Samba 4.24.0rc2 has been released for testing purposes and includes features such as audit logging for Active Directory attributes, remote password resets that respect local policies, and Kerberos hardening options to prevent attacks. The release also introduces new VFS modules for rate-limiting async I/O and per-share encryption on CephFS, although these features are not necessary unless specific performance or security issues arise. Users can download the release from the official Samba mirror and are advised to verify the GPG signature of the tarball before installation. While the new features are valuable for testing in a non-production environment, caution is recommended to avoid compatibility issues, particularly with older UNIX clients
Samba 4.24.0rc2 released
Samba 4.24 rc2 is now available for download from the official Samba mirror and should only be used in test environments, not production. The release adds audit logging for several AD attributes, supports remote password resets that respect local policies (Entra ID/Keycloak), and introduces Kerberos hardening options such as mandatory canonicalization to block “dollar‑ticket” attacks. New VFS modules provide optional rate‑limiting for async I/O and per‑share encryption on CephFS, but both are unnecessary unless you already have performance or security problems that require them.
