samba - Mar 2003 - Samba-3.0alpha22 available on samba.org mirrors

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

We've just posted another snapshot of the SAMBA_3_0 cvs tree
for download.  This is a non-production release provided for
testing only. 

The source code can be downloaded from :

    http://download.samba.org/samba/ftp/alpha/

The uncompressed tarball and patch file have been signed
using GnuPG.  The Samba public key is available at

    http://download.samba.org/samba/ftp/samba-pubkey.asc

Binary packages for RedHat have been released and can be
found at

    http://download.samba.org/samba/ftp/Binary_Packages/

Others will be available as they are submitted by volunteers.

A simplified version of the CVS log of updates since 3.0alpha21 
can be found in the the download directory under the name
ChangeLog-3.0alpha21-alpha22.  The release notes follow.

As always, all bugs are our responsibility.

                                  --Enjoy
                                  The Samba Team

- ------------------------------------------------------------------------

                  WHATS NEW IN Samba 3.0 alpha22
                           4th March 2003
                  =============================
This is a pre-release of Samba 3.0. This is NOT a stable release.
Use at your own risk.

The purpose of this alpha release is to get wider testing of the major
new pieces of code in the current Samba 3.0 development tree. We have
officially ceased development on the 2.2.x release of Samba and are
concentrating on Samba 3.0. To reduce the time before the final Samba 3.0
release we need as many people as possible to start testing these alpha
releases, and hopefully giving us some high quality feedback on what needs
fixing.

Note that Samba 3.0 is not feature complete yet. There is a more
coding we have planned, but unless we get what we have done already more
widely tested we will have a hard time doing a stable release in a
reasonable time frame.

Major new features:
- -------------------

- - Active Directory support. This release is able to join a ADS realm
  as a member server and authenticate users using LDAP/kerberos.

- - Unicode support. Samba will now negotiate UNICODE on the wire and
  internally there is now a much better infrastructure for multi-byte
  and UNICODE character sets.

- - New authentication system. The internal authentication system has
  been almost completely rewritten. Most of the changes are internal,
  but the new auth system is also very configurable.

- - new filename mangling system. The filename mangling system has been
  completely rewritten. An internal database now stores mangling maps
  persistently. This needs lots of testing.

- - new "net" command. A new "net" command has been added.
It is
  somewhat similar to the "net" command in windows. Eventually we plan
  to replace a bunch of other utilities (such as smbpasswd) with
  subcommands in "net", at the moment only a few things are
  implemented.

- - Samba now negotiates NT-style status32 codes on the wire. This
  improves error handling a lot.

- - better w2k printing support including publishing printer
  attributes in active directory

- - new loadable RPC modules

- - new dual-daemon winbindd support for better performance

- - support for migrating from a Windows NT 4.0 domain

- - support for establishing trust relationships with Windows NT 4.0
  domain controllers

Plus lots of other changes!


Reporting bugs & Development Discussion
- ---------------------------------------

Please discuss this release on the samba-technical mailing list or by
joining the #samba-technical IRC channel on irc.freenode.net.

If you do report problems then please try to send high quality
feedback. If you don't provide vital information to help us track down
the problem then you will probably be ignored.



Changes in alpha22:
- -------------------

  Added Parameters

  * client NTLMv2 auth
  * client lanman auth
  * client signing
  * client use spnego
  * max reported print jobs
  * msdfs proxy


 See cvs log for SAMBA_3_0 for complete details.  There are many
 smaller numerous changes that would clutter the release notes.

1)  remove the global_myname string and replace with wrapper function
    global_myname()
2)  create vfs/ and pdb/ subdirectories for library installs
3)  Fixup of ordered cleanup of get_dc_list()
4)  Added more autoconf tests for Stratus VOS
5)  Fixed nasty bug where file writes with start offsets in the
    range 0x80000000 -> 0xFFFFFFFF would fail as they were being cast
    from IVAL (uint32) to SMB_OFF_T (off_t or off64_t, both *signed*
    types).   The sign extension would cause the offset to be treated
    as negative.
6)  Add support to automatically retrieve the dns host name and domain
    name of an AD server
7)  Add support for PRINTER_INFO_7 and publishing printer attributes
    in active directory
8)  Fix for 64 bit issues with oplocks and allocation size
9)  Remove assert(count ==1) for multi-homed PDCs when resolving
    DOMAIN<0x1b>
10) Ensure that change_trust_account_password() always talks to
    the PDC
11) Add some docs on CUPS printing
12) Fix rpcclient querygroup command
13) The _abs time functions should not be converting from/to GMT
14) Fix broken incremental tar in smbclient
15) Adding supporting code for better testing using Valgrind
16) Fix for old DOS client when veto files is set to /.*/
17) Add win32 utility to query driver capabilities to publish
    (examples/printing/prtpub.c)
18) Fix memory leak when constructing an driver_level_6 structure and
    no dependent files
19) Add some friendly versions of NT_STATUS codes
20) Protect nmbd against malformed reply packets
21) Removal of unpopular winbind client environment variable
22) Add msdfs proxy functionality; a CIFS share can directly be a
    stand-in for another share, and when clients connect to the first
    share, they will be redirected to the proxied share
23) Make Samba compile cleanly with -Wwrite-strings
24) Add new timegm() that actually works on solaris
25) Add support for running smbd, nmbd, & winbindd under the daemontools
    package
26) Move user password changes into the NTSTATUS era, and add support
    for the 'min password age' and 'min passwd len' concepts
27) Add new gencache based namecache code
28) Add profiles utility support to Samba 3.0.x
29) Fix open problem with changing attributes on an existing file
30) Efficiency fixes for internal messaging system
31) Make sure to update print queue cache during timeout_processing()
    to send notify events
32) Make -i flag work like it did in 2.2
33) Merge some rpcclient and net functionality from HEAD
34) Add support for compiling with Heimdal kerberos libraries
35) Connect to the actual netbios name in smb.conf and not LOCALHOST
36) Add support for CUPS-PRINTER_CLASS
37) Add ntlm_auth tool and update NTLMSSP support
38) require Autoconf 2.53 and remove configure from CVS
39) Check for too many processes *before* the fork
40) Fix delete on close semantics to match W2K.
41) merge desired_access for open_printer_ex from HEAD, allowing
    cupsaddsmb to work again!
42) Add support for dynamic RPC modules
43) wrap all cm_get_XX calls and their subsequent requests in a retry loop
    in case we've temporarily lost connection to the DC. Makes winbindd
    more reliable
44) Optimize user_ok() and user_in_group() when verifying group membership
45) Add NTLMv2 client code (that works) and some SMB signing fixes
46) Add caching of PRINTER_INFO_2 structures to open printer handles
47) Add 1/3 second delay in OpenPrinter() reply to trigger a LAN/WAN
    optimization in Windows 2000 clients
48) Add "WinXP" to the possible values of the %a variable
49) Fix to allow blocking lock notification to be done rapidly (no wait 
    for smb -> smb lock release). Adds new PENDING_LOCK type to lockdb 
    (does not interfere with existing locks)
50) Limit the unix domain sockets used by winbindd (also solves FD_SETSIZE
    problem in winbindd to boot !). Adds a "last_access" field to
winbindd
    connections, and will close the oldest idle connection once the number
    of open connections goes over WINBINDD_MAX_SIMULTANEOUS_CLIENTS 
    (defined in local.h as 200 currently)
51) Limit the number of print jobs returned in EnumJobs()



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/

iD8DBQE+ZhiOIR7qMdg1EfYRAnbrAKDyZKVxiHI1sBdGE9Tesxr1ea7jZwCfQvmp
flzUT9sbZ123KQ1xt+qnCZY=VGqn
-----END PGP SIGNATURE-----

Hello lists...
forgives to be insisting on this subject...  :-(

I would like to know which I am half the most easy one to obtain to
expire the passwords of the users of samba... :-)

"If you set 'obey pam restrictions = yes' and setup the correct PAM
configuration files, then Samba will also honer this.  You should also
set 'unix password sync = yes' and 'pam password change yes' so
that the
password changes update the PAM backend too."
(...)
"Your two options are to use PAM, or to use Samba 3.0alpha and pdb_ldap.
In pdb_ldap, you want to set the 'pwdMustChange' attribute to 0." 
(Andrew Bartlett)

Good people, would like that they thought which is the way most easy to
make this for a person who understands of SAMBA but she does not
understand of LDAP and nor of PAM...

My net is small simple e (~60 machines) and will only use RH 8,0 for
server of archives (ok), PDC (ok) and PostgreSQL (ok) in the place of a
W2K...

Very obliged for the attention

[ ]'s

Tiago Cruz
Org. King de Contab. S/C Ltda.
www.linuxrapido.kit.net
Linux User #282636

Hello,

I upgraded from 3.0alpha21 to alpha22 using
rpm -Uvh samba-3.0alpha22*.i386.rpm
and can no longer attach to any share.

During the install I saw the message:

"Moving tdb files in /var/lock/samba/*.tdb to /var/cache/samba/*.tdb",

which is odd, since there is no /var/lock/samba directory to move
anything from!

Now, the smbstatus command produces the message:

"/var/cache/samba/connections.tdb not initialised
This is normal if an SMB client has never connected to your server.
Failed to open byte range locking database
ERROR: Failed to initialise locking database
Can't initialise locking module - exiting"

There is no 'connections.tdb' file in /var/cache/samba, and, since
attempts to browse to the public shares from a pc produce a '\\sambaserver
is not accessible
The network path was not found' error, presumably no client ever will.

Is there some way to initialise the connections.tdb file, or something
else I'm failing to do?

OS is RedHat 7.3, security=server, no changes to smb.conf since alpha21,
which
was working fine!

-Ken

_________________________________________

Ken Innes
Chief Information Officer
EKOS Research Associates Inc.
99 Metcalfe St., Suite 1100
Ottawa, Ontario
K1P 6L7

www.ekos.com
> -----Original Message-----
> From: samba-bounces+kinnes=ekos.com@lists.samba.org
> [mailto:samba-bounces+kinnes=ekos.com@lists.samba.org]On Behalf Of
> Gerald (Jerry) Carter
> Sent: Wednesday, March 05, 2003 10:32 AM
> To: samba@samba.org; samba-technical@samba.org
> Subject: [Samba] Samba-3.0alpha22 available on samba.org mirrors
>
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> We've just posted another snapshot of the SAMBA_3_0 cvs tree
> for download.  This is a non-production release provided for
> testing only.
>
> The source code can be downloaded from :
>
>     http://download.samba.org/samba/ftp/alpha/
>
> The uncompressed tarball and patch file have been signed
> using GnuPG.  The Samba public key is available at
>
>     http://download.samba.org/samba/ftp/samba-pubkey.asc
>
> Binary packages for RedHat have been released and can be
> found at
>
>     http://download.samba.org/samba/ftp/Binary_Packages/
>
> Others will be available as they are submitted by volunteers.
>
> A simplified version of the CVS log of updates since 3.0alpha21
> can be found in the the download directory under the name
> ChangeLog-3.0alpha21-alpha22.  The release notes follow.
>
> As always, all bugs are our responsibility.
>
>                                   --Enjoy
>                                   The Samba Team
>
> - ------------------------------------------------------------------------
>
>                   WHATS NEW IN Samba 3.0 alpha22
>                            4th March 2003
>                   =============================>
> This is a pre-release of Samba 3.0. This is NOT a stable release.
> Use at your own risk.
>
> The purpose of this alpha release is to get wider testing of the major
> new pieces of code in the current Samba 3.0 development tree. We have
> officially ceased development on the 2.2.x release of Samba and are
> concentrating on Samba 3.0. To reduce the time before the final Samba 3.0
> release we need as many people as possible to start testing these alpha
> releases, and hopefully giving us some high quality feedback on what needs
> fixing.
>
> Note that Samba 3.0 is not feature complete yet. There is a more
> coding we have planned, but unless we get what we have done already more
> widely tested we will have a hard time doing a stable release in a
> reasonable time frame.
>
> Major new features:
> - -------------------
>
> - - Active Directory support. This release is able to join a ADS realm
>   as a member server and authenticate users using LDAP/kerberos.
>
> - - Unicode support. Samba will now negotiate UNICODE on the wire and
>   internally there is now a much better infrastructure for multi-byte
>   and UNICODE character sets.
>
> - - New authentication system. The internal authentication system has
>   been almost completely rewritten. Most of the changes are internal,
>   but the new auth system is also very configurable.
>
> - - new filename mangling system. The filename mangling system has been
>   completely rewritten. An internal database now stores mangling maps
>   persistently. This needs lots of testing.
>
> - - new "net" command. A new "net" command has been
added. It is
>   somewhat similar to the "net" command in windows. Eventually we
plan
>   to replace a bunch of other utilities (such as smbpasswd) with
>   subcommands in "net", at the moment only a few things are
>   implemented.
>
> - - Samba now negotiates NT-style status32 codes on the wire. This
>   improves error handling a lot.
>
> - - better w2k printing support including publishing printer
>   attributes in active directory
>
> - - new loadable RPC modules
>
> - - new dual-daemon winbindd support for better performance
>
> - - support for migrating from a Windows NT 4.0 domain
>
> - - support for establishing trust relationships with Windows NT 4.0
>   domain controllers
>
> Plus lots of other changes!
>
>
> Reporting bugs & Development Discussion
> - ---------------------------------------
>
> Please discuss this release on the samba-technical mailing list or by
> joining the #samba-technical IRC channel on irc.freenode.net.
>
> If you do report problems then please try to send high quality
> feedback. If you don't provide vital information to help us track down
> the problem then you will probably be ignored.
>
>
>
> Changes in alpha22:
> - -------------------
>
>   Added Parameters
>
>   * client NTLMv2 auth
>   * client lanman auth
>   * client signing
>   * client use spnego
>   * max reported print jobs
>   * msdfs proxy
>
>
>  See cvs log for SAMBA_3_0 for complete details.  There are many
>  smaller numerous changes that would clutter the release notes.
>
> 1)  remove the global_myname string and replace with wrapper function
>     global_myname()
> 2)  create vfs/ and pdb/ subdirectories for library installs
> 3)  Fixup of ordered cleanup of get_dc_list()
> 4)  Added more autoconf tests for Stratus VOS
> 5)  Fixed nasty bug where file writes with start offsets in the
>     range 0x80000000 -> 0xFFFFFFFF would fail as they were being cast
>     from IVAL (uint32) to SMB_OFF_T (off_t or off64_t, both *signed*
>     types).   The sign extension would cause the offset to be treated
>     as negative.
> 6)  Add support to automatically retrieve the dns host name and domain
>     name of an AD server
> 7)  Add support for PRINTER_INFO_7 and publishing printer attributes
>     in active directory
> 8)  Fix for 64 bit issues with oplocks and allocation size
> 9)  Remove assert(count ==1) for multi-homed PDCs when resolving
>     DOMAIN<0x1b>
> 10) Ensure that change_trust_account_password() always talks to
>     the PDC
> 11) Add some docs on CUPS printing
> 12) Fix rpcclient querygroup command
> 13) The _abs time functions should not be converting from/to GMT
> 14) Fix broken incremental tar in smbclient
> 15) Adding supporting code for better testing using Valgrind
> 16) Fix for old DOS client when veto files is set to /.*/
> 17) Add win32 utility to query driver capabilities to publish
>     (examples/printing/prtpub.c)
> 18) Fix memory leak when constructing an driver_level_6 structure and
>     no dependent files
> 19) Add some friendly versions of NT_STATUS codes
> 20) Protect nmbd against malformed reply packets
> 21) Removal of unpopular winbind client environment variable
> 22) Add msdfs proxy functionality; a CIFS share can directly be a
>     stand-in for another share, and when clients connect to the first
>     share, they will be redirected to the proxied share
> 23) Make Samba compile cleanly with -Wwrite-strings
> 24) Add new timegm() that actually works on solaris
> 25) Add support for running smbd, nmbd, & winbindd under the
daemontools
>     package
> 26) Move user password changes into the NTSTATUS era, and add support
>     for the 'min password age' and 'min passwd len'
concepts
> 27) Add new gencache based namecache code
> 28) Add profiles utility support to Samba 3.0.x
> 29) Fix open problem with changing attributes on an existing file
> 30) Efficiency fixes for internal messaging system
> 31) Make sure to update print queue cache during timeout_processing()
>     to send notify events
> 32) Make -i flag work like it did in 2.2
> 33) Merge some rpcclient and net functionality from HEAD
> 34) Add support for compiling with Heimdal kerberos libraries
> 35) Connect to the actual netbios name in smb.conf and not LOCALHOST
> 36) Add support for CUPS-PRINTER_CLASS
> 37) Add ntlm_auth tool and update NTLMSSP support
> 38) require Autoconf 2.53 and remove configure from CVS
> 39) Check for too many processes *before* the fork
> 40) Fix delete on close semantics to match W2K.
> 41) merge desired_access for open_printer_ex from HEAD, allowing
>     cupsaddsmb to work again!
> 42) Add support for dynamic RPC modules
> 43) wrap all cm_get_XX calls and their subsequent requests in a retry loop
>     in case we've temporarily lost connection to the DC. Makes winbindd
>     more reliable
> 44) Optimize user_ok() and user_in_group() when verifying group membership
> 45) Add NTLMv2 client code (that works) and some SMB signing fixes
> 46) Add caching of PRINTER_INFO_2 structures to open printer handles
> 47) Add 1/3 second delay in OpenPrinter() reply to trigger a LAN/WAN
>     optimization in Windows 2000 clients
> 48) Add "WinXP" to the possible values of the %a variable
> 49) Fix to allow blocking lock notification to be done rapidly (no wait
>     for smb -> smb lock release). Adds new PENDING_LOCK type to lockdb
>     (does not interfere with existing locks)
> 50) Limit the unix domain sockets used by winbindd (also solves FD_SETSIZE
>     problem in winbindd to boot !). Adds a "last_access" field to
winbindd
>     connections, and will close the oldest idle connection once the number
>     of open connections goes over WINBINDD_MAX_SIMULTANEOUS_CLIENTS
>     (defined in local.h as 200 currently)
> 51) Limit the number of print jobs returned in EnumJobs()
>
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.0 (GNU/Linux)
> Comment: For info see http://quantumlab.net/pine_privacy_guard/
>
> iD8DBQE+ZhiOIR7qMdg1EfYRAnbrAKDyZKVxiHI1sBdGE9Tesxr1ea7jZwCfQvmp
> flzUT9sbZ123KQ1xt+qnCZY> =VGqn
> -----END PGP SIGNATURE-----
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
>