summaryrefslogtreecommitdiff
path: root/WHATSNEW.txt
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2016-12-23 13:55:30 +1300
committerStefan Metzmacher <metze@samba.org>2016-12-24 17:16:06 +0100
commit5aa00d92ad31a241376263029318182165ee6707 (patch)
tree0a711545d2dcb1d320a5f34535f1d0ff3b2bd27d /WHATSNEW.txt
parent77b51ba2f25e074bb57fb865d4fcf55243518568 (diff)
downloadsamba-5aa00d92ad31a241376263029318182165ee6707.tar.gz
WHATSNEW: Add text for AD DC changes
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Diffstat (limited to 'WHATSNEW.txt')
-rw-r--r--WHATSNEW.txt44
1 files changed, 44 insertions, 0 deletions
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index f542a5bac25..b51279688fb 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -81,6 +81,48 @@ A new option, "unix only", enables this feature only for the UNIX owner
of the file, not affecting the SID owner in the Windows NT ACL of the
file. This can be used to emulate something very similar to folder quotas.
+Multi-process Netlogon support
+------------------------------
+
+The Netlogon server in the Samba AD DC can now run as multiple
+processes. The Netlogon server is a part of the AD DC that handles
+NTLM authentication on behalf of domain members, including file
+servers, NTLM-authenticated web servers and 802.1x gateways. The
+previous restriction to running as a single process has been removed,
+and it will now run in the same process model as the rest of the
+'samba' binary.
+
+As part of this change, the NETLOGON service will now run on a distinct
+TCP port, rather than being shared with all other RPC services (LSA,
+SAMR, DRSUAPI etc).
+
+new options for controlling TCP ports used for RPC services
+-----------------------------------------------------------
+
+The new 'rpc server port' option controls the default port used for
+RPC services other than Netlogon. The Netlogon server honours instead
+the 'rpc server port:netlogon' option. The default value for both
+these options is the first available port including or after 1024.
+
+Improve AD performance and replication improvements
+---------------------------------------------------
+
+Samba's LDB and replication code continues to improve, particularly in
+respect to the handling of large numbers of linked attributes. We now
+respect an 'uptodateness vector' which will dramatically reduce the
+over-replication of links from new DCs. We have also made the parsing
+of on-disk linked attributes much more efficient.
+
+DNS improvements
+---------------------------
+
+The samba-tool dns subcommand is now much more robust and can delete
+records in a number of situations where it was not possible to do so
+in the past.
+
+On the server side, DNS names are now more strictly validated.
+
+
CTDB changes
------------
@@ -145,6 +187,8 @@ smb.conf changes
kerberos encryption types New all
inherit owner New option
fruit:resource Spelling correction
+ lsa over netlogon New (deprecated) no
+ rpc server port New 0
KNOWN ISSUES