diff options
author | Andrew Bartlett <abartlet@samba.org> | 2016-12-23 13:55:30 +1300 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2016-12-24 17:16:06 +0100 |
commit | 5aa00d92ad31a241376263029318182165ee6707 (patch) | |
tree | 0a711545d2dcb1d320a5f34535f1d0ff3b2bd27d /WHATSNEW.txt | |
parent | 77b51ba2f25e074bb57fb865d4fcf55243518568 (diff) | |
download | samba-5aa00d92ad31a241376263029318182165ee6707.tar.gz |
WHATSNEW: Add text for AD DC changes
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Diffstat (limited to 'WHATSNEW.txt')
-rw-r--r-- | WHATSNEW.txt | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/WHATSNEW.txt b/WHATSNEW.txt index f542a5bac25..b51279688fb 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -81,6 +81,48 @@ A new option, "unix only", enables this feature only for the UNIX owner of the file, not affecting the SID owner in the Windows NT ACL of the file. This can be used to emulate something very similar to folder quotas. +Multi-process Netlogon support +------------------------------ + +The Netlogon server in the Samba AD DC can now run as multiple +processes. The Netlogon server is a part of the AD DC that handles +NTLM authentication on behalf of domain members, including file +servers, NTLM-authenticated web servers and 802.1x gateways. The +previous restriction to running as a single process has been removed, +and it will now run in the same process model as the rest of the +'samba' binary. + +As part of this change, the NETLOGON service will now run on a distinct +TCP port, rather than being shared with all other RPC services (LSA, +SAMR, DRSUAPI etc). + +new options for controlling TCP ports used for RPC services +----------------------------------------------------------- + +The new 'rpc server port' option controls the default port used for +RPC services other than Netlogon. The Netlogon server honours instead +the 'rpc server port:netlogon' option. The default value for both +these options is the first available port including or after 1024. + +Improve AD performance and replication improvements +--------------------------------------------------- + +Samba's LDB and replication code continues to improve, particularly in +respect to the handling of large numbers of linked attributes. We now +respect an 'uptodateness vector' which will dramatically reduce the +over-replication of links from new DCs. We have also made the parsing +of on-disk linked attributes much more efficient. + +DNS improvements +--------------------------- + +The samba-tool dns subcommand is now much more robust and can delete +records in a number of situations where it was not possible to do so +in the past. + +On the server side, DNS names are now more strictly validated. + + CTDB changes ------------ @@ -145,6 +187,8 @@ smb.conf changes kerberos encryption types New all inherit owner New option fruit:resource Spelling correction + lsa over netlogon New (deprecated) no + rpc server port New 0 KNOWN ISSUES |