[ANNOUNCE] Samba 4.0 beta1

Michael Adam obnox at samba.org
Tue Jun 5 07:12:32 MDT 2012

Hi Andrew,

I am thrilled - this is an important step towards the 4.0 release!
I am really glad to see us move forward.
Thanks for all the work go get this out of the door!

I hope our users will share our excitement and do even more
testing than before, and give us a good amount of feed-back.

Cheers - Michael

Andrew Bartlett wrote:
> We are proud to a announce our first beta release of Samba 4.0, beta 1
> What's new in Samba 4 beta1
> =============================
> Samba 4.0 will be the next version of the Samba suite and incorporates
> all the technology found in both the Samba4 alpha series and the
> stable 3.x series. The primary additional features over Samba 3.6 are
> support for the Active Directory logon protocols used by Windows 2000
> and above.
> ========
> Samba4 beta1 is not a final Samba release, however we are now making
> good progress towards a Samba 4.0 release, of which this is a preview.
> Be aware the this release contains the best of all of Samba's
> technology parts, both a file server (that you can reasonably expect
> to upgrade existing Samba 3.x releases to) and the AD domain
> controller work previously known as 'samba4'.
> Samba4 is subjected to an awesome battery of tests on an automated
> basis, we have found Samba 4.0 to be very stable in it's behavior.
> However, we still recommend against upgrading production servers from
> Samba 3.x release to Samba 4.0 beta at this stage.
> In particular note that the new default configuration 's3fs' may have
> different stability characteristics compared with our previous default
> file server.  We are making this release so that we can find and fix
> any of these issues that arise in the real world.  New AD DC
> installations can provision or join with --use-ntvfs to obtain the
> previous default file server.  Existing installations will be
> unaffected at this stage.
> If you are upgrading, or looking to develop, test or deploy Samba 4.0
> beta releases, you should backup all configuration and data.
> ============
> Samba 4.0 beta supports the server-side of the Active Directory logon
> environment used by Windows 2000 and later, so we can do full domain
> join and domain logon operations with these clients.
> Our Domain Controller (DC) implementation includes our own built-in
> LDAP server and Kerberos Key Distribution Center (KDC) as well as the
> Samba3-like logon services provided over CIFS.  We correctly generate
> the infamous Kerberos PAC, and include it with the Kerberos tickets we
> issue.
> Samba 4.0 beta ships with two distinct file servers.  We now use the
> file server from the Samba 3.x series 'smbd' for all file serving by
> default.  For pure file server work, the binaries users would expect
> from that series (nmbd, winbindd, smbpasswd) continue to be available.
> Samba 4.0 also ships with the 'NTVFS' file server.  This file server
> is what was used in all previous alpha releases of Samba 4.0, and is
> tuned to match the requirements of an AD domain controller.  We
> continue to support this, not only to provide continuity to
> installations that have deployed it as part of an AD DC, but also as a
> running example of the NT-FSA architecture we expect to move smbd to in
> the longer term.  
> As mentioned above, this change to the default file server may cause
> instability, as we learn about the real-world interactions between
> these two key components. 
> As DNS is an integral part of Active Directory, we also provide a DNS
> solution, using the BIND DLZ mechanism in versions 9.8 and 9.9.
> During the provision, a configuration file will be generated for bind
> to make it use this plugin.  We also have a project to provide a
> minimal internal DNS server from within the Samba process, for easier
> 'out of the box' configuration.  Note however that this is not yet
> complete (pending addition of secure DNS update support).
> To provide accurate timestamps to Windows clients, we integrate with
> the NTP project to provide secured NTP replies. 
> Finally, a new scripting interface has been added to Samba 4, allowing
> Python programs to interface to Samba's internals, and many tools and
> internal workings of the DC code is now implemented in python.
> =====================
> For a list of changes since alpha21, please see the git log.
> $ git clone git://git.samba.org/samba.git
> $ cd samba.git
> $ git log samba-4.0.0alpha21..samba-4.0.0beta1
> Some major user-visible changes include:
> The internal DNS server has had some stability improvements, and
> now handles forwarded DNS replies in an async manner.
> The build of libtdb.so and libtalloc.so has been removed from the
> autoconf build.  Use the build in lib/talloc and lib/tdb to build
> this software for use across the system.
> The smbclient and nmblookup binaries have been renamed in the top
> level build, so smbclient/nmblookup are now the implementations from
> the Samba 3.x heritage.
> Improved handling of the cleanup of smbd child processes (removing a
> number of scary warnings from our log output).
> Much improved support for FreeBSD, including extended attribute
> support on the filesystem for the AD DC.
> ============
> - We are making this beta release to gain real-world use of the 's3fs'
>   file server combination we will use for the Samba 4.0 release.
>   Users should expect some rough edges: in particular, there are
>   warnings about invalid parameters from the two respective parameter
>   parsing engines.
> - Replication of DNS data from one AD server to another may not work.
>   The DNS data used by the internal DNS server and bind9_dlz is stored
>   in an application partition in our directory.  The replicaton of
>   this partition is not yet reliable.
> - Replication may fail on FreeBSD due to getaddrinfo() rejecting names
>   containing _.  A workaround will be in the next beta.
> - upgradeprovision should not be run when upgrading to this release
>   from a recent release.  No important database format changes have
>   been made since alpha16.  
> - Installation on systems without a system iconv (and developer
>   headers at compile time) is known to cause errors when dealing with
>   non-ASCII characters.
> - Domain member support in the 'samba' binary is in it's infancy, and
>   is not comparable to the support found in winbindd.  As such, do not
>   use the 'samba' binary (provided for the AD server) on a member
>   server.
> - There is no NetBIOS browsing support (network neighbourhood) in the
>   'samba' binary (use nmbd and smbd instead)
> - Clock Synchronisation is critical.  Many 'wrong password' errors are
>   actually due to Kerberos objecting to a clock skew between client
>   and server.  (The NTP work in the previous alphas are partly to assist
>   with this problem).
> - The DRS replication code may fail.  Please contact the team if you
>   experience issues with DRS replication, as we have fixed many issues
>   here in response to feedback from our production users. 
> RUNNING Samba 4.0 as an AD DC
> =============================
> A short guide to setting up Samba 4 as an AD DC can be found on the wiki:
>   http://wiki.samba.org/index.php/Samba4/HOWTO
> #######################################
> Reporting bugs & Development Discussion
> #######################################
> Please discuss this release on the samba-technical mailing list or by
> joining the #samba-technical IRC channel on irc.freenode.net.
> If you do report problems then please try to send high quality
> feedback. If you don't provide vital information to help us track down
> the problem then you will probably be ignored.  All bug reports should
> be filed under the Samba 4.0 product in the project's Bugzilla
> database (https://bugzilla.samba.org/).
> ======================================================================
> == Our Code, Our Bugs, Our Responsibility.
> == The Samba Team
> ======================================================================
> Download Details
> ================
> The release tarball is available from the following location:
>  * http://download.samba.org/samba/ftp/samba4/samba-4.0.0beta1.tar.gz
> This release has been signed using GPG with Andrew's GPG key 28B436BB).
>  * http://download.samba.org/samba/ftp/samba4/samba-4.0.0beta1.tar.asc
> To verify that the signature is correct, make sure that the tarball has
> been unzipped and run:
> $ gpg --verify samba-4.0.0beta1.tar.asc
> Happy testing!
> The Samba team
> -- 
> Andrew Bartlett                                http://samba.org/~abartlet/
> Authentication Developer, Samba Team           http://samba.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 206 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20120605/f2c9dde9/attachment.pgp>

More information about the samba-technical mailing list