Changeset 204 for branches/samba-3.2.x/docs/htmldocs/Samba3-HOWTO/ChangeNotes.html

Timestamp:

May 20, 2009, 6:46:53 PM (16 years ago)

Author:

Herwig Bauernfeind

Message:

Update 3.2 branch to 3.2.4

File:

• branches/samba-3.2.x/docs/htmldocs/Samba3-HOWTO/ChangeNotes.html (modified) (10 diffs)

branches/samba-3.2.x/docs/htmldocs/Samba3-HOWTO/ChangeNotes.html

@@ -1 @@
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter 9. Important and Critical Change Notes for the Samba 3.x Series</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.73.1"><link rel="start" href="index.html" title="The Official Samba 3.2.x HOWTO and Reference Guide"><link rel="up" href="optional.html" title="Part III. Advanced Configuration"><link rel="prev" href="optional.html" title="Part III. Advanced Configuration"><link rel="next" href="NetworkBrowsing.html" title="Chapter 10. Network Browsing"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 9. Important and Critical Change Notes for the Samba 3.x Series</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="optional.html">Prev</a> </td><th width="60%" align="center">Part III. Advanced Configuration</th><td width="20%" align="right"> <a accesskey="n" href="NetworkBrowsing.html">Next</a></td></tr></table><hr></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="ChangeNotes"></a>Chapter 9. Important and Critical Change Notes for the Samba 3.x Series</h2></div><div><div class="author"><h3 class="author"><span class="firstname">John</span> <span class="othername">H.</span> <span class="surname">Terpstra</span></h3><div class="affiliation"><span class="orgname">Samba Team<br></span><div class="address"><p><code class="email">&lt;<a class="email" href="mailto:jht@samba.org">jht@samba.org</a>&gt;</code></p></div></div></div></div><div><div class="author"><h3 class="author"><span class="firstname">Gerald</span> <span class="othername">(Jerry)</span> <span class="surname">Carter</span></h3><div class="affiliation"><span class="orgname">Samba Team<br></span><div class="address"><p><code class="email">&lt;<a class="email" href="mailto:jerry@samba.org">jerry@samba.org</a>&gt;</code></p></div></div></div></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="ChangeNotes.html#id2571646">Important Samba-3.2.x Change Notes</a></span></dt><dt><span class="sect1"><a href="ChangeNotes.html#id2571658">Important Samba-3.0.x Change Notes</a></span></dt><dd><dl><dt><span class="sect2"><a href="ChangeNotes.html#id2571717">User and Group Changes</a></span></dt><dt><span class="sect2"><a href="ChangeNotes.html#id2572028">Essential Group Mappings</a></span></dt><dt><span class="sect2"><a href="ChangeNotes.html#id2572149">Passdb Changes</a></span></dt><dt><span class="sect2"><a href="ChangeNotes.html#id2572209">Group Mapping Changes in Samba-3.0.23</a></span></dt><dt><span class="sect2"><a href="ChangeNotes.html#id2572329">LDAP Changes in Samba-3.0.23</a></span></dt></dl></dd></dl></div><p>
+<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter 9. Important and Critical Change Notes for the Samba 3.x Series</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.73.1"><link rel="start" href="index.html" title="The Official Samba 3.2.x HOWTO and Reference Guide"><link rel="up" href="optional.html" title="Part III. Advanced Configuration"><link rel="prev" href="optional.html" title="Part III. Advanced Configuration"><link rel="next" href="NetworkBrowsing.html" title="Chapter 10. Network Browsing"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 9. Important and Critical Change Notes for the Samba 3.x Series</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="optional.html">Prev</a> </td><th width="60%" align="center">Part III. Advanced Configuration</th><td width="20%" align="right"> <a accesskey="n" href="NetworkBrowsing.html">Next</a></td></tr></table><hr></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="ChangeNotes"></a>Chapter 9. Important and Critical Change Notes for the Samba 3.x Series</h2></div><div><div class="author"><h3 class="author"><span class="firstname">John</span> <span class="othername">H.</span> <span class="surname">Terpstra</span></h3><div class="affiliation"><span class="orgname">Samba Team<br></span><div class="address"><p><code class="email">&lt;<a class="email" href="mailto:jht@samba.org">jht@samba.org</a>&gt;</code></p></div></div></div></div><div><div class="author"><h3 class="author"><span class="firstname">Gerald</span> <span class="othername">(Jerry)</span> <span class="surname">Carter</span></h3><div class="affiliation"><span class="orgname">Samba Team<br></span><div class="address"><p><code class="email">&lt;<a class="email" href="mailto:jerry@samba.org">jerry@samba.org</a>&gt;</code></p></div></div></div></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="ChangeNotes.html#id2571660">Important Samba-3.2.x Change Notes</a></span></dt><dt><span class="sect1"><a href="ChangeNotes.html#id2571671">Important Samba-3.0.x Change Notes</a></span></dt><dd><dl><dt><span class="sect2"><a href="ChangeNotes.html#id2571731">User and Group Changes</a></span></dt><dt><span class="sect2"><a href="ChangeNotes.html#id2572042">Essential Group Mappings</a></span></dt><dt><span class="sect2"><a href="ChangeNotes.html#id2572162">Passdb Changes</a></span></dt><dt><span class="sect2"><a href="ChangeNotes.html#id2572222">Group Mapping Changes in Samba-3.0.23</a></span></dt><dt><span class="sect2"><a href="ChangeNotes.html#id2572343">LDAP Changes in Samba-3.0.23</a></span></dt></dl></dd></dl></div><p>
 Please read this chapter carefully before update or upgrading Samba.  You should expect to find only critical
 or very important information here. Comprehensive change notes and guidance information can be found in the
 section <a class="link" href="upgrading-to-3.0.html" title="Chapter 35. Updating and Upgrading Samba">Updating and Upgrading Samba</a>.
-</p><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2571646"></a>Important Samba-3.2.x Change Notes</h2></div></div></div><p>
+</p><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2571660"></a>Important Samba-3.2.x Change Notes</h2></div></div></div><p>
 !!!!!!!!!!!!Add all critical update notes here!!!!!!!!!!!!!
-</p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2571658"></a>Important Samba-3.0.x Change Notes</h2></div></div></div><p>
+</p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2571671"></a>Important Samba-3.0.x Change Notes</h2></div></div></div><p>
 These following notes pertain in particular to Samba 3.0.23 through Samba 3.0.25c (or more recent 3.0.25
 update).  Samba is a fluid and ever changing project. Changes throughout the 3.0.x series release are
@@ -22 +22 @@
 This chapter is new to the release of the HOWTO for Samba 3.0.23. It includes much of the notes provided
 in the <code class="filename">WHATSNEW.txt</code> file that is included with the Samba source code release tarball.
-</p><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2571717"></a>User and Group Changes</h3></div></div></div><p>
+</p><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2571731"></a>User and Group Changes</h3></div></div></div><p>
 The change documented here affects unmapped user and group accounts only.
 </p><p>
-<a class="indexterm" name="id2571730"></a>
-<a class="indexterm" name="id2571737"></a>
 <a class="indexterm" name="id2571743"></a>
-<a class="indexterm" name="id2571753"></a>
-<a class="indexterm" name="id2571762"></a>
+<a class="indexterm" name="id2571750"></a>
+<a class="indexterm" name="id2571757"></a>
+<a class="indexterm" name="id2571766"></a>
+<a class="indexterm" name="id2571775"></a>
 The user and group internal management routines have been rewritten to prevent overlaps of
 assigned Relative Identifiers (RIDs).  In the past the has been a potential problem when
@@ -36 +36 @@
 <code class="literal">net rpc vampire</code>.
 </p><p>
-<a class="indexterm" name="id2571793"></a>
-<a class="indexterm" name="id2571799"></a>
 <a class="indexterm" name="id2571806"></a>
-<a class="indexterm" name="id2571812"></a>
+<a class="indexterm" name="id2571813"></a>
+<a class="indexterm" name="id2571820"></a>
+<a class="indexterm" name="id2571826"></a>
 Unmapped users are now assigned a SID in the <code class="literal">S-1-22-1</code> domain and unmapped
 groups are assigned a SID in the <code class="literal">S-1-22-2</code> domain.  Previously they were
@@ -46 +46 @@
 been under the authority of the local SAM (see the man page for <code class="literal">net getlocalsid</code>).
 </p><p>
-<a class="indexterm" name="id2571849"></a>
-<a class="indexterm" name="id2571856"></a>
 <a class="indexterm" name="id2571863"></a>
-<a class="indexterm" name="id2571869"></a>
+<a class="indexterm" name="id2571870"></a>
 <a class="indexterm" name="id2571876"></a>
+<a class="indexterm" name="id2571883"></a>
+<a class="indexterm" name="id2571890"></a>
 The result is that any unmapped users or groups on an upgraded Samba domain controller may
 be assigned a new SID.  Because the SID rather than a name is stored in Windows security
@@ -60 +60 @@
 An example helps to illustrate the change:
 </p><p>
-<a class="indexterm" name="id2571899"></a>
-<a class="indexterm" name="id2571906"></a>
 <a class="indexterm" name="id2571912"></a>
 <a class="indexterm" name="id2571919"></a>
+<a class="indexterm" name="id2571926"></a>
+<a class="indexterm" name="id2571932"></a>
 Assume that a group named <span class="emphasis"><em>developers</em></span> exists with a UNIX GID of 782. In this
 case this user does not exist in Samba's group mapping table. It would be perfectly normal for
@@ -69 +69 @@
 <code class="literal">S-1-5-21-647511796-4126122067-3123570092-2565</code>.
 </p><p>
-<a class="indexterm" name="id2571943"></a>
-<a class="indexterm" name="id2571949"></a>
 <a class="indexterm" name="id2571956"></a>
 <a class="indexterm" name="id2571963"></a>
+<a class="indexterm" name="id2571970"></a>
+<a class="indexterm" name="id2571976"></a>
 With the release of Samba-3.0.23, the group SID would be reported as <code class="literal">S-1-22-2-782</code>.  Any
 security descriptors associated with files stored on a Windows NTFS disk partition will not allow access based
@@ -80 +80 @@
 even though both SIDs in some respect refer to the same UNIX group.
 </p><p>
-<a class="indexterm" name="id2571999"></a>
-<a class="indexterm" name="id2572006"></a>
+<a class="indexterm" name="id2572013"></a>
+<a class="indexterm" name="id2572020"></a>
 The workaround for versions of Samba prior to 3.0.23, is to create a manual domain group mapping
 entry for the group <span class="emphasis"><em>developers</em></span> to point at the
 <code class="literal">S-1-5-21-647511796-4126122067-3123570092-2565</code> SID. With the release of Samba-3.0.23 this
 workaround is no longer needed.
-</p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2572028"></a>Essential Group Mappings</h3></div></div></div><p>
+</p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2572042"></a>Essential Group Mappings</h3></div></div></div><p>
 Samba 3.0.x series  releases before 3.0.23 automatically created group mappings for the essential Windows
 domain groups <code class="literal">Domain Admins, Domain Users, Domain Guests</code>. Commencing with Samba 3.0.23
@@ -103 +103 @@
 For further information regarding group mappings see <a class="link" href="groupmapping.html" title="Chapter 12. Group Mapping: MS Windows and UNIX">Group Mapping: MS Windows
 and UNIX</a>.
-</p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2572149"></a>Passdb Changes</h3></div></div></div><p>
-<a class="indexterm" name="id2572156"></a>
-<a class="indexterm" name="id2572163"></a>
+</p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2572162"></a>Passdb Changes</h3></div></div></div><p>
 <a class="indexterm" name="id2572170"></a>
 <a class="indexterm" name="id2572177"></a>
+<a class="indexterm" name="id2572183"></a>
+<a class="indexterm" name="id2572190"></a>
 The <a class="link" href="smb.conf.5.html#PASSDBBACKEND">passdb backend</a> parameter no long accepts multiple passdb backends in a
 chained configuration.  Also be aware that the SQL and XML based passdb modules have been
 removed in the Samba-3.0.23 release.  More information regarding external support for a SQL
 passdb module can be found on the  <a class="ulink" href="http://pdbsql.sourceforge.net/" target="_top">pdbsql</a> web site.
-</p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2572209"></a>Group Mapping Changes in Samba-3.0.23</h3></div></div></div><p>
-<a class="indexterm" name="id2572216"></a>
-<a class="indexterm" name="id2572223"></a>
+</p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2572222"></a>Group Mapping Changes in Samba-3.0.23</h3></div></div></div><p>
 <a class="indexterm" name="id2572230"></a>
 <a class="indexterm" name="id2572237"></a>
@@ -121 +119 @@
 <a class="indexterm" name="id2572257"></a>
 <a class="indexterm" name="id2572264"></a>
-<a class="indexterm" name="id2572270"></a>
-<a class="indexterm" name="id2572277"></a>
+<a class="indexterm" name="id2572271"></a>
+<a class="indexterm" name="id2572278"></a>
 <a class="indexterm" name="id2572284"></a>
+<a class="indexterm" name="id2572291"></a>
+<a class="indexterm" name="id2572298"></a>
 The default mapping entries for groups such as <code class="literal">Domain Admins</code> are no longer
 created when using an <code class="literal">smbpasswd</code> file or a <code class="literal">tdbsam</code> passdb
@@ -130 +130 @@
 Windows group SID to UNIX GID mappings.  This change has no effect on winbindd's IDMAP functionality
 for domain groups.
-</p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2572329"></a>LDAP Changes in Samba-3.0.23</h3></div></div></div><p>
-<a class="indexterm" name="id2572337"></a>
-<a class="indexterm" name="id2572344"></a>
+</p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2572343"></a>LDAP Changes in Samba-3.0.23</h3></div></div></div><p>
 <a class="indexterm" name="id2572351"></a>
 <a class="indexterm" name="id2572358"></a>
 <a class="indexterm" name="id2572364"></a>
+<a class="indexterm" name="id2572371"></a>
+<a class="indexterm" name="id2572378"></a>
 There has been a minor update the Samba LDAP schema file. A substring matching rule has been
 added to the <code class="literal">sambaSID</code> attribute definition.  For OpenLDAP servers, this