summaryrefslogtreecommitdiff
path: root/WHATSNEW.txt
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2017-03-27 13:17:35 +1300
committerAndrew Bartlett <abartlet@samba.org>2017-03-29 06:35:12 +0200
commit12cd7ab60a1d2cf891c061652fbcad6f8fed56d1 (patch)
treed9b0889656fb74355219b4a2c2bd5b345810b9fb /WHATSNEW.txt
parent49f3a92cb3e23c2233c1a35b7adfc89e667b0420 (diff)
downloadsamba-12cd7ab60a1d2cf891c061652fbcad6f8fed56d1.tar.gz
WHATSNEW: Add entry for auth audit
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Mar 29 06:35:12 CEST 2017 on sn-devel-144
Diffstat (limited to 'WHATSNEW.txt')
-rw-r--r--WHATSNEW.txt20
1 files changed, 19 insertions, 1 deletions
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index cda61ef720b..4216c4f2759 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -22,13 +22,31 @@ obey client requests to synchronize unwritten data in operating
system buffers safely onto disk. This is a safer default setting
for modern SMB1/2/3 clients.
+Authentication and Authorization audit support
+----------------------------------------------
+
+Detailed authentication and authorization audit information is now
+logged to Samba's debug logs under the "auth_audit" debug class,
+including in particular the client IP address triggering the audit
+line. Additionally, if Samba is compiled against the jansson JSON
+library, a JSON representation is logged under the "auth_json_audit"
+debug class.
+
+Audit support is comprehensive for all authentication and
+authorisation of user accounts in the Samba Active Directory Domain
+Controller, as well as the implicit authentication in password
+changes. In the file server and classic/NT4 domain controller, NTLM
+authentication, SMB and RPC authorization is covered, however password
+changes are not at this stage, and this support is not currently
+backed by a testsuite.
+
smb.conf changes
================
Parameter Name Description Default
-------------- ----------- -------
strict sync Default changed yes
-
+ auth event notification New parameter no
KNOWN ISSUES
============