Samba 4.0 released - The First Free Software Active Directory Compatible Server.
Release Announcements
---------------------
This is is the first stable release of Samba 4.0.
This release contains the best of all of Samba's technology parts, both a file server (that you can reasonably
expect to upgrade existing Samba 3.x releases to) and the AD domain controller work previously known as
'Samba4'.
Major enhancements in Samba 4.0.0 include:
Active Directory services
=========================
Samba 4.0 supports the server-side of the Active Directory logon environment used by Windows 2000 and later,
so we can do full domain join and domain logon operations with these clients.
Our Domain Controller (DC) implementation includes our own built-in LDAP server and Kerberos Key Distribution
Center (KDC) as well as the Samba3-like logon services provided over CIFS. We correctly generate the
infamous Kerberos PAC, and include it with the Kerberos tickets we issue.
When running an AD DC, you only need to run 'samba' (not smbd/nmbd/winbindd), as the required services
are co-coordinated by this master binary.
The tool to administer the Active Directory services is called 'samba-tool'.
A short guide to setting up Samba 4 as an AD DC can be found on the wiki:
http://wiki.samba.org/index.php/Samba4/HOWTO
File Services
=============
Samba 4.0.0 ships with two distinct file servers. We now use the file server from the Samba 3.x series 'smbd'
for all file serving by default.
Samba 4.0 also ships with the 'NTVFS' file server. This file server is what was used prior to the beta2 release
of Samba 4.0, and is tuned to match the requirements of an AD domain controller. We continue to support this,
not only to provide continuity to installations that have deployed it as part of an AD DC, but also as a running
example of the NT-FSA architecture we expect to move smbd to in the longer term.
For pure file server work, the binaries users would expect from that series (smbd, nmbd, winbindd, smbpasswd)
continue to be available.
DNS
===
As DNS is an integral part of Active Directory, we also provide two DNS solutions, a simple internal DNS server
for 'out of the box' configurations and a more elaborate BIND plugin using the BIND DLZ mechanism in versions
9.8 and 9.9. During the provision, you can select which backend to use.
With the internal backend, your DNS server is good to go.If you chose the BIND_DLZ backend, a configuration file
will be generated for bind to make it use this plugin, as well as a file explaining how to set up bind.
NTP
===
To provide accurate timestamps to Windows clients, we integrate with the NTP project to provide secured NTP
replies. To use you need to start ntpd and configure it with the 'restrict ... ms-sntp' and ntpsigndsocket options.
Python Scripting Interface
==========================
A new scripting interface has been added to Samba 4, allowing Python programs to interface to Samba's
internals, and many tools and internal workings of the DC code is now implemented in python.
================
Download Details
================
The uncompressed tarballs and patch files have been signed using GnuPG (ID 6568B7EA). The source code
can be downloaded from:
http://download.samba.org/samba/ftp/stable/
The release notes are available online at:
http://www.samba.org/samba/history/samba-4.0.0.html
Binary packages will be made available on a volunteer basis from
http://download.samba.org/samba/ftp/Binary_Packages/