Samba4 alpha series and the
> stable 3.x series. The primary additional features over Samba 3.6 are
> support for the Active Directory logon protocols used by Windows 2000
> and above.
>
>
> WARNINGS
> ========
>
> Samba4 beta1 is not a final Samba release, however we are now making
> good progress towards a Samba 4.0 release, of which this is a preview.
> Be aware the this release contains the best of all of Samba's
> technology parts, both a file server (that you can reasonably expect
> to upgrade existing Samba 3.x releases to) and the AD domain
> controller work previously known as 'samba4'.
>
> Samba4 is subjected to an awesome battery of tests on an automated
> basis, we have found Samba 4.0 to be very stable in it's behavior.
> However, we still recommend against upgrading production servers from
> Samba 3.x release to Samba 4.0 beta at this stage.
>
> In particular note that the new default configuration 's3fs' may have
> different stability characteristics compared with our previous default
> file server. We are making this release so that we can find and fix
> any of these issues that arise in the real world. New AD DC
> installations can provision or join with --use-ntvfs to obtain the
> previous default file server. Existing installations will be
> unaffected at this stage.
>
> If you are upgrading, or looking to develop, test or deploy Samba 4.0
> beta releases, you should backup all configuration and data.
>
>
> NEW FEATURES
> ============
>
> Samba 4.0 beta supports the server-side of the Active Directory logon
> environment used by Windows 2000 and later, so we can do full domain
> join and domain logon operations with these clients.
>
> Our Domain Controller (DC) implementation includes our own built-in
> LDAP server and Kerberos Key Distribution Center (KDC) as well as the
> Samba3-like logon services provided over CIFS. We correctly generate
> the infamous Kerberos PAC, and include it with the Kerberos tickets we
> issue.
>
> Samba 4.0 beta ships with two distinct file servers. We now use the
> file server from the Samba 3.x series 'smbd' for all file serving by
> default. For pure file server work, the binaries users would expect
> from that series (nmbd, winbindd, smbpasswd) continue to be available.
>
> Samba 4.0 also ships with the 'NTVFS' file server. This file server
> is what was used in all previous alpha releases of Samba 4.0, and is
> tuned to match the requirements of an AD domain controller. We
> continue to support this, not only to provide continuity to
> installations that have deployed it as part of an AD DC, but also as a
> running example of the NT-FSA architecture we expect to move smbd to in
> the longer term.
>
> As mentioned above, this change to the default file server may cause
> instability, as we learn about the real-world interactions between
> these two key components.
>
> As DNS is an integral part of Active Directory, we also provide a DNS
> solution, using the BIND DLZ mechanism in versions 9.8 and 9.9.
> During the provision, a configuration file will be generated for bind
> to make it use this plugin. We also have a project to provide a
> minimal internal DNS server from within the Samba process, for easier
> 'out of the box' configuration. Note however that this is not yet
> complete (pending addition of secure DNS update support).
>
> To provide accurate timestamps to Windows clients, we integrate with
> the NTP project to provide secured NTP replies.
>
> Finally, a new scripting interface has been added to Samba 4, allowing
> Python programs to interface to Samba's internals, and many tools and
> internal workings of the DC code is now implemented in python.
>
>
> CHANGES SINCE alpha21
> =====================
>
> For a list of changes since alpha21, please see the git log.
>
> $ git clone git://git.samba.org/samba.git
> $ cd samba.git
> $ git log samba-4.0.0alpha21..samba-4.0.0beta1
>
> Some major user-visible changes include:
>
> The internal DNS server has had some stability improvements, and
> now handles forwarded DNS replies in an async manner.
>
> The build of libtdb.so and libtalloc.so has been removed from the
> autoconf build. Use the build in lib/talloc and lib/tdb to build
> this software for use across the system.
>
> The smbclient and nmblookup binaries have been renamed in the top
> level build, so smbclient/nmblookup are now the implementations from
> the Samba 3.x heritage.
>
> Improved handling of the cleanup of smbd child processes (removing a
> number of scary warnings from our log output).
>
> Much improved support for FreeBSD, including extended attribute
> support on the filesystem for the AD DC.
>
>
> KNOWN ISSUES
> ============
>
> - We are making this beta release to gain real-world use of the 's3fs'
> file server combination we will use for the Samba 4.0 release.
> Users should expect some rough edges: in particular, there are
> warnings about invalid parameters from the two respective parameter
> parsing engines.
>
> - Replication of DNS data from one AD server to another may not work.
> The DNS data used by the internal DNS server and bind9_dlz is stored
> in an application partition in our directory. The replicaton of
> this partition is not yet reliable.
>
> - Replication may fail on FreeBSD due to getaddrinfo() rejecting names
> containing _. A workaround will be in the next beta.
>
> - upgradeprovision should not be run when upgrading to this release
> from a recent release. No important database format changes have
> been made since alpha16.
>
> - Installation on systems without a system iconv (and developer
> headers at compile time) is known to cause errors when dealing with
> non-ASCII characters.
>
> - Domain member support in the 'samba' binary is in it's infancy, and
> is not comparable to the support found in winbindd. As such, do not
> use the 'samba' binary (provided for the AD server) on a member
> server.
>
> - There is no NetBIOS browsing support (network neighbourhood) in the
> 'samba' binary (use nmbd and smbd instead)
>
> - Clock Synchronisation is critical. Many 'wrong password' errors are
> actually due to Kerberos objecting to a clock skew between client
> and server. (The NTP work in the previous alphas are partly to assist
> with this problem).
>
> - The DRS replication code may fail. Please contact the team if you
> experience issues with DRS replication, as we have fixed many issues
> here in response to feedback from our production users.
>
>
> RUNNING Samba 4.0 as an AD DC
> =============================
>
> A short guide to setting up Samba 4 as an AD DC can be found on the wiki:
>
> http://wiki.samba.org/index.php/Samba4/HOWTO
>
> #######################################
> Reporting bugs & Development Discussion
> #######################################
>
> Please discuss this release on the samba-technical mailing list or by
> joining the #samba-technical IRC channel on irc.freenode.net.
>
> If you do report problems then please try to send high quality
> feedback. If you don't provide vital information to help us track down
> the problem then you will probably be ignored. All bug reports should
> be filed under the Samba 4.0 product in the project's Bugzilla
> database (https://bugzilla.samba.org/).
>
>
> ======================================================================
> == Our Code, Our Bugs, Our Responsibility.
> == The Samba Team
> ======================================================================
>
>
> Download Details
> ================
>
> The release tarball is available from the following location:
> * http://download.samba.org/samba/ftp/samba4/samba-4.0.0beta1.tar.gz
>
> This release has been signed using GPG with Andrew's GPG key 28B436BB).
>
> * http://download.samba.org/samba/ftp/samba4/samba-4.0.0beta1.tar.asc
>
> To verify that the signature is correct, make sure that the tarball has
> been unzipped and run:
>
> $ gpg --verify samba-4.0.0beta1.tar.asc
>
> Happy testing!
>
> The Samba team
> --
> Andrew Bartlett http://samba.org/~abartlet/
> Authentication Developer, Samba Team http://samba.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 206 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20120605/f2c9dde9/attachment.pgp>
More information about the samba-technical
mailing list