-######################################################################
-Changes since 3.0beta1
-######################
-
-Please refer to the CVS log for the SAMBA_3_0 branch for complete
-details
-
-1) Rework our smb signing code again, this factors out some of
- the common MAC calcuation code, and now supports multiple
- outstanding packets (bug #40)
-2) Enforce 'client plaintext auth', 'client lanman auth' and 'client
- ntlmv2 auth'
-3) Correct timestamp problem on 64-bit machines (bug #140)
-4) Add extra debugging statements to winbindd for tracking down
- failures
-5) Fix bug when aliased 'winbind uid/gid' parameters are used
- 'winbind uid/gid' are now replaced with 'idmap uid/gid'
-6) Added an auth flag that indicates if we should be allowed
- to fallback to NTLMSSP for SASL if krb5 fails
-7) Fixed the bug that forced us not to use the winbindd cache when
- we have a primary ADS domain and a secondary (trusted) NT4 domain.
-8) Use lp_realm() to find the default realm for 'net ads password'
-9) Removed editreg from standard build until it is portable.
-10) Fix domain membership for servers not running winbindd
-11) Correct race condition in determining the high water mark
- in the idmap backend (bug #181)
-12) Set the user's primary unix group from usrmgr.exe (partial
- fix for bug #45)
-13) Show comments when doing 'net group -l' (bug #3)
-14) Add trivial extension to 'net' to dump current local idmap
- and restore mappings as well
-15) Modify 'net rpc vampire' to add new and existing users to
- both the idmap and the SAM. This code needs further testing.
-16) Fix crash bug in ADS searches
-17) Build libnss_wins.so as part of nsswitch target (bug #160)
-18) Make net rpc vampire return an error if the sam sync RPC
- returns an error
-19) Fail to join an NT 4 domain as a BDC if a workstation account
- using our name exists
-20) Fix various memory leaks in server and client code
-21) Remove the short option to --set-auth-user for wbinfo (-A) to
- prevent confusion with the -a option (bug #158)
-22) Added new 'map acl inheritence' parameter
-23) Removed unused 'privileges' code from group mapping database
-24) Don't segfault on empty passdb backend list (bug #136)
-25) Fixed acl sorting algorithm forWwindows 2000 clients
-26) Replace universal group cache with netsamlogon_cache
- from APPLIANCE_HEAD branch
-27) Fix autoconf detection issues surrounding --with-ads=yes
- but no Krb5 header files installed (bug #152)
-28) Add LDAP lookup for domain sequence number in case we are
- joined using NT4 protocols to a native mode AD domain
-29) Fix backend method selection for trusted NT 4 (or 2k
- mixed mode) domains
-30) Fixed bug that caused us to enumerate domain local groups
- from native mode AD domains other than our own
-31) Correct group enumeration for viewing in the Windows
- security tab (bug #110)
-32) Consolidate the DC location code
-33) Moved 'ads server' functionality into 'password server' for
- backwards compatibility
-34) Fix winbindd_idmap tdb upgrades from a 2.2 installation
- ( if you installed beta1, be sure to
- 'mv idmap.tdb winbindd_idmap.tdb' )
-35) Fix pdb_ldap segfaults, and wrong default values for
- ldapsam_compat
-36) Enable negative connection cache for winbindd's ADS backend
- functions
-37) Enable address caching for active directory DC's so we don't
- have to hit DNS so much
-38) Fix bug in idmap code that caused mapping to randomly be
- redefined
-39) Add tdb locking code to prevent race condition when adding a
- new mapping to idmap
-40) Fix 'map to guest = bad user' when acting as a PDC supporting
- trust relationships
-41) Prevent deadlock issues when running winbindd on a Samba PDC
- to handle allocating uids & gids for trusted users and groups
-42) added LOCALE patch from Steve Langasek (bug #122)
-43) Add the 'guest' passdb backend automatically to the end of
- the 'passdb backend' list if 'guest account' has a valid
- username.
-44) Remove samstrict_dc auth method. Rework 'samstrict' to only
- handle our local names (or domain name if we are a PDC).
- Move existing permissive 'sam' method to 'sam_ignoredomain'
- and make 'samstrict' the new default 'sam' auth method.
-45) Match Windows NT4/2k behavior when authenticating a user with
- and unknown domain (default to our domain if we are a DC or
- domain member; default to our local name if we are a
- standalone server)
-46) Fix Get_Pwnam() to always fall back to lookup 'user' if the
- 'DOMAIN\user' lookup fails. This matches 2.2. behavior.
-47) Fix the trustdom_cache code to update the list of trusted
- domains when operating as a domain member and not using
- winbindd
-48) Remove 'nisplussam' passdb backend since it has suffered for
- too long without a maintainer
-