From 40a6a28170881e567d130c10bec700441423d1e8 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Tue, 30 Sep 2008 17:11:39 +0200 Subject: Move Samba4-specific files into source4/ --- BUGS4.txt | 24 --- NEWS4 | 508 ----------------------------------------------------------- TODO4 | 278 -------------------------------- source4/BUGS | 24 +++ source4/NEWS | 508 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ source4/TODO | 278 ++++++++++++++++++++++++++++++++ 6 files changed, 810 insertions(+), 810 deletions(-) delete mode 100644 BUGS4.txt delete mode 100644 NEWS4 delete mode 100644 TODO4 create mode 100644 source4/BUGS create mode 100644 source4/NEWS create mode 100644 source4/TODO diff --git a/BUGS4.txt b/BUGS4.txt deleted file mode 100644 index 1a9790ddd9..0000000000 --- a/BUGS4.txt +++ /dev/null @@ -1,24 +0,0 @@ -Samba4 alpha4 is not a final Samba release. That is more a reference -to Samba4's lack of the features we expect you will need than a -statement of code quality, but clearly it hasn't seen a broad -deployment yet. If you were to upgrade Samba3 (or indeed Windows) to -Samba4, you would find many things work, but that other key features -you may have relied on simply are not there yet. - -For example, while Samba 3.0 is an excellent member of a Active -Directory domain, Samba4 is happier as a domain controller, and it is -in this role where it has seen deployment into production. - -Samba4 is subjected to an awesome battery of tests on an -automated basis, we have found Samba4 to be very stable in it's -behaviour. We have to recommend against upgrading production servers -from Samba 3 to Samba 4 at this stage, because there may be the features on -which you may rely that are not present, or the mapping of -your configuration and user database may not be complete. - -If you are upgrading, or looking to develop, test or deploy Samba4, you should -backup all configuration and data. - -We welcome your testing, please file bug reports at -https://bugzilla.samba.org/, product: Samba4. Please include as much -information as possible, such as GIT revision number and backtraces. diff --git a/NEWS4 b/NEWS4 deleted file mode 100644 index 8a63719a0e..0000000000 --- a/NEWS4 +++ /dev/null @@ -1,508 +0,0 @@ -This file aims to document the major changes since the latest released version -of Samba, 3.0. Samba 4.0 contains rewrites of several subsystems -and uses a different internal format for most data. Since this -file is an initial draft, please update missing items. - -One of the main goals of Samba 4 was Active Directory Domain Controller -support. This means Samba now implements several protocols that are required -by AD such as Kerberos and DNS. - -An (experimental) upgrade script that performs a one-way upgrade -from Samba 3 is available in source/setup/upgrade. - -Removal of nmbd and introduction of process models -================================================== -smbd now implements several network protocols other than just CIFS and -DCE/RPC. nmbd's functionality has been merged into smbd. smbd supports -various 'process models' that specify how concurrent connections are -handled (when to fork, use threads, etc). - -Introduction of LDB -=================== -Samba now stores most of its persistent data in a LDAP-like database -called LDB (see ldb(7) for more info). - -Removed SWAT -================== -Unlike previous versions, Samba4 does not provide a web interface at this time. - -Built-in KDC -============ -Samba4 ships with an integrated KDC (Kerberos Key Distribution -Center). Backed directly onto our main internal database, and -integrated with custom code to handle the PAC, Samba4's KDC is an -integral part of our support for AD logon protocols. - -Built-in LDAP Server -==================== -Like the situation with the KDC, Samba4 ships with it's own LDAP -server, included to provide simple, built-in LDAP services in an AD -(rather than distinctly standards) matching manner. The database is -LDB, and it shares that in common with the rest of Samba. - -Changed configuration options -============================= -Several configuration options have been removed in Samba4 while others have -been introduced. This section contains a summary of changes to smb.conf and -where these settings moved. Configuration options that have disappeared may be -re-added later when the functionality that uses them gets reimplemented in -Samba 4. - -The 'security' parameter has been split up. It is now only used to choose -between the 'user' and 'share' security levels (the latter is not supported -in Samba 4 yet). The other values of this option and the 'domain master' and -'domain logons' parameters have been merged into a 'server role' parameter -that can be either 'domain controller', 'member server' or 'standalone'. Note that -member server support does not work yet. - -The following parameters have been removed: -- passdb backend: accounts are now stored in a LDB-based SAM database, - see 'sam database' below. -- update encrypted -- public -- guest ok -- client schannel -- server schannel -- allow trusted domains -- hosts equiv -- map to guest -- smb passwd file -- algorithmic rid base -- root directory -- root dir -- root -- guest account -- enable privileges -- pam password change -- passwd program -- passwd chat debug -- passwd chat timeout -- check password script -- username map -- username level -- unix password sync -- restrict anonymous -- username -- user -- users -- invalid users -- valid users -- admin users -- read list -- write list -- printer admin -- force user -- force group -- group -- write ok -- writeable -- writable -- acl check permissions -- acl group control -- acl map full control -- create mask -- create mode -- force create mode -- security mask -- force security mode -- directory mask -- directory mode -- force directory mode -- directory security mask -- force directory security mode -- force unknown acl user -- inherit permissions -- inherit acls -- inherit owner -- guest only -- only guest -- only user -- allow hosts -- deny hosts -- preload modules -- use kerberos keytab -- syslog -- syslog only -- max log size -- debug timestamp -- timestamp logs -- debug hires timestamp -- debug pid -- debug uid -- allocation roundup size -- aio read size -- aio write size -- aio write behind -- large readwrite -- protocol -- read bmpx -- reset on zero vc -- acl compatibility -- defer sharing violations -- ea support -- nt acl support -- nt pipe support -- profile acls -- map acl inherit -- afs share -- max ttl -- client use spnego -- enable asu support -- svcctl list -- block size -- change notify timeout -- deadtime -- getwd cache -- keepalive -- kernel change notify -- lpq cache time -- max smbd processes -- max disk size -- max open files -- min print space -- strict allocate -- sync always -- use mmap -- use sendfile -- hostname lookups -- write cache size -- name cache timeout -- max reported print jobs -- load printers -- printcap cache time -- printcap name -- printcap -- printing -- cups options -- cups server -- iprint server -- print command -- disable spoolss -- enable spoolss -- lpq command -- lprm command -- lppause command -- lpresume command -- queuepause command -- queueresume command -- enumports command -- addprinter command -- deleteprinter command -- show add printer wizard -- os2 driver map -- use client driver -- default devmode -- force printername -- mangling method -- mangle prefix -- default case -- case sensitive -- casesignames -- preserve case -- short preserve case -- mangling char -- hide dot files -- hide special files -- hide unreadable -- hide unwriteable files -- delete veto files -- veto files -- hide files -- veto oplock files -- map readonly -- mangled names -- mangled map -- max stat cache size -- stat cache -- store dos attributes -- machine password timeout -- add user script -- rename user script -- delete user script -- add group script -- delete group script -- add user to group script -- delete user from group script -- set primary group script -- add machine script -- shutdown script -- abort shutdown script -- username map script -- logon script -- logon path -- logon drive -- logon home -- domain logons -- os level -- lm announce -- lm interval -- domain master -- browse list -- enhanced browsing -- wins proxy -- wins hook -- wins partners -- blocking locks -- fake oplocks -- kernel oplocks -- locking -- lock spin count -- lock spin time -- level2 oplocks -- oplock break wait time -- oplock contention limit -- posix locking -- share modes -- ldap server -- ldap port -- ldap admin dn -- ldap delete dn -- ldap group suffix -- ldap idmap suffix -- ldap machine suffix -- ldap passwd sync -- ldap password sync -- ldap replication sleep -- ldap suffix -- ldap ssl -- ldap timeout -- ldap page size -- ldap user suffix -- add share command -- change share command -- delete share command -- eventlog list -- utmp directory -- wtmp directory -- utmp -- default service -- default -- message command -- dfree cache time -- dfree command -- get quota command -- set quota command -- remote announce -- remote browse sync -- homedir map -- afs username map -- afs token lifetime -- log nt token command -- time offset -- NIS homedir -- preexec -- exec -- preexec close -- postexec -- root preexec -- root preexec close -- root postexec -- set directory -- wide links -- follow symlinks -- dont descend -- magic script -- magic output -- delete readonly -- dos filemode -- dos filetimes -- dos filetime resolution -- fake directory create times -- panic action -- vfs objects -- vfs object -- msdfs root -- msdfs proxy -- host msdfs -- enable rid algorithm -- passdb expand explicit -- idmap backend -- idmap uid -- winbind uid -- idmap gid -- winbind gid -- template homedir -- template shell -- winbind separator -- winbind cache time -- winbind enum users -- winbind enum groups -- winbind use default domain -- winbind trusted domains only -- winbind nested groups -- winbind max idle children -- winbind nss info - -The following parameters have been added: -+ rpc big endian (G) - Make Samba fake it is running on a bigendian machine when using DCE/RPC. - Useful for debugging. - - Default: no - -+ case insensitive filesystem (S) - Set to true if this share is located on a case-insensitive filesystem. - This disables looking for a filename by trying all possible combinations of - uppercase/lowercase characters and thus speeds up operations when a - file cannot be found. - - Default: no - -+ js include (G) - Path to JavaScript library. - - Default: Set at compile-time - -+ setup directory - Path to data used by provisioning script. - - Default: Set at compile-time - -+ ncalrpc dir - Directory to use for UNIX sockets used by the 'ncalrpc' DCE/RPC transport. - - Default: Set at compile-time - -+ ntvfs handler - Backend to the NT VFS to use (more than one can be specified). Available - backends include: - - - posix: - Maps POSIX FS semantics to NT semantics - - - simple: - Very simple backend (original testing backend). - - - unixuid: - Sets up user credentials based on POSIX gid/uid. - - - cifs: - Proxies a remote CIFS FS. Mainly useful for testing. - - - nbench: - Filter module that saves data useful to the nbench benchmark suite. - - - ipc: - Allows using SMB for inter process communication. Only used for - the IPC$ share. - - - print: - Allows printing over SMB. This is LANMAN-style printing (?), not - the be confused with the spoolss DCE/RPC interface used by later - versions of Windows. - - Default: unixuid default - -+ ntptr providor - FIXME - -+ dcerpc endpoint servers - What DCE/RPC servers to start. - - Default: epmapper srvsvc wkssvc rpcecho samr netlogon lsarpc spoolss drsuapi winreg dssetup - -+ server services - Services Samba should provide. - - Default: smb rpc nbt wrepl ldap cldap web kdc - -+ sam database - Location of the SAM (account database) database. This should be a - LDB URL. - - Default: set at compile-time - -+ spoolss database - Spoolss (printer) DCE/RPC server database. This should be a LDB URL. - - Default: set at compile-time - -+ wins config database - WINS configuration database location. This should be a LDB URL. - - Default: set at compile-time - -+ wins database - WINS database location. This should be a LDB URL. - - Default: set at compile-time - -+ client use spnego principal - Tells the client to use the Kerberos service principal specified by the - server during the security protocol negotation rather than - looking up the principal itself (cifs/hostname). - - Default: false - -+ nbt port - TCP/IP Port used by the NetBIOS over TCP/IP (NBT) implementation. - - Default: 137 - -+ dgram port - UDP/IP port used by the NetBIOS over TCP/IP (NBT) implementation. - - Default: 138 - -+ cldap port - UDP/IP port used by the CLDAP protocol. - - Default: 389 - -+ krb5 port - IP port used by the kerberos KDC. - - Default: 88 - -+ kpasswd port - IP port used by the kerberos password change protocol. - - Default: 464 - -+ web port - TCP/IP port SWAT should listen on. - - Default: 901 - -+ tls enabled - Enable TLS support for SWAT - - Default: true - -+ tls keyfile - Path to TLS key file (PEM format) to be used by SWAT. If no - path is specified, Samba will create a key. - - Default: none - -+ tls certfile - Path to TLS certificate file (PEM format) to be used by SWAT. If no - path is specified, Samba will create a certificate. - - Default: none - -+ tls cafile - Path to CA authority file Samba will use to sign TLS keys it generates. If - no path is specified, Samba will create a self-signed CA certificate. - - Default: none - -+ tls crlfile - Path to TLS certificate revocation lists file. - - Default: none - -+ swat directory - SWAT data directory. - - Default: set at compile-time - -+ large readwrite - Indicate the CIFS server is able to do large reads/writes. - - Default: true - -+ unicode - Enable/disable unicode support in the protocol. - - Default: true diff --git a/TODO4 b/TODO4 deleted file mode 100644 index 14df8a507a..0000000000 --- a/TODO4 +++ /dev/null @@ -1,278 +0,0 @@ -source/build/smb_build/TODO -source/lib/registry/TODO -source/lib/tdr/TODO -source/pidl/TODO - -- seperate adminlog mechanism (as opposed to the current DEBUG log, - which is not really aimed at administrators but more at developers) - Perhaps similar to eventlog so we can also use eventlog to retrieve the data? - -- testsuite for the 'net' tool - -- and a lot of other stuff - -Configuration options -===================== - -The following options don't exist in Samba4 yet -or are not converted by the upgrade script -or will be removed: - -- update encrypted -- public -- guest ok -- client schannel -- server schannel -- allow trusted domains -- hosts equiv -- map to guest -- algorithmic rid base -- root directory -- root dir -- root -- guest account -- enable privileges -- pam password change -- passwd program -- passwd chat debug -- passwd chat timeout -- check password script -- username map -- username level -- unix password sync -- restrict anonymous -- username -- user -- users -- invalid users -- valid users -- admin users -- read list -- write list -- printer admin -- force user -- force group -- group -- write ok -- writeable -- writable -- acl check permissions -- acl group control -- acl map full control -- create mask -- create mode -- force create mode -- security mask -- force security mode -- directory mask -- directory mode -- force directory mode -- directory security mask -- force directory security mode -- force unknown acl user -- inherit permissions -- inherit acls -- inherit owner -- guest only -- only guest -- only user -- allow hosts -- deny hosts -- preload modules -- use kerberos keytab -- syslog -- syslog only -- max log size -- debug timestamp -- timestamp logs -- debug hires timestamp -- debug pid -- debug uid -- allocation roundup size -- aio read size -- aio write size -- aio write behind -- large readwrite -- protocol -- read bmpx -- reset on zero vc -- acl compatibility -- defer sharing violations -- ea support -- nt acl support -- nt pipe support -- profile acls -- map acl inherit -- afs share -- max ttl -- client use spnego -- enable asu support -- svcctl list -- block size -- change notify timeout -- deadtime -- getwd cache -- keepalive -- kernel change notify -- lpq cache time -- max smbd processes -- max disk size -- max open files -- min print space -- strict allocate -- sync always -- use mmap -- use sendfile -- hostname lookups -- write cache size -- name cache timeout -- max reported print jobs -- load printers -- printcap cache time -- printcap name -- printcap -- printing -- cups options -- cups server -- iprint server -- print command -- disable spoolss -- enable spoolss -- lpq command -- lprm command -- lppause command -- lpresume command -- queuepause command -- queueresume command -- enumports command -- addprinter command -- deleteprinter command -- show add printer wizard -- os2 driver map -- use client driver -- default devmode -- force printername -- mangling method -- mangle prefix -- default case -- case sensitive -- casesignames -- preserve case -- short preserve case -- mangling char -- hide dot files -- hide special files -- hide unreadable -- hide unwriteable files -- delete veto files -- veto files -- hide files -- veto oplock files -- map readonly -- mangled names -- mangled map -- max stat cache size -- stat cache -- store dos attributes -- machine password timeout -- add user script -- rename user script -- delete user script -- add group script -- delete group script -- add user to group script -- delete user from group script -- set primary group script -- add machine script -- shutdown script -- abort shutdown script -- username map script -- logon script -- logon path -- logon drive -- logon home -- domain logons -- os level -- lm announce -- lm interval -- domain master -- browse list -- enhanced browsing -- wins proxy -- blocking locks -- fake oplocks -- kernel oplocks -- locking -- lock spin count -- lock spin time -- oplocks -- level2 oplocks -- oplock break wait time -- oplock contention limit -- posix locking -- share modes -- add share command -- change share command -- delete share command -- eventlog list -- utmp directory -- wtmp directory -- utmp -- default service -- default -- message command -- dfree cache time -- dfree command -- get quota command -- set quota command -- remote announce -- remote browse sync -- homedir map -- afs username map -- afs token lifetime -- log nt token command -- time offset -- NIS homedir -- preexec -- exec -- preexec close -- postexec -- root preexec -- root preexec close -- root postexec -- set directory -- wide links -- follow symlinks -- dont descend -- magic script -- magic output -- delete readonly -- dos filemode -- dos filetimes -- dos filetime resolution -- fake directory create times -- panic action -- vfs objects -- vfs object -- msdfs root -- msdfs proxy -- host msdfs -- enable rid algorithm -- passdb expand explicit -- idmap backend -- idmap uid -- winbind uid -- idmap gid -- winbind gid -- template homedir -- template shell -- winbind separator -- winbind cache time -- winbind enum users -- winbind enum groups -- winbind use default domain -- winbind trusted domains only -- winbind nested groups -- winbind max idle children -- winbind nss info - diff --git a/source4/BUGS b/source4/BUGS new file mode 100644 index 0000000000..1a9790ddd9 --- /dev/null +++ b/source4/BUGS @@ -0,0 +1,24 @@ +Samba4 alpha4 is not a final Samba release. That is more a reference +to Samba4's lack of the features we expect you will need than a +statement of code quality, but clearly it hasn't seen a broad +deployment yet. If you were to upgrade Samba3 (or indeed Windows) to +Samba4, you would find many things work, but that other key features +you may have relied on simply are not there yet. + +For example, while Samba 3.0 is an excellent member of a Active +Directory domain, Samba4 is happier as a domain controller, and it is +in this role where it has seen deployment into production. + +Samba4 is subjected to an awesome battery of tests on an +automated basis, we have found Samba4 to be very stable in it's +behaviour. We have to recommend against upgrading production servers +from Samba 3 to Samba 4 at this stage, because there may be the features on +which you may rely that are not present, or the mapping of +your configuration and user database may not be complete. + +If you are upgrading, or looking to develop, test or deploy Samba4, you should +backup all configuration and data. + +We welcome your testing, please file bug reports at +https://bugzilla.samba.org/, product: Samba4. Please include as much +information as possible, such as GIT revision number and backtraces. diff --git a/source4/NEWS b/source4/NEWS new file mode 100644 index 0000000000..8a63719a0e --- /dev/null +++ b/source4/NEWS @@ -0,0 +1,508 @@ +This file aims to document the major changes since the latest released version +of Samba, 3.0. Samba 4.0 contains rewrites of several subsystems +and uses a different internal format for most data. Since this +file is an initial draft, please update missing items. + +One of the main goals of Samba 4 was Active Directory Domain Controller +support. This means Samba now implements several protocols that are required +by AD such as Kerberos and DNS. + +An (experimental) upgrade script that performs a one-way upgrade +from Samba 3 is available in source/setup/upgrade. + +Removal of nmbd and introduction of process models +================================================== +smbd now implements several network protocols other than just CIFS and +DCE/RPC. nmbd's functionality has been merged into smbd. smbd supports +various 'process models' that specify how concurrent connections are +handled (when to fork, use threads, etc). + +Introduction of LDB +=================== +Samba now stores most of its persistent data in a LDAP-like database +called LDB (see ldb(7) for more info). + +Removed SWAT +================== +Unlike previous versions, Samba4 does not provide a web interface at this time. + +Built-in KDC +============ +Samba4 ships with an integrated KDC (Kerberos Key Distribution +Center). Backed directly onto our main internal database, and +integrated with custom code to handle the PAC, Samba4's KDC is an +integral part of our support for AD logon protocols. + +Built-in LDAP Server +==================== +Like the situation with the KDC, Samba4 ships with it's own LDAP +server, included to provide simple, built-in LDAP services in an AD +(rather than distinctly standards) matching manner. The database is +LDB, and it shares that in common with the rest of Samba. + +Changed configuration options +============================= +Several configuration options have been removed in Samba4 while others have +been introduced. This section contains a summary of changes to smb.conf and +where these settings moved. Configuration options that have disappeared may be +re-added later when the functionality that uses them gets reimplemented in +Samba 4. + +The 'security' parameter has been split up. It is now only used to choose +between the 'user' and 'share' security levels (the latter is not supported +in Samba 4 yet). The other values of this option and the 'domain master' and +'domain logons' parameters have been merged into a 'server role' parameter +that can be either 'domain controller', 'member server' or 'standalone'. Note that +member server support does not work yet. + +The following parameters have been removed: +- passdb backend: accounts are now stored in a LDB-based SAM database, + see 'sam database' below. +- update encrypted +- public +- guest ok +- client schannel +- server schannel +- allow trusted domains +- hosts equiv +- map to guest +- smb passwd file +- algorithmic rid base +- root directory +- root dir +- root +- guest account +- enable privileges +- pam password change +- passwd program +- passwd chat debug +- passwd chat timeout +- check password script +- username map +- username level +- unix password sync +- restrict anonymous +- username +- user +- users +- invalid users +- valid users +- admin users +- read list +- write list +- printer admin +- force user +- force group +- group +- write ok +- writeable +- writable +- acl check permissions +- acl group control +- acl map full control +- create mask +- create mode +- force create mode +- security mask +- force security mode +- directory mask +- directory mode +- force directory mode +- directory security mask +- force directory security mode +- force unknown acl user +- inherit permissions +- inherit acls +- inherit owner +- guest only +- only guest +- only user +- allow hosts +- deny hosts +- preload modules +- use kerberos keytab +- syslog +- syslog only +- max log size +- debug timestamp +- timestamp logs +- debug hires timestamp +- debug pid +- debug uid +- allocation roundup size +- aio read size +- aio write size +- aio write behind +- large readwrite +- protocol +- read bmpx +- reset on zero vc +- acl compatibility +- defer sharing violations +- ea support +- nt acl support +- nt pipe support +- profile acls +- map acl inherit +- afs share +- max ttl +- client use spnego +- enable asu support +- svcctl list +- block size +- change notify timeout +- deadtime +- getwd cache +- keepalive +- kernel change notify +- lpq cache time +- max smbd processes +- max disk size +- max open files +- min print space +- strict allocate +- sync always +- use mmap +- use sendfile +- hostname lookups +- write cache size +- name cache timeout +- max reported print jobs +- load printers +- printcap cache time +- printcap name +- printcap +- printing +- cups options +- cups server +- iprint server +- print command +- disable spoolss +- enable spoolss +- lpq command +- lprm command +- lppause command +- lpresume command +- queuepause command +- queueresume command +- enumports command +- addprinter command +- deleteprinter command +- show add printer wizard +- os2 driver map +- use client driver +- default devmode +- force printername +- mangling method +- mangle prefix +- default case +- case sensitive +- casesignames +- preserve case +- short preserve case +- mangling char +- hide dot files +- hide special files +- hide unreadable +- hide unwriteable files +- delete veto files +- veto files +- hide files +- veto oplock files +- map readonly +- mangled names +- mangled map +- max stat cache size +- stat cache +- store dos attributes +- machine password timeout +- add user script +- rename user script +- delete user script +- add group script +- delete group script +- add user to group script +- delete user from group script +- set primary group script +- add machine script +- shutdown script +- abort shutdown script +- username map script +- logon script +- logon path +- logon drive +- logon home +- domain logons +- os level +- lm announce +- lm interval +- domain master +- browse list +- enhanced browsing +- wins proxy +- wins hook +- wins partners +- blocking locks +- fake oplocks +- kernel oplocks +- locking +- lock spin count +- lock spin time +- level2 oplocks +- oplock break wait time +- oplock contention limit +- posix locking +- share modes +- ldap server +- ldap port +- ldap admin dn +- ldap delete dn +- ldap group suffix +- ldap idmap suffix +- ldap machine suffix +- ldap passwd sync +- ldap password sync +- ldap replication sleep +- ldap suffix +- ldap ssl +- ldap timeout +- ldap page size +- ldap user suffix +- add share command +- change share command +- delete share command +- eventlog list +- utmp directory +- wtmp directory +- utmp +- default service +- default +- message command +- dfree cache time +- dfree command +- get quota command +- set quota command +- remote announce +- remote browse sync +- homedir map +- afs username map +- afs token lifetime +- log nt token command +- time offset +- NIS homedir +- preexec +- exec +- preexec close +- postexec +- root preexec +- root preexec close +- root postexec +- set directory +- wide links +- follow symlinks +- dont descend +- magic script +- magic output +- delete readonly +- dos filemode +- dos filetimes +- dos filetime resolution +- fake directory create times +- panic action +- vfs objects +- vfs object +- msdfs root +- msdfs proxy +- host msdfs +- enable rid algorithm +- passdb expand explicit +- idmap backend +- idmap uid +- winbind uid +- idmap gid +- winbind gid +- template homedir +- template shell +- winbind separator +- winbind cache time +- winbind enum users +- winbind enum groups +- winbind use default domain +- winbind trusted domains only +- winbind nested groups +- winbind max idle children +- winbind nss info + +The following parameters have been added: ++ rpc big endian (G) + Make Samba fake it is running on a bigendian machine when using DCE/RPC. + Useful for debugging. + + Default: no + ++ case insensitive filesystem (S) + Set to true if this share is located on a case-insensitive filesystem. + This disables looking for a filename by trying all possible combinations of + uppercase/lowercase characters and thus speeds up operations when a + file cannot be found. + + Default: no + ++ js include (G) + Path to JavaScript library. + + Default: Set at compile-time + ++ setup directory + Path to data used by provisioning script. + + Default: Set at compile-time + ++ ncalrpc dir + Directory to use for UNIX sockets used by the 'ncalrpc' DCE/RPC transport. + + Default: Set at compile-time + ++ ntvfs handler + Backend to the NT VFS to use (more than one can be specified). Available + backends include: + + - posix: + Maps POSIX FS semantics to NT semantics + + - simple: + Very simple backend (original testing backend). + + - unixuid: + Sets up user credentials based on POSIX gid/uid. + + - cifs: + Proxies a remote CIFS FS. Mainly useful for testing. + + - nbench: + Filter module that saves data useful to the nbench benchmark suite. + + - ipc: + Allows using SMB for inter process communication. Only used for + the IPC$ share. + + - print: + Allows printing over SMB. This is LANMAN-style printing (?), not + the be confused with the spoolss DCE/RPC interface used by later + versions of Windows. + + Default: unixuid default + ++ ntptr providor + FIXME + ++ dcerpc endpoint servers + What DCE/RPC servers to start. + + Default: epmapper srvsvc wkssvc rpcecho samr netlogon lsarpc spoolss drsuapi winreg dssetup + ++ server services + Services Samba should provide. + + Default: smb rpc nbt wrepl ldap cldap web kdc + ++ sam database + Location of the SAM (account database) database. This should be a + LDB URL. + + Default: set at compile-time + ++ spoolss database + Spoolss (printer) DCE/RPC server database. This should be a LDB URL. + + Default: set at compile-time + ++ wins config database + WINS configuration database location. This should be a LDB URL. + + Default: set at compile-time + ++ wins database + WINS database location. This should be a LDB URL. + + Default: set at compile-time + ++ client use spnego principal + Tells the client to use the Kerberos service principal specified by the + server during the security protocol negotation rather than + looking up the principal itself (cifs/hostname). + + Default: false + ++ nbt port + TCP/IP Port used by the NetBIOS over TCP/IP (NBT) implementation. + + Default: 137 + ++ dgram port + UDP/IP port used by the NetBIOS over TCP/IP (NBT) implementation. + + Default: 138 + ++ cldap port + UDP/IP port used by the CLDAP protocol. + + Default: 389 + ++ krb5 port + IP port used by the kerberos KDC. + + Default: 88 + ++ kpasswd port + IP port used by the kerberos password change protocol. + + Default: 464 + ++ web port + TCP/IP port SWAT should listen on. + + Default: 901 + ++ tls enabled + Enable TLS support for SWAT + + Default: true + ++ tls keyfile + Path to TLS key file (PEM format) to be used by SWAT. If no + path is specified, Samba will create a key. + + Default: none + ++ tls certfile + Path to TLS certificate file (PEM format) to be used by SWAT. If no + path is specified, Samba will create a certificate. + + Default: none + ++ tls cafile + Path to CA authority file Samba will use to sign TLS keys it generates. If + no path is specified, Samba will create a self-signed CA certificate. + + Default: none + ++ tls crlfile + Path to TLS certificate revocation lists file. + + Default: none + ++ swat directory + SWAT data directory. + + Default: set at compile-time + ++ large readwrite + Indicate the CIFS server is able to do large reads/writes. + + Default: true + ++ unicode + Enable/disable unicode support in the protocol. + + Default: true diff --git a/source4/TODO b/source4/TODO new file mode 100644 index 0000000000..5efebed1b3 --- /dev/null +++ b/source4/TODO @@ -0,0 +1,278 @@ +build/smb_build/TODO +lib/registry/TODO +lib/tdr/TODO +pidl/TODO + +- seperate adminlog mechanism (as opposed to the current DEBUG log, + which is not really aimed at administrators but more at developers) + Perhaps similar to eventlog so we can also use eventlog to retrieve the data? + +- testsuite for the 'net' tool + +- and a lot of other stuff + +Configuration options +===================== + +The following options don't exist in Samba4 yet +or are not converted by the upgrade script +or will be removed: + +- update encrypted +- public +- guest ok +- client schannel +- server schannel +- allow trusted domains +- hosts equiv +- map to guest +- algorithmic rid base +- root directory +- root dir +- root +- guest account +- enable privileges +- pam password change +- passwd program +- passwd chat debug +- passwd chat timeout +- check password script +- username map +- username level +- unix password sync +- restrict anonymous +- username +- user +- users +- invalid users +- valid users +- admin users +- read list +- write list +- printer admin +- force user +- force group +- group +- write ok +- writeable +- writable +- acl check permissions +- acl group control +- acl map full control +- create mask +- create mode +- force create mode +- security mask +- force security mode +- directory mask +- directory mode +- force directory mode +- directory security mask +- force directory security mode +- force unknown acl user +- inherit permissions +- inherit acls +- inherit owner +- guest only +- only guest +- only user +- allow hosts +- deny hosts +- preload modules +- use kerberos keytab +- syslog +- syslog only +- max log size +- debug timestamp +- timestamp logs +- debug hires timestamp +- debug pid +- debug uid +- allocation roundup size +- aio read size +- aio write size +- aio write behind +- large readwrite +- protocol +- read bmpx +- reset on zero vc +- acl compatibility +- defer sharing violations +- ea support +- nt acl support +- nt pipe support +- profile acls +- map acl inherit +- afs share +- max ttl +- client use spnego +- enable asu support +- svcctl list +- block size +- change notify timeout +- deadtime +- getwd cache +- keepalive +- kernel change notify +- lpq cache time +- max smbd processes +- max disk size +- max open files +- min print space +- strict allocate +- sync always +- use mmap +- use sendfile +- hostname lookups +- write cache size +- name cache timeout +- max reported print jobs +- load printers +- printcap cache time +- printcap name +- printcap +- printing +- cups options +- cups server +- iprint server +- print command +- disable spoolss +- enable spoolss +- lpq command +- lprm command +- lppause command +- lpresume command +- queuepause command +- queueresume command +- enumports command +- addprinter command +- deleteprinter command +- show add printer wizard +- os2 driver map +- use client driver +- default devmode +- force printername +- mangling method +- mangle prefix +- default case +- case sensitive +- casesignames +- preserve case +- short preserve case +- mangling char +- hide dot files +- hide special files +- hide unreadable +- hide unwriteable files +- delete veto files +- veto files +- hide files +- veto oplock files +- map readonly +- mangled names +- mangled map +- max stat cache size +- stat cache +- store dos attributes +- machine password timeout +- add user script +- rename user script +- delete user script +- add group script +- delete group script +- add user to group script +- delete user from group script +- set primary group script +- add machine script +- shutdown script +- abort shutdown script +- username map script +- logon script +- logon path +- logon drive +- logon home +- domain logons +- os level +- lm announce +- lm interval +- domain master +- browse list +- enhanced browsing +- wins proxy +- blocking locks +- fake oplocks +- kernel oplocks +- locking +- lock spin count +- lock spin time +- oplocks +- level2 oplocks +- oplock break wait time +- oplock contention limit +- posix locking +- share modes +- add share command +- change share command +- delete share command +- eventlog list +- utmp directory +- wtmp directory +- utmp +- default service +- default +- message command +- dfree cache time +- dfree command +- get quota command +- set quota command +- remote announce +- remote browse sync +- homedir map +- afs username map +- afs token lifetime +- log nt token command +- time offset +- NIS homedir +- preexec +- exec +- preexec close +- postexec +- root preexec +- root preexec close +- root postexec +- set directory +- wide links +- follow symlinks +- dont descend +- magic script +- magic output +- delete readonly +- dos filemode +- dos filetimes +- dos filetime resolution +- fake directory create times +- panic action +- vfs objects +- vfs object +- msdfs root +- msdfs proxy +- host msdfs +- enable rid algorithm +- passdb expand explicit +- idmap backend +- idmap uid +- winbind uid +- idmap gid +- winbind gid +- template homedir +- template shell +- winbind separator +- winbind cache time +- winbind enum users +- winbind enum groups +- winbind use default domain +- winbind trusted domains only +- winbind nested groups +- winbind max idle children +- winbind nss info + -- cgit