WHATSNEW: document changed wbinfo -m --verbose output

Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
author: Ralph Boehme <slow@samba.org> 2018-03-01 12:10:56 +0100
committer: Karolin Seeger <kseeger@samba.org> 2018-03-01 20:35:11 +0100
commit: 0486f44b76cbcaf3f843cb4d6e0d0003e87d6781 (patch)
tree: bf842b4b16e5b43bf6cb7f47e7e01a90f0990531 /WHATSNEW.txt
parent: c76d2e06fd1e9d71cedcc297a6db0cffb71ee64c (diff)
download: samba-0486f44b76cbcaf3f843cb4d6e0d0003e87d6781.tar.gz
1 files changed, 44 insertions, 0 deletions
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index de488050817..0b22a6b0b10 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -27,6 +27,10 @@ smbclient reparse point symlink parameters reversed
 
 See the more detailed description below.
 
+Changed trusted domains listing with wbinfo -m --verbose
+--------------------------------------------------------
+
+See the more detailed description below.
 
 NEW FEATURES/CHANGES
 ====================
@@ -195,6 +199,46 @@ However there are currently still a few limitations:
   not supported. It's possible to create such a trust,
   but the KDC and winbindd ignore them.
 
+Changed trusted domains listing with wbinfo -m --verbose
+--------------------------------------------------------
+
+The trust properties printed by wbinfo -m --verbose have been changed to
+correctly reflect the view of the system where wbinfo is executed.
+
+The trust type field in particular can show additional values that correctly
+reflect the type of the trust: "Local" for the local SAM and BUILTIN,
+"Workstation" for a workstation trust to the primary domain, "RWDC" for the SAM
+on a AD DC, "RODC" for the SAM on a read-only DC, "PDC" for the SAM on a
+NT4-style DC, "Forest" for a AD forest trust and "External" for quarantined,
+external or NT4-style trusts.
+
+Indirect trusts are shown as "Routed" including the routing domain.
+
+Example, on a AD DC (SDOM1):
+
+Domain Name DNS Domain          Trust Type  Transitive  In   Out
+BUILTIN                         Local
+SDOM1       sdom1.site          RWDC
+WDOM3       wdom3.site          Forest      Yes         No   Yes
+WDOM2       wdom2.site          Forest      Yes         Yes  Yes
+SUBDOM31    subdom31.wdom3.site Routed (via WDOM3)
+SUBDOM21    subdom21.wdom2.site Routed (via WDOM2)
+
+Same setup, on a member of WDOM2:
+
+Domain Name DNS Domain          Trust Type  Transitive  In   Out
+BUILTIN                         Local
+TITAN                           Local
+WDOM2       wdom2.site          Workstation Yes         No   Yes
+WDOM1       wdom1.site          Routed (via WDOM2)
+WDOM3       wdom3.site          Routed (via WDOM2)
+SUBDOM21    subdom21.wdom2.site Routed (via WDOM2)
+SDOM1       sdom1.site          Routed (via WDOM2)
+SUBDOM11    subdom11.wdom1.site Routed (via WDOM2)
+
+The list of trusts may be incomplete and additional domains may appear as
+"Routed" if a user of an unknown domain is successfully authenticated.
+
 VirusFilter VFS module
 ----------------------
author	Ralph Boehme <slow@samba.org>	2018-03-01 12:10:56 +0100
committer	Karolin Seeger <kseeger@samba.org>	2018-03-01 20:35:11 +0100
commit	0486f44b76cbcaf3f843cb4d6e0d0003e87d6781 (patch)
tree	bf842b4b16e5b43bf6cb7f47e7e01a90f0990531 /WHATSNEW.txt
parent	c76d2e06fd1e9d71cedcc297a6db0cffb71ee64c (diff)
download	samba-0486f44b76cbcaf3f843cb4d6e0d0003e87d6781.tar.gz