From b6d7ae1b1bdfb87af8b3a7a8d71d600d362279f7 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Sun, 8 Aug 2004 21:05:11 +0000
Subject: [PATCH] merging new web site

git-svn-id: file:///home/svn/samba-web/trunk@220 44aeb9d7-1cd8-0310-b257-a505e0beeac2
---
 GUI/header_gui.html                    |  134 ++
 GUI/index.html                         |   46 +-
 Linux_CIFS_client.html                 |   34 +-
 archive-policy.html                    |   10 +-
 archives.html                          |    5 +-
 books.html                             |    4 +-
 bugreports.html                        |    4 +-
 colophon.html                          |   86 +
 contacts.html                          |   32 +-
 cvs.html                               |    5 +-
 devel/TODO.html                        |    4 +-
 devel/header_devel.html                |  133 ++
 devel/index.html                       |   37 +-
 devel/roadmap-3.html                   |    4 +-
 devel/roadmap-4.0.html                 |    4 +-
 docs/FAQ/index.html                    |   13 +-
 docs/GPL.html                          |    2 +
 docs/header_docs.html                  |  134 ++
 docs/index.html                        |    8 +-
 donations.html                         |    4 +-
 download/ftp_mirrors.html              |   12 +
 download/header_download.html          |  136 ++
 download.html => download/index.html   |   18 +-
 favicon.ico                            |  Bin 2238 -> 0 bytes
 footer.html                            |   29 +-
 header.html                            |   64 +-
 header2.html                           |  177 +++
 history/footer_history.html            |    5 +
 history/header_history.html            |  142 ++
 history/rnotes_template                |   12 +
 history/security.html                  |   51 +
 images/bugzilla/bug.png                |  Bin 0 -> 1593 bytes
 images/bugzilla/bug_logo.gif           |  Bin 0 -> 2423 bytes
 images/bugzilla/bug_logo.png           |  Bin 0 -> 22095 bytes
 images/bugzilla/bug_logo_small.gif     |  Bin 0 -> 1233 bytes
 images/bugzilla/bug_logo_small.png     |  Bin 0 -> 8746 bytes
 images/bugzilla/hunt.png               |  Bin 0 -> 1676 bytes
 images/bugzilla/linkpad.gif            |  Bin 0 -> 325 bytes
 images/bugzilla/linkpad_small.gif      |  Bin 0 -> 182 bytes
 images/bugzilla/manage.png             |  Bin 0 -> 1920 bytes
 images/contact.png                     |  Bin 0 -> 1769 bytes
 images/favicon.ico                     |  Bin 0 -> 1406 bytes
 images/get.png                         |  Bin 0 -> 1675 bytes
 images/hack.png                        |  Bin 0 -> 1610 bytes
 images/help.png                        |  Bin 0 -> 2299 bytes
 images/learn.png                       |  Bin 0 -> 1594 bytes
 images/linkpad.gif                     |  Bin 0 -> 270 bytes
 images/logo.gif                        |  Bin 0 -> 4476 bytes
 images/logo.png                        |  Bin 0 -> 9329 bytes
 images/logo_main.gif                   |  Bin 0 -> 5740 bytes
 images/release.png                     |  Bin 0 -> 1786 bytes
 images/talk.png                        |  Bin 0 -> 1534 bytes
 images/think.png                       |  Bin 0 -> 1804 bytes
 index.html                             |   88 +-
 irc.html                               |   18 +-
 local_header.html                      |    1 +
 mirroring.html                         |    4 +-
 ml-etiquette.html                      |   24 +-
 ms_license.html                        |    4 +-
 ntsystems.html                         |    4 +-
 samba.html                             |  194 +--
 search.html                            |    4 +-
 sitemap.html                           |    4 +-
 style/bugzilla.css                     |  132 ++
 style/common.css                       |  182 +++
 style/history.css                      |   42 +
 style/main.css                         |   88 ++
 style/support.css                      |   43 +
 style/wide.css                         |   25 +
 subversion.html                        |    9 +-
 team/header_team.html                  |  134 ++
 team.html => team/index.html           |   17 +-
 team2002.html => team/team2002.html    |    8 +-
 team98.html => team/team98.html        |    8 +-
 tshirt.html => team/tshirt.html        |    4 +-
 thanks.html                            |    4 +-
 tng.html                               |    4 +-
 top_level_template                     |   10 +
 what_is_samba.html                     |   31 +
 whatsnew/award_photo_i3.jpg            |  Bin 8748 -> 0 bytes
 whatsnew/domain_name.html              |   21 -
 whatsnew/index.html                    |  844 ----------
 whatsnew/macroexploit.html             |   83 -
 whatsnew/samba-1.9.18-security.html    |  173 --
 whatsnew/samba-2.0.0.html              |  355 -----
 whatsnew/samba-2.0.0beta1.html         |  193 ---
 whatsnew/samba-2.0.0beta2.html         |  217 ---
 whatsnew/samba-2.0.0beta3.html         |  255 ---
 whatsnew/samba-2.0.0beta4.html         |  293 ----
 whatsnew/samba-2.0.0beta5.html         |  331 ----
 whatsnew/samba-2.0.1.html              |  239 ---
 whatsnew/samba-2.0.2.html              |  256 ---
 whatsnew/samba-2.0.3.html              |  342 ----
 whatsnew/samba-2.0.4.html              |  435 ------
 whatsnew/samba-2.0.5.html              |  519 ------
 whatsnew/samba-2.0.5a.html             |  529 -------
 whatsnew/samba-2.0.6.html              |  646 --------
 whatsnew/samba-2.0.7.html              |  866 ----------
 whatsnew/samba-2.2.0.html              |  146 --
 whatsnew/samba-2.2.1.html              |  333 ----
 whatsnew/samba-2.2.10.html             |  436 ------
 whatsnew/samba-2.2.2.html              |  550 -------
 whatsnew/samba-2.2.3.html              |  666 --------
 whatsnew/samba-2.2.3a.html             |  696 ---------
 whatsnew/samba-2.2.4.html              |  824 ----------
 whatsnew/samba-2.2.5.html              |  943 -----------
 whatsnew/samba-2.2.6.html              | 1103 -------------
 whatsnew/samba-2.2.7.html              | 1212 --------------
 whatsnew/samba-2.2.7a.html             | 1227 ---------------
 whatsnew/samba-2.2.8.html              |  341 ----
 whatsnew/samba-2.2.8a.html             |  386 -----
 whatsnew/samba-2.2.9.html              |  395 -----
 whatsnew/samba-3.0.0-pressrelease.html |  115 --
 whatsnew/samba-3.0.0.html              | 1110 -------------
 whatsnew/samba-3.0.0beta1.html         |  510 ------
 whatsnew/samba-3.0.0beta2.html         |  653 --------
 whatsnew/samba-3.0.0beta3.html         |  839 ----------
 whatsnew/samba-3.0.0rc1.html           |  936 -----------
 whatsnew/samba-3.0.0rc2.html           |  995 ------------
 whatsnew/samba-3.0.0rc3.html           | 1068 -------------
 whatsnew/samba-3.0.0rc4.html           | 1086 -------------
 whatsnew/samba-3.0.1.html              | 1040 ------------
 whatsnew/samba-3.0.2.html              | 1307 ----------------
 whatsnew/samba-3.0.2a.html             | 1337 ----------------
 whatsnew/samba-3.0.3.html              | 1900 ----------------------
 whatsnew/samba-3.0.4.html              | 1916 -----------------------
 whatsnew/samba-3.0.5.html              | 1998 ------------------------
 whatsnew/samba1.9.17.html              |  174 ---
 whatsnew/samba1.9.17alpha1.html        |  100 --
 whatsnew/samba1.9.17alpha3.html        |  153 --
 whatsnew/samba1.9.17alpha4.html        |  172 --
 whatsnew/samba1.9.17alpha5.html        |  140 --
 whatsnew/samba1.9.17p1.html            |  205 ---
 whatsnew/samba1.9.17p2.html            |   65 -
 whatsnew/samba1.9.17p3.html            |  224 ---
 whatsnew/samba1.9.17p4.html            |   95 --
 whatsnew/samba1.9.17p5.html            |   95 --
 whatsnew/samba1.9.18-glossy.html       |  218 ---
 whatsnew/samba1.9.18.html              |  235 ---
 whatsnew/samba1.9.18alpha1.html        |   76 -
 whatsnew/samba1.9.18alpha11.html       |   18 -
 whatsnew/samba1.9.18alpha12.html       |   18 -
 whatsnew/samba1.9.18alpha13.html       |  235 ---
 whatsnew/samba1.9.18alpha14.html       |  248 ---
 whatsnew/samba1.9.18alpha3.html        |  196 ---
 whatsnew/samba1.9.18p1.html            |  267 ----
 whatsnew/samba1.9.18p10.html           |  215 ---
 whatsnew/samba1.9.18p2.html            |  303 ----
 whatsnew/samba1.9.18p3.html            |  393 -----
 whatsnew/samba1.9.18p4.html            |  540 -------
 whatsnew/samba1.9.18p5.html            |  629 --------
 whatsnew/samba1.9.18p6.html            |   94 --
 whatsnew/samba1.9.18p7.html            |   85 -
 whatsnew/samba1.9.18p8.html            |  103 --
 whatsnew/samba2.0.press.html           |  138 --
 whatsnew/samba2.2.press.html           |  106 --
 whatsnew/sgi-sponsor.html              |   39 -
 whatsnew/sunbench.html                 |   14 -
 158 files changed, 1977 insertions(+), 38716 deletions(-)
 create mode 100755 GUI/header_gui.html
 create mode 100755 colophon.html
 create mode 100755 devel/header_devel.html
 create mode 100755 docs/header_docs.html
 create mode 100755 download/ftp_mirrors.html
 create mode 100755 download/header_download.html
 rename download.html => download/index.html (91%)
 delete mode 100755 favicon.ico
 create mode 100755 header2.html
 create mode 100755 history/footer_history.html
 create mode 100755 history/header_history.html
 create mode 100644 history/rnotes_template
 create mode 100755 history/security.html
 create mode 100755 images/bugzilla/bug.png
 create mode 100644 images/bugzilla/bug_logo.gif
 create mode 100755 images/bugzilla/bug_logo.png
 create mode 100644 images/bugzilla/bug_logo_small.gif
 create mode 100644 images/bugzilla/bug_logo_small.png
 create mode 100644 images/bugzilla/hunt.png
 create mode 100755 images/bugzilla/linkpad.gif
 create mode 100644 images/bugzilla/linkpad_small.gif
 create mode 100644 images/bugzilla/manage.png
 create mode 100755 images/contact.png
 create mode 100755 images/favicon.ico
 create mode 100755 images/get.png
 create mode 100755 images/hack.png
 create mode 100644 images/help.png
 create mode 100755 images/learn.png
 create mode 100755 images/linkpad.gif
 create mode 100644 images/logo.gif
 create mode 100644 images/logo.png
 create mode 100644 images/logo_main.gif
 create mode 100644 images/release.png
 create mode 100755 images/talk.png
 create mode 100755 images/think.png
 create mode 100644 style/bugzilla.css
 create mode 100644 style/common.css
 create mode 100755 style/history.css
 create mode 100644 style/main.css
 create mode 100755 style/support.css
 create mode 100644 style/wide.css
 create mode 100755 team/header_team.html
 rename team.html => team/index.html (86%)
 rename team2002.html => team/team2002.html (62%)
 rename team98.html => team/team98.html (63%)
 rename tshirt.html => team/tshirt.html (96%)
 create mode 100644 top_level_template
 create mode 100755 what_is_samba.html
 delete mode 100755 whatsnew/award_photo_i3.jpg
 delete mode 100755 whatsnew/domain_name.html
 delete mode 100755 whatsnew/index.html
 delete mode 100755 whatsnew/macroexploit.html
 delete mode 100755 whatsnew/samba-1.9.18-security.html
 delete mode 100755 whatsnew/samba-2.0.0.html
 delete mode 100755 whatsnew/samba-2.0.0beta1.html
 delete mode 100755 whatsnew/samba-2.0.0beta2.html
 delete mode 100755 whatsnew/samba-2.0.0beta3.html
 delete mode 100755 whatsnew/samba-2.0.0beta4.html
 delete mode 100755 whatsnew/samba-2.0.0beta5.html
 delete mode 100755 whatsnew/samba-2.0.1.html
 delete mode 100755 whatsnew/samba-2.0.2.html
 delete mode 100755 whatsnew/samba-2.0.3.html
 delete mode 100755 whatsnew/samba-2.0.4.html
 delete mode 100755 whatsnew/samba-2.0.5.html
 delete mode 100755 whatsnew/samba-2.0.5a.html
 delete mode 100755 whatsnew/samba-2.0.6.html
 delete mode 100755 whatsnew/samba-2.0.7.html
 delete mode 100755 whatsnew/samba-2.2.0.html
 delete mode 100755 whatsnew/samba-2.2.1.html
 delete mode 100755 whatsnew/samba-2.2.10.html
 delete mode 100755 whatsnew/samba-2.2.2.html
 delete mode 100755 whatsnew/samba-2.2.3.html
 delete mode 100755 whatsnew/samba-2.2.3a.html
 delete mode 100755 whatsnew/samba-2.2.4.html
 delete mode 100755 whatsnew/samba-2.2.5.html
 delete mode 100755 whatsnew/samba-2.2.6.html
 delete mode 100755 whatsnew/samba-2.2.7.html
 delete mode 100755 whatsnew/samba-2.2.7a.html
 delete mode 100755 whatsnew/samba-2.2.8.html
 delete mode 100755 whatsnew/samba-2.2.8a.html
 delete mode 100755 whatsnew/samba-2.2.9.html
 delete mode 100644 whatsnew/samba-3.0.0-pressrelease.html
 delete mode 100755 whatsnew/samba-3.0.0.html
 delete mode 100755 whatsnew/samba-3.0.0beta1.html
 delete mode 100755 whatsnew/samba-3.0.0beta2.html
 delete mode 100755 whatsnew/samba-3.0.0beta3.html
 delete mode 100755 whatsnew/samba-3.0.0rc1.html
 delete mode 100755 whatsnew/samba-3.0.0rc2.html
 delete mode 100755 whatsnew/samba-3.0.0rc3.html
 delete mode 100755 whatsnew/samba-3.0.0rc4.html
 delete mode 100755 whatsnew/samba-3.0.1.html
 delete mode 100755 whatsnew/samba-3.0.2.html
 delete mode 100755 whatsnew/samba-3.0.2a.html
 delete mode 100755 whatsnew/samba-3.0.3.html
 delete mode 100755 whatsnew/samba-3.0.4.html
 delete mode 100755 whatsnew/samba-3.0.5.html
 delete mode 100755 whatsnew/samba1.9.17.html
 delete mode 100755 whatsnew/samba1.9.17alpha1.html
 delete mode 100755 whatsnew/samba1.9.17alpha3.html
 delete mode 100755 whatsnew/samba1.9.17alpha4.html
 delete mode 100755 whatsnew/samba1.9.17alpha5.html
 delete mode 100755 whatsnew/samba1.9.17p1.html
 delete mode 100755 whatsnew/samba1.9.17p2.html
 delete mode 100755 whatsnew/samba1.9.17p3.html
 delete mode 100755 whatsnew/samba1.9.17p4.html
 delete mode 100755 whatsnew/samba1.9.17p5.html
 delete mode 100755 whatsnew/samba1.9.18-glossy.html
 delete mode 100755 whatsnew/samba1.9.18.html
 delete mode 100755 whatsnew/samba1.9.18alpha1.html
 delete mode 100755 whatsnew/samba1.9.18alpha11.html
 delete mode 100755 whatsnew/samba1.9.18alpha12.html
 delete mode 100755 whatsnew/samba1.9.18alpha13.html
 delete mode 100755 whatsnew/samba1.9.18alpha14.html
 delete mode 100755 whatsnew/samba1.9.18alpha3.html
 delete mode 100755 whatsnew/samba1.9.18p1.html
 delete mode 100755 whatsnew/samba1.9.18p10.html
 delete mode 100755 whatsnew/samba1.9.18p2.html
 delete mode 100755 whatsnew/samba1.9.18p3.html
 delete mode 100755 whatsnew/samba1.9.18p4.html
 delete mode 100755 whatsnew/samba1.9.18p5.html
 delete mode 100755 whatsnew/samba1.9.18p6.html
 delete mode 100755 whatsnew/samba1.9.18p7.html
 delete mode 100755 whatsnew/samba1.9.18p8.html
 delete mode 100755 whatsnew/samba2.0.press.html
 delete mode 100755 whatsnew/samba2.2.press.html
 delete mode 100755 whatsnew/sgi-sponsor.html
 delete mode 100755 whatsnew/sunbench.html

diff --git a/GUI/header_gui.html b/GUI/header_gui.html
new file mode 100755
index 0000000..c7e5959
--- /dev/null
+++ b/GUI/header_gui.html
@@ -0,0 +1,134 @@
+
+<link rel="stylesheet" href="/samba/style/common.css" type="text/css" media="all" />
+<link rel="stylesheet" href="/samba/style/wide.css" type="text/css" media="all" />
+<link rel="shortcut icon" href="/samba/images/favicon.ico" />
+
+<!--[if gte IE 5.5]>
+	<style type="text/css">
+	/*<![CDATA[*/
+	.logo_hack {
+filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(src='/samba/images/log
+o.png',sizingMethod='scale');
+	}
+	/*]]>*/ 
+	</style>
+<![endif]-->
+
+<!--[if lte IE 5]>
+	<style type="text/css">
+	/*<![CDATA[*/
+	.logo_hack {
+	background-image:url(/samba/images/logo.gif);
+	background-position:center;
+	background-repeat:no-repeat;
+	top:23.5px;
+	left:-10px;
+	}
+	/*]]>*/
+        </style>
+<![endif]-->
+
+<script type="text/javascript">
+
+   function changeMirror(mirrorChoice) {
+   	mirrorSite = mirrorChoice.options[mirrorChoice.selectedIndex].value 
+   	
+   	if (mirrorSite != "") { 
+   		document.location.href = mirrorSite 
+   		} 
+   }
+
+</script>
+
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<meta http-equiv="Content-Language" content="en-us" />
+<meta name="keywords" content="Samba SMB CIFS" />
+<meta name="description" content="Home of Samba, the SMB file server" />
+<meta name="robots" content="noindex" />
+
+</head>
+
+
+<body onload="document.mirrorForm.mirrorLocation.selectedIndex=0">
+
+<div id="banner">
+  <div class="stripe"></div>
+  
+  <div class="srch">
+  <h5>search samba.org:</h5>
+  <form method="post" action="http://de.samba.org/cgi-bin/htsearch">
+  <input type="text" size="15" name="words" value="" />
+  <input type="submit" value="Go" />
+  </form>
+  <span>|</span>
+  <form action="no_script_required.cgi" name="mirrorForm">
+    <select name="mirrorLocation" onchange="changeMirror(this.form.mirrorLocation)">
+    <option selected="selected">Choose A Mirror</option>
+    <!--#include virtual="http://www.samba.org/samba/mirror_options.html" --> 
+    </select>
+   </form>
+  </div>
+</div>
+
+<div id="logo">
+  <div class="logo_hack"><a href="/samba/"><img src="/samba/images/linkpad.gif" alt="Samba" /></a></div>
+</div>
+
+<div class="slogan">
+  <h4>Opening Windows to a Wider World</h4>
+</div>
+
+<div class="nav">
+  
+  <img src="/samba/images/think.png" alt="think samba" />
+  <ul>
+  <li><a href="/samba/what_is_samba.html">What Is Samba?</a></li>
+  <li><a href="http://news.samba.org/">Latest News</a></li>
+  </ul>
+    
+  <img src="/samba/images/get.png" alt="get samba" />
+  <ul>  
+  <li><a href="/samba/download/">Download Info</a></li>
+  <li><a href="/samba/ftp/Binary_Packages/">Binaries</a></li>
+  <li><a href="/samba/docs/man/Samba-HOWTO-Collection/install.html">How To Install</a></li>
+  <li><a href="/samba/GUI/">GUI Interfaces</a></li>
+  </ul>
+    
+  <img src="/samba/images/learn.png" alt="learn samba" />
+  <ul>
+  <li><a href="/samba/docs/man/Samba-HOWTO-Collection/">Official HOWTO</a></li>
+  <li><a href="/samba/docs/man/Samba-Guide/">By Example</a></li>
+  <li><a href="/samba/docs/">All The Docs</a></li>
+  </ul>
+    
+  <img src="/samba/images/talk.png" alt="talk samba" />
+  <ul>
+  <li><a href="http://lists.samba.org">List Subscribe</a></li>
+  <li><a href="/samba/archives.html">List Archives</a></li>
+  <li><a href="/samba/irc.html">IRC</a></li>
+  <li><a href="/samba/ml-etiquette.html">Etiquette</a></li>
+  </ul>
+    
+  <img src="/samba/images/hack.png" alt="hack samba" />
+  <ul>
+  <li><a href="/samba/devel/">Devel Overview</a></li>
+  <li><a href="http://websvn.samba.org">SVN Source</a></li>
+  <li><a href="http://cvs.samba.org/cgi-bin/cvsweb/">CVS Source</a></li>
+  <li><a href="http://build.samba.org/">Build Farm</a></li>
+  <li><a href="https://bugzilla.samba.org">Bug Reports</a></li>
+  </ul>
+    
+  <img src="/samba/images/contact.png" alt="contact samba" />
+  <ul>
+  <li><a href="/samba/team/">Samba Team</a></li>
+  <li><a href="/samba/donations.html">Donations</a></li>
+  <li><a href="/samba/team/tshirt.html">T-shirts, etc</a></li>
+  <li><a href="/samba/contacts.html">Contacts For...</a></li>
+  </ul>
+    
+</div>
+
+ 
+<div id="content">
+  <div class="center">
+
diff --git a/GUI/index.html b/GUI/index.html
index 6042e2a..71ca043 100755
--- a/GUI/index.html
+++ b/GUI/index.html
@@ -1,6 +1,8 @@
-<!--#include virtual="/samba/header.html" -->
+<!--#include virtual="/samba/header.html" --> 
+  <title>Samba GUI Information</title>
+<!--#include virtual="header_gui.html" -->
 
-<h2 align=center>Samba GUI page</h2>
+<h2>Samba GUI page</h2>
 
 One of the most asked for features for Samba is a graphical user
 interface to help with configuration and management. This is finally
@@ -10,20 +12,20 @@ In fact, there are now several GUI interfaces to Samba available. Some
 of them are listed below and I will add the others as soon as I can
 find the URLs.
 
-<h2>Smb4K - An SMB share browser for KDE</h2>
+<h3>Smb4K - An SMB share browser for KDE</h3>
 
 <p><a href="http://smb4k.berlios.de/">Smb4K</a> is an SMB share
 browser for KDE. Its features are inspired by Komba2 by Frank
 Schwanz. It uses the Samba software suite for an easy access to the
 SMB shares of your local network neighborhood.
 
-<h2>LDAP Account Manager</h2>
+<h3>LDAP Account Manager</h3>
 
 <a href="http://lam.sourceforge.net/">LDAP Account Manager</a> (lam)
 is a webfrontend for managing accounts stored in an openLDAP server,
 including Samba 2.x and 3.0 user and host accounts
 
-<H2>SWAT - Samba Web Administration Tool</H2>
+<h3>SWAT - Samba Web Administration Tool</h3>
 
 <!-- <A HREF="http://www.samba.org/cgi-bin/swat/">SWAT demo page</A> -->
 
@@ -31,21 +33,21 @@ This is a web based GUI manager that comes with Samba. You can have a look
 at the SWAT demo page if you want to know what it can do.  Note: [1/7/01]
 The swat demo page is currently off-line.
 
-<H2>Webmin</H2>
+<h3>Webmin</h3>
 
 Webmin is a general web based unix administration tool with a Samba
 component. Have a look at the <A
 HREF="http://www.webmin.com/webmin/">Webmin pages</A>.
 
-<H2>SMB2WWW Gateway software</H2>
+<h3>SMB2WWW Gateway software</h3>
 
 SMB2WWW is a perl-based gateway to SMB from web browsers. It presents a "network neighborhood" style view of all local SMB servers. You can find more inormation at <A HREF="/samba/smb2www/index.html">http://samba.org/samba/smb2www/</A>. A demo can be found <A HREF="/samba/smb2www/smb2www.html">here</A>.
 
-<H2>SMB2WWW - another one</H2>
+<h3>SMB2WWW - another one</h3>
 
 This SMB2WWW is an extension to smbclient, so you can use it directly as a CGI-binary. You can get more information at <A HREF="http://www.scintilla.utwente.nl/users/frank/smb2www/">http://www.scintilla.utwente.nl/users/frank/smb2www/</A>.
 
-<H2>smbconftool</H2>
+<h3>smbconftool</h3>
 
 This is a Java based tool for smb.conf editing. It is the only one I
 know of that preserves comments in existing config files (which is
@@ -54,25 +56,25 @@ something I've been trying to work out how to do with SWAT).<p>
 You can find out more and download the sources from <A
 HREF="http://www.eatonweb.com/samba/">here</A>.
 
-<h2>smb-mode.el - Emacs mode</h2>
+<h3>smb-mode.el - Emacs mode</h3>
 
 <a href="http://www.joat.ca/software/smbmode.html">smb-mode.el</a>
 is an Emacs mode for editing smb.conf. 
 
-<h2>xSMBrowser - a GUI interface to smbclient</h2>
+<h3>xSMBrowser - a GUI interface to smbclient</h3>
 
 Jeffri Fox has written a browser interface using smbclient.
 You can find out more and download the sources from <A
 HREF="http://www.public.iastate.edu/~chadspen/">here</A>.
 
-<h2>GSMB - a GTK interface to smbpasswd</h2>
+<h3>GSMB - a GTK interface to smbpasswd</h3>
 
 Laurent Foucher has written a GTK interface to the smbpasswd encrypted
 password file. You can find more information at the <a
 href="http://savage.iut-blagnac.fr/projets/developpement/gsmb/">GSMB
 home page</a>.
 
-<h2>gnomba - A GNOME SMB Subnet Scanner</h2>
+<h3>gnomba - A GNOME SMB Subnet Scanner</h3>
 <A HREF="http://gnomba.sourceforge.net/">Gnomba</A>
 is a GUI machine and share browser for the
 SMB protocol. Gnomba allows you to scan any number
@@ -81,7 +83,7 @@ machines and share are shown in a tree-view.
 For each machine you can then view the list of
 shares, and mount, unmount or browse them.
 
-<h2>jags - Yet Another GNOME SMB Client</h2>
+<h3>jags - Yet Another GNOME SMB Client</h3>
 <A HREF="http://jags.sf.net/">Jags</A> is a Gtk+ based "windows network neighbourhood browser". The program
 parses the output from smbclient and use this
 to display a graphic view of the network. This program does the parsing
@@ -94,7 +96,7 @@ and can be found <a href="http://boombox.campus.luth.se/sambasentinel.php">here<
 
 -->
 
-<h2>komba2 - A KDE SMB Subnet Scanner</h2>
+<h3>komba2 - A KDE SMB Subnet Scanner</h3>
 <A HREF="http://komba.sourceforge.net/">Komba2</A>
 is a GUI machine and share browser for the
 SMB protocol. Komba2 allows you to scan any number
@@ -104,11 +106,11 @@ For each machine you can then view the list of
 shares, and mount, unmount or browse them. You can
 also search a machine by  name or ip.
 
-<h2>konqueror - KDE File Browser</h2>
+<h3>konqueror - KDE File Browser</h3>
 <A HREF="http://www.konqueror.org/">KDE</A>'s filebrowser Konqueror can access
 smb filesystems using smb:// URL's.
 
-<h2>KSambaPlugins</h2>
+<h3>KSambaPlugins</h3>
 <a href="http://ksambakdeplugin.sourceforge.net/">KSambaPlugin</a>
 is a KDE 3 plugin for configuring a SAMBA server.
 It consists of two plugins, a KControl Center module for all SAMBA
@@ -124,27 +126,27 @@ part of his Liveserver. It can be found
 
 -->
 
-<h2>tksmb - Tk Frontend For Smbclient</h2>
+<h3>tksmb - Tk Frontend For Smbclient</h3>
 <A HREF="http://www.rt.mipt.ru/~ivan/TkSmb/">TkSmb</A>
 provides you a graphical interface for browsing Windows networks.
 TkSmb does this by being a graphical wrapper around Samba's smbclient
 program. Using this program you can easily access different workgroups,
 hosts, and shares on it, mount this shares.
 
-<H2>B+B Samba Admin Tool</H2>
+<h3>B+B Samba Admin Tool</h3>
 
 This is a graphical config tool created by HP to go along with their
 port of <A HREF="http://jazz.external.hp.com/src/samba/">Samba to
 MPE/iX</A>. The tool is freely available. 
 
-<h2>ChangePassword</h2>
+<h3>ChangePassword</h3>
 
 This is a web-based tool that allows users to change their unix,samba and 
 squid password using a web-based interface. Freely available 
 <A HREF="http://changepassword.sourceforge.net/">here</A>.
 
-<h2>smbc - Simple Samba Commander</h2>
-<a href="http://smbc.air.rzeszow.pl">Simple Samba Commander</a> is a text
+<h3>smbc - Simple Samba Commander</h3>
+<a href="http://air.rzeszow.pl/smbc/">Simple Samba Commander</a> is a text
 mode SMB network commander. With SMBC, you can browse your local network
 or use the search function to find files in a share. You can also
 download/upload files and directories or create them both locally and remotely.
diff --git a/Linux_CIFS_client.html b/Linux_CIFS_client.html
index 266505d..8ac7aa7 100755
--- a/Linux_CIFS_client.html
+++ b/Linux_CIFS_client.html
@@ -26,9 +26,6 @@ Advanced Common Internet File System for Linux&nbsp;</h1></center>
 <tr>
 <td VALIGN=TOP WIDTH="20%" BGCOLOR="#EEEEEE"><!-- Menu (Left Column) --><!-- Menu -->
 <center><img SRC="/samba/images/penguin.gif" ALT="http://us6.samba.org/samba/images/penguin.gif" ></center>
-<li>
-<a href="mailto:linux-cifs-client@lists.samba.org">Mailing list for Linux CIFS client</a>
-<li>
 <a href="mailto:sfrench@samba.org">Questions to developers</a>
 <p>Documentation&nbsp;
 <ul>
@@ -53,29 +50,29 @@ VFS Paper</a>&nbsp;</li>
 <li>
 <a href="http://oss.software.ibm.com/developer/opensource/linux/presentations/samba/ut_cifs.pdf">Linux
 Network Filesystems Paper</a>&nbsp;</li>
-
-<li><a>SNIA CIFS POSIX Extensions - an updated version of the SNIA CIFS Unix Extensions to allow
-better POSIX file i/o behavior for newer CIFS clients (COMING SOON)</a>&nbsp;</li>
 </ul>
 Downloads&nbsp;
 <ul>
 <li>
-<a href="/samba/ftp/cifs-cvs/cifs-2.4test-1.17d.tar.gz">Latest 2.4 Release (gz containing cifs vfs source files and patch for kernel makefile and configure)</a>&nbsp;</li>
+<a href="/samba/ftp/cifs-cvs/cifs-1.0.2b.tar.gz">Latest 2.4 Release (gz containing cifs vfs source files and patch for kernel makefile and configure)</a>&nbsp;</li>
+<li>
+<a href="/samba/ftp/cifs-cvs/2.4.21/cifs.o">Version 0.8.2 of cifs vfs (Prebuilt binary for 2.4.21 kernel)</a>&nbsp;</li>
 <li>
-For Linux 2.6 the cifs vfs does not require a distinct download (since kernel release 2.5.42). Kernel version 2.6.6 contains version 1.13 of the cifs vfs.  The current version is available via the bitkeeper tree at http://cifs.bkbits.net (in project linux-2.5cifs) and is also available by downloading replacement files that simply replace those in the fs/cifs directory and includes the current version of the cifs vfs <a href="/samba/ftp/cifs-cvs/cifs-2.6-1.17d.tar.gz">1.17d</a>.
+For Linux 2.6 the cifs vfs does not require a distinct download (it is in starting in kernel release 2.5.42). Kernel version 2.6.6 contains version 1.13 of the cifs vfs.  The current version is always available via the bitkeeper tree at http://cifs.bkbits.net/linux-2.5cifs and is also available by downloading replacement files that simply replace those in the fs/cifs directory and includes the current version of the cifs vfs click <a href="/samba/ftp/cifs-cvs/cifs-1.14-2.6.tar.gz">1.14</a>.
 </li>
 <li><a href="/samba/ftp/cifs-cvs/mount.cifs">
 Prebuilt mount helper utility (/sbin/mount.cifs version 1.3) built for i386</a>
 </li>
-<li><a href="http://websvn.samba.org/filedetails.php?rep=1&path=/branches/SAMBA_3_0/source/client/mount.cifs.c&rev=0&sc=1">
+<li><a href="http://cvs.samba.org/cgi-bin/cvsweb/samba/source/client/mount.cifs.c">
 Source for cifs mount utility on sambaweb</a>
 </li>
 
+
 <li>
 <a href="/samba/ftp/cifs-cvs/mount.cifs.8">man page for mount utility
 </a>&nbsp;</li>
 <li>
-<a href="http://cvs.samba.org/cgi-bin/cvsweb/cifsvfs/">CIFS Files for 2.4 Kernel via CVS
+<a href="http://cvs.samba.org/cgi-bin/cvsweb/cifsvfs/">CIFS Files via CVS
 Web</a>&nbsp;</li>
 
 <li>
@@ -84,12 +81,7 @@ Via CVS&nbsp;</li>
 <pre>cvs -z5 -d&nbsp;
 :pserver:cvs@pserver.samba.org:/cvsroot
 co cifsvfs</pre>
-<li><a href="http://cifs.bkbits.net">Most current 2.6 source at cifs.bkbits.net (requires installation of BitKeeper)</a></li>
-</ul>
-Testing&nbsp;
-<ul>
-<li>Test status (COMING SOON)
-<li>Test cases  (COMING SOON)
+<li><a href="http://cifs.bkbits.net">Most current 2.5 source at cifs.bkbits.net (requires installation of BitKeeper)</a></li>
 </ul>
 </td>
 
@@ -117,14 +109,14 @@ starting with Linux kernel 2.5.42.  Testing has been done on various
 hardware architectures including x86 and even big endian zSeries hardware.&nbsp;&nbsp; The
 cifs and smbfs filesystems can coexist on the same system and do not conflict.
 <br>&nbsp;
-<p>The current 2.4 version of the CIFS VFS is <a href="/samba/ftp/cifs-cvs/cifs-2.4test-1.17d.tar.gz">1.17d</a>
- which was released in June
-, 2004 and the current 2.6.6 Linux version of the cifs vfs is version 1.13 (1.17d is available in the 2.6-mm tree on kernel.org or from
-cifs.bkbits.net/linux-2.5cifs bitkeeper tree) or to download replacement files for the fs/cifs directory which includes the current version of the cifs vfs click <a href="/samba/ftp/cifs-cvs/cifs-2.6-1.17d.tar.gz">1.17d</a>.
+<p>The current 2.4 version of the CIFS VFS is <a href="/samba/ftp/cifs-cvs/cifs-1.0.2b.tar.gz">1.0.2b</a>
+ which was released in February
+, 2004 and the current 2.6.6 Linux version of the cifs vfs is version 1.13 (1.14 is available in the 2.6-mm tree on kernel.org or from
+cifs.bkbits.net/linux-2.5cifs bitkeeper tree) or to download replacement files for the fs/cifs directory which includes the current version of the cifs vfs click <a href="/samba/ftp/cifs-cvs/cifs-1.14-2.6.tar.gz">1.14</a>.
 <p>CIFS VFS is licensed under the <a href="http://www.gnu.org/copyleft/gpl.html">GNU
 General Public License</a> version 2 or later.&nbsp;</td>
 <br>&nbsp;
-<p>LATEST UPDATES - cifs vfs 1.17d released for 2.4 and 2.6, cifs vfs 1.13 version included in 2.6.6 kernels. Per mount statistics now available as a kernel cifs configuration option.
+<p>LATEST UPDATES - mount.cifs mount helper now updated and called version 1.3. cifs vfs 1.13 version included in 2.6.6 kernels
 </tr>
 
 <tr>
diff --git a/archive-policy.html b/archive-policy.html
index 5baaf07..5df01e5 100644
--- a/archive-policy.html
+++ b/archive-policy.html
@@ -1,5 +1,6 @@
-<!--#include virtual="/samba/header.html" -->
-
+<!--#include virtual="/samba/header.html" --> 
+  <title>Samba - Policy for Archiving Mailing Lists</title>
+<!--#include virtual="/samba/header2.html" -->
 
 <h2 align="center">Samba list archive editing policy</h2>
 
@@ -13,9 +14,6 @@ comments to the address listed in this document.
 <a href="http://www.w3.org/Mail/ArchiveEditingPolicy">W3C Archive Editing Policy</a>,
 but please do not contact W3C about samba.org's policy.
 
-</div>
-
-
 
 <h3>Outline of the need for a policy</h3>
 
@@ -119,7 +117,7 @@ requestor.
 <p>
 All requests will be examined by samba.org managers to ensure careful
 and efficient processing of each request, and will receive either
-positive or negative acknowledgement.
+positive or negative acknowledgment.
 
 
 <p>
diff --git a/archives.html b/archives.html
index cc3b89f..28970a3 100755
--- a/archives.html
+++ b/archives.html
@@ -1,5 +1,6 @@
-<!--#include virtual="/samba/header.html" -->
-
+<!--#include virtual="/samba/header.html" --> 
+  <title>Samba - Mailing List Archives</title>
+<!--#include virtual="/samba/header2.html" -->
 
 <h2 align="center">Samba Mailing list</h2>
 
diff --git a/books.html b/books.html
index 962fd75..0a0b5fd 100755
--- a/books.html
+++ b/books.html
@@ -1,4 +1,6 @@
-<!--#include virtual="/samba/header.html" -->
+<!--#include virtual="/samba/header.html" --> 
+  <title>Books on Samba, by year</title>
+<!--#include virtual="/samba/header2.html" -->
 
 <H2 align="center">Samba books</H2>
 
diff --git a/bugreports.html b/bugreports.html
index 259319e..971577e 100755
--- a/bugreports.html
+++ b/bugreports.html
@@ -1,4 +1,6 @@
-<!--#include virtual="/samba/header.html" -->
+<!--#include virtual="/samba/header.html" --> 
+  <title>Samba Bug Report HOWTO</title>
+<!--#include virtual="/samba/header2.html" -->
 
 <H2 align="center">Bug Reports, Patches  &amp; contacting the Samba Team</H2>
 
diff --git a/colophon.html b/colophon.html
new file mode 100755
index 0000000..42113d9
--- /dev/null
+++ b/colophon.html
@@ -0,0 +1,86 @@
+<!--#include virtual="/samba/header.html" -->
+<title>samba.org, version 3</title>
+<!--#include virtual="/samba/header2.html" -->
+
+    <h2>A Redesigned samba.org</h2>
+    
+    <p>As you've probably noticed, samba.org has been redesigned. 
+This version of the Samba website has a striking new look and features XHTML
+markup and a CSS-controlled layout.  This document will seek to outline some of
+the changes to samba.org in greater detail.  So if your not all that interested
+in XHTML conversion, web standards, and the separation of content from
+presentation, you might want to click away now.</p>
+
+    <h3>Why the change?</h3>
+    
+    <p>Some have said that samba.org was long overdue for a face lift, and a new
+appearance certainly doesn't hurt anything.  The major reason, however, for a
+samba.org relaunch was to provide easier access to the information contained
+here.  The intent was to maintain the existing focus on release announcements
+and current downloads, while also providing broader appeal to samba.org's wide
+range of visitors -- users, developers, and companies working with Samba.</p>
+    
+    <p>With that goal in mind, the new samba.org has been structured around a
+single, more limited site-wide navigation menu, complimented by an auxiliary
+sets of links depending on which page is being viewed.  The primary nav menu is
+a task-based menu.  The other menus are meant to provide quick links to relevant
+material.</p>
+    
+    <h3>Web Standards</h3>
+    
+    <p>In relaunching samba.org, we have tried whenever possible to adhere to
+web standards established by the <a href="http://www.w3c.org">W3C (World Wide
+Web Consortium)</a>.  The majority of pages validate as XHTML 1.0 Transitional,
+as does the CSS.  The most thorough adherence to web standards comes in the
+separation of a document's structure from its presentation.  XHTML markup has
+been used solely to organize and categorize the information on a given page. 
+All of the colors, typography, images, and layout are controlled by a cascading
+stylesheet.  The advantages to this are smaller files sizes, quicker page loads,
+and richer designs.  Also, should we decide to change the look of samba.org in
+the future, we have only to edit the stylesheets and not every page on the site,
+which is a task those involved with this upgrade are glad they won't have to do
+again.</p>
+    
+    <p>There are pages on this site that don't validate as XHTML 1.0
+Transitional.  This is an ongoing upgrade and such pages will be corrected
+over the next several weeks.  samba.org is deep with pages, and several of the
+oldest pages, or the ones requiring major changes to validate as XHTML,
+were saved to be done after the site's current conversion.  The goal was to
+get a solid XHTML/CSS web site in place, and improve it as we go, rather than
+wait until every aspect of every page was web standard compliant before allowing
+the public to see the redesign.</p>
+    
+    <h3>Browser Support</h3>
+    
+    <p>One of the nice effects of a web standards design is that the
+design will translate well across a variety of browsers.  This site has been
+tested in Mozilla and Mozilla-based browsers, Internet Explorer, Opera, Safari,
+Konqueror, and Galeon.  The decision was made to design for version 5 or later
+browsers, which extends support to 1998-era browsers.   The site will not have
+as rich a design in browsers older than these, but all information will remain
+in tact.</p>
+    
+    <p>There is no way that every browser ever made could possibly be supported
+by one design, and in fact, if you're using one of these older browsers, you're
+most likely used to sites looking a little different in your browser.  If
+lack of support for your browser becomes a problem for you, then by all means
+upgrade to a newer version.  There are several freely-available good browsers today.</p>
+    
+    <h3>Comments?  Questions?</h3>
+    
+    <p>Any questions, comments, or concerns about the samba.org redesign can be
+addressed to <a href="mailto:webeditor@samba.org">webeditor@samba.org</a>.
+Website bugs can be reported through <a
+href="https://bugzilla.samba.org">bugzilla.samba.org</a>. Please understand that
+your preference, or lack thereof, for a particular shade of yellow or blue is
+not cause enough for a bug report. You are, however, free to like or dislike
+whatever colors you choose.  Mostly, we just hope you'll find the redesigned
+samba.org useful.</p>
+    
+    <p class="request"><a href="https://bugzilla.samba.org/">Bugzilla</a>,
+<a href="http://build.samba.org/">Build Farm</a>, and the newly launched <a
+href="http://news.samba.org">news.samba.org</a> have also received updated looks
+in keeping with the new samba.org.  Please check out those sites as well!</p> 
+
+
+<!--#include virtual="/samba/footer.html" -->
\ No newline at end of file
diff --git a/contacts.html b/contacts.html
index 5f9f330..9fdb671 100755
--- a/contacts.html
+++ b/contacts.html
@@ -1,26 +1,18 @@
-<!--#include virtual="/samba/header.html" -->
+<!--#include virtual="/samba/header.html" --> 
+  <title>Samba Contacts</title>
+<!--#include virtual="/samba/header2.html" -->
 
-<H2 align="center">Contacts</H2>
-
-If you need to contact the Samba Team then please use one of the following
-methods:
+<h2 align="center">Contacts for...</h2>
 
 <ul>
-
- <li>For help with Samba please see the <a href="http://lists.samba.org/">Samba mailing lists</a></li>
- 
- <li> For submitting patches please see <a href="https://bugzilla.samba.org/">bugzilla.samba.org</a></li>
- 
- <li> For genuine bug reports please see <a href="https://bugzilla.samba.org/">bugzilla.samba.org</a></li>
- 
- <li>Report problems with the website to <a href="mailto:webmaster@samba.org">webmaster@samba.org</a></li>
- 
- <li> To report a serious security hole please send email to <a href="mailto:security@samba.org">security@samba.org</a></li>
- 
- <li> Samba is also discussed on several <a href="irc.html">IRC Channels</a>.</li>
- 
- <li> If you really need to talk to a team member instantly, then you can look at Andrew Tridgell's <a href="http://samba.org/~tridge/">home page</a> for a contact phone number. DO NOT ABUSE THIS.</li>
-
+<li>Help with Samba: please see the <a href="http://lists.samba.org/">Samba mailing lists</a></li>
+<li>Submitting patches: please see <a href="https://bugzilla.samba.org/">bugzilla.samba.org</a></li>
+<li>Genuine bug reports: please see <a href="https://bugzilla.samba.org/">bugzilla.samba.org</a></li>
+<li>Problems with the website: please send email to <a href="mailto:webmaster@samba.org">webmaster@samba.org</a></li>
+<li>Reporting a serious security hole: please send email to <a href="mailto:security@samba.org">security@samba.org</a></li>
+<li>Discussing samba development in real-time: you might find a team member on the #samba-technical channel on the <a href="http://freenode.net/">http://freenode.net/</a> IRC server. Please DO NOT ask any user questions in #samba-technical, but in #samba instead!</li>
 </ul>
 
+<p>Please use one of the above methods for connecting with Samba.  If you really need to talk to a team member instantly, then you can look at Andrew Tridgell's <a href="http://samba.org/~tridge/">home page</a> for a contact phone number. DO NOT ABUSE THIS.</p>
+
 <!--#include virtual="/samba/footer.html" -->
diff --git a/cvs.html b/cvs.html
index 9c174e7..a7debcf 100755
--- a/cvs.html
+++ b/cvs.html
@@ -1,4 +1,7 @@
-<!--#include virtual="/samba/header.html" -->
+<!--#include virtual="/samba/header.html" --> 
+  <title>Samba - CVS Instructions</title>
+<!--#include virtual="/samba/header2.html" -->
+
 
 <h2 align="center">CVS Access to pserver.samba.org</h2>
 
diff --git a/devel/TODO.html b/devel/TODO.html
index 94bfc49..63b268f 100755
--- a/devel/TODO.html
+++ b/devel/TODO.html
@@ -1,4 +1,6 @@
-<!--#include virtual="/samba/header.html" -->
+<!--#include virtual="/samba/header.html" --> 
+  <title>Samba Development TODO List</title>
+<!--#include virtual="/samba/header2.html" -->
 
 <H2 ALIGN=CENTER>Development List of Projects</H2>
 
diff --git a/devel/header_devel.html b/devel/header_devel.html
new file mode 100755
index 0000000..4092a83
--- /dev/null
+++ b/devel/header_devel.html
@@ -0,0 +1,133 @@
+<link rel="stylesheet" href="/samba/style/common.css" type="text/css" media="all" />
+<link rel="stylesheet" href="/samba/style/wide.css" type="text/css" media="all" />
+<link rel="shortcut icon" href="/samba/images/favicon.ico" />
+
+<!--[if gte IE 5.5]>
+        <style type="text/css">
+        /*<![CDATA[*/
+        .logo_hack {
+filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(src='/samba/images/log
+o.png',sizingMethod='scale');
+        }
+        /*]]>*/
+        </style>
+<![endif]-->
+
+<!--[if lte IE 5]>
+        <style type="text/css">
+        /*<![CDATA[*/
+        .logo_hack {
+        background-image:url(/samba/images/logo.gif);
+        background-position:center;
+        background-repeat:no-repeat;
+        top:23.5px;
+        left:-10px;
+        }
+        /*]]>*/
+        </style>
+<![endif]-->
+
+<script type="text/javascript">
+
+   function changeMirror(mirrorChoice) {
+        mirrorSite = mirrorChoice.options[mirrorChoice.selectedIndex].value
+
+        if (mirrorSite != "") {
+                document.location.href = mirrorSite
+                }
+   }
+
+</script>
+
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<meta http-equiv="Content-Language" content="en-us" />
+<meta name="keywords" content="Samba SMB CIFS" />
+<meta name="description" content="Home of Samba, the SMB file server" />
+<meta name="robots" content="noindex" />
+</head>
+
+
+<body onload="document.mirrorForm.mirrorLocation.selectedIndex=0">
+
+<div id="banner">
+  <div class="stripe"></div>
+
+  <div class="srch">
+  <h5>search samba.org:</h5>
+  <form method="post" action="http://de.samba.org/cgi-bin/htsearch">
+  <input type="text" size="15" name="words" value="" />
+  <input type="submit" value="Go" />
+  </form>
+  <span>|</span>
+  <form action="no_script_required.cgi" name="mirrorForm">
+    <select name="mirrorLocation" onchange="changeMirror(this.form.mirrorLocation)">
+    <option selected="selected">Choose A Mirror</option>
+    <!--#include virtual="http://www.samba.org/samba/mirror_options.html" -->
+    </select>
+   </form>
+  </div>
+</div>
+
+<div id="logo">
+  <div class="logo_hack"><a href="/samba/"><img src="/samba/images/linkpad.gif" alt="Samba" /></a></div>
+</div>
+
+<div class="slogan">
+  <h4>Opening Windows to a Wider World</h4>
+</div>
+
+<div class="nav">
+
+  <img src="/samba/images/think.png" alt="think samba" />
+  <ul>
+  <li><a href="/samba/what_is_samba.html">What Is Samba?</a></li>
+  <li><a href="http://news.samba.org/">Latest News</a></li>
+  </ul>
+
+  <img src="/samba/images/get.png" alt="get samba" />
+  <ul>
+  <li><a href="/samba/download/">Download Info</a></li>
+  <li><a href="/samba/ftp/Binary_Packages/">Binaries</a></li>
+  <li><a href="/samba/docs/man/Samba-HOWTO-Collection/install.html">How To Install</a></li>
+  <li><a href="/samba/GUI/">GUI Interfaces</a></li>
+  </ul>
+
+  <img src="/samba/images/learn.png" alt="learn samba" />
+  <ul>
+  <li><a href="/samba/docs/man/Samba-HOWTO-Collection/">Official HOWTO</a></li>
+  <li><a href="/samba/docs/man/Samba-Guide/">By Example</a></li>
+  <li><a href="/samba/docs/">All The Docs</a></li>
+  </ul>
+
+  <img src="/samba/images/talk.png" alt="talk samba" />
+  <ul>
+  <li><a href="http://lists.samba.org">List Subscribe</a></li>
+  <li><a href="/samba/archives.html">List Archives</a></li>
+  <li><a href="/samba/irc.html">IRC</a></li>
+  <li><a href="/samba/ml-etiquette.html">Etiquette</a></li>
+  </ul>
+
+  <img src="/samba/images/hack.png" alt="hack samba" />
+  <ul>
+  <li><a href="/samba/devel/">Devel Overview</a></li>
+  <li><a href="http://websvn.samba.org">SVN Source</a></li>
+  <li><a href="http://cvs.samba.org/cgi-bin/cvsweb/">CVS Source</a></li>
+  <li><a href="http://build.samba.org/">Build Farm</a></li>
+  <li><a href="https://bugzilla.samba.org">Bug Reports</a></li>
+  </ul>
+
+  <img src="/samba/images/contact.png" alt="contact samba" />
+  <ul>
+  <li><a href="/samba/team/">Samba Team</a></li>
+  <li><a href="/samba/donations.html">Donations</a></li>
+  <li><a href="/samba/team/tshirt.html">T-shirts, etc</a></li>
+  <li><a href="/samba/contacts.html">Contacts For...</a></li>
+  </ul>
+
+</div>
+
+<div id="content">
+  <div class="center">
+
+<!--#include virtual="/samba/local_header.html" -->
+
diff --git a/devel/index.html b/devel/index.html
index 75bf542..614adc3 100644
--- a/devel/index.html
+++ b/devel/index.html
@@ -1,5 +1,6 @@
-<!--#include virtual="/samba/header.html" -->
-
+<!--#include virtual="/samba/header.html" --> 
+  <title>Samba Development</title>
+<!--#include virtual="header_devel.html" -->
 <h2 align="center">Development</h2>
 
 <p>devel.samba.org contains information about the current state of Samba development. It should be of interest to those developing Samba as well as to those following Samba development.</p>
@@ -12,7 +13,7 @@
 
 <p>As of 4 April 2004, the Samba Team converted from CVS to Subversion for maintaining the Samba source code.  All current development is done in a Subversion repository.  All older code is in the original CVS tree; this would include 2.2.x versions of Samba, which are no longer in active development.</p>
 
-<p>The latest stable release is <em>Samba 3.0.4</em> (<a href="/samba/whatsnew/samba-3.0.4.html">release notes</a> and <a href="/samba/download.html">download</a>).  The next major stable release will be <em>Samba 3.2</em>, projected by the end of 2004.  This release is expected to incorporate aspects of the Samba 4 source code.  Samba 4 is still very early in its development and is an ambitious reworking of the Samba code.</p>
+<p>The latest stable release is <em>Samba 3.0.5</em> (<a href="/samba/history/samba-3.0.5.html">release notes</a> and <a href="/samba/download/">download</a>).  The next major stable release will be <em>Samba 3.2</em>, projected by the end of 2004.  This release is expected to incorporate aspects of the Samba 4 source code.  Samba 4 is still very early in its development and is an ambitious reworking of the Samba code.</p>
 
 <p>A roadmap to Samba 4 will be posted as soon as it is available.</p>
 
@@ -25,32 +26,42 @@
   <ul>
     <li><h4><em>trunk</em></h4>
     <p>This is the current development branch.  It is, obviously, not stable, as it is the ground where features for the next stable release are implemented and tested.</p>
-    <p>Example checkout command:
+    <p>Example checkout command:</p></li>
+  </ul>
+
 <pre>
 svn co svn://svnanon.samba.org/samba/trunk samba-trunk
-</pre></p></li>
+</pre>
 
+  <ul>
     <li><h4><em>Samba_3_0</em></h4>
     <p>This is the current stable release. Updates to this release will be mostly bugfixes to prepare for the next 3.0.x release.</p>
-    <p>Example checkout command:
+    <p>Example checkout command:<p></li>
+  </ul>
+
 <pre>
 svn co svn://svnanon.samba.org/samba/branches/SAMBA_3_0 samba3
-</pre></p></li>
+</pre>
 
+  <ul>
     <li><h4><em>Samba_3_0_RELEASE</em></h4>
     <p>This is the development area for the next stable release (Samba 3.2, targeted for the end of 2004).</p>
-    <p>Example checkout command:
+    <p>Example checkout command:</p></li>
+  </ul>
+
 <pre>
 svn co svn://svnanon.samba.org/samba/branches/SAMBA_3_0_RELEASE samba3_release
-</pre></p></li>
+</pre>
 
+  <ul>
     <li><h4><em>Samba_4_0</em></h4>
     <p>This is the tree for the next major release. It is currently under heavy development and still far away even from alpha releases.</p>
-    <p>Example checkout command:
+    <p>Example checkout command:</p></li>
+  </ul>
+
 <pre>
 svn co svn://svnanon.samba.org/samba/branches/SAMBA_4_0 samba4
-</pre></p></li>
-  </ul>
+</pre>
 
 <p>Further information on anonymous subversion access is available on <a href="/samba/subversion.html">the subversion page</a>.  Those interested in the old CVS tree can check out the the <a href="/samba/cvs.html">CVS page</a>.</p>
 
@@ -63,7 +74,7 @@ svn co svn://svnanon.samba.org/samba/branches/SAMBA_4_0 samba4
 
 
 <br />
-<h3>Learn More</h3>
+<a name="learn"><h3>Learn More</h3></a>
 
 <p>For anyone interested in getting up to speed with SMB/CIFS, NetBIOS, MS-RPC, etc... Here are some links to help out:</p>
 
diff --git a/devel/roadmap-3.html b/devel/roadmap-3.html
index e9a928e..6cd92df 100755
--- a/devel/roadmap-3.html
+++ b/devel/roadmap-3.html
@@ -1,4 +1,6 @@
-<!--#include virtual="/samba/header.html" -->
+<!--#include virtual="/samba/header.html" --> 
+  <title>Samba 3.0 Roadmap</title>
+<!--#include virtual="/samba/header2.html" -->
 
 <h3>Current development branches</h3>
 
diff --git a/devel/roadmap-4.0.html b/devel/roadmap-4.0.html
index cbd53a2..7d1fff1 100644
--- a/devel/roadmap-4.0.html
+++ b/devel/roadmap-4.0.html
@@ -1,4 +1,6 @@
-<!--#include virtual="/samba/header.html" -->
+<!--#include virtual="/samba/header.html" --> 
+  <title>Samba 4.0 Roadmap</title>
+<!--#include virtual="/samba/header2.html" -->
 
 <h2 align="center">Roadmap to Samba 4.0.0</h2>		
 
diff --git a/docs/FAQ/index.html b/docs/FAQ/index.html
index 6fea468..9e85faa 100755
--- a/docs/FAQ/index.html
+++ b/docs/FAQ/index.html
@@ -1,14 +1,9 @@
 <!--#include virtual="/samba/header.html" -->
+  <title>Samba FAQ</title>
+<!--#include virtual="/samba/header2.html" -->
 
-<H2 align="center">Samba FAQ</H2>
+<h2">Samba FAQ</h2>
 
-<p>This page used to contain the old Samba FAQ, autogenerated by a cron-job 
-every night. As this FAQ is very outdated, it will soon be removed. Instead, 
-it is advised that you read the chapter 
-of the <a href="/samba/docs/man/howto">Samba HOWTO Collection</a> related to 
-your question (in particular the "Common Errors" section that every chapter 
-has).
-
-<!-- This page should probably go away around july 2004 -->
+<p>This page will be renovated along with the site.  It is here merely as a place-holder to remind deryck that it needs to be done.</p>
 
 <!--#include virtual="/samba/footer.html" -->
diff --git a/docs/GPL.html b/docs/GPL.html
index 994f1aa..6cff722 100755
--- a/docs/GPL.html
+++ b/docs/GPL.html
@@ -1,4 +1,6 @@
 <!--#include virtual="/samba/header.html" -->
+<title>GPL on Samba.org</title>
+<!--#include virtual="/samba/header2.html" -->
 
 <pre>
 <!--#include virtual="/samba/ftp/COPYING" -->
diff --git a/docs/header_docs.html b/docs/header_docs.html
new file mode 100755
index 0000000..c7e5959
--- /dev/null
+++ b/docs/header_docs.html
@@ -0,0 +1,134 @@
+
+<link rel="stylesheet" href="/samba/style/common.css" type="text/css" media="all" />
+<link rel="stylesheet" href="/samba/style/wide.css" type="text/css" media="all" />
+<link rel="shortcut icon" href="/samba/images/favicon.ico" />
+
+<!--[if gte IE 5.5]>
+	<style type="text/css">
+	/*<![CDATA[*/
+	.logo_hack {
+filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(src='/samba/images/log
+o.png',sizingMethod='scale');
+	}
+	/*]]>*/ 
+	</style>
+<![endif]-->
+
+<!--[if lte IE 5]>
+	<style type="text/css">
+	/*<![CDATA[*/
+	.logo_hack {
+	background-image:url(/samba/images/logo.gif);
+	background-position:center;
+	background-repeat:no-repeat;
+	top:23.5px;
+	left:-10px;
+	}
+	/*]]>*/
+        </style>
+<![endif]-->
+
+<script type="text/javascript">
+
+   function changeMirror(mirrorChoice) {
+   	mirrorSite = mirrorChoice.options[mirrorChoice.selectedIndex].value 
+   	
+   	if (mirrorSite != "") { 
+   		document.location.href = mirrorSite 
+   		} 
+   }
+
+</script>
+
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<meta http-equiv="Content-Language" content="en-us" />
+<meta name="keywords" content="Samba SMB CIFS" />
+<meta name="description" content="Home of Samba, the SMB file server" />
+<meta name="robots" content="noindex" />
+
+</head>
+
+
+<body onload="document.mirrorForm.mirrorLocation.selectedIndex=0">
+
+<div id="banner">
+  <div class="stripe"></div>
+  
+  <div class="srch">
+  <h5>search samba.org:</h5>
+  <form method="post" action="http://de.samba.org/cgi-bin/htsearch">
+  <input type="text" size="15" name="words" value="" />
+  <input type="submit" value="Go" />
+  </form>
+  <span>|</span>
+  <form action="no_script_required.cgi" name="mirrorForm">
+    <select name="mirrorLocation" onchange="changeMirror(this.form.mirrorLocation)">
+    <option selected="selected">Choose A Mirror</option>
+    <!--#include virtual="http://www.samba.org/samba/mirror_options.html" --> 
+    </select>
+   </form>
+  </div>
+</div>
+
+<div id="logo">
+  <div class="logo_hack"><a href="/samba/"><img src="/samba/images/linkpad.gif" alt="Samba" /></a></div>
+</div>
+
+<div class="slogan">
+  <h4>Opening Windows to a Wider World</h4>
+</div>
+
+<div class="nav">
+  
+  <img src="/samba/images/think.png" alt="think samba" />
+  <ul>
+  <li><a href="/samba/what_is_samba.html">What Is Samba?</a></li>
+  <li><a href="http://news.samba.org/">Latest News</a></li>
+  </ul>
+    
+  <img src="/samba/images/get.png" alt="get samba" />
+  <ul>  
+  <li><a href="/samba/download/">Download Info</a></li>
+  <li><a href="/samba/ftp/Binary_Packages/">Binaries</a></li>
+  <li><a href="/samba/docs/man/Samba-HOWTO-Collection/install.html">How To Install</a></li>
+  <li><a href="/samba/GUI/">GUI Interfaces</a></li>
+  </ul>
+    
+  <img src="/samba/images/learn.png" alt="learn samba" />
+  <ul>
+  <li><a href="/samba/docs/man/Samba-HOWTO-Collection/">Official HOWTO</a></li>
+  <li><a href="/samba/docs/man/Samba-Guide/">By Example</a></li>
+  <li><a href="/samba/docs/">All The Docs</a></li>
+  </ul>
+    
+  <img src="/samba/images/talk.png" alt="talk samba" />
+  <ul>
+  <li><a href="http://lists.samba.org">List Subscribe</a></li>
+  <li><a href="/samba/archives.html">List Archives</a></li>
+  <li><a href="/samba/irc.html">IRC</a></li>
+  <li><a href="/samba/ml-etiquette.html">Etiquette</a></li>
+  </ul>
+    
+  <img src="/samba/images/hack.png" alt="hack samba" />
+  <ul>
+  <li><a href="/samba/devel/">Devel Overview</a></li>
+  <li><a href="http://websvn.samba.org">SVN Source</a></li>
+  <li><a href="http://cvs.samba.org/cgi-bin/cvsweb/">CVS Source</a></li>
+  <li><a href="http://build.samba.org/">Build Farm</a></li>
+  <li><a href="https://bugzilla.samba.org">Bug Reports</a></li>
+  </ul>
+    
+  <img src="/samba/images/contact.png" alt="contact samba" />
+  <ul>
+  <li><a href="/samba/team/">Samba Team</a></li>
+  <li><a href="/samba/donations.html">Donations</a></li>
+  <li><a href="/samba/team/tshirt.html">T-shirts, etc</a></li>
+  <li><a href="/samba/contacts.html">Contacts For...</a></li>
+  </ul>
+    
+</div>
+
+ 
+<div id="content">
+  <div class="center">
+
diff --git a/docs/index.html b/docs/index.html
index 9bb6f28..d159a75 100755
--- a/docs/index.html
+++ b/docs/index.html
@@ -1,4 +1,6 @@
-<!--#include virtual="/samba/header.html" -->
+<!--#include virtual="/samba/header.html" --> 
+  <title>Samba Documentation</title>
+<!--#include virtual="header_docs.html" -->
 
 <!-- $Revision: 1.76 $ -->
 
@@ -11,7 +13,7 @@ earlier version of Samba then you may find some differences.
 <p>
 The current Samba-3 release version of the Samba-HOWTO-Collection
 may be found here in <a href="/samba/docs/Samba-HOWTO-Collection.pdf">PDF</a>
-and <a href="/samba/docs/man/Samba-HOWTO-Collection/">HTML</a> formats.  Those wishing to obtain a hard copy
+and <a href="/samba/docs/man/howto/">HTML</a> formats.  Those wishing to obtain a hard copy
 of this document may do so by purchasing 
 <A HREF="http://www.amazon.com/exec/obidos/tg/detail/-/0131453556/qid=1066665885/sr=1-1/ref=sr_1_1/102-7153927-8348145?v=glance&s=books">
 The Official Samba-3 HOWTO and Reference Guide.</a>
@@ -19,7 +21,7 @@ The Official Samba-3 HOWTO and Reference Guide.</a>
 
 <p>
 The current Samba-3 release version of the Samba-Guide may be found here in
-<a href="/samba/docs/Samba-Guide.pdf">PDF</a> and <a href="/samba/docs/man/Samba-Guide/">HTML</a>
+<a href="/samba/docs/Samba-Guide.pdf">PDF</a> and <a href="/samba/docs/man/guide/">HTML</a>
 formats. Those wishing to obtain a hard copy (which includes a CDROM with all Example files)
 may do so by purchasing
 <a href="http://www.amazon.com/exec/obidos/tg/detail/-/01341472216/qid=1082864552/sr=8-1/ref=pd_ka_1/002-5981043-8080058?v=glance&s=books&n=507846">Samba-3 by Example.</a>
diff --git a/donations.html b/donations.html
index 85d8df2..6eafe2b 100755
--- a/donations.html
+++ b/donations.html
@@ -1,4 +1,6 @@
-<!--#include virtual="/samba/header.html" -->
+<!--#include virtual="/samba/header.html" --> 
+  <title>Donations to Help Support Samba</title>
+<!--#include virtual="/samba/header2.html" -->
 
 <H2 ALIGN=CENTER>samba.org donations</H2>
 
diff --git a/download/ftp_mirrors.html b/download/ftp_mirrors.html
new file mode 100755
index 0000000..45e50c8
--- /dev/null
+++ b/download/ftp_mirrors.html
@@ -0,0 +1,12 @@
+<!--#include virtual="/samba/header.html" --> 
+  <title>Samba Download Sites</title>
+<!--#include virtual="header_download.html" -->
+
+<h2>ftp Mirror Sites</h2>
+
+<p>The following sites are ftp mirror sites.  These sites contain the source and binary distributions but not the web pages.</p>
+
+<!--#include virtual="/samba/ftp_hosts.html" -->
+
+            
+<!--#include virtual="/samba/footer.html" -->
diff --git a/download/header_download.html b/download/header_download.html
new file mode 100755
index 0000000..d12b9be
--- /dev/null
+++ b/download/header_download.html
@@ -0,0 +1,136 @@
+
+<link rel="stylesheet" href="/samba/style/common.css" type="text/css" media="all" />
+<link rel="stylesheet" href="/samba/style/wide.css" type="text/css" media="all" />
+<link rel="shortcut icon" href="/samba/images/favicon.ico" />
+
+<!--[if gte IE 5.5]>
+	<style type="text/css">
+	/*<![CDATA[*/
+	.logo_hack {
+filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(src='/samba/images/log
+o.png',sizingMethod='scale');
+	}
+	/*]]>*/ 
+	</style>
+<![endif]-->
+
+<!--[if lte IE 5]>
+	<style type="text/css">
+	/*<![CDATA[*/
+	.logo_hack {
+	background-image:url(/samba/images/logo.gif);
+	background-position:center;
+	background-repeat:no-repeat;
+	top:23.5px;
+	left:-10px;
+	}
+	/*]]>*/
+        </style>
+<![endif]-->
+
+<script language="Javascript" type="text/javascript">
+
+   function changeMirror(mirrorChoice) {
+   	mirrorSite = mirrorChoice.options[mirrorChoice.selectedIndex].value 
+   	
+   	if (mirrorSite != "") { 
+   		document.location.href = mirrorSite 
+   		} 
+   }
+
+</script>
+
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<meta http-equiv="Content-Language" content="en-us" />
+<meta name="keywords" content="Samba SMB CIFS" />
+<meta name="description" content="Home of Samba, the SMB file server" />
+<meta name="robots" content="noindex" />
+
+</head>
+
+
+<body onload="document.mirrorForm.mirrorLocation.selectedIndex=0">
+
+<div id="banner">
+  <div class="stripe"></div>
+  
+  <div class="srch">
+  <h5>search samba.org:</h5>
+  <form method="post" action="http://de.samba.org/cgi-bin/htsearch">
+  <input type="text" size="15" name="words" value="" />
+  <input type="submit" value="Go" />
+  </form>
+  <span>|</span>
+  <form action="no_script_required.cgi" name="mirrorForm">
+    <select name="mirrorLocation" onchange="changeMirror(this.form.mirrorLocation)">
+    <option selected="selected">Choose A Mirror</option>
+    <!--#include virtual="http://www.samba.org/samba/mirror_options.html" --> 
+    </select>
+   </form>
+  </div>
+</div>
+
+<div id="logo">
+  <div class="logo_hack"><a href="/samba/"><img src="/samba/images/linkpad.gif" alt="Samba" /></a></div>
+</div>
+
+<div class="slogan">
+  <h4>Opening Windows to a Wider World</h4>
+</div>
+
+<div id="left_border"></div>
+  
+<div class="nav">
+  
+  <img src="/samba/images/think.png" alt="think samba" />
+  <ul>
+  <li><a href="/samba/what_is_samba.html">What Is Samba?</a></li>
+  <li><a href="http://news.samba.org/">Latest News</a></li>
+  </ul>
+    
+  <img src="/samba/images/get.png" alt="get samba" />
+  <ul>  
+  <li><a href="/samba/download/">Download Info</a></li>
+  <li><a href="/samba/ftp/Binary_Packages/">Binaries</a></li>
+  <li><a href="/samba/docs/man/Samba-HOWTO-Collection/install.html">How To Install</a></li>
+  <li><a href="/samba/GUI/">GUI Interfaces</a></li>
+  </ul>
+    
+  <img src="/samba/images/learn.png" alt="learn samba" />
+  <ul>
+  <li><a href="/samba/docs/man/Samba-HOWTO-Collection/">Official HOWTO</a></li>
+  <li><a href="/samba/docs/man/Samba-Guide/">By Example</a></li>
+  <li><a href="/samba/docs/">All The Docs</a></li>
+  </ul>
+    
+  <img src="/samba/images/talk.png" alt="talk samba" />
+  <ul>
+  <li><a href="http://lists.samba.org">List Subscribe</a></li>
+  <li><a href="/samba/archives.html">List Archives</a></li>
+  <li><a href="/samba/irc.html">IRC</a></li>
+  <li><a href="/samba/ml-etiquette.html">Etiquette</a></li>
+  </ul>
+    
+  <img src="/samba/images/hack.png" alt="hack samba" />
+  <ul>
+  <li><a href="/samba/devel/">Devel Overview</a></li>
+  <li><a href="http://websvn.samba.org">SVN Source</a></li>
+  <li><a href="http://cvs.samba.org/cgi-bin/cvsweb/">CVS Source</a></li>
+  <li><a href="http://build.samba.org/">Build Farm</a></li>
+  <li><a href="https://bugzilla.samba.org/">Bug Reports</a></li>
+  </ul>
+    
+  <img src="/samba/images/contact.png" alt="contact samba" />
+  <ul>
+  <li><a href="/samba/team/">Samba Team</a></li>
+  <li><a href="/samba/donations.html">Donations</a></li>
+  <li><a href="/samba/team/tshirt.html">T-shirts, etc</a></li>
+  <li><a href="/samba/contacts.html">Contacts For...</a></li>
+  </ul>
+    
+</div>
+
+
+<div id="content">
+  <div class="center">
+
diff --git a/download.html b/download/index.html
similarity index 91%
rename from download.html
rename to download/index.html
index 143bd40..d9f7f40 100755
--- a/download.html
+++ b/download/index.html
@@ -1,24 +1,24 @@
-<!--#include virtual="/samba/header.html" -->
-
+<!--#include virtual="/samba/header.html" --> 
+  <title>Download Samba</title>
+<!--#include virtual="header_download.html" -->
 <h2 align="center">Download</h2>
 
 <BR><p> The Samba source code is distributed via ftp and http. For ftp
-sites look <A HREF="/samba/">here</A>. For the http site look <A
+sites look <A HREF="ftp_mirrors.html">here</A>. For the http site look <A
 HREF="/samba/ftp/">here</A>.
 The file you probably want is called <A HREF="/samba/ftp/samba-latest.tar.gz">samba-latest.tar.gz</A>.
 
-<a name="verify"><h3 align="center">Verify</h3></a>
 <p>The <a href="/samba/ftp/samba-pubkey.asc">Samba distribution GPG public key</a>
 can be used to verify that current releases have not been tampered with.  Using
 GnuPG, simply download the Samba source distribution, the tarball signature,
 and the Samba distribution public key.  Then run</br>
 
 <pre>
-     $ gpg --import samba-pubkey.asc
-     $ [gunzip|bunzip2] samba-<em>release</em>.tar.[bz2|gz]
-     $ gpg --verify samba-<em>release</em>.tar.asc
-     gpg: Signature made Tue 26 Nov 2002 07:12:04 PM CST using DSA key ID 2F87AF6F
-     gpg: Good signature from "Samba Distribution Verification Key <samba-bugs@samba.org>"
+ $ gpg --import samba-pubkey.asc
+ $ [gunzip|bunzip2] samba-<em>release</em>.tar.[bz2|gz]
+ $ gpg --verify samba-<em>release</em>.tar.asc
+ gpg: Signature made Tue 26 Nov 2002 07:12:04 PM CST using DSA key ID 2F87AF6F
+ gpg: Good signature from "Samba Distribution Verification Key <samba-bugs@samba.org>"
 </pre>
 
 
diff --git a/favicon.ico b/favicon.ico
deleted file mode 100755
index ef903bacfe86d42888c3654ab8518d9361498566..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2238
zcmeHI%XPvq5M1Mcfe<@cjC~Bp++6@v<2E2=sDqT@0#rmw;FtpsWmb~IM>6Le5O1W_
zer8uI@l2H9w_X$GDSb_eDkAy-prS1xdOM!nV&~*6H(FEM8p1@R6)6K5x`v=Pnv@co
z$c7s1wZ^__h*V2$16e5|=$l59kywQo@M)1B<I#af2mWmbN<Xq*h_5v-;|8zgoL}xa
zF!8+%3-pKQg9J58|ArYjwf!A*u;IcGKLqD_E(Arvvsevv?F)#9ONh;o&dXV4N5E3s
z3b|xA0=pwXdUw(=k<}MVXU|sw!PqAl+mmo$_r$)^$Yr_2nfDt71ad`0D`!u`0?Ucm
zdFehig9T*eoAnF$%Y|*tVz7Wd!nHb5fOW`TZ5=eJs_27!X0~5JN!Bx7t^O_HC|Bz9
z#^%Rk8M3<r5ZC9B8%Y@Q<VJb9g~K4b_>J**y7Uj^MdX67oc_Yi&Y05%cy~A!#{6VJ
x3M9rH@I^mBK8;cflR(+yb8pPvql06&6@ak=2uy-Km^<JbIBdYWb2wr>nP2$v#_#|D

diff --git a/footer.html b/footer.html
index b4fadde..e339202 100755
--- a/footer.html
+++ b/footer.html
@@ -1,26 +1,7 @@
-</td>
-<td></td>
-</tr>
-
-  <TR ALIGN="center">
-    <TD COLSPAN="3"><BR><BR><BR><img src="/samba/images/bar1.gif" WIDTH="493" HEIGHT="26" BORDER="0" alt="=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-="></TD>
-  </TR>
-  <TR>
-    <TD COLSPAN="3" ALIGN="center">
-      <em>samba - opening windows to a wider world</em>
-    </TD>
-  </TR>
-</TABLE>
-
-<table align="center">
-<tr><td>
-<form method="post" action="http://de.samba.org/cgi-bin/htsearch">
-<input type="text" size="30" name="words" value="">
-<input type="submit" value="Search">
-</form>
-</td>
-</tr></table>
+  </div>  <!-- Closes the 'center' div -->
+</div>  <!-- Closes the 'content' div -->
 
 <!--#include virtual="/samba/local_footer.html" -->
-</BODY>
-</HTML>
+
+</body>
+</html>
diff --git a/header.html b/header.html
index f617e4b..efeda16 100755
--- a/header.html
+++ b/header.html
@@ -1,61 +1,5 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
-<HTML>
-<HEAD>
-<TITLE>SAMBA - opening windows to a wider world</TITLE>
-<link rel="shortcut icon" href="/samba/favicon.ico">
-<META HTTP-EQUIV="Content-Type" content="text/html; charset=iso-8859-1">
-<META NAME="keywords" CONTENT="Samba,SMB,CIFS">
-<META NAME="description" CONTENT="Home of Samba, the SMB file server.">
-</HEAD>
-<BODY BGCOLOR="#ffffff" TEXT="#000000" VLINK="#6600cc" LINK="#0000ff" ALINK="#cc0033">
-<!--#include virtual="/samba/local_header.html" -->
-
-<TABLE BORDER=0 WIDTH="85%" ALIGN="CENTER">
-  <tr VALIGN="middle">
-    <td ALIGN="left">
-	<ul>
-      <li><font size="-1"><a href="/samba/samba.html">home</a></font>
-      <li><font size="-1"><a href="/samba/index.html">mirrors</a></font>
-      <li><font size="-1"><a href="/samba/search.html">search</a></font>
-      <li><font size="-1"><a href="/samba/whatsnew/">announcements</a></font>
-      <li><font size="-1"><a href="/samba/archives.html">mailing&nbsp;lists</a></font>
-      <li><font size="-1"><a href="/samba/docs/">documentation</a></font>
-      <li><font size="-1"><a href="/samba/books.html">books</a></font>
-      <li><font size="-1"><a href="/samba/download.html">download</a></font>
-      <li><font size="-1"><a href="/samba/donations.html">donations</a></font>
-      <li><font size="-1"><a href="/samba/security.html">security</a></font></li>
-	</ul>
-    </td>
-    <td align="center">
-      <a href="/samba/samba.html"><img src="/samba/images/slmed.gif" 
-       width="226" height="107" border="0" alt="samba"></a>
-    </td>
-    <td align="left">
-	<ul>
-      <li><font size="-1"><a href="/samba/contacts.html">contacts</a></font>
-      <li><font size="-1"><a href="/samba/team.html">Samba&nbsp;Team</a></font>
-      <li><font size="-1"><a href="/samba/devel/">development</a></font>
-      <li><font size="-1"><a href="/samba/support/">support</a></font>
-      <li><font size="-1"><a href="/samba/GUI/">gui&nbsp;interfaces</a></font>
-      <li><font size="-1"><a href="/samba/thanks.html">thanks</a></font>
-      <li><font size="-1"><a href="/samba/vendors/">vendors</a></font>
-      <li><font size="-1"><a href="http://samba-survey.sernet.de/">survey</a></font>
-      <li><font size="-1"><a href="/samba/tshirt.html">t-shirts,&nbsp;etc</a></font>
-	</ul>
-    </td>
-  </tr>
-
-  <TR ALIGN="center">
-    <TD COLSPAN="3"><BR>
-    <img src="/samba/images/bar1.gif" WIDTH="493" HEIGHT="26"
-    BORDER="0"
-    alt="=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=">
-    <br><br><br>
-    </TD>
-  </TR>
-</table>
-
-<table border=0 width="75%" align="center">
-  <tr><td></td><td align="left">
-
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
 
+<head>
diff --git a/header2.html b/header2.html
new file mode 100755
index 0000000..ba1fe80
--- /dev/null
+++ b/header2.html
@@ -0,0 +1,177 @@
+
+<link rel="stylesheet" href="/samba/style/common.css" type="text/css" media="all" />
+<link rel="stylesheet" href="/samba/style/main.css" type="text/css" media="all" />
+<link rel="shortcut icon" href="/samba/images/favicon.ico" />
+
+<!--[if gte IE 5.5]>
+	<style type="text/css">
+	/*<![CDATA[*/
+	.logo_hack {
+filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(src='/samba/images/logo.png',sizingMethod='scale');
+	}
+	/*]]>*/ 
+	</style>
+<![endif]-->
+
+<!--[if lte IE 5]>
+	<style type="text/css">
+	/*<![CDATA[*/
+	.logo_hack {
+	background-image:url(/samba/images/logo.gif);
+	background-position:center;
+	background-repeat:no-repeat;
+	top:23.5px;
+	left:-10px;
+	}
+	/*]]>*/
+        </style>
+<![endif]-->
+
+<script type="text/javascript">
+
+   function changeMirror(mirrorChoice) {
+   	mirrorSite = mirrorChoice.options[mirrorChoice.selectedIndex].value 
+   	
+   	if (mirrorSite != "") { 
+   		document.location.href = mirrorSite 
+   		} 
+   }
+
+</script>
+
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<meta http-equiv="Content-Language" content="en-us" />
+<meta name="keywords" content="Samba SMB CIFS" />
+<meta name="description" content="Home of Samba, the SMB file server" />
+<meta name="robots" content="noindex" />
+
+</head>
+
+
+<body onload="document.mirrorForm.mirrorLocation.selectedIndex=0">
+
+<div id="banner">
+  <div class="stripe"></div>
+  
+  <div class="srch">
+  <h5>search samba.org:</h5>
+  <form method="post" action="http://de.samba.org/cgi-bin/htsearch">
+  <input type="text" size="15" name="words" value="" />
+  <input type="submit" value="Go" />
+  </form>
+  <span>|</span>
+  <form action="no_script_required.cgi" name="mirrorForm">
+    <select name="mirrorLocation" onchange="changeMirror(this.form.mirrorLocation)">
+    <option selected="selected">Choose A Mirror</option>
+    <!--#include virtual="http://www.samba.org/samba/mirror_options.html" --> 
+    </select>
+   </form>
+  </div>
+</div>
+
+<div id="logo">
+  <div class="logo_hack"><a href="/samba/"><img src="/samba/images/linkpad.gif" alt="Samba" /></a></div>
+</div>
+
+<div class="slogan">
+  <h4>Opening Windows to a Wider World</h4>
+</div>
+
+<div class="nav">
+  
+  <img src="/samba/images/think.png" alt="think samba" />
+  <ul>
+  <li><a href="/samba/what_is_samba.html">What Is Samba?</a></li>
+  <li><a href="http://news.samba.org/">Latest News</a></li>
+  </ul>
+    
+  <img src="/samba/images/get.png" alt="get samba" />
+  <ul>  
+  <li><a href="/samba/download/">Download Info</a></li>
+  <li><a href="/samba/ftp/Binary_Packages/">Binaries</a></li>
+  <li><a href="/samba/docs/man/Samba-HOWTO-Collection/install.html">How To Install</a></li>
+  <li><a href="/samba/GUI/">GUI Interfaces</a></li>
+  </ul>
+    
+  <img src="/samba/images/learn.png" alt="learn samba" />
+  <ul>
+  <li><a href="/samba/docs/man/Samba-HOWTO-Collection/">Official HOWTO</a></li>
+  <li><a href="/samba/docs/man/Samba-Guide/">By Example</a></li>
+  <li><a href="/samba/docs/">All The Docs</a></li>
+  </ul>
+    
+  <img src="/samba/images/talk.png" alt="talk samba" />
+  <ul>
+  <li><a href="http://lists.samba.org">List Subscribe</a></li>
+  <li><a href="/samba/archives.html">List Archives</a></li>
+  <li><a href="/samba/irc.html">IRC</a></li>
+  <li><a href="/samba/ml-etiquette.html">Etiquette</a></li>
+  </ul>
+    
+  <img src="/samba/images/hack.png" alt="hack samba" />
+  <ul>
+  <li><a href="/samba/devel/">Devel Overview</a></li>
+  <li><a href="http://websvn.samba.org">SVN Source</a></li>
+  <li><a href="http://cvs.samba.org/cgi-bin/cvsweb/">CVS Source</a></li>
+  <li><a href="http://build.samba.org/">Build Farm</a></li>
+  <li><a href="https://bugzilla.samba.org">Bug Reports</a></li>
+  </ul>
+    
+  <img src="/samba/images/contact.png" alt="contact samba" />
+  <ul>
+  <li><a href="/samba/team/">Samba Team</a></li>
+  <li><a href="/samba/donations.html">Donations</a></li>
+  <li><a href="/samba/team/tshirt.html">T-shirts, etc</a></li>
+  <li><a href="/samba/contacts.html">Contacts For...</a></li>
+  </ul>
+    
+</div>
+
+<div id="links">
+
+  <div class="releases">
+    <h4>Current Stable Releases</h4>
+    <ul>
+    <li><a href="/samba/ftp/samba-3.0.5.tar.gz">Samba 3.0.5 (gzipped)</a></li>
+    <li><a href="/samba/history/samba-3.0.5.html">Release Notes</a></li>
+    <li><a href="/samba/ftp/samba-3.0.5.tar.asc">Signature</a></li>
+    </ul>
+    
+    <ul>
+    <li><a href="/samba/ftp/old-versions/samba-2.2.10.tar.gz">Samba 2.2.10
+(gzipped)</a></li>
+    <li><a href="/samba/history/samba-2.2.10.html">Release Notes</a></li>
+    <li><a href="/samba/ftp/old-versions/samba-2.2.10.tar.asc">Signature</a></li>
+    </ul>
+       
+    <p><a href="/samba/history/">Release History</a></p>
+    
+    <p><a href="/samba/history/security.html">Security Updates</a></p>
+  </div>
+  
+  <div class="beyond">
+    <h4>Beyond samba.org</h4>
+    <ul>
+    <li><a href="/samba/support/">Commercial Support</a></li>
+    <li><a href="/samba/vendors/">Samba-related Products</a></li>
+    <li><a href="/samba/colophon.html">Samba-Web, version 3</a></li>
+    </ul>
+  </div>
+  
+  <div class="related">
+    <h4>Related Sites</h4>
+    <ul>
+    <li><a href="http://samba-survey.sernet.de/">survey.samba.org</a></li>
+    <li><a href="http://jcifs.samba.org/">jcifs.samba.org</a></li>
+    <li><a href="http://rsync.samba.org/">rsync.samba.org</a></li>
+    <li><a href="http://ccache.samba.org/">ccache.samba.org</a></li>
+    <li><a href="http://distcc.samba.org/">distcc.samba.org</a></li>
+    </ul>
+  </div>
+    
+</div>
+
+ 
+<div id="content">
+  <div class="center">
+
diff --git a/history/footer_history.html b/history/footer_history.html
new file mode 100755
index 0000000..dc53804
--- /dev/null
+++ b/history/footer_history.html
@@ -0,0 +1,5 @@
+  </div>  <!-- Closes the 'center' div -->
+</div>  <!-- Closes the 'content' div -->
+
+</body>
+</html>
diff --git a/history/header_history.html b/history/header_history.html
new file mode 100755
index 0000000..9b8e0f5
--- /dev/null
+++ b/history/header_history.html
@@ -0,0 +1,142 @@
+
+<link rel="stylesheet" href="/samba/style/common.css" type="text/css" media="all" />
+<link rel="stylesheet" href="/samba/style/history.css" type="text/css" media="all" />
+<link rel="shortcut icon" href="/samba/images/favicon.ico" />
+
+<!--[if gte IE 5.5]>
+	<style type="text/css">
+	.logo_hack { filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(src='/samba/images/logo.png',sizingMethod='scale');
+	}
+	</style>
+<![endif]-->
+
+<!--[if lte IE 5]>
+	<style type="text/css">
+	.logo_hack {
+	background-image:url(/samba/images/logo.gif);
+	background-position:center;
+	background-repeat:no-repeat;
+	}
+	</style>
+<![endif]-->
+
+<script type="text/javascript">
+
+   function changeMirror(mirrorChoice) {
+        mirrorSite = mirrorChoice.options[mirrorChoice.selectedIndex].value
+
+        if (mirrorSite != "") {
+                document.location.href = mirrorSite
+                }
+   }
+
+</script>
+
+
+<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
+<meta http-equiv="Content-Language" content="en-us" />
+<meta name="keywords" content="Samba SMB CIFS" />
+<meta name="description" content="Home of Samba, the SMB file server." />
+<meta name="robots" content="noindex" />
+
+</head>
+
+
+<body>
+
+<div id="banner">
+  <div class="stripe"></div>
+  
+  <div class="srch">
+  <h5>search samba.org:</h5>
+  <form method="post" action="http://de.samba.org/cgi-bin/htsearch">
+  <input type="text" size="15" name="words" value="" />
+  <input type="submit" value="Go" />
+  </form>
+  <span>|</span>
+  <form action="no_script_required.cgi" name="mirrorForm">
+    <select name="mirrorLocation" onchange="changeMirror(this.form.mirrorLocation)">
+    <option selected="selected">Choose A Mirror</option>
+    <!--#include virtual="http://www.samba.org/samba/mirror_options.html" -->
+    </select>
+   </form>
+  </div>
+</div>
+
+<div id="logo">
+  <div class="logo_hack"><a href="/samba/"><img src="/samba/images/linkpad.gif" alt="Samba" /></a></div>
+</div>
+
+<div class="slogan">
+  <h4>Opening Windows to a Wider World</h4>
+</div>
+
+<div id="left_border">
+
+  <div class="nav">
+    <img src="/samba/images/release.png" alt="release samba" />
+    <ul>
+    <li><a href="/samba/index.html">Samba-Web Home</a></li>
+    <li><a href="/samba/history/">Release History Home</a></li>
+    <li><a href="/samba/history/security.html">Security Releases</a></li>
+    </ul>
+  </div>
+  
+  <div class="notes">
+    <h6>Release Notes</h6>
+    <ul>
+    <li><a href="samba1.9.17.html">samba1.9.17.html</a></li>
+    <li><a href="samba1.9.17p1.html">samba1.9.17p1.html</a></li>
+    <li><a href="samba1.9.17p2.html">samba1.9.17p2.html</a></li>
+    <li><a href="samba1.9.17p3.html">samba1.9.17p3.html</a></li>
+    <li><a href="samba1.9.17p4.html">samba1.9.17p4.html</a></li>
+    <li><a href="samba1.9.17p5.html">samba1.9.17p5.html</a></li>
+    <li><a href="samba1.9.18.html">samba1.9.18.html</a></li>
+    <li><a href="samba1.9.18p1.html">samba1.9.18p1.html</a></li>
+    <li><a href="samba1.9.18p2.html">samba1.9.18p2.html</a></li>
+    <li><a href="samba1.9.18p3.html">samba1.9.18p3.html</a></li>
+    <li><a href="samba1.9.18p4.html">samba1.9.18p4.html</a></li>
+    <li><a href="samba1.9.18p5.html">samba1.9.18p5.html</a></li>
+    <li><a href="samba1.9.18p6.html">samba1.9.18p6.html</a></li>
+    <li><a href="samba1.9.18p7.html">samba1.9.18p7.html</a></li>
+    <li><a href="samba1.9.18p8.html">samba1.9.18p8.html</a></li>
+    <li><a href="samba-1.9.18-security.html">samba-1.9.18-security.html</a></li>
+    <li><a href="samba1.9.18p10.html">samba1.9.18p10.html</a></li>
+    <li><a href="samba-2.0.0.html">samba-2.0.0.html</a></li>
+    <li><a href="samba-2.0.1.html">samba-2.0.1.html</a></li>
+    <li><a href="samba-2.0.2.html">samba-2.0.2.html</a></li>
+    <li><a href="samba-2.0.3.html">samba-2.0.3.html</a></li>
+    <li><a href="samba-2.0.4.html">samba-2.0.4.html</a></li>
+    <li><a href="samba-2.0.5.html">samba-2.0.5.html</a></li>
+    <li><a href="samba-2.0.5a.html">samba-2.0.5a.html</a></li>
+    <li><a href="samba-2.0.6.html">samba-2.0.6.html</a></li>
+    <li><a href="samba-2.0.7.html">samba-2.0.7.html</a></li>
+    <li><a href="samba-2.2.0.html">samba-2.2.0.html</a></li>
+    <li><a href="samba-2.2.1.html">samba-2.2.1.html</a></li>
+    <li><a href="samba-2.2.2.html">samba-2.2.2.html</a></li>
+    <li><a href="samba-2.2.3.html">samba-2.2.3.html</a></li>
+    <li><a href="samba-2.2.3a.html">samba-2.2.3a.html</a></li>
+    <li><a href="samba-2.2.4.html">samba-2.2.4.html</a></li>
+    <li><a href="samba-2.2.5.html">samba-2.2.5.html</a></li>
+    <li><a href="samba-2.2.6.html">samba-2.2.6.html</a></li>
+    <li><a href="samba-2.2.7.html">samba-2.2.7.html</a></li>
+    <li><a href="samba-2.2.7a.html">samba-2.2.7a.html</a></li>
+    <li><a href="samba-2.2.8.html">samba-2.2.8.html</a></li>
+    <li><a href="samba-2.2.8a.html">samba-2.2.8a.html</a></li>
+    <li><a href="samba-2.2.9.html">samba-2.2.9.html</a></li>
+    <li><a href="samba-2.2.10.html">samba-2.2.10.html</a></li>
+    <li><a href="samba-3.0.0.html">samba-3.0.0.html</a></li>
+    <li><a href="samba-3.0.1.html">samba-3.0.1.html</a></li>
+    <li><a href="samba-3.0.2.html">samba-3.0.2.html</a></li>
+    <li><a href="samba-3.0.2a.html">samba-3.0.2a.html</a></li>
+    <li><a href="samba-3.0.3.html">samba-3.0.3.html</a></li>
+    <li><a href="samba-3.0.4.html">samba-3.0.4.html</a></li>
+    <li><a href="samba-3.0.5.html">samba-3.0.5.html</a></li>
+    </ul>
+</div>
+  
+</div>
+  
+<div id="content">
+  <div class="center">
+
diff --git a/history/rnotes_template b/history/rnotes_template
new file mode 100644
index 0000000..9575d08
--- /dev/null
+++ b/history/rnotes_template
@@ -0,0 +1,12 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+
+<head>
+<title>Samba - Release Notes Archive</title>
+</head>
+
+<body>
+
+</body>
+</html>
\ No newline at end of file
diff --git a/history/security.html b/history/security.html
new file mode 100755
index 0000000..9cd7ad7
--- /dev/null
+++ b/history/security.html
@@ -0,0 +1,51 @@
+<!--#include virtual="/samba/header.html" --> 
+  <title>Samba - Security Updates and Information</title>
+<!--#include virtual="header_history.html" -->
+
+<h2>Samba Security Releases</h2>
+
+<pre>
+<b>Samba 3.0.2a</b> -- security release for CVE ID <a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0082">CAN-2004-0082</a>
+
+Previous versions of Samba 3.0 are susceptible to a password
+initialization bug that could grant an attacker unauthorized
+access to a user account created by the mksmbpasswd.sh shell
+script.
+
+Samba administrators not wishing to upgrade to the current
+version should download the 3.0.2 release, build the pdbedit
+tool, and run
+
+   root# pdbedit-3.0.2 --force-initialized-passwords
+
+This will disable all accounts not possessing a valid password
+(e.g. the password field has been set a string of X's).
+
+Samba servers running 3.0.2 are not vulnerable to this bug
+regardless of whether or not pdbedit has been used to sanitize
+the passdb backend.  For more info, see the <a href="/samba/whatsnew/samba-3.0.2a.html">release notes</a>.
+
+
+
+<b>Samba 2.2.8a</b> --  security release for CVE ID <a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0201">CAN-2003-0201</a>
+
+This vulnerability, if exploited correctly, leads to an anonymous 
+user gaining root access on a Samba serving system. All versions 
+of Samba up to and including Samba 2.2.8 are vulnerable. An 
+active exploit of the bug has been reported in the wild. Samba 3.0
+and above are *NOT* vulnerable.  For more info, see the <a href="/samba/whatsnew/samba-2.2.8.html">release notes</a>.
+
+
+
+<b>Samba 2.2.7a</b> -- security release for CVE ID <a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0201">CAN-2003-0201</a> & <a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0085">CAN-2003-0085</a>
+
+This corrects a vulnerability discovered in versions 2.2.2 through
+2.2.6 of Samba that could potentially allow an attacker to gain
+root access on the target machine.  The word "potentially" is used
+because there is no known exploit of this bug, and the Samba Team
+has not been able to craft one ourselves. However, the seriousness
+of the problem warranted the immediate 2.2.7 release.  See the
+<a href="/samba/whatsnew/samba-2.2.7a.html">release notes</a> for more info.
+
+</pre>
+<!--#include virtual="footer_history.html" -->
diff --git a/images/bugzilla/bug.png b/images/bugzilla/bug.png
new file mode 100755
index 0000000000000000000000000000000000000000..a29a6e9b06fd536c90a531c49264b817f95696a6
GIT binary patch
literal 1593
zcmV-92FCe`P)<h;3K|Lk000e1NJLTq006WA0015c1^@s6g-SHK00006VoOIv0RI60
z0RN!9r;`8x010qNS#tmY3ljhU3ljkVnw%H_000McNliru)CU&?H7(k5aj*aY03CEi
zSad^gZEa<4bO1wgWnpw>WFU8GbZ8({Xk{QrNlj4iWF>9@00o^%L_t(|+U=VAZ<A#d
z$3MM{wrkn!)~&m>yYw~~n`3AM8HlKeQ9~32jfoMMV2mb46aN<D1vMbx4@T68D0fsY
zZWsg=Slh7+yB626rt7+PZ~Z}>zI(SB8q}!g^IOm9$#b6be&6SuKB+D~p2;8x{}J?3
z0zm{V2qI`f5J3xq2wD(93xWt*5Jb>|Ac7VI5w!3>#Q0}lIB;M;XWLp;wijP|nf&~G
zsopI>>iajJ(82c0s?Vh*rBdu$h}8GiqMPf_N&Wr(?0EYPmCa_eVKf?v#bN;D=jG$^
z`nYG+y_ifUzB+N76DN+TVxD<sGcLEAPd@&L3m4A+zPL`uE3dwW*=(lw>Q&m>zNM$9
zn^-J{qA0T_y=Ch*N=r*;^rh2jzB}7SI2<Ap86uHLpePC!iv_2%gy!azxZG|4!l4l7
z&V5I3?^WXQ_?&BQ-rT~qpRe)hC;MhU9rSvvRx2)-8%0sL7Ksoai!(7Xfubnn=H}AS
z(8%ih?$5fu+2mbTUM?dCK>OuOGYY1n!i8y`iNT>khNHs_x1M2SB+AB3PibPTRx1@Q
z7s+IjOP4OHd=(Wg%w{u(4;|$6>60p-v)D<Y!$CM4BAHB1+4J)9W)(BQp543X?(S0A
zs;a6nnM_=ZL<k1kDJw5$-$x&6@+onaP*7N?S<`B@QdVBB$?-Sb?n-)kx=|E`SS-d*
zKmGV?ag9ct&JuciuL2N{$2oQC8$2E_l~q+YUElQ^HfEK#j2yEF+GsTL?B*8MZ`erQ
zw6@sM5oUCBl!3tkmEGs_qtod)|NS{qsg%ao`t2EwQ2hP?E!&=F?L!Z1V*G*HIX5&s
z{Ie$KyOu6v!xNi${)HF0Yw0qM9yzQLMIcbi*5|gf=D~+FYkIvt6h$E%4r$hV?C}je
zux2fpX^k!?Cx@*q+o`W_(8MGsl3CR^o4jR)zCkn^WhgSFvenl&P*_;V*w`2y9buKv
zVzFrEK>(jWKq{4*@pSY0{Is^7(b$`tR|0VU`*WIh8t~68=uJ;PO>t4N>csnC?{41N
z@fQ7keORqle)!?MCT{ui6#$%VYt^jj_4(=Q>||nMLS^@OyewQ;H{-sSEV&bh!$C0E
zuJM(Xm1kAoZ1NUC&+=mhprN4=faAxHGC4V^^3~PVPqo%RlAnJY2R{Fd(a}+r-EOy2
zR8*v~0~8e(6N|+-dGc$O-E21FuB@DOGyQ#i6ciM&rDYo)k5}dE>+5Cb&UZ;Bld87-
z8^um1LqkKF7tdfYP*dZXQJ71Y-VHz~6x8^dmfS%qm7=SwQzK@Z&6ZVtv&mbo?QU>+
zhWYN`!7nfxjhY$N=kv4b-qjpEa#$1d)|;<WU0s7tr&G0M&y9BIa=Gd3yrPQPyXSqb
zUmwx5&_JLTy?*v7>CmAs85|tI<#IC;jcQ-6ynJ$Ua`1Y6n%2E%_bx_8q8JPY)w*tX
zCG+OZBNS@aypUDZ)r^ge(cj;vnW^n|JHcQ(>2zA<tF2v-b$zd2AGztgMbJPZk)Wri
zTQk?{^?JIxI??HLSS%LG%F4ODaq-kcYF@FDSZtJzjxgzT8b_gn#>Gv{&&%V=l@9eo
z^8VTmA9-{gUmVy^Pfs_=WRl$6T;|W8Pjz(-$BrFQ#WXfH&AFMnx<%-8ItB*%NhA_e
zc{&_L`27JEH!VT0*Yn7u>#*eJa{1Cl#>dC8*=*SDc2=!g&3o_d(1<A#i4dLkg4EU3
zPtCT|=jTO>>SsN<1GNjXuJ6s}E!TGc5PSE$PbQPWWHOP-WEhD?H9szwEn7Zy-6aTF
zUEBR#R8+VKg@OzY4lq7G&gA4I27>{s)k<k;8BI-hP~-8)(-Qt2C$u2^<+mJyAc7VI
r5wswPpanq$Er_56K?E%b{}jIf^uM~g8TIz000000NkvXXu0mjfThtCp

literal 0
HcmV?d00001

diff --git a/images/bugzilla/bug_logo.gif b/images/bugzilla/bug_logo.gif
new file mode 100644
index 0000000000000000000000000000000000000000..da9812a301e144cd3f51358dfe9d5d6cda0723aa
GIT binary patch
literal 2423
zcmbW3_ahXHAAmo{Iiq_^dKIT~WL`L<j6#G%=8KGq?u@!3Q7V;jPF7}|nZ3G8$xZ`j
zoe>!siL6Kn71^%u`~Ch2-{+_2_ve?#(3qgEK{}7{0+uKI4+H=w02crsz%BqZz+V8n
z0rmj!1MCG501yP&4{!iL1V9u33m^s{0U!%-6hIL`89)U<13(AB0KgQ$7Qi0h9Dox5
z3E&a{8Q==QH2^OFAAmamz5sUt?gLN&r~ttLApl_j5dhHuu>kP^G=L<4bbt(i8~{21
z1K=6J3xHC9GJv-LH30Ph4FD{Fc7S&P9ROVbJplax0|0{nLja!uh5<$ZMghJ7d<R$p
z_yO<>U>V>yz$(BRz&gMNz$U;Jz&5}R02|=X)|S)O*2S$Y;?@>vdz-kuP1@PHxU)mt
z+4)zT|NLKwu?6*RxRHF^T(Nhq_>i$SWH+p#v6&@^Z6FbR5D0SrE%e`5z|E!vQiC6a
zgocGjJdBKrj){$X6rVs#OiE5kO?#Z4k(rg9lbe@cQ22z-cv|%AdGU*q(z5c3%Bq*u
zuU@}-TT@%dtZ!&+YG$>xwza?O=zQPR-P8M_uYX|h<Itz!Bp4kTpJ0wc;MDZw>|E&#
z_1pZ9pNwxyE7428Ha4Rcg4Z98t@0iuf6IDve+4aYq1v3Jb#q1>=W3*sp%*T2#CAlc
zi^z&aXgr)6=sMIIb;R1~WSc-idvfo&b~JCfRC%iOwYdjh|B=d%&zC?wuC_jCLcs=p
zbsbcGWO>HoxWC-FD^k6McK+f`cl$(bqf9pZ7X}i=2kBgu;$?Fya-Di?&qk`*)w1v6
zm9EnYQAJ7%_I0-rEspQ*T>V_)Ti)9#;!7lDhyC8~ylYKKqdsZg-)y9+RHFU9ii@i0
zIzFc(*&@$eEBV+=Z~Upc(U<preQ%94JYZXM?&i>Nm6jogS&8cPiE3l+rG>=1zv#@^
znarksxw+}m$Ges~)81TfDkNDXn_bBEUKq;COAK(-y0}u@Xh&G2pJ-fO6mt>H3iJxx
z`cpp>Z@+TwY^L^lWnsGKJTEylcuCjZ%15A#@Y!Ll(k>?iy;?a&L9oL<U_=61#{6c5
zeTmv~1&>e|{G8zDAo*9}s3<ah`a*=})9P_Ap-@z>a4=0Q&rk9Mo0cH_fR>XT7G9mg
zN)T2WI+C~<v6g40d*b#KRi(Bn!|@U=l_h+Me}g+>dNzD2?5`WV*>^8e!zIHGU22O@
z^t!~DHuMYiojIRT;F}!iWNtSTVf<C2=kfPzvzLPG;%AcLZY#WY%fG$*VJjxPOl*$s
z5oe!e8uV0}hn~I}F<GcRsn0KxHpk6Kq1hfEwvp^fn-{IcJpGvNvshSw%~dW7rIR~;
z8<xjB{B|{u!I$=-?1_1ZybVhVlXJDJ3N__sU0cv!5LWwYNG-#u0P7;NgL&`bjxv-C
z^7pP*D2)loV--c}e!^wO9+bozudGJC$gR7zaXE31p7aZ52%9ev)jZx^^p%NR<8?48
z%oS0h?WFM(wH(4f>uKh`yo_Zo<eGlSFSA8kRYvor6_*?d8&+1uuf1cve-$lxqfMVX
zN-0D!tDIFQ<i4+>L;vj6ibfkdEwYj6b^i$)w>WP?pMr(sZ0r82V-*z-R5xFA{@nR=
zYrvIL9@CEt_Py0fewp!m$g3q)E%(qB`pvO*B<pBf;Fk{XJ0^oQ$H#t37>RWfSI>GD
z(zq2$N8)dWVFQwvPG+X!Ju_cfm`fc}>vD>9SJ#a1$E|;n8grWXBBa4yo5-|?RIl3~
z<a#8gYX0z>CyfCCHkjH!wQuL!MFoC+pG&X!DN3NaJ`HDg?(ubRRQ5kry&N^!x$rqL
zHhFu27QJV5Bte?-dunaiV*Bl)is{{C6NmFZ1gIJ-vht+$`K&<ms_0K`%_k%OX{0TN
zs8<R8xHaaS#a6U0*%odLG6>FI*H6JLP00lbNu=LLBJvJAS9Du_$UAG4g2$km9*mcd
z^XyF#J%+@YJ$1p}bM-wevf3Dql$+#2kgK%BoIT|3KJE;si%E=jhqAj#d@oz|4?EBL
z1w`5$yPe;x5bwqBVU;_ptX|2Xt7LFm4kbKHIgNha8SW?GxO<+=%=?GWc=jYp_|Ff*
zUcR{4?0V8pyM1H!G*0u>vca{EmR44`V(h&O65=B42%V&ZW!HP|5va%s37#9V{H6k8
zpC?~7VJpL&10D7%>zCK)@*DePZR_C-UTPWSx}A<e7nXEjvr^>qXlxB@@i=1>eHw|1
zxBiN2v650TnoT1&IGQgS;XPS<eV5V*!tW`C?rF>EmvQ@!^wCPrVRB8U^`B^#GT!Ui
z+{|33S*afN?($1ZNPoUh|I`knO9g3@O#g6sg-_Sq-DzK@S&?ztq_L&PVgjyVU5cP~
z;@zD0N*;AZ#>kLQr9qR(A!8tmq!?@aGfY6%OqSz;p_OTn5r+)+wBTFC(9G4p(Pw$)
z&^X>#O+e&Sv!@FB%~{JM6ZwScj58$yZ1|fT#2{27_QWy!lqeMXg)iqh1DJjC-?7}9
zDIC@e9bm*rXj3V=b}p8?VVuGsS%UqLTNbB!5W~Kjf)$`}6|OR$%eI+uH8A_6&^r9P
zKXO=ySPnMxHcN(jN1$JCQgvzBMWQ+$&c+GU;@3p}8*Vt>%;o&4>VZliayZE<+RG~b
z-o?u=f9(VzS=gtaliCUgQgEnGp(^DT^&W4FnKnoJj-wp^qH^DIS4&bbKstU#aGtOX
zF4$b*Ni-|=#f#vb1Q9O|g;V%^y8HK9-tkdsJcEeu?pLT_f&&q^%jy2ePpeQ)JGZNU
zALFMM6UJ)>9_`|=RYW$(po36Cpu<JcA@Q9buWX%mb-@uiB{l20rT#q(b4wETBk?tl
zCl9)j2QTD2Whoo;Qz}aK3#N$5Qho1j>GkZ(;XrDO_U>O%1{n3&1@l&+ezHuR(J2Y(
zltODCTXk<eH|fDC)v7Xui$PTFqx1PGmUCsa2^D?(Md29VUN2wAd-|-@jpt{Q91<<o
zzcN@3YQ2b$Df1qe#j_f^{6^(zcMi7dTyAZqSC{8-)qEpxw)Mm**yl@|&7L{G+53YB
H2`B#pH?m@b

literal 0
HcmV?d00001

diff --git a/images/bugzilla/bug_logo.png b/images/bugzilla/bug_logo.png
new file mode 100755
index 0000000000000000000000000000000000000000..be9521302732fad6c519729ae95a15f313f05d4e
GIT binary patch
literal 22095
zcmZsjbx<5l)b58}WN{~WfS|#H2Y1)t1Pku&ws^2WfZ*;~g1cL=;1b*+xVv+Czq<FY
z@7C7z%yv!H%x?9Z?(=(|GZ89E(&#9}C;$MU%gRWo0RWud>#-vQ@%5;Gdh_G!7sM~}
z(h|VSf1jMT;)K^8WJeht7XU!T{cnQ<(lQ8NJCR&v6(y0Tk>0?AQ3FlPcwf87TqU(#
z#U1SI%<NqOac47QS2I%z4=Yzo3Ux~}3TatIl@n7MdjOySWF<t^Jr@rByfW~5=U*C{
zeU4MxJamp9q(tzr1UfnLzFK~k;B$WyBP+17^*1F&0!+=`rxzgQw~0-Fm$z2d1;)q2
zhHrAf(l&Z?-M)RicYOb(%4O?tGJH5(`KvVbWQQYr`MA6s=D+{5ILrIBf#S6bn_hIh
z>>lF#;Q;?SS~{Kxii(PYJ_FkAq#KWSSU~4dd(lvp$<BP9+4)fe8yVk+!9P>DKn@=D
zqd(zLvN)QsGQs*EH93o&z48g)mu&^VW)Y*&@uZWH^q()K^pXf+t@DyYz8gVUd*<}&
zkMMwJn|kzRMx2=<prYzDWedbn8{+|5w@qWkzha6V#gh0IgK3mhVTQsx3IJ*}9`|#W
zk9{{;qEdV`bEV}3!cFBtUJY;=Euv`cNymp0KGD)3h~D{F|AEhYIzf5hjXglfPUVMT
zR1I{F=MvciDjH~TDl>?6!is6#TwJqPMuvhOa(FNU%pBy-`Dp2#<=&GHFcdMkH~&(A
zbWhqUaNbe*^;AAShqp-3HlO8L!t9Z3;e8sw!8vOg1WXkN<el};f}ryX@Id3uN=$w}
z{x8^QHV8@|Z*{ZcGh+w`NnA1C_>r9j2`vUSX1tK07{REG7as58sF9~`pQ7#zQK6`C
zpV8Mq%lv>NO@~nU3wl)f0bDDb5%IVOK2#W(Ls?^Cd0>DBR2TSZooU*dlZl&U0<>W5
zUdAUrsQfJlf=HtY7cc;?0;Z5p#$4Z%cxHOjISbJ4Bj&D*Je5h}BZ3FOl{2TUl4LaE
zq5Wqa$rl~v5UaM<Y9KEE;OIlKC$BzHg<}{?EI-^KBHL%J3F|C-;R?Y3k$o>dPQ<_t
zt>44~??0tYriKyzdzJ@&WsH5~as`q7ejN+)+ASLkcuB0`yJvV?(nChizL52s?i0cn
zp6ygNvD^(3su;0SEuI5}`xo5Xz{zf3V0tt4?_Zgee?zDnFvloW#rW<YEWTm^FY^|d
zsogIpt0%OG>`1^HM!B>8DwK0?{QO%!H+_{(sm74Ci{&N$^IHrY6nq2ZHArF2BryJP
z^7bl&MX}@b#r|fP<vTsUt@b@rIU_Gop)z`d(?J_Ey-kfypVVwh2r1wPOyL2yJ#VF+
z1qJ@-yC{0N@MaEO=}I)EBwN@R;c;KUNvAq{3r2m&LPy+LB8+(v%gwX7eVGSpJ@1kx
zy>|LM{ZR`;wa%@7DV9{PuMQ^gM90LPHOacNwR!)1xr2+I)UWu~iz8KZf^Gyq%SQvW
zz{9=sx&ED;i}f3qj_tdRLOvYnTI7&~QVgn>=nI??=oA-__R8V{xB)`cH3Yx}+MW$a
z3q;rDz?FcF5G#YNOgG+_-y4vZRcpcV{w}7+si+NoK_9c61*de@vHhs&!2sU5so!CA
zij>D7Kk}rGRSy9VqH7J{Km_4`_s;NCYSz=8Uvq2p3tQ}gIP&#ijPuCdD!5LsW}5~j
zm(suUOqXxbfd}CAnLsfrK5oy#A4NPx)}rA@X#VY~`F$W!C={ccuC=DvG3+!`wDm;h
zJ2kT9!qPFK*dO2;<S6kWUe#Mp)Xpti4GYMYB=p(g<oui|%MdarC$)aZToHw$Yw$+d
zZssit2UUu)aRwaWpT^v_J-XlAun1hV1_j^CGs4;cpfin21AFKG(0`pelTtF4hKT6p
z=cm8jM0SMgK7=rqdQL6XHqoU8XB@1-X+7RSM-zlXjuux!CpfC`7gWTZVfDl&p0J8H
zOmj0Zssy?nNm3d*WkiV1XPoxu<&#nG!$k*U&A)lc8g;kK8qEIkQv>Yj=z=IH6bK-f
z3Tr+MCT~REyxD*(&;6hJ%(k<6^dU##;(gIx4tdY1J(LqO(KWYaGdBkO!+gzP^F7xU
zWfN`Z;`-y}i%=QsCxka!BU6S$=Z9x~9w#j)zl6cNg&gQ=fa~+4D(n8v(E92d!_QZ!
z!P*cHo1xta9UdYHIsc&(>+iGQldN_OmPCKs(Z=WDbrjP}8XnN<PUWSvcm2~UEqv?O
z{O3>UIh^m$p%+?l{}(jGozZPX(=M4M2(2e&tGl@Z3EC*>PeU!#(CtU~&WDMA4|dlW
zH1;8@H2`cQLndq?%aUNF%SWPC=VIOt>t<ScD)Kn`nhA@Zyr|=N;jb>6Ysm$%y&lFY
z>sKRlc|!JoL)#;t!tEAc!$jUVLG}D5vIeW3`|kQky3Nhwv4;h-@9lafk91m{z{PNg
zvj0W8Lly}S%hT<czxzy^f5!qCK*UtKFf-K_OXt=o{)A%J6ZS`0tD=0a!D^}&q!?W5
z{O|10NCmgCRlTC4T{(0l%<yDs-g91_m5fk{VW2NY<H68#JxJc;2zIi5Mo$Gqzs+9c
z_4O<YSG)IQD|z0I;gM_kQ!ND#*LYZc>?Y{VyARh4-#M0^CN_C7c2e5*@;q_^Hy(yQ
zH1L@HLgc<!)__r7kO+&H2#_7vKvbIJGLmOGlKKp)H%P#!SG(rQj`rBZJ!Ne|pi-Xg
zUOne?39u(aU0oeu#wPH0;7N7^LFMoKP>e`;B0@+$A)exEJq-iIcl$Dpi`-5_y*ka+
z*Dh0Xo>2a-mlb%lJ7FV-k0RcnOI|(XX3od98;~bnr?LL>6}SU&tpV_ZzhxY|<|9mY
z-k>>FQKEMIV*MHaU2D3-MqdawCq~IqD@Q@hIXw?c2L3yJ8XjG=@wN+e9wBY20te6<
z7;ErDxno#rXNUY|QE`!{w;M`vRdjChHvq+LtmokGi-c)x@Hrk)!pzer8Ol(+k7y5S
z)Vv(LIRE@t@vM~IPEpNUe=@ZaUS@qPg&X&KjnG$Dv*w-x2zS!o6h4}XX9{N%sYYY;
ztk)_kA~Z?uY<Oa^upVxave2m+RAte`Z=(^}>FVrr0arkhs<&BM7hjt51-0&~1tWZ5
zry}?rr<yn$ugmTEKP<DRQ-R;^9x3JnHy{ZE1ojUS;sqyDocUAkzQ<ih1#E91*hPPc
z0DG#f{7~rJMib2XaltdY3`@K0rCmUba*trhrp0_%L<B3uz;61l5u$C=2W&h1kVPro
zfX355_{=9V`TRq+TQJD;rz-E)YbQ=nL{MRWtkgmQvaBc6O$XgpNt}Ya_-b5}1*6Bz
zbYf&|HU7#-_Won$_Epzdc5Rt3R#Ke?Qhq4H#}x$-px_JU!_usWdBWJ=7xDk95+e0*
z%C7rHXRkPt<>8vly-B=a_+0I$U2rpOt}3rQHa4?L!fDxyEGO>p(|RJ^7QJluU(1QX
zO)kBdZj&<<c_fLUZ$@oRRF%3mm6wBu>2sqSR0!R$qXyIn>Fm~C{b17f&4x<&4E=b(
z>8M#IcnDWH+Q(*VV3^OhG6&dAWLQ2n(k~BH-czP$ZcgIK6N)|R69`9_9|Acd+~f$j
z8ET-u-Eq_T*%2@%*z<y7?q2{{-vUfQM3y~Z$2sLngySZQTa)Hi@4e^jY08Wt>D2}*
zLA|PtQ>4WPWxc|;OwKNLt&9!YaL+Ot#)y?l9w)IzQXb-C5c92VT?N{y4NN@@f&FYM
zbj#FK0({%I@Pu%v@NA1tp-KWG9)2jX!tD>!Gl3qfZClt+jf530r$i*<GZhtgO=Gia
zj3wn5&36_JjjWMDkj(I`JUntFJyi%UF<@?;MysiX)N-)ucRqM_f_n~2HYA@EK3G{^
zkH}*t<l&XYPT5X6y{en__cuW$``Niv*Awx&Qgqm5kzPFNA~<P(c`nQ_TFIE>`!3@5
zROgqLh7tz$j9c|R+8Rs+J6RuK<k0tK3*T*hE4<hdUz77kMfxG+m%;p%|BFO(j51`Y
z4@ava3@>Z^m-a;38gpG(p~cFZZw;pmL=DdW0D1YsmJ+&+b2pZDS=Gqdz2lJ$@K`pQ
zm9W_1-!B>gZ9X?w7kP<$qUr%h8zi7Wot``akBcmcyGHE3Qx2u283{(xm`2~4d{!3{
z|5ysR?2}lb<_#t4V@7|3xguT^=<{`hg`i!H@gGH=t0w8}Zw@@;W7p)z1G4b%-=`_%
zT)qE^y;#wDzG<ZAC3v@Wdjt2VthbQ!ym4ym@j=h&1n$)Mg6H=AlfUIjyN_?3(Dx~;
zCIxA2;MVQ~XMCQpZm!>Hml<nP@<TYWIgjgNeOhd@yI+gd*1%<r`=MnkM&}~-hufXk
zq2=y(yB=YZ?d#kdBmK?u1YU$XVtjAPM=Rj8>x@)K6QO}${b|mG-%zi1w>!AT{OY91
z-%n$q-7m(NRZbx#Zjskkd)p$ds4U>HN<TS6U{4tpK5;FHx$c;ZzbK&6-_H#Zm^;dI
z??Lw~rA9`AP}Y&~%zSQlv1r2us;h@{Z7PoR-$6VR)Dm&TJ_tV?N-T^8v>#&u31h|X
zcSDAKOrt|JR~`S7MCrsSnR&W@Qyc&GmW6i-sSIKkFEwJ!Ubo9I1R9}O+LG8o6gm4h
z9sRU`=PqSNG5x?Kr=^kn;zMUrN6(2r;&xOVT>TbHpw|g0m`!RnAM`oq;=<<1xdWyC
zmw%R0tU)oybYrKxC0;Od?-=}rm3FVfxU>YD$DDz0pB4C2VD4Gh5gTWFNx7@lkvOGj
z!h@E_=>)tepH9C+g*q}ytk+eaYw#Ocy>FFE6$M6bo8QwNiseOPXX*Y2;_!*)W1eMe
zo>lWlnMd)fynXtB3jTnK@3Y~juC!SlKUPV8ewts(5aBr$wZ{{=sd8^G!OQUjoI6C3
z0wQsJOUext0TvU2uJEQ13SW;w#blsj`A78dQQ2m#RHa|r{pEbv0ov#u?!=_%yOMPF
z&>_+xzVhtcVnY1eK;Ie8G;Aa|@rt3zz2UVOH|~_#VF=KH5~Z54fGG?wV)fQvSfH>&
zYL>#7eRuXBGQbE`_PWF6mF_TCl445fBK<*=X<hJg3(iP6v#sF!Gc~^;v$IWAAdi;+
zGz;_{G{VS-D=a+|FI(WyqPiudy?QVwN4B_KXdx%M!tWBkl9Ev()77ugbPyn(91+4>
z*@{1AeDDuE5{p9Mcmwt(ad=0?%7b00fBa1E<@QgapxMEnM<6{muDwG^e`=8yhVJdz
zGIHu~3&B17u-pbc)(I|`4$)8V9z&$6E1IKq!lXURdOKo}#vsv^h=;89-$eIc^Om=L
z<H7{+OjS;>|MvZP6mL*%7j2xx@-oV=24Dh5&0<ZDgq0&v6b&SaNt<A$kO@xIbsI&x
zGEfIkE%*{$_mT?<xC^y-aJ*aU4z(o<niONCjLI}Ju$&EKcFq11JlTybk{uJmG+oT2
zYs#R_IhWkFqC?Q)XT?XkP9KJl$D|jg%T)1<JJO}oGY86<+i9sXND|B{(|g%$zuowx
zscrE5gP>vYhm?#6#cyJs7*2F+aj?Mr{I+el$=;ca)m%g791)uNRkg06RwqGDIg*~q
zop6Q6%)5IBD}PLoN}S?A<i|?<c2Fh6%pS;RU`E5L=EYJL<P&5DlAz4tA#ct!@1JT`
zYjuOAAv(FwyN#KXAa=a>S!p35N8(n2BZOw4GC>&>&)pHWT$7^W+S{<o4xz%G6g;!z
zXzG1;Hp13BCb^2*5V25U#f>M&We4@dZbH%Woe}lKJd({j0&q>8XmI!A?LxWY{o&2s
z_T~PeKuT?K40UgvyZP@SsGuOW){AEjERoZPC+i2Rth|4=1UHx|$&4S5=EYhp9#e)c
z5`-;THNtu3C;#|0yU607{A7Ibm!E#_4~##^aDuiUjFzaKG<`VAoTydsK9CQ$QQ{y5
z-B}4^wTYu_*AucL3aQ}f=ED|Jb+gqMBZTaj6_5bK4veVhzeI#Qgc%$zi}l|}jT}dZ
zA+a^SLZP?5RjD_du|qY*ih4ZMXOqnHv{QM%WRx|_TOWT!vHUsCN@qkzL9`(I%5uiZ
zg{8uyt~Hinpvk?tEn;LJxGH>uqm$()G%K0EUM6C6>=Iw#M-xf?KA7y|w53i*`+LE_
zYbVgaL(kj#tw2d!IpWvp&?RNC)>7<q!rSwG?HmeRVOkXwvAtGoHVM<H&6|MDzJE(>
z_MesDQaI*qIa`Wt!A9P9|4?Vf(*B;TILZi?ubR=zO`N=DCmfOt3;9DQX0N-~wTV)3
zZ6_(pNE@&2{LKpghEwIZ3j4wBD1X8zIX9X)TSM9q9MngIHTrC2>GeMG<mhByL4#W2
z#=Oxtx3Wo=&%FD|4J#i{F^%jq=-kHI)&J&=F)+7_+#C_Gz5HT)xbawlY)`s$$L&yP
zFdK}|Wa-LL;t^bTu*yBfN>4Oc)ZT=(p6G4hh>XBhQU!WsHD1jG(s>;JLPY?<@R{Of
z8Jj;wgD6&=hqQJI3sXOLl4q)4H!&0<NjOc=#H;6dbY{`X(&SUi#sOO225YI)JRbZd
zbKj@DGf=RdpX4oTUrBpQ{`#N<`6eIKX?0%PNpu^UH90o)ZoGuVvEosrFv~_|N#eC!
z^6hNN>Nn4k8U_Bn!iAwqR&9NOn(nphBSxK0@4BWb7zx?-8T)t8vosT8Ef`g%PrYFk
zy3CeQ{zjhZ^r3oM|FUxR<mCR{mn9Gg!iU_h{#omd?KCI!1UWj=ZqZskW}8qpk}nq<
z?jzda?hnXV)XT+h+)cT0Qfa<0SiYQphjq1Xu43wBTl!Sf7dqXnsoZ|y?cu$hfE}_`
zZgIcW*rWi1EUuIUldE184W{NnB7}<uA^WPYRSNoVB>CZ31jImM9+e|7sn*$+oAVV_
zgCmoMjxPt%xOLw$GR)eqW~%7GfmA5;?1HZS(St{elhmei?@TB9t1R}Y>AZU;&_#0O
zlA=y9LL&`6C2lm}6?%fHY`wityIkB!1-;$GDWE!U{k08(wri@Q8(mgf;r=?bsy6%d
zMQd`8mGoTCRW&L4Jv1+||LQV5-%8>E60dfRD<UO1q=#8_D1hy*ueJ@@VRQBe575rr
z>!p%K^0)<l@mPz#T@ecP182TsZKjIW@id4ok<rAL*95M{$KrLNm2xAHb?^tiiwV2>
z5Pp`(B;|MB*cQXz#O0O-o}>Aiofo)Hnq<7KovmM<Se++SXmP1~dnXE@(+0~s2Dx>I
z)|E~eiNoWDbBE#3_PzI;%EIHnM(euyc>yn+4z8tr@kmW5xygT?c~)CJ$ta^t6pE6b
ziETY%W^Ad_uf8w0*OH#<L3G$ZeA`|`-8Kj?9%@Y%klg!KI?*TlUD&eE?PGHPc@epo
z%%Hkl)T-sXbRqML$rxn3gZP4Ys|oTn1$newv@bumf8!|rvotU7jSV~s{!0DQ--$K<
z8`8j!7j+B<1eTjkP<R?dgIDX5y5%pHk5j#rioMjR$=V9Gy2%O)vlN94ORDsEq&t2w
z$-gwYbhNU?tA@oD8pxq?ctW=ciby#f%qWDl`(nU`h`~_U=tB$r^Fh1&z=;+N#sw$K
z{FSgOMXij~c1V9}kI>)?*T(mE_R<?V@fp<nXQ<&lkCc@1<dK(-7uyRzULJSaud09D
z0i3Q!)?@mOr-uhSW2@e!lzV=_F=}Y-VB)ADi9zHJr*rSaa;8}Sm3JN19POAVCAe|_
zsDX9wdMuz^@ba{W<She3)0z;#L#q?oGbY5po*<jh4Bz4rAb9(S@r_@%#Zn+OQJK-}
z7z!T~ei3G=B<qkBQ-y0CEu(b+v{BYHDgo}*C9j>?o>;OA>aNDL3<)!L>oiXcs(u_#
zzn(A{xcZls5lO2pI(mEax$}vTy}J!U&E1cQ&MsGbJ)y<UT3}J!W)IS*Snm;MzZ~}?
z>-eJ<R-F7-tQxRonv@_pm%7g01!6Eg_~LIJm~f#qnd>D8wfSo3PjvyV7=$v1k5BW2
zYxeRzi2(1&>!gAJ{Ug`0m!SNo<#2g1?&vCP_jviLpU3{!Pc%d>{NbTPqgZkXA8GkS
ze29WyCVU{h-^0g0k&*Z050_JaqBHqPnun@st%%_zRYULZ<J>nww9pZABdFM3vxbxF
z#Ru}EiFb-R&6k!9!AQ%?Ah^GM?^^a;g;k0_Sw9XcH~VX8&$S7?>)9V0@NBT^0<AUe
z7&%yXV`)gvRzk-)RTRM^!->0FgLfLii1V$6zN$Q(2O5)?rRqT<iCKb2bPgSUo$D@R
zZirwwoL}YTr<W(IJ*ukfbse`GXG?W9rAY7~nEp!^J&xC@(d<OaF|oRkk%(?i>thNX
z>zIUMQ8|k!1SLd!AOhF_Y_IrcyG&niadQAWwg}c2!6I{W%-u4@kcuEmksaVa_?}xC
zqE<7HH}HC^5m=T+x$xWv25pHRny%)3b%9ME+^6Ol#f{Fei9N;tL60bAPcW~ccdIil
z4C5R@&3S=#mMg{SIS?Zshw#%CCA7)Op{aDQwrFedugah0+!6!=X9FO*VRSi04>6eM
zAABg!jlEIkzI3W`_J82WVx3Po_>}~~X(t|LZ9>&jjCO^bx5nnzJru*ci|yDMeOJ;=
zHHV9a_n#X0)&$Hk;7S9#nEO;N0F#`U85)v8OsK7SnWu+?3-#LUUFrJAY0!XdBvK*u
z>RuNz%YI5(n!MUu9waxe5-Jpn0bL=l35Osa7;952DdvkBe@bj1jhqE)9-n`xxlx|u
zB`9>!>57v4uoa_EK=PT112G0NR)Lfzu9)UVR+u;|4Ba+*fA2AMtD-k#_1#>?WL;sE
z#FpKZ)M8pNL&wJRo*(Y9N2MXOb2FxM`SDx|7z#j#cOB&dcO(7U?>M0ZT)H+wc3%g%
z712lh`=dlJ;?9m-exk5{%e4(U=@i*D9(zY4vd-kk^bzvBJs9gTQm*J4BQ(mqn$k&u
zP8yXOIr*P)t}KfOa}n!Zb%&6T#V!K5r5N5|qIXaHmh;*fk_}Q?cM$BOF`0#Aatc(F
zuE%#+fG#1ZaEun)&qmm^_0Y@^yguH_IY$1jr0MX$qrwV!y}DNYStSFu?4^j-9*tmx
zd@l^<d>x$NIhGwX{>0=94{-i!uhl7Sv7PdA%|EiPMq>u{=m6Wim_0CRFy2P=iFGki
z$uN<`KlqQ!gQD7ncNk1X3S-nCwRyXHg`P9P`O}OFxcHrG5Nj1C_$FdePqGo@>9UAY
zF`SC@Wj3)p*Zg83g&{6LNCbt!RZXBPW?8B~T?X;A;f~raF4txEox|UQ<9XMYS!qw{
zfC0aK?PxrlunE+odHB_U9|t#-<?WvdLq&T$qhqP0J4f-+iksN};xSO8{NOM^VJL_b
z``?Y@wo}nHY7D$yHD_?<?*uWFO!9S=T!4+J^W+n?Y%a&9F&j_wX{w3wHrX4>GK5Y#
zhWNr$zx)+PvTHnD6!)M*t#L9HbaxiLY`l53TcO-oy+UCxfd$r3y!JPV6itLx0dn72
zLM0~1zs*O;4E-}=hiHyuV;bK&#$Al^k7azHn39zd0f5&`wHe*L7>gmTiQU;NN^U|{
zvw?pM{~L~y6%+=em5!ueS;@gO?E+zK-t2WKW*3z?L`a4&w}`%BQShCPOjH*5_mY!3
zBXg-ej+-QDm$9gbm2`=K8WGSYTI`oN+1(KuEVDaF@-FWek|QfLCXpcWKJN5Cv}bDG
zZiBQ)H3@4A>LPL&bS{ClKNmdwOXh*ULhtPvYZ1tTa($1xO+=(Ok<*~v0y|u~HkkSd
zxWx}$xijNH9F+H{ZP-#)dA_UMPb{FP{LPFj<mkH2x&ju7uMnUO44L&|aW_lCAI}u5
za_eG@4G|XGRY&OzJZ_(AkbW5m%0|A+c$V_>yz%Tl`Sg)rIe8^)d%3{w$p9&C?~1@x
z*!@s|<fR_XenLiSxhZ{;FZj!Bouf?j4*I>rga@@w76+wwR_~{Gp%bx7?w^h<_Z*iu
z=!RTaC&R6eqGg<Wa?@s{KyV{;BOYMK_K|CAHmt@yrZo`;whx+HDS_Bju?^T(QUa2u
z*<%^#Yr;<c184vT={J19QR5XJ9eC;FClu`1RY(7=!WpP0IA}e0eQMy$hhkB=Mx7Zf
zefRWjzhnX!^96ZQWt7(nAg%^nl!N3nv=>>uU#id%oDmq@wVdkqb?jWr*b+XWblE2(
zLdyndB7dZ&o@|4I$R^$~)rZ2FyBxCB*a^nEtBa5rt8IR~5tYs+SG|&~o<o>!`B+nM
zv}O$LtBJbwJil9|g;_^EJw|NMtXP3$+dDd37~P#FcGx>7k2>}b!&2lz<u)mQuWZSm
z^3qtH9Z!{P@B!FL`I`c>O%0k}8S&HGMCKSG`(t0$i&D4^4rQJ-5)eAeRLO-<36@Ma
z^RmT=X3!gGW*MUHL23eYpZ%4QW>T4qM1{YkC&~<pQcRs2_SAM6t=s*#6@Tx&K6f@0
zTd@$z7TX>Rrx<c(fqH$P<m4Pi(NJG<HPQI1hzs`_TQT6f87wfgD+59>*!PRR*T(br
znY4+zi64D|AEJr}2`)Q`;F#VZj>`u26=q%RXH8c;hVMijfPHHIM3~B*_q^@S<G1^|
z5$fPr71U0z5}cL3TsM#j;{5!&%rb$1it=^d_8=-LTqC>tmF+JJnhr$z1?9AcCsBs#
zo_5Ut;__~DIakg|nLn7TBB4V9xs;>8Z~1U4KJcXI^HROab`H!0UZ_}+ME@Q)V`B>g
zd-o%e%z;#wZQH|Yd;O(;QOVy!tc%V5cV<s1ya~$izXLOwr=NbxTE#E?L|oeeW(c$A
zY}M4kH_dJuL^n${g+ocqPhWH~-B0WX5GyHt#Z|w&RoHQq!E=Pbh$F2deQuUbC}X7u
zc~Zp+BR|}@i-q6=6Fiao7YymdBz}rur1BCgTL~~_Wyd*6y}p}<X!(5W^qYK?01b^J
z8`+OKsFx9@UL^=@W{dSUJ3{9J<@QF5!EdBrl0JbBF|@4ypBI1zEV8=4pL5ZJIh2>B
z_AWAr+soNNftZVnp{L^>=Ipq%k;ybKvS&w7i`MocZm!!RofOrdG7?3F<tI6<{amV<
zxvQy5Oqj>`V8SWA-Xft9mF>OtJ#)70c0(wW%n9K~L0$q(x0aNm?KO+zH|iRD1ZX)A
za<5oqb+Jd(>uRJieYV5U>1CAz=w`z41#XrQST(f7;iJ}4bX3?P=p+3&Nj~Ju&AZB?
z*ivqx_U;^*A@W1L%2{N&p)vW=9Z?LQn(aWRZz{(Np4_YuORdjFMA&}ehNC|dNKV+&
zDc_5IF2kDeg%0X!FslK&$Y@c6wJ|XW=@1=mzCbB|g45?c>EE>w<RD#Cg1@XQ0_3c$
zH;Cet#N_Sxl@u0lTz;N6(X)V{cRzk0WV`QG2i<sDCQkO`HS&^nod`U80NOdLUC>GN
zN>^|th1|RY265s<Y;So~jGzz9CzmgG?aXz=y@_D#>)9Vy5p;mgW*(<<e5|vQIWFDi
zP1j*3pCwVb>uaL<C%2ZOz(n^gP(hDkrBpoFwK_5O%!=0=uPYZt92jcHw4Rm;6iInj
z5{ejyJoG|qLniO&Tyu{C20oVcGsw!H;~L)=XAui~4ke{+h9%gn#Ht`MvyS16rE2|)
zHlBwdr#v|A5&k@^WGGc672F@$o>Zt=L>RQL%NQYMTlj5lFC1IEN8;{i00;N`Q2Va9
zF!hp~J>UO@V0>dS7$8Otq=E#QRyyt$G>-EmMMS#MF1)q9tN)RPzBWi-;l5L9A{-Wx
zGKeFeCb3oNyxKLXRw1on!tW+<x7GMXM1FjZ0RofD->>O-{1?~o{J2xo@$KEaj<Mo2
zIFWdfF@9E_F;m?~iRepAq~LQ4BBB%SeQoM(366I?q?RTi)99;32n9uC)$Ytpo+6xT
z;s6ra^TTR_JpyVHsc411KrKi4x6E%>IRR7=Z~a_%>N7}7HSkO-YBPA(g+U>$$ku#H
zvbvWViQz57=DAEti@OJjABqkpds+ORz0An8vDWFyY!8i!KQTx3x4=@Zn5$AWKQL{o
z0S2NJ<dpaC?Ma6k{a=TTrD6zDV7mQ1719Jx_H)&L7sZ&O_5M7$F{u_y$2eqdAKcXO
ztE944JLl%1j+;8-i>S+5z`G<QP*+c4{YPWpnssk%C=WyEcuRwR^Yi_&eixOcbkB*$
zk@Xy+I*se_C#7#R6H~UP;o`O*QsHUtivBo)8inOZzD1kUZsqT@t#SY4V7HUj+CHzY
zPQ@&Rx%)?Rwq0DT1E@6^%UiTb%^)CI!mF|G%lDuVOS4>+3Dl4{1?WebpQf~P&UU&N
zzro8ww`-GnG!fgnOhYTte7NZN+uw+<Mm5DSXn!lPB+EwFwc9MeD=n=MyiD%!eIssW
z?N;z}f}R$7cSMUOMsSr|+Zmdq+8rREP)gr>0H=$A6-CY5Oe+@ufZY`}1WkYPSF}h@
zqb_+r7?XeNlDD*~_|=+$nR(H?&Ro#w!(dT#^x;KQx#jOB_ZGhNILVv74X8@Vu9ISd
zyqx^<Qx88|%1!{jvFcv_=KaCLbU$8cby|xz7p$~2^$+$a4<lo<E~TveN=bRvwsw0)
zYO(H#SRB3vv$qzWd={9Wl@eP3O<Pkf@?K&(=PlY43|2pIWPd+y&1L4|k`(we>KJ}{
zr)MWzvWvIHPbY26!_PqxH@KQ<TZf6p?+cGB#L|!Yi2=88_F!nSb}tGGs$1*=b=@n(
z%~v|s!0!QuBg<|!UaWKnHZQD9*TtfZYitXcwa1_2H3ZuVoudBLrNfbijb^)b1s#`q
zU%?{HSeLWYA67WnGP>lg*3&yTjM%=Cmey@01OD?;XK!BxyfP(k9(1t%B4+Dp4|?se
z2SM$*H|DENr13uuNpZwY5Nn>}Swk^>QC~F@C2naHATC_0(WpChD$n;b@q8AT3#7xD
zV^^64-*U<sn5AjDT0~dNH4?qwxKJr^Y|g_Ql^D)My%<%xe84Mo+|Cl5T~1r`A+PYz
z#FTTWxlsBs(Bk0eW<%ET%>QbB_-%xIgQ+?BN}gN$o*!6r<8@$i@(?RSX|fufUFm_1
zmI>dIB=U~64$spcMaWg=e?qISgtaBBo<`E*Ydzh}{weZM-=_805+H$|#V!31iGW1G
zr^{Qi{#c)zrqAYD{_S?BulkHVD%22s%kUC<MrA}K!T^gQQR+%M&jbv>Y#05!*um7j
z-0gIMtN>+4=D9bv3Q|zhiQoW@%Mvdx+7SC6a}Js%&5*B6k$GRgt8)R_Z5K*=VOIyG
zLsL_dO#v^LhoPur?WWI<W#6mszo|LXP$s~yp$bktv!;!aw^Ze))b~7DY5Y);6y<{E
zT@O}xCcx@rciiaJIe)0B^|~!AahyF}Y?mpTzs$o&Nh*B7k)RR#ZOM;cKRxqjMMUHi
zBcpg$42cbf!-9GZk%+_&nkc;$eDeX_ghe3Pzk>b>|7eAW!zvTS7$L)+Ym<JIbEkW3
z{EBq;&5Hy~fl9u&oySwd2b=sSkIj3^0Sg~+n3Y*<wcvwc3=y-mkyNrlRuP}#<*3T>
zgkIxjRNG1%s6J5v4<W|QEfDu>JHsVShannA8QJ&DtL**X3Z>RxNmW<~ggkGShcZ@u
zKQ+B1>8)7Z-fo_=8u+=zlbm^0NwCK(``w(P&X$!5H2Zk;boo7$uY%V0s4wn!&-(lC
zxb1)O`KHa_!sxAm!^^&gt|aMXK)cUkyWg)}<pbvnT@Fpl;(ECZPwd+pav`q|YdZ=y
z;5FwK@$)I=*lZk{>~-$+>0}31Va&43!6<B(?|Dyg)90VP?$mv(7|fHByio+m=i#s>
zrA+?3PQ@6ui<&L&57*6q`@h{;JG(HqjS35&RLip-IX&rnl(9;q72|<nz>@b#+dCG&
zrz`P;S19CT%U!kivv~AJi>s4?hCW$JiPbdmGp8u<nWg5#D*{jGq5SzO3l?Z--ZLkv
z8SoG@vEGnBo)0A~ayyh)v_9V(2)?SEzi%nUCr8o{oexuHt9?A$YRXwGCpq&m<j3nu
z1=-wfzwvWSeP)&wL&kbvQK2POq3c$?Q>0j@A1tZ?0u=Lg%?dlNTTY0TUzOMV(JWr}
ziq%&Y)5^@upcFPq;I+N881#zdxy{UU@Z{Fth4{-bz_?;ov{l!~9<CSDTuuBGXag}w
zQ?^O?J`9;O$fM+t<t4VhgEYpeMbm_Qg~7g`w7clNQl`HCx5;HXRe6_C*yN{T=7pmm
z&sXtNI+`rqqiSB^5a?oVK>H}mPzd}?re*>W*li?KB~Lgf%Y-vu(dxx<ntrt_p-2e_
zrAcCa8EvE-O4HRpx|yA2jQNc67jD<03gXunGqfk<>uIhmi$g62VNXXen=bhUE3G)z
z`RAIZe%&rtZ(pXU*LH6@o0bMGtLL7({Huj8{f+FxYr<FIDObqvm*1iLg$OjQ+l>l-
z+CF*dQ<1CScya8z#xK2R25xSm$wi{$obM4q@0l4dChxr^;Y2t%6fgfUwq)LBzwCW_
z+ADS|9}})P)Yqc3uqOU-X>%F^MFFYaU%MqPJN0+wzmqaW1O+x13Hh}{vV2$ymRr78
zzzD?{Y=N&ufodr4AvwWFEug7l55X#nSe}OgYzIt@LR!Ce?)2T)6(<YQD*_WKn`dJ9
z_pe{T%Zt|fgPU8Ko|e7OdZ@`0<9m=kS4`yn&1aTRPnUbkm;`uRJjg+KCI1(dQ4Ucu
zQWAiGlQykm?bchF>`eXxGIVq~#=Xq%l&Kfzw%oEo6cEte<AuCt)hId_R*B92;!V^k
z6_OpD!9H7&TM%FT*1kF#`mi+j;k)-l)3K-P-9F>K<1QG0Dweh&JX{DCyd5`b1~0bR
zW<LjAGM5d7-O|^U$RK|h3T|OEoa?_Vcz(s!H`<O^6Ds!aX1$huAqkx`{w?PYmAjVM
z@ccj%;-SpL@mJr4CKQ6|ODyG5qTRIKqaLd;4~99MEB~yMPDqb+94i~C_`y*dmG)9l
z;1Y`;B@`9dy0~ZBuHVBNd#MmfW>-K*fKtFIX?tcGZftjQa<W>4A9TF>JB=*XFxEMB
zk+-1^rVGxTCwcxz%&~MM#<=zE&Ar*WfMVj*TKP9NFJvS6s{2p1J;h#H&`do09W>*=
zg?#_a`?IrA3=6EH0pG?1aY}gMdq{4q(8pc~PMY!x_X0A*3Ddgk_m6pf0q-rAD#<N2
z?r_9|BaBMLQdJ4Lhds?Kzt!0s=6raO#KEIgB4JfF;Yu{#$oz@Sv{GR{u!vsoVxkf9
z*bfc$@y0tHu{y>ayRee+tn*1iWb(oPPSyiQKsRjJ-5eJij~@20e1{3JfKh)P!8^+b
z!d4F5p{3VaU`WL$-i$%pXqhl8#a4D^#IRpr7ZFv@iZLFnh5oAvEDMMW9%6!LapeW#
z4^OXhdR*y07u4)2nla<2Av@AkY(IYU7jpGk;%%%-G$vLb?C<QjVdniihHtB_y-+&b
zS(QQyqRiw7`m5rR>LOC0QF8j*fiP#(s{Gp?iO3zp+N@ou?lo&A;Ogz$TUh^{@+$C=
z6nM6j;fS7ZbZTcAX*CZ+0QA_QxWH56T^1`tjYXaUNs<at7^U`hoAQh-Lw?BQtxKTr
z8xz+^foGo9OuEbtT*b(+anf5QF5g#!v(wuS=07*#sXAhZ!Rm*A_j#*b#vlUcTWrHW
zshUya^W9aW-I;u9#1T;iwpqtx87u)?Mcphw`Ifk^=gqmI(aPu8hG8WyL_(L!`Se84
zA^fRd*oU{=Y)4&?>&s%a>v`I&u{*@H)g|9~$V@8v<lcBTTxZ}nBVAECjZ2s)R6g3#
zq>+lVv4musjD6THgabO#DKSBvRb-;h2bu~ioDm5or|sK?fX2f6O7ee{ig1cOb-$CK
z5c4xqQTF}XI?M7)DumAJ?z6>PB%?PLS;pA=nqVWcC>|Vxen|TtPvK}Js-HShU7B^5
zw?uP70)o+uX;#?h)m6=R4b=ftaK6RW{%`u2e~@uu*EsjKwtQpg`KVc^w7*3Zrunob
zz8Tq8lWCqIBxF@}5mqO)i^T~?O#fL69oQ|ND%>;(oAhIZTkJQFRr!`JPn=rp)GHf%
z`nb-k?Yqj5Q56gF#2g`ci=6CE+!4V2QjaLaV7FDTS*pa9GB7oLzT@C5OWel+JY#l3
zmfN0;x)i(3E632$p6NzO0>DwFBz<9~c9+y$wew5XMj6=Q;r}WVao!E5klZ3Qce+p3
zOV4FGf|Jf8<jIu+eklJ_I6zobOH>d9`&wR|VWbfR&QJo<ji#iX7V~E_`s?0B*?PRc
zkU#h~)}XD!$k|<sPCTC*h?wAT+8g4O2Ft!iJc8|1X$j1q6TS@B_rx~}3d)PMCd(h$
zGNSF$szr!x4VP1RFIAqJDr^ob;tsD4b}VQA&Y+f`rR~dI9?sSqUuanKv6z!co%vm8
z`hfr`23O0@qHmISU86SpZRj5&X2M=md{+IDFxfBEh$wnSAXzpEZS?bZRlq==(mBuG
zaA==b)D+vF)+~`%N7rHcf%s5DwEwrH_Lje&_2(;EJU-t96bpl?LPrA~n$We!J~K`%
zWP75dY!1se``qlV?7>K^7@!@*DUGZF&tb<aWR_l!osa4+1z4EZc~|yfGRN69ytw-}
znag=Tbhw>*%{EUuWONggv;^(h=xgw5JHv%>6o<U8azE>40v}5K?j>4>uvGFYmbe#E
zliYRu@iN|2Q5@E#&-zCy%`(;Gzol;&3b5XEt2uc`;xRnNsl-!>{%;EW|0Bcy)8|M`
z7`UAyVb3<Z$<yVIADSQbBp_MzKW>sO_9WE#EF-!Q+i}5kh*8V&{fUe($*H<H`TvmS
zmmk`(bH<mYZZ9{$X$$vxLgy&aA}Yb+dtBSaOX5ljn^*hEe-_MZ_`ASq4uIeXtJ-C*
zd{@xzF_?{<iT1RU_oC1!eCd~B)qm9bboG^v40Q#`x1$gwN+T|^2e4~<)~x{kU;^3=
zSEc3UA5<Ryb6UatGvZ;T?gbG`F-9kWJ&PwklN$RcCx(F_gpo@^AyU(u<LyR4)Hm+s
zyh7jiNuE16W?S-i&sMLW7+n2jGIKD}0Rbd}+E=Oe^Ftt+5_^hG)p93QpvC#CqrGl@
zt+yY}7M}lPUwB*+T!061EJSwHS+-9>MuvoFUm%FGMNrAU+p6nnZKX8Ao(MmGc>tvx
zUyUv}G{|#xZctE`@jDbe!a=bZBUmUviE5=qFz1roT*~p{u{X{kn+I-ts1lt=5ctnt
zA-{M*?v4Ytz)n!_7E1WTD#n^TkPRQq!GR}f2MP5Rs%W6{Jm1<LU+)=rKS5Mf$Lhs7
zJwo0z5@nFF+M{;K7V;u^XXkd*@Mgp*sfG_z@zmR*t#eV)paxOw<#{Ldb2$rvDrb6L
zooe0@j%<WZ8}S#UANUT7y(8K8ADfncbfJ@Q4{(^fe#=>87`aB{^xW{0w!qS~H`b*O
zp)|kPxRNz}K`iWz3LKZB(3T%Ssk`#X)O^mVbp%2EM6zkc2&|<j^$anKdyMzZs+dX<
z`J1d%aC%7*Pg$Utz%O(}3yewB4KNb-kj;$96soa1$R;;bEsYr>PXIL5fpyFwg)Wa!
z3b3xBn8Dpgr)C00@bnRs0;~F#sB)A0zMn73J9DzTIIm8=pbJ7@d;1jlx#j6<XVg?D
zV!|kX>+Ev4T6d2v!D?@8;{LEldslSNmIR9lNfVxmftbPd!$`d#yjn&HphAc?Dx|9Q
zMj$H{8B;|P&_?ESvoz030oL3^qMbn!U3=S@B8M0yg`MOcHqEJ%8A?tC^N(_@l{F*@
zlET2tP(Y=&0qQDdV5Z&;71ZPDdH(6wOd5>K=CPg220EDVms5i)GiGK-D9h?mQ8h%1
zI)WUrAZySx2R5AxQ!ASPbtQS(qm{odCGr{jr+(gPAW&k(o$fcC%F6icKRcI_yzL0-
zQ7odFrJ=WkTf>Z`@}rWCB%zNB#AiU~k%f?Hsrx_*8sjk6Orrk%MdjeI%LhIY$I$^$
zYUDxdaW9x$#BAw*U^#EwiTF-jgR3h=cq*|-*Gy;Ep1VWMEiH(fK*4Ayy&YMkYTiIl
zWI$RHm(Km|$5&9AHYPn156_sA?IOK_B4&g@jZGnY2BVK;OOMEb6)V9D9JyQNONgp|
zg#D@?5$aSg9WmcC|G@lH3a7sZ+_-G|ejY=nNu((BU#b}0oBCqbIGo?qeH65)YqSOx
z&L98Xw`XrNU<r^H%VQNh1OAI$+l9r<NoF<pz3jSpBUUguNzQDCCDn0>D!)+;+X~-}
z&9l+THoeoa?x}%Yt4>a|Q**cmx3mg*<i*k8Kx4&Rvh$B~6F)47Lsq|V%Qw+}8kDQ$
zZENpQp_Uz>k*NBbC(=0@b}ZwYv7dL;Ev(nYeMTK+6~bf<6u?3IW%qn3CD#)x?bxpz
z`dizP0+v8<1CD7U+x|x6NZTjjVIcN&#q|R}vY&rJw_Js3Xex>tpNhJt*0K$2#lyzH
zyT><CENcZRc@8)nS)&G`k_@jEQiwSpM23Np?*;M5POWJ(-~Qf`Z_t{e_;;*Yb5C&s
z!t!gqJotr;Bv4|-sh}Vc01LHv(E>PDuBELe4Wf_48<xK7#-Qq?mSkvW!Bd;HCT^uo
zm?JN}FaW+`zyhR`{t~>@h9k)eixJ!uxY`Hgtkn2=iEc&{{p_uN8&r7}c!Xzz3xhGE
zgg%m(=~%I)7osH$e!v*!&tcYHtZGLZ`qP@4?W?wZ|FG&&0>DNO@f_O$Qr89BBL5Jk
z1)`msu(Jb)j<Sq)2gA*8CjG=Da5)Z!THDb?U_{U@y{K_%2~0|n79KA&@wN6yRpYP0
z8aP!1LYXLr3l9&cCe9#;tfGS_YpBZ9l#aSHAse^$MTdp>=q7w7M67EwHI)TPBmt+M
zTv_H<MY1Ayx+Q4w_lI9(>5-@Nxe(}Qr{3gAznhq9w6|Gqw0|Ps%(#pOR(|Qtsy*Ah
z2){gj3VSPJ&;Rd<f>QpRA#=Gbr;|Jf?>UiCyO^LpBnTnk&P?E^<af>xu_D;;aM8yK
z9zE{#!h6q-vg%2Pg{u6SYV#4wgRQ|QW-Wu%%P-CMqx{k>9T%e$qO2Xh$I@>MAA5=N
zN4ExnN-5x88&7foP9<aDL0ORNxxN4GYRy$?1&mZfLr69r9tX12`bm|VZm#INgo-4C
zuTb{P+EsI`!^-EXmvPFD8rUBbJ8LzCkgwe*0m3;!YTw^SDr5I@vNMm&OxYS-GeMV)
zNW^hOu{zmwSeoAxs?T@|@Wy8cXd_C^#aDWgAyyugR=l@8n4NV!nxD$TtY0q_gr`{d
z>qo4Q=!WZj6=z~Dck^4Si<FL*%gBc0@B-U>df8v@XV-`S$eB??Z5G)b;5wtARzz!d
zfPE>v0i^J^Wif6&BfX;wmPi?l;6c)9qTaKXT%(YPHX-fcrbXd(mkYC&%0QTDd%B)D
zKIsUs?L1y~Q(UY^m};zSBj^-Ic8Blp3Rb*cSTI`H8uU_?a@GKch~R|WfjY$#)rxy4
zRXfF@E(%cAepB66+|EdeqVoQ4O>M74Vc+?C^zbmJ@n&DPF99UvFt0>CM69NQQsS0~
zhY<@Zp(ij6YzVuS<UXISH=l@6MzvI)#;k3RU^N<5U36@GQYM@0(~q{Tw%xO-Vp_z^
zK^sP3#ZH7HWEzsZNJBU(eGR#^5hnfbe_M0)>h2Z*LP)4>d?-v}pNXN>745Jby@r`4
zSZQXGMRsPKOF!AcTlmxdTMHrxFR27qt&jHHLYI4~8K@F5IL-62q`%HYy6o!hOG=#2
zPUeB3ILN<D^^csRCj4Y!)SP_0%(K3SU5V7ggOs8CKwg0AM-K{>6Zur!kGYjJ@Wh2m
zv8yM1uYqW>YlG4j$x-vy4O3DtE4AupbZGX`;w<m>Z)C%){(Ro|?;lwzca2Yi%AA!o
z67w9Wf12XWxv%ft?{T~dIsu=q_?&!=SZtW}*U~3@4f@zcHH@4&on#OrLwe4JPE*};
zzL)Zv&U&%~{v{tE62H*1g_@ZdLJ;6lNd0}!fHkydLK)Pm1AC7FX5;BPF|exodd+T9
z{UH2cdvyoU@?|nAl`bbSHSIQwhZDEuswC^?#Gf+Mq^4Ubj0DZh&wlYLBNs7irKKWs
z2N5z4xj4+C>K5&_3<HC-1zXI(1ss#eL1rvG)BR#$*h9n4&f?3gwVfIq)sj>H{ZFHG
zbj}spm+e&(2{6>=mD85cTZgAU)k(H|s*It4v&V4(Dgi9KP#lfItx^72!!r2?kIKqy
zF&s0Rub}mDN~b5k8@mo%`dANh)lsVlwTwN(?d_0U1{bj}Q$ZMT9%0<`wwlS*%y$qG
z6TKjA*+fvvO(!@%z<Et%b1*VeL`9YJi(}t2GPEaNJ$|ToX6hZ9STe{Hr8DZa=)lG<
zndSO2fv(~OEk&6MjT#U7i$0QsNlb@XyE5H^%948un3kK&BL^M<|6cx|saWqpN^}(H
zaRoF!U1HLGcKbkO5SCb$|9z`-WeP@dO!bG8alZ#*A5QLO{m*PxkJ6G=p*i?nUp`U4
zx5Nw;lhh0DYN~nicl$9l@5n3sqVYDLK~EKF_^C0%m=b5{OIEs#q*NI4-X3jK;7PJH
zb}bMGXH-VbTo3+&k&}vkq{R1{col~<!of>^w{&lz<|CzTF{Zfni*BFM)Iq*x-#)&2
zbsO%08{dy=W!qY&v_Ubw&nS>OO`y|nEuE{}<#MMWdNUM4baP1)$&F<P3P#UC2o{D9
zM-6{lJPu1r%S%xQs(lv%1=Wi`IRin+bGUWycryt=UuBytvBlt9^l6~BaIZz74Rk5J
z>8NkA1kKjF*-t(kLE09AQ^=JEG_~mX!Ejupz*o>X6G7nRp;g0>^F7w9bRguL6i+Wq
z=5@b!_Mooe*H$&r_MX{p)mTjEv~D{7bpcV5x@d$eWnRRUm}-TdG9v56@rX#lXKSKR
z>W*pCU{Idfj4TQPXsCbcYgYY{%Zbf&zDWze<;k@bbj)#j!&A{4Wr(ZhEKpbT>l4Z%
z0ohI~hxUL-EZx@YPr7Y2kkrtaacXeLu75v|_J)bqN7w3SLv>!>5raW>OZaOA&?X<$
z60U$$jGzs9TaTnc4ZJq9`gHv3N19YA9I<VMPEe7mB{4qd5njdX-!Ai7wCADkZ510x
zFf<uq6ljOjiwtypbpGA8_+`R<YkPYJtC|llxQIXD4oDs<Fg4QwVT30Riz&r&*N>}}
zJGH=Z;(#hBuxJJu++wFz%hMTdpMJw&oH1i58(mRjf*vas^>(E{ZyzrhT$+l=Sq&7A
zm<~d?^~C!J`GO^vUgk_%Fu>X#SAUnAPga&y^z|5r3@XG(zinM3c(z5h<WjB;jbVm;
zaigwi7zxcN@q9e1S_Hae8IF+Z8xsd61cvYmZ#7k?HNn$mu%nHHdm^X>eQ#5m6oSY*
zV7xF&a(8jo_$@b6>0*v(Ii+u;uMiHZqZ-`WC=xlL-(Q|p^&^1PtrJy_<b;!^-yy`@
zLJyQC^^e1tY;!vVfYPQb*6NjgQNcqf%YVQ})!ssGLH%QdRL~ckz3l%GW*S8%H;@OH
zI9jH}oa82ETv}t2DSHX7+z@`@JHsn<@c=dq<o*_T7zy6*jw-tBT%UkbNE1i3bi+kV
z>pz6|#4E}SrpxX<+McxMSfvpimSjns!sS@|2UO0OyOiX~_yO&3{Iv8;c-?eZtl-nU
zJUj`JhX4S;Pyg?|0B?U3NWP%18B1WWxiCPFFoirv5mnLb5UdY~iJ7=tme;GblSURQ
zb6F1Qh55UhUn`6sUqcD`-F7-GbFu!f2AK7CP3ITcuyT|BZEiB5LrwZn-=ZzjS^Lt1
z{i0cYuYb)fnx#3ezRB+?hT$pA>5PLuk_pHR#6L5v{+|Fa70>G1&MR!=MYNq$FUI-)
zdPO0*vMe9A+W}QgItb2$%uI`S)Tj@yIe7531~88TgRRUGUdRcY&Ifa$dwzniZ2^Q)
zHk(5Q+)X~8d7CU3{#w(t96+$Jg*R9UA>GX8#qR;wB}t3AaKRf3(*g2LARyWa$<EBo
zT&l9N;^rGKfQz_5o(ka8P^d^EgkE#`<sWa|wX3eCu1=QY?3_t2_*t!@YPE_<3R`M*
zI0Vz=$%6@VP>GFh-R$nPG;@cP)f%b>5Cw^Cf@u%D4wxQI`QHA3g>5KQJXF)PeE{K8
zNSY=H7-BLlj_37Fs#<iOAPDbEk`O!{%@)9&Pd~k9j4aPG`Fz!f%F4>jd-m*60ia($
z2sJh3R+p=LrX&%*N_*NEl3@BWO36sp*{T8##~0=E=i|hlJ!}S1Ts%M;J9b#M%awi}
z*g{skzREoSYLg_=$7EXiEua1;!ZQv4n*n^Nszq;Wn);2V1@;Gnp2`CU8ZL1-BvW>_
z#ky(J<SqaUBCihu4_HDz9~CVYN^lzC9k0E%cf+Pl)kz6JNm{%y6e=8}s@}a`?=&~1
z7Q?KjWqtqgkBMc=mml^eTbAEH=Nv-3d)g|i^{Eb3#N+8otX44yw)mXI2e`-4zFXHL
z;aox%^-Gx(e!#+3)0B;Fw`bkPjXSFWVBEN~a$PQGytccsqF8d5EEg(1Ur0$$x0*ze
zCOf?$0JfUVOBDd00$2y;%PTR#_4Qyr?e3cFx2mcNRRuMfh#Y6T$N-iC_=Tz#KToOp
zaWELnRMoD6$5YUvlM(_^lEiFLBv}BS0PyEHtK|cTlMoC5Fa?Qkfu;Z+1@Mq4mW&45
zY;XgB0enDl0f5W(e&i37=Uga?v=(e3_q6Q%E|)pksr|k<2lqNzo;BTOqcuZ@WO$P;
z%Vv8e&a&oAZEU=GAElut79784meVPWB4qJHNN$UCG#mi%A=rZE2tMoT7a`q4ge(~m
z4Bp(mpg;&x3SScDge$;Y2j58v+YX12=5krGCQUk<vXNiR5=D}T%h+18d2!!haBj~)
zK=GPPqR<ZXx|09e`&-R~P?sQ-d=21Vd@48;(QTDxu&unsqPPfPu0HLJLo8^wW=3K@
zzxqMyw@5M;uONusDOJ5ZyrboGKE&${o#{wbnP&6S^`TJF#a+AF$eAzel}(h+9s&dv
zpqE)u$Z(TsNuLA+Z3%#tB_$W$uPD?{2&g0xdtu?)hrrJLy8^%^V8<^Rk6;P_*b25K
z`6z&aVCw^`ES6=xG;Pj6LZ%+2^n-Zqw|M}*20KECf_W=#ObOc#M3TG5^e_Q<#AFiQ
zB!nDNRjso+UsC`slZg%ibE8V@B=uU!gdU-2r%e)xKokWcitW>6O-&)w8Lln?Fj$h%
zFD=b%>4>rvMI0bWX<k4|Gnp2xNBk~$pFR5MSm%)=?$OJaA9=B+#^)h~XkEJ4t+(Df
zuvdDzB{MVAd^{(|w)PjlSf`=&f~}P+14i5MUsbj6VM6E!fUR=Hih^Jp$LJ6MFQ8>q
zG6G;N*x{?CDPjA=!cI-2W>F-dl*nKq0zbp|6CXAbLQE^5<5X2JbFHB>2wOjZ2Srhv
zrK&Wfszr-MvE<iarxsuQLt}!52HDgB#f(=~YPQ)rq9}|f1U^|7(*;5658xKWzk6@v
z@#7wG-MY#H2M;zj_<Wko%u=<oBtf&;1lz!YX}M#^<_&uK>GRJ0)vq>`0_YP*zW0mb
z;&K4Lp>)=u^UrUL<(+U1Hx~#|W^LO5^Z?*V3ELkAssTJjDXs*xMpf1J27`s?3WD%&
zlW9>UI`*iUNLcmUa}$K4M?G_ki`Sm)-`|x9=4tWA@3~$Sz;FKar_uj!?%cJ9x_7r*
z{{Hu!1Ms~a4+J2Au$+4Q?suC;S5)|&7hRO!5rgabfVj<M>JZnb^8xauARyOdD%l0#
zjYJfXP>2o-g)~J`K)JvZ0BDK=uiLG84j=Xf?e+$wr(2u=b^!Q8oOyQ#@SviYzUkJ@
z*#NZCZu7y`Jo>efPdeD*>QDgMk3kr9__SJ4C_0FETLApz+i$P=_2I+r(p|f}HOG!s
zAKtgGa`o1&RqwA^b7d~rqSk@$f$oO@-1zw8W4)U<SFio(qq41Aw$vQ2stTU`;DgKZ
z0gU7$`}cvp0A@V!z^IX%H&^dEe%w<libRT|bDR;#atNxbQ6#xtHx$y~_lHbwx7-oJ
zHd7F^j`A_h1mGY9{Q&$Wf%lFtSa9|wrKO(Anwnsc(-vTHB1~KXQ)F3fqLem(`Dd>K
z3(gcTes40B>@;lU6~MOXpG<(41_AgorP(Ho6|}LjK$c~(wzTwyC;RkyqYP}NI?+04
zeCjRpDR&)M;Fk)pv%<D6T6Ez(e!p7k^T|_|FF*9nkt0nNyLXq#d-gz`G%2?sBg3+*
zXHSRl=RcqQlbjrD>Fu|#UjP<V`%K3l-2&j@fBa*@tw)c#C$3sm{@I>A4b>GD0UrQ0
z7%ZzxPZtlbUqAJN>}>PbO-)L}x#zz3IDi7C$)Fpzm!0kcOnBE*16ahTy#T&^`Q;0K
z(a<259XsYe_scI&ZvF1Nrn;;wo7wNzWUkpP>qzEQ6wObm=F>Ek2ZKe6LLqf%eZ8D@
z{J6(<@}%F|)D)5wMI)MF=%$ovvaI>)>Vjqa_czowG{|yIO|ZR%V2Dp~Pl9bFE>YFu
z$%LQ+Q0yI1mLQ-C&}?AAjbgzA7LDyI0B=-O_{JYS>TYOgkY&D|Jsi!=&ZqE7FsS0Y
z@0tXc%Tjs&{UfjX>tA<l0P`j>#mRp!0_KMScZE*7y_Nq8zybk9LJ%x$r58UkbZGF1
z`SXXF0X0hyYy$%UZHO$Z`HDhqnnscAQPsK*MioU<+-})dRTXR~D|0v0*2?t_4Z&(z
zMg<ov3TLPsn@!B`+SQsjXi$3o(4m=qyLGeow%eslQ54LCP!cAMAOMmi(DZb3s9QIC
zutyI^Fe}TfNRmJW!yXAuqfiu$G&Y8$iVC0k#0kH-zCLL3`4kcgX(69asXuYTcXaRG
z`qDjn>Z>a&gMnaBQ_&pMq{-z%?FAR)`-cp1rE8khmr~k~Qj!fG&X5oiG3uBk37XR>
z1$*^!x`z$RXzbC$5%73I(!qmGj_<x}O0TI2*koA~TL%oGR8_T5W25XZFZa8TA9uT}
ztAqZ=Mma<&XnMLu8az17I&oqb>%@sUbi{~kIWNzm5F(I<23aaA^I8udb~`F7{r38L
z*%}C_CPmSNwgQt70xF7xIvggsTQ{3$@ZgNb{{3CPtSocTY$gFg5Nb>&r3`4SJAT|o
zT`t*DRu-~u+*o1%^2?gcW5)uy_4RU^s!}uCs;X}XjVcPXKtNHNn$(cl4BEecx^?2j
z|KHxV#K>`!;jg-TdU~Gwn)Pb~+Kr797JM*5mXZUCIK&siAs_<*Buo@g<Qx)W5uy+W
zgN-c3ARz^?47L@75QpRf1P+Ku9FVcH4v_-3g|WS|&6uorXXmx^>PK;?zdYr3_e_ty
zv$CxIrPj{QRM+FLzrOnGtJivK$Bqd$J)L(em9}}|LOowBHnR1)opfE!!t%@*cp{;>
zV`ItI%uKdAJ3CgLno75_S;NybcmO({hq9*G*KAv_=(?8z^i7(EiDuJF6^kp@xpTGL
z#f#Pa_3N#4yX_jvSrdVJu`J!*upzy&WlO%gb!)ypIceFJrMbP*0<<K+8DqjQUDspP
zs;$q@*HdTDmNVziSFFpIS2}0Umdlqe)oPVW$ChV@1kgy(b+BB{G&gU~=4WQ|g^39>
zXBc{dv928+KD^`fjbXCpao1%W@Y<TDE!wtoHJvsVf!EtU-nNMFWs(N~ynHWmnrw~J
zN)i{dUe__fInp$|V44R15q1OR-SfmdoP%?I(-C+jh-+-B^v(!?^)w8#3<G*LYb5e{
z)3hvIHw@7TG(u9wz%`B8nT%1Np3W@o*fCyu=%GSm!v@PurHq^MSu8g7xw(>c^5o*^
z#f$ZcTFuFKI-cpeF0*a$R?Bs()lR2gcO1vLiAwRvQ!i6qYox1njA4SYP(9ty7h`Y%
ztQZCs@_8&yO`+~MU<(UKH=D?IIxxw50q4*-M}l)$jsp{b!8vr!kqFQ&2Vffps=AH^
z%R(ugMn~6SRjU|nw=w2<7y)2$F0O}(U{{<L<F^?@)iAI)K91$ho6!K^tXl^@I}5&l
zKe*2p7<pc@4ksW^w$l2f$pLtVffdHElt`e&7+lUV>NuF>968Qm_KCw|3@uGV*|Knb
zd>qRUJb+d%Cx+L){IXYG0XuUBY+(UxejY}vg?zP&g6pEdIkKF?=#ieR&!(oKl*wRm
zauStn7Ong5hZmNXe0g@Z`?**IJ9P@?g$u}bI+)}f<Bo$g*+SIz&zLxBo^^p$e17RA
zyrl*_b4JuxNc{ogER7$Aq|>50ZNy-EXXzLai`XaW$<TNHhRw+XZIid>`e+Z6o-kwO
zs;3AsNw!4sr6}zJ<;94g1CQP<(@?BLM&b1+<2t2`dc-tj$8eoKrzxH>q7Jk^VB*kl
zae?BflkS)g05t`$CLwl{S?Hea8g`Umh2kzNomK&2<%Agl@YK5LP=l&cd=)CQ+oz+I
z!`-Z6M}yR(q)x8WFf~bWj7I=%e+Rxq`IffOFW*Vh^*SZJ#~`*cM_D`m9>hwT7UknB
z!1Q;4&u<kh!ZtFuL<nnCQ~o~=;Q8YK-h?<K_>;HMroD)BKJP<p*)CK0Kfvv+1gb%t
zJN>ruT|v-)k30qJN{bb0Q)HS!(xj#=b+Xd|PJfu_nR|w_)ycR<Na3lF1|kpjsE|Qd
zsbN9^vT=$-3uzqcv3E-Vmg#?u(#`n5C2D7(Q63C>H|Uxai+~_aRv*O}IT@}?pynv$
zH3slNWIUeI5d?V_vK$)aF%cmR333L3h6L;E06=?#iY1_1qGyG^<4V55>ecgg#vRgI
z6df@tt3`Iur1#}5xMrXFVu~FXD14G^w2kmdUp3zivTYN<^AOu<!#LU>LrkQ82*7rT
zO$PS?*bN-~cJShWLjYd<1At!v_#E)dFNhUkI=VZwJpkXo0^k_L=A3>&TcS3H06S87
z)|HTO+W>qEz&?nr!)70D`80XA{!`0x5KA_n1n^rR_jh1!+pYU8>HxMkfcN$TI0uXz
z1FjZ?six39;`dDer(a$xpj|7l)yOFG<fVmmzp@cEs240L4N;Q!n$N3cA>M}s>@vm2
zNy}2>iHO5pwUJ8iBSHDH<uDH2%l|S;8p#3DkY%?OZ&X(dn)exra35H!lO93!p)2vT
z0XiIcB~D7w;~;UUV4qYxf39>^sgRD!QM_RZv@I%gLMd~<4l_x%v_kPU>8}+*Co13?
zl>fG(a|BRf(xa|ZI<gFhAhvuz5dc65h--8}VSfVPH2{wQFN6T?4*=|Y24dyFF5n;m
ztzY&4s60n$KG#EEMF7u29G&@ik8qC>V9oUi^9F%>uU(FN35-9E-e(u*0K5vE3IJLU
z!1j6IKU;+UM@|C&DBOBlsRQ82^Hc}8SHM;RRhED@N0rP1=mR-JULyl*DZrB;!_M{a
ziq$lk(rDDn`R>H4wJ0BXrEziGe4VxGi4Fol(zA6G56K}QFqJa&qD|xoLh3kdNUkYB
z(T|=8(y9NuLG3|D_s*^frM#;590Yi_G8SH@|0UHFbx13{dD&UCD2|5W1ZWX;A?d7a
z0I>LPNVo!V(dZJT^)vxl5#j_nCOpwV$<u_<_W=A)FgZc86~Nd&;Nb$WQwzSnZVtea
z6A<fWUq$$t$=4{48~Xt5k05rfz1t(q0ZQ*=k1&_Wx%wS}cbFWdj_0uOqk`nY`vCh2
z@THAniSA5Thx6sN=4_221FdY-qhvHzk0GB&0Hb=cmNNVwrJ-vwqW2-!3?>w?P7mnS
z`WqOFsIx)h=1SQ)mCsT<WUWtrRgcXiJ@Em+Gpa6BoqG{@%6@>WW3clMq&J+T&m96v
z$;C&dTXdgy+fqEvDBi8Vj{V_wg?P7Pl<zXSCzx%5IG86)S`c^H{hCH<08V@pcw;Z{
z%tr(Zu!%7H8i46M@YWxJi=PSJ@bzL1z;__dF$lZj+@&xcQ5|9O8vs8gieP(4m@C8y
ze-Yugvvdd%kB9vJUjPRI98vVS7kK!6;G?erd$NMcP67BAfEfe$TNya?4)E+}h1ylQ
z4B+Sy0Pn0d*s>u5xxDIml7KSIb5H@N6W}=-5&1>wAveg2Sfs`%CsgEQ69evwJCkI&
zo8+xkC|{%WBnJe<Vdhclv`Y1$PL8cb-sEt68Qlp$i}Ep{&`eP#={i)71=6`jeB&S!
zr-SN{E8h9C(n*YweI|yOW|i7PiOQa)vKG*L5|=A_uTUIibSDKjkXIV!fP4z#oP$_~
z=-EncH6PKKRF2ZT!_Gm{5t3Jxpg$;AyOv<4QV6Evm1}oVeq}zm(kZ$T_~g|dDM=4r
zQ+V5s(lJF5oq#$+ok&~ZZ+orGxKpPlLAEHlb;;!>6e?;MY33C0Eu%ZH(NRW^tjDNH
zomgB^D88Tdz>wEtpuH6ohsD!oaPy3H6wqLOo+zLtXPBD`C1DQ1b672)waIu}3ioIX
zQ0}$t5Tt$^1QJrmYiX|u0#<pgdOHC4``MTZAabPBMt6mRH>7qUx!w!`7gs0@`!;Er
zsA;P6CZPJOqW_XRb>3y1o(u#j9LBF!0DNOeHt=Zz`FClAAV<L~5IZ4{;?@-wQ%YwO
z_B0eKBMC8?_a}&*sdj|-pNhMaSYnA~wIxMB7X~~}ta5te5d5z{ofFjQt|w>3|NBmQ
z|MwyJyaYk`N_mt#e}A|S0DO$X><{>TE;fl+Vu@w7<k1M;o%$?6975hpY60(^3kY{K
zAl$t2`-35Q_!`7o=Ahr64oIgQ5>{?4emvy&PsHXCODwUhrhGjj(C%5~bajZ;5B_xO
zL|OR1|1-qo9ROSn`2Ao=I>$oFBiHNyGvK$M$7T^rEU^qj4)g%ow=vin_PbHO3bB+;
zozL0`agC6_ynl_&A(mKT8K(Tg2RbDT|9H~1lHCxSEB=k{Nr4=K6TS?wiDNf{cfrOI
zODwUhy8MMe=!IAnvBVNfEW;BGw{cBTEV0BAODwSrRsIj4?)IN<+NqcT0000<MNUMn
GLSTYUDP=4G

literal 0
HcmV?d00001

diff --git a/images/bugzilla/bug_logo_small.gif b/images/bugzilla/bug_logo_small.gif
new file mode 100644
index 0000000000000000000000000000000000000000..2d979c2d67e46ffe9fa762c3f58a1dd7bb9395f1
GIT binary patch
literal 1233
zcmbV}{W}x}0LQ-`S?j!XQ#hgSN*2fFEpfIzy*$p#vL$v;Jo9pNaxHdTp|&S4ck)s(
z)P+vDaHp7eLu9g!8+Ax|%QPD;Z=;may;$u}*ypFu&!3OGC*9eFSq~aIqwpUZfF_^?
z5CCmJ2haudfQ<kV_yEuc3;;vG2rvP*0c3yzm;;so6|e>D0SCYZ*bBG;2LT3f1PB0v
z045L)L;!3c65s$QfjA%@I1PLUBm&6*4@d!0fpp*^kOkxbmjD4E1PTEWPzKxtDu61W
z2B-yEfjhumpabXxx`7_xKF|yF1CN10U<eoiMu8{57%&bz2j+kUU=er;ECH{9W#AuR
z1y}{%017|}r~oyvrceYa6u}Bbh(f_sDnpb?rb-p8QiZ5gZzXi?e?d_j9Ef2tPqL1Z
z<Jc!7$bJzlvb(4EAy8J=X%LVA>vxCV&BA(hVnQ;HpK>lWEj{D>g^QV4KV;|RUb-x}
zl9yj_RakiKdXeZxaY?CIQg-uJdBu;FZ=+S!)r)EpY8!61R5z!#wchQ>sFD8CC6jhH
z${tkp^mWPyZuR#(8h&&?=i$hBZvVLn{$M+AYACsHX7-Qy^9vo%pESLgoBnHQa_Qmx
zpDAnlS~{J*L+xi)h%+r+S(G{+p=CpTS9wSqUvJvr`zE_EI(OTIziYUid3(GGxAYY$
zd)$q+oib=OqJOmg^6s_O;v)_gz4_e_i}vvrisY>Q1NF-I&Ea3hkwof}hPtc$ak~cc
z?YPe_cnXNDHsKrVK%Wfno$6M$Kr$>;>r-joX@V%f>(S-3Pfy2LkJLVwi}pGD-0VIz
zb#`P)Ld>qXlWC-{GdCm-3QJ$La;U4anUqJDe)hMv^U_c^#k=^u-+FEQdp}A#ESJ$8
zyP9|ScWpI_wW{C!`IJ{1L9rYfaon-7jrvpZ;>bPbOQ#^?$${~b!iAWvW?WZ?{W};R
zhbe5iPaRKD%+5F+Z%VonRyy&u`qhj~w{amd>xC+M>>FvLN$j*wLvS?Jc-c5~Y(pBE
zp_?L>Tj`1?3sX27WSbMkHV%2@pw~Mmc2WIz6{a^GZ8A-5p8D`wj6h1yh_xt4^-Zz<
z!rebm`z*sNi4+x~du$Ia{-Rr@ncAbkW+`6lMuzkeBQQX_!J;JEhR&ih>~jux8ngM9
z;d#gU+&$8~x70q)J0bS5p#0wOt2jTc!cuZIdDv2t8%tw*<TGQmM)&X!53@vRPO);$
zO$Tw;hBmr>Z}BEFC*sCTAg_ZY98X*)A@6kwaMtDAcGL6actQNY`6~@cn9gFCp->Pn
zvaTlNP|M%cEV~n0o}JlVVnn;gCMB4+PaCx^&t$(}ZGT8p;_m1)m)&D(lB6fh?3=Tl
zuYi<D^20i!A@SUN*@|Bgf1|dLQ+evC(`?wC6?)9KZAyFl(4Rq#WpifLCX3uH8oa4U
qzS-Qt1VYwm^=(a(>xmF)hQ%iZ(t(gMS+J?E!AqI>l`$_eT>k}#SR;D?

literal 0
HcmV?d00001

diff --git a/images/bugzilla/bug_logo_small.png b/images/bugzilla/bug_logo_small.png
new file mode 100644
index 0000000000000000000000000000000000000000..70953aca0575de78354f45659b59fb0183bba228
GIT binary patch
literal 8746
zcmV+_BGuiAP)<h;3K|Lk000e1NJLTq006WA0024&1^@s68FzD<00006VoOIv0RI60
z0RN!9r;`8x010qNS#tmY3ljhU3ljkVnw%H_000McNliru)CV31I{<!Q@t6Pr03CEi
zSad^gZEa<4bO1wgWnpw>WFU8GbZ8({Xk{QrNlj4iWF>9@03ZNKL_t(|+U<RLlvLHd
z?zi_DYU=8$>Un?$nr4zo1=<;qNzpuw*C;pUN^;kWc{t%pOrmCZBmtBAOk#A!<e8{3
zV!Rh)RAi2f$_&zg2u%;r4c+wIT~%H4nfCjmcBKzRRngrJk8u09RxPFL?0xp|?ce@>
z-yRAWvLPF?AsezG8?qrAvLPF?AsezG8?qt098CBe^BxD_IRMuHZ~({#&<#KzYW5-f
zyo`QM`APu33t%dMO#rS2Fbcr6X`UwlW({@6kX@=CdMbb^0R9GG8vq-CCIAdT06@(2
zY&L*901O8Z=3acrhHOwqKBs*D6~Ivd)%@Q#aWLBeTnWGqU>E=ofFl0g{{f%?*aE;9
z>Y5?D6ifn;3*cJ-=JOe#2*9fVJ_g|9;5B~?0B;U8-H=^MCIh$)z<+Yj+zX%qz$yU8
zIA~dlPYl2r05=Xb;gDTQl;b}Dd=r4k!7Xy{Yz{gZrxfh~_5t{q5L7!HIB@dhHSMyT
zCo!f`LMRjkdRJGIa^;nuoTrFv*Z{JBKTuHtSS<0ssVY!g3shABYuAFApa1J$K^88Y
zD~7`snGk~zA`rtcn4)NUV`Gi-%rj?=<TRg$En5asUJl%F!+62vs*nvsp_(Qd-Q69r
zDN{bu0pQoaj`zjz;hF1{Y|lLhqN>1%5rC!vH8sGIBfxv_4ZL2<mVuO%03J{L-*t6B
zLj&;g%b$N6eO4xZn#3zsfVf=1V~=60(~0Gp1~D4Nc*ZcCG30TsoES7Q#!w4jH)A(P
z7%Q+XS#r=-Rpl+8H?MkrO-*kpfUy83P)e+iK05w?GIrNNLf&NnU>IMqjUWH_YyE!Z
zdVqlPp(4xl%-FHc151~V?O3x$>Lp~G0RW8MLt-(O{n~4d@{%PVJq+M}0Qmr#C5i4Y
zFL&&`{q~AoU0tJFySqcNqepkC_uhMc$1%20?CPSjVQ7@n{>RUT!B`~1^z3ZPX3pF_
z<HZ-Fvj8AF`<!s<)X5lQumKphXwj&5LZSKFb=_|L`Oj;l_up@;@OstJk%(R_ilp`N
z$H#A6v&PetsFT^cx@O51i`(&&pH$1+w|9*8dew?ZL@yFW(z1N{<PED=JAH&~?N=<q
z*q6k8`y%%H@85qzIIN8Wh*cDc-(sQX#*NFa^ZBMWxZNA0m#tf8Yz{SyMUKKk>tn^m
z*6)^<+ERTUFD<owd-!nsLuF<5#bd`hXMX(gT=$V9Hxb6}wW{hjMgus-l?~NQMI?##
z{_uxW{++Q!B>uk1MAN=r?sCaLNkLmw0KrL<+#fKu*p?_`B(li4Zr$tx0DnPT`@SF@
zrRbp)8-@+DJziOvGvnmR`FZvAGc6l7<P*m36#f3M77~KJl)^XAkJ~N15{-Us{KSdw
zAElvN?5U?FfBVNjo^lPPsOIrSqAd&n>diM7tuWWAul>I)J@7z9Wx8~8<`gYsY_Yw6
zeR&;G)%)^Cj&yt%K*U53bpSC!ux;JCIpY|+SGbHlbiP&BZTao((O+=oB5iw_8)x?H
zom*dd<=O|PPNfmV7hAGYr)SnkM0Yne1xY;pcmTv9%ao?6gXnNbPJjvVP8vxxO&WIp
z{d=Zx#U*7r!+;0C!sh14EzQl5;G{`gPP*Ol$`vant%*eB9>!=PV;IXATmx=ck={%Q
z{Y!SXl(vnXPTAt|$i;?%@hP(q>8M1V&NqitUhXPMmrf99d4DC@Xf#WVMvdae#?Uta
zSWRD105W5kaPC}WqOQx0_$OEt8|1=@EO0RPhoe)jeq{CZC|}yYzh@3WsUQ%N-fKWq
zRYN{?D)^7T2^Z-eLIAH<<#|q!PM;2{KA&=TKRcEJ$ksGg+0_;M%@2NX?6-Awkvu^l
z65=}fV62o7DrO2(C?&*V$yhVu^(rJ)ajn+$=?F=eE=5nuZrf8&Rb>H~kmixXKmDmL
zmk`+h89ekL0ZotzkeL!jqsAyj(aA-?X^0}x2Aa8HFdis+ENyMkJjQV4V5G;M9%aFs
zZ#K<m4C1F~BaQT<i7xhxVWc0xnet4uMP|D36=E1x$H|kuH)N<MX=)11ip30PEcP{e
znF2a<gJwz=3~DaJxTv}kv)iTc;P^d=AW+vYesQc9z{o*X&k_o$V+Daw&QAx<<wSA{
zm%KR8L;Zfma`0f+xJ*yAv_z(^Ti0AF%S5<r0X<k#Rm0XFNA7Y-p~1aj0SFOuKlq?+
z45vED76h;pz;?tn@RaSMY0S#KXV+lH)tE8aI|YHLmo}*LXeealheFz<i#%AqcW>7?
zU8nMYJ3ud4GQMH^_Jz-H+ji@706t7cs;)EX;$D`;a&j!89XmSvJr6L(;PuAHjvcC?
z>ku@JU7hN=r=Om-p{?y-*Yxz<w`s+StCs_4Ns}KT1O|ZJ01g4zBg^!|E3eEske_ee
z4WKz)S*%tev~1Z`hjktPi*^77127<Z)z%gvgpdKJOSYyaRXTe%WC3u+MIN=k^Uj%x
zlp3z1NAD(=GN8pznLd`RQgnAmy_J>jH$+h^0Z^8lK-Uey?^j4cLB<$E@%t6}!VC4D
z{(4A42s|DOtEecH>g)Zzs%lJ1K?5L3IIwbMUG<nT*~0C&m$v=rM^$YAN>Y?l7ey*H
zH7(kvX~suRr=(<MNnt@CBfZ|(o`Qn^dIa(PC>M-{Yp%)PaN~^y)s&*wFfu6&y6E*P
z5}!5P{p>HxlTTJTM~%vsI2{^n&`SUIw=+fWywj8mz<IHU+uNfv_wMa_W!f}%`=zXQ
z3=+@`0AYyl&zO0B#UpAg7Ot0NSIUtbiD=f}{<hZn&_k2N3_O?}JLb)`*#u=ErLtN9
z#ssORCRhaE0zi8_GL9Yd+SjZ(Ydrk$xW)wwN>E<ztXCA{ys1>v3`3G=OKWSezN)G#
zSY7SUsi<&<7Az?05=HUQt+&2EI=S9`ssU|VvEu5@hN0C_Dq7PtUT1N!?Q|fZ#G0By
z9ssTB0BsT~DF<)S&Yc}Ou^7t*(31+#j4@D}*^w?=HVIp|c1&z*i!JD%yr+-exUpqY
zWo6#k!NwJrFrZ^PW8!ePTVCb!Dc76xF$`vV;)!EZuD`yxI7MSKpHCInuWzZi?z&<P
z@x31R04U@g7Ie9!HcE-Nt1Bvn!wE;AfHAu^Y?wVrDQXqPfY+-O0&oFPva-a6(o*~T
z4hMy<3y$ZWJ1zq#zrgJ)hT7U1QS5dhuemuC-nOk}{F*g$&Ikf+F%2d(H3fsGPY3q@
z{O5=KFTK<t7zP}aqO+^(w)R7Z^pdKo?j`))$)+t_IP5PoX5<~$G@nmZ-9>^xVhInx
zpQ!^-fA!V5Voy&rX0eEc9*=y;>s7{>+EH~nrLzu))a~&|hDido0Py(zYK|<^-0W<r
zrngreZjvU|tSs?NR+iM`@rW5$2`5ez$lkrWrL{FYCY89t-)9~bIj_A|U-7e_O>ytv
ze|zMbYu2;N2+(##*Nw>R*+r{YuRi+&^VGX*SI3lHyE=Bf^wQ~6-o~GmB~~{!268$(
zqh0{wkAFP%56hPybpu!epm)xkl07*&vQ}T;+i9^Rq`UXP*!?{R5B`t3_ugyz!|vT}
zMbAEa;w}L6;fE)@B8sHCzP|SgO%nt{Skaa(Ez?ugO%O<HL4nn}WlQXvD_1toTDh_@
zZ4D<)a=Qq@$GQ#zK(g5c$!^bf-FM%b8<6HO0;Q<?&2K7?8irQqaD;SSccG&rdImt$
zM9szm7`uLbGw!~->}Y3au-EHV?gsD?;-`BE0OgK5hQI&93)gM{bj<{^7yt!eq`KNC
z^!BQ=_y8G~NcW{L4d3|3Ki;qz(A7*m_~kEG2z&Rc?EUv!%Tj#32f*Z{K})*3l?9!h
zv9~HKJ@itg9fJh40YXUY#*NJj02K6>r_7j<w<j9ayH(X7hQSDcuPk4FRN)<N1yJ(t
zyJr?tipH;eW#sA|J8q5;vI>NNDT)>(M5?*_?rr~xz7;L)cfYHi2;jcT%DiSmsHLvX
z??sxEF&2x^IBAkc0U9p4^5=BQx!v6nH~6xAMMak7op)Nq=H~EYIDbX$AKv-9-<`C-
zwA5Myc>RD|5Cp+lU*G!-(yXSsTr!PBbjrW4G<ihF8*iNcmLQPLue~<IOjRNPf}%)u
zn@yB>ImVgOty<Oaki#Kve);8T899d_$d=+_YfGv)XYu0E`&O+w?Nk&t)%^ExSex+r
z>kShge|+4zOBK+AR5_v+L7*%aGro!V?z(>Qlo>Pfn`>(PJ%#}_H`kir$HM?robTxf
zD=f4+%xxw~5&$Zt7?AS;6i`aYkt1DM2M_iP<6iJWL2p56_rit4>(bDLWF9I-BDys`
z5GbZk&vSqK+XwGV#mxbrpupNPWr}B~s)kQmEbCRkP7H%skYTCNVi9#&7K}7~A#`^u
za{<v@XB9v|mZ@UOH#vWyy*)Y?kTS$5(+Q<g_NGm(g((IbD=l?USr!kZs^+?NO%rup
zuwG`eos}8}WB{WFlB%^e-0k%$iYSusop+X{m9(Z!%d>TKL<7mi6UFpSClFBW!Jy{Y
zvZWPBy`aM8&MkU#(j<2~F1{RYP)cHy62W32m@vVWb>KixR$E)-!8Eg)mXl-optUtz
z?Qj@j69plNZ<kHuC5a)+f|_2l*K@*Q!(3?{KuD5km{O9KBP)vT35PSS#!iH$QEN|6
ztTL6FS6XVDP+6Im*raqGUOxH6ceAQ$1*cDcom@tM{zqpGL^87c{qN`Imz3C?l0-AU
z*Y8*K=H_6CkT;o0dC0h&D+mO$W|d~GTv=~NeB;ykD+A?OZS&@phAAa#8s))k&AGXj
zYQ`8XEVR<GV_n&?m|o1OQ7St%YgS=*RaJKnA*+*t7D_KQ0#<8!Kr;qJB6@N;qgJaB
z6omAECWMekBom-ph1%L~dh}>dD*ZX@vBwTvvtvi=H&e|n-QBUN&pvx1zpyYWT~>e|
zM0yeoYSRJ%b>Y{)UU7zHh>=g73TXNHb|+(Zm>QJHjHO?wAcTN1W=lsm0Mr7;ImU>>
z<t_jSS}gS4`|c}WW?CqT0oXBPM&8*43kutQ{p)GiwCUVcb#=WzNv1{#Z+_>UWm`Ks
zqG$K-??@$Qr3IGDB}Z*GK^>^Xbk$Wk?UF>*!FOA}(9)umGKR@1zRb~emSY&HXEDZ*
zw_``gH8z`kNp4mWKZiW`BECl#h+kh&XzpCM+cNCYN5{t)W0th@y}_)KM9On=HVy;O
z#Mndv2)Rp_?)Rqyh}9}6giw-(Zh%tK7T+IY$f3~U7YRYGAQ1bjuh#8*;)#Qg04Pq(
zBmnN~>WbC=_P5tarKNA**4wLoCk0Ju0?;ygv@`nPgX5|net2(pYil%Bpp>1SLkpVC
zCMp?b9pdo_$@Mkn%`1+qUE3VZ;Q3RfJMRgvH)aJ;IvC6xIM6wV5Uj1O{Wt&Ev43Hg
zEubqZvhmhib85$p%dQ0=*zGH00KRM<;FXp6$J}m<o@oV*G3K`01#3gY?Dox@w~+RB
zLCDKv+1s|Yj!MUWC5a}$RG1nZ)GtX?^Lo8!7!z9sfmt06$LJ+X_B;aMmgL7NMP6H*
zYVYY$pG@=4tmVtE-u1{M6ROv(YdGxl#YRn;l5JVNy3(d;gvDYpL6!v|!wR4zQN!()
z(*kq<{?2H3w_4QEF;_DT35*#`RS7FD&eiwr>k6bxw{Kr(q`O-w>gbrOn$vZ3^r+LP
zAJhW@g)LlI68`B=ubQ!J+2N&#AD`>D1p;d2v(KK$edwVvXW}yAWeVtEP{poYEqg|d
zlDAr|@)+QP?VH4I7afd|n2^DN7zQkFywUK#PM-7!8S_;A`Olr!<Hz4AIeRwrc=|Fk
z=<#8aN+N5YGpDFd6m_bqF`}xWpdd&whr^*F&7O>c0-N(2-`HISU_?3xdf-5(_RC+Y
z9UC?@UEkZQO|Gi)-!Njt7Qrx>b?)5aJ?qymIEjnw8@F18wDOnFr`%Ohu{tLj)xBJY
zhG8)M``@4VUv9TW$q<9wJ9_l$!dT2Or_=7cZ`3P_vhX8HY1S22th=_hw)e@4lrIM0
zEC4^^%j4w$B*TE`?|*Ndy>#jLlNkU__zckePYY;WXJ~5+2LgfKZmTu7DAhA>zuh?N
zfd|I8rcTYx7$s{O8?}Fb_iqqiW+hy6mD2~Q1mUn6dF!p4kKc38_9FoP1;ADOYtQP{
zXTP>;RYQ@Y=#BB<iWJ!G;zXog!ZzG)+34<$PDwY30BBjewrSDYwM|R-Ad=$cWC<PH
z08o$AJO277+%vd(d(}HG81DwD@_5pFcE;ce1hfm%IUMqbl)6t;Rrx&)4Z&H6--}{4
zZ(*UeIycuU`28{M+_{Jo@#8`&uglvU*duoAXq&03#+!`I>Lug@BL$deA$}FybzDFH
z=L59Qr{IMbYJT;rU!8c`;SdSphf>e8j*jTaRjV52PMMOszaLpj{n3o$o=zk$zIf8{
z{qG-IjQA}~W||<kwnnZ@o-sn9w42q`{Ct}?7BdPnc%Si^%44$$f*??Wi=3=iRb!xm
zIX!;dhdb{q8|YR}dh}=y1%$i<2fBu<sxdA3fw^;w4_<q1L4#o!QArX6LXfp;)#>V*
zn%;jw-)&eS0AWJ#b|k{GB`HTvq5ez&@G|%4cO!nT^PfWHNbVf?{c1@pW{m3TQAVbc
z&j27ROLB49ujaFQcR_)*jxppSzEJaNH=;)-PINWSn^#f=;HklQ7}C!Z5Q;KjK!Y(>
z>~dKKTt`Yt31dRx^Ut3gh7>Ejl0;AL*wJ$6)mLjjSi81yYh9gx-<&zcO@crgOanO!
zK!IW4;otwh<_c96lLuA_fd7m58U+FH@TZxj{=WjczszLvWX~yGCpnKkdc|_Y_ab~M
zD=M;ma^sB!$D5nO5`d0Ro8Oo**(Xk%@CmX^4FF$7=7Yc&v$WxFU7bI#xjEz+c&wt8
z2m%?fx)6)$rMhlp1p?~)R5OR77%gYcg#2x7vFPE$zRoRMT8>jnyWMWNI)(Gfd-~~*
zZ<HiU9%G9WdAR^QlSJbx0o-uO1Dc-;B!d9U!O~J&dpI0vT)K2Zp2b3+HR-|wuK-2M
z?Ab*Jwry(-@V&+FaLzYa^Iv&oPW^@r%~@}}acUl)W(UiGfeZ^PEiI9pNJNtd4ooAD
z(t!h7*IB`lBR+duTjYW|i6T+T%bm_>RM&aGQm<F-4FuHYbWX=G*up?S^8hrl6YzV8
zpR!NJ*h62GmmVabb>{V|5`aG=^Cp$Vy%_-jt=ZYq&U@||xv8qEyKU2^hI6M+_xhiB
zVv0i)$*Vk)9x#}1yKVSJQ6#6Us=AxUj&<cc_uMs`T`uW2JUZ|1i4Gk=K$1w^)Tudd
zS}e4-yE_(?WqM|?4XbGeGYs7*EVQo6&$s?9H`nsFoE-V>oE-UWw_AQMD@)u;2n$4`
z`at3s6+rul5sss}Zm<ESYa2b<d91TDQi%A~#^;R@O7T%Rtc8O?P2+&JF=k|UbVSsv
zuF4fs@MI{8G3<NaJ5&PbG7lD;(RV>-Vs`otfY<Q_okbhedVFo|91COa`5QN$n{ez{
z&oo_U5@V_IB8*b#loEw8<{LRO%X;F3_rpVnx<0I{3%1^JOYx{HuJC**8Z}&Rym5+Y
znz4{EcmOa$pixR<gg{U5QN|cy45DE$nK5)OTsZ7#UY^Cfabxo*EiIA2^yxX#6)UC<
z^Lo`WyLY#{dwZ2a!-xmIgn(Hrf;M7AmcOvj7Cv((=xl8bJ2j07gb+gz5O%xeXf&#I
zZQk5+A~)A6-*{u8r?k{QB0t}zMk1Qn+#GVWwnm(hh;~7JDJ4cujwMoF?(~Wx@p?S+
z$9LUTR-<W{QB&hD+q0)5zq>nTH4H`=0|EiXcl2ma?XY2vtdbJ@D33>`XU~S*fq-f;
z=Pd}t$jh^aMvr#-a&xUAr&Dad{`!KB&dz9P`}Woun#P=`P6a$&T~UXwGioXib2_Ey
zs8LzI(o#pS+by?WcU^vaS64K&eS6z<heNayLP#v8)8^)|<;<BtS8c7o<%18}TXmiN
z<08%B!|nE&Gm9qcI;)UnY9oY@+ixF!iZRBbQC%r3a~zmGJ9{%Be~s`pfbHnJ5}^t4
zg|08`HrYX`96$VFttJTggfY<`iD*%v?=&zWeIv22V;DjqEw*Dvi?_8k(iw>u1^{W>
zwl?FFPkgmE-BdL0vBxHkmSuXJ5JCij7^S85&~?`pbPpe%6-)3%uQw(hI@IMpdD7?d
z`4qjrzW3bv^-ZT*TO$#}fbr2s-95{e9jq@cb+)N0t1t|9DlujW0dqLSXm+;Pbk$WJ
zUofcT^z=kMgcyRN7(yhX(Gw@U(UT{AA+J|e-R`L1@yNZ?r+ca<PISe#ZEN#1HU<j)
zel<(e3~B})Az-pBs3j$~&dSQ1meHfL{5BhF@%!6?)z#647hb4$A3W%*2!-@q#^M31
zrWr;oW@sZvW=Xf+T6(IaBs+NaY^ccRQ#^*jlG>B?PM+*;zW(}LpVKLY6(!Q1mq&#~
zi$*k@I~TTly|JRk#z09drpt+P5ds#8Xi8zBrET0eXIpuBR<Ei?I&yO<x%b|((*R^b
zC{a~|Y~S9Rb@*^+&aq=&gM&HY?1Yw<uyWu)XYHs_&Q4jTBBg}fetYRoLKqB#sesV|
zbSCcmt^i;@Fz_M1;H!}byJJcMP)Z2O(RY7c;)bNewO#^$j+y|jBfcztnkxq*0TkQq
z)M~ejBBdaLKnWqxva`kZ`SS}J7B4Ofxm*(S`&IJCKQ=l)_@Jvi7}W9=#USCZriH_X
zW|~&d0ca-#!w|p5S4^TmA&Uj|<>hGa?1UVR!eST@R23doMIitOW1ze~1|jfMih8RR
zMl6Prx{h3)CrQdz69o7r2~A~X=%}oO`ugkVO|cH%*~Q6Dgb?Te+AS8e=sNN=4W&tX
zI|C4rB%F1-ajvu!(Zh#f+;R&@ULJ7b1caIz<SPosXc}CIUuQgy{}+Uyg;K1~&&T1m
zHh~dRJd!ao6DV>KBJ+Of6@e~C{Agp~G%u?=DHs+wb*v=>X90|43=)qKHgSr#48TuJ
z<^Bue2aF^9zehO@6o8S#0Cp3QpWC;+JOrTI03uyL=X%6%vHjcuO?U^D^A1XoeT@fq
zJ-jm60P=X}Bmkedee?`ZR{<a=1((-2I2(8^69XjI)Yvq|s#X(!e;L=ng(P4E0o3v`
zF!SK#ywYZB6UKRc1FyqKoPYVGnI{G~e{APmlcaC}Be^~<Cw*@K@B(P$i$}@jNVG>c
zZ#N(M?w?DToy%nR0(b;{hh7uZp%x&sfO$^<4?YOYv;hJGPBEa2#=AfR@LWCc<f{OF
zjMRr15_u-qZy$g6YXELe^Q;~Z8tET^xjzCPcm%k~3D|f!N@%>xQ~=L+15cJ<5X<U=
zp&XQJkxmm}5_dg!@J^*X@8m!r$^obF^yxOh6W*x~^j)-Q<11U%G-(pY`bmahS5Gqq
z(lluZ2V+(WASMsMM9}2qWlgkA;zW*;CV(b9Z;7{|nnETNxFlB0>#rvTd@(*)CnkaU
z0DyPnj%D0;fIodFF4IQ<+_@ImxeNI4XF$F+p2bH;_<%Blxr-0DF{bh!;Cwl;Eg*3y
z*}Qu%0^p|rmU3-ch=YEb9eCk;z*sRpHoyHYuxTyur<Z_R#d!DBY``G*hzv&M5V`kF
z_GV%9{eDVfsai~WM&kt~+^fhL%9YJM=LqiIM)D3#H3$-PM?>GQ0<fe3m3T(v05yLS
zd6E=h6L=b$VaBrZg^Ds>&e5h%8Lz9FK@mzEr&2liSsKt6aKKdncmlwS03PIRr2$w6
zU@LzQ;TrH$aj?(1sqg6L9sv6{0N=P5n8d+bqXVDp1~A<$WB~XhFTZ&vT#*F&Mn3!G
zncDhg{-R>Dgbq~R1dQU2^mGV#?^WQAyMdee-@0_*t#w~iP?+dEXA)R-J|b2AcL)E_
z6yQj3Ydin{bROEmX@g<%QbGnVY4DH0J6B7h90{*qnk45@UKTM;IY>X+#Kt`q<N2A(
zDeyLnnc@qQqFt=$J2$AO7(kSRI^hJSaIS3UUU&q6<p4VQpm6ZKv*UxTx+k8s4e@(r
zzV!?+!WnO7065VAoD3yNdbOPDnC~sw&Fh+L`r9S|vy+_1)rjw>Nz~O3;Mah69^hL5
z<P)I84m|Wa;LPqT$NNDbxcQ3$bmG=gM-trtZ|FP@s_Zm;)7*L1i_8#->7MnI^XsPa
zWv8fH0(jOm9*|^+F^r4os5EKez&tA@e$^n%JswMwKG7Z#(@a7##5}(;y(5Q%ct4lS
zdO5Z0MEo@QW?+{C_^J(<TLJhYz_#N+K^dS5fD{8Z?&R-2W$N1vd{#Kh%dP<UJ%B}~
z_Vw|1lq3F&X9>EI#mn>wPya%ks=R*;SegyYsRV)%VE0FWs~C9M6R*mq!<^!LAu5NR
zPpPFzoYF{|QiY2IKZzhK3!lx;VkGiz=bj_?BHp}T3w<1fO(xGin3zK~1&k$0fwcKu
zy<GhPrz*|?lwadqH^AF9$3z)oNe;}$`zgxHVQ?>;0P<Mw5C|_j;rTc7KwahlPEd(m
z0B+~cQd55jrgsIBR&Nt=iO$>Dj1?`Z%%7WwP8_#)rtls#1s_hO21I#*ouBbisQI3^
z1m7i}Vcszlg&AnR=C)Bx-aeHQVll-b0~zcI@OaU;mqkhg{6G>PPAEtgt|<9<S|P>k
zry{;B)J!+FW{}r{83wsGsa#+9!V2Y7!<Io2xY+V?<Wm5nKY1JYY&Tr#rf6G5AJH4=
zEXemtXH+^wp1+R+ZJ>3r@PU)R&XE}a00DwYL_t(=8e%`&I1#TnIoLy7O`=J0fD?T`
zlA0KxVE`KkP(~Y9VhVZr0-Ta`@ButO>G@vH*^Bwikt}DnaGEt_LpI<+IT7(a(dSGG
z(n-WG_36(BtMLHd=hWypUuX&O|6YgqQ9bkT=IjLU77ujmxx+fbpHC=RPY-p?kPQ~l
zf8d_fEQ!Vdyp$yCfosn%A^yu_347B-4QF#tpIBpfp68#)_jlZ5-^8g2<FVHy{$1kT
zGd~L*ddU9!83V8q@fBM0lz#%iFLB{*q}KwNgYyp`GZUa~9MF^lwi>|o{5dax|IPV#
z3Hr`F`Ve2-xr_h1Gp?Ep*^mv+D5n7lV4lOkHtv^k>Fzk<+X+q}e*5fgh#!q><Vwo(
zrZh!}pJQy`RO8Pa=mz48N<%hepUM_-ej7x5@5UE#9oVyoAGZA!fGYm}8l*YXNrw7p
z$OfoV9722--81+M<+cnq9l$ii_p%s>uM2EJTst4KA^X&JHPY|I8?qrAvd_}~AMTs8
Ux@P1q1ONa407*qoM6N<$g6hMir2qf`

literal 0
HcmV?d00001

diff --git a/images/bugzilla/hunt.png b/images/bugzilla/hunt.png
new file mode 100644
index 0000000000000000000000000000000000000000..4a3b14e2f96ca22eddfbd175ebe655429208c2b5
GIT binary patch
literal 1676
zcmV;726Op|P)<h;3K|Lk000e1NJLTq006WA0015c1^@s6g-SHK00006VoOIv0RI60
z0RN!9r;`8x010qNS#tmY3ljhU3ljkVnw%H_000McNliru)CV629U)0;1&06t03CEi
zSad^gZEa<4bO1wgWnpw>WFU8GbZ8({Xk{QrNlj4iWF>9@00r<#L_t(|+U=U_b5ms=
z$3G`YNlwxvlqL;@+)A1h=mMoOV#kWKP<`QTyu0fi9bWCuI6AX`gctCo?t(fp3i?K6
zXI<E$0=vTiMMvt0G)+p|l(uQzr1VU3NOSW=wd?6AP8&zZ%kz16e!u7TJJ0t#&+mB>
zDRZ@4Mj-f&U=XiBAOtNC2tf-3LeK(%5VSxDS|AXD76^o(1p*;xfj|ga@H@n`*n(%z
zoTj_`sK)llBaagZ27fWZD2l?xuP%^Gj$^UN?CiQ_QT2`-`H)Y~^=NE={>w8solc>U
z->RVd`YvjotE;Q=2Lits5ns6QB_kt=Is3+qn-<+hf3#2YT)(nji1}BFw3t69sjAA}
zJuguHUQw&nidD8Ub!CcTv53`bW%X(=9i2OIxm^6`<OxomJg#ZyvB#do=l65?gZKF2
zi{AeaLXvp)xxW&P_VJIy?_WDVG8nMgY&0~iVQ1H^WHK4{?|YR(q40xsc0IKlkH@p1
ze{5`w*Y^KS_pzExCKN>h!0B)jY7BGp_72Qub49UPEEX=0jBxJUSrUn16h)y_DqVBj
zyPn#O+wJDFPtOsL$C#X)Kvh*rr4q6%<MFJdy?q-#zh9_$sVj6e+NTjSKsKAjUTtUD
zvSnnmSu&Xn(P$s}e4al&{3y|RE4s~Q!|U^r%jLLu@hgqb>-Ax=ScvsU7wq5f50FR<
zQ!15E6oua2^Eez%WLYK>X<}$-kW40{sk454GXQ}=@S0)<bmIgl6bg8~KFrI^Bqx%j
z(kW6sXPBBw^T30DtSGjRj&*bT^eK(cQ|F=9<su%Bk;~=g><)*6`uchfy!i&h!$X=n
z!C(Vsvzf0aC+Y8x3PD#S=mjQy>((|pI(M+=rROzvqtVFp^fcqiag9A3jvz@Az2`qC
zpU>-jrBaD_Jf`dCo_p`7re+2E_r0nexXHxzTW_FTF0*&f3)+;Seie7$b03w&W-^(0
z;>o9}t*zzVcMg)ANY42N2I3XP)^qlZPRx-=6Zb#x5UQ&3^4=G<zNWPRq*DLWjcw}<
zZ8SE90dya+U=g<*`Fx&%fw;zIx7*p?(aF%@ATu*F8ebp~)a9fA;Ybttd|o%P0FB|u
zf^CIDjjUU@e!=$q{@MIJF+7Z_syeYOhIBg3#N>p=wqe6YYHMrBX0y7uWm&E$ww|6d
zI(vKjHUN6hf38bCnj*7;e(<4(sdLw9c8+%rz0K>d?PF|o6r0T^6ueYH4-CY0IqH@z
z*JCo7h{gJK<wK2OE?*we*`3bi9QoHjnVz23*lTKPaJ${~FOY7uwcQAy>&IfT;Pv?y
z^nJH2S8^DfJxsO$aN@)#6pKZTueo_cMX}Ad1GwwzP!xqzr~a#p%^wIbHag0R6)V{F
z^ln0-MopQ~(aRh-@P;N$5iBz0n7<`UlElVMvy&d5C#L1gm*aN3k!7o{oqd0Qg@%ST
zNRp(<$3x$4pRrg}Cx$>UNH&{gY;07wa!Zl~z)XHd*Vp00@8R*Rq^hcl+it%TqtUpi
zn;U@c?xUDYCSC3t4oBGD(a9$tf3)P-d_F&egO@aQ4jp`pD_5p;DN0k*S_}pQ$BzA*
zWO5vz&(Bmkt^bG|PO7S^go2kM=yJKNTRDTl2CA#8NvG4K(kb2Q4A6elHWX!gZgqFn
zx@g(lirwMh(xm~dP#PmlPEL}ZH)+ky8|HS1`3KVP`T^LnqYK$Gn+l}TDGG%Gs;Z(W
z3SC{dUQ^7fs**?y>rxei!NAbaAd(~@%QCB0t!7ipX4bA<S5a&Lx8HFWM~{3+A~8%Z
zm&0ncVz=9AXjsGX;~#74w6wH-8~-1WB#H6yF;rEZ8;{H7CK734bL({&4B~gOimvSh
zKb}Je-=bVDV>X*9m&;70)4IcDTicCv?${|_)=z!QA^7oly*^^Gev-*?u3o)Lu~@`t
zG-9*asIOl|YwH%)ghJv)i4|HPSi&ubKp+Gy5C}mF1VYdPfe^Gn2wETzf))sVZoUC|
WScuRZgw^c;0000<MNUMnLSTaT#xP+3

literal 0
HcmV?d00001

diff --git a/images/bugzilla/linkpad.gif b/images/bugzilla/linkpad.gif
new file mode 100755
index 0000000000000000000000000000000000000000..90d774b2424e7c93f769992303764a623568ac10
GIT binary patch
literal 325
zcmV-L0lNN2Nk%w1VOs%k0Du4h|NsC0|NkNW7F1|uAV*0}P#|q@Z*wjnL~kH@Z*@Na
zA^8LW3IG8BEC2ui09yfY00091jE||y?GK}zwAzca-n{z{hT=$;=82~2%C_zc$MQ_q
z_KoNI&iDQg3<`(DqVb4KDwoWr^9hYgr_`$Tip^@b+^+Wv4vWX+viXcotJmzd`wfrF
z=k&V$j?e4&{J#GW7$`VMSZH{Nn5ekO*y#8O87VnQS!sERnW?$S+3EQS8Y((UT55WV
znyR|W+UoiW8!J0YTWfoZo2$Fa+w1!a94tIcTx@)doUFXe-0b`e9W6agU2T1hovppi
z-R=Di9xgskUT%Jlp02*m-tPVmA1^;oUvGbppRd2q-|znqFrdJJ1PdBGh%lkTg$x@y
Xd<Ze3#EBFuTD*ucqs9X(1poj$$m^i(

literal 0
HcmV?d00001

diff --git a/images/bugzilla/linkpad_small.gif b/images/bugzilla/linkpad_small.gif
new file mode 100644
index 0000000000000000000000000000000000000000..5cfbfa3c4a755a7983f4debb8a46701d22d75fc3
GIT binary patch
literal 182
zcmV;n07?HxNk%w1VYC1`0Du4h|NsC0|NkNW6IF9%AXI2&AV*0}P%I#1b!25B03rDV
z0SW*C04x9i006WAIsgCyc8rgy%k2-NoV41Dv);V>4~F7Mmgb43>dLn63&-+I*Y=I)
z`p)<M4-5*2#G>(tOe&Ymrt=AnN~hGS^@`1Ex7@Dx3l59N<g)pUPOI1Kw)+i_%jfjE
k{f^J;_x!&94;UyoNLXlih?uCj$k^!k2pK6kNm&2@JETZj{{R30

literal 0
HcmV?d00001

diff --git a/images/bugzilla/manage.png b/images/bugzilla/manage.png
new file mode 100644
index 0000000000000000000000000000000000000000..1113c86b2f52a0d3549ed3c5c7cc74291be80872
GIT binary patch
literal 1920
zcmV-`2Y>j9P)<h;3K|Lk000e1NJLTq006WA0015c1^@s6g-SHK00006VoOIv0RI60
z0RN!9r;`8x010qNS#tmY3ljhU3ljkVnw%H_000McNliru)CU;?G#;4iDrNux03CEi
zSad^gZEa<4bO1wgWnpw>WFU8GbZ8({Xk{QrNlj4iWF>9@00!hqL_t(|+U=VAPh001
z$3M0Y*x1A#v%%P4bMXZT0WnC{u#l|n(p=VL>6$c2RjDe4Bwg2S)hg|8n6&*c?WSq#
zx~gezo2sO#x@F6)$+ol!qymz52{weAxf!s7WegbX{Xj!=IHn5xvar6N-*}Fm^FGh}
ze*M1Ra}KKLWHO0B@PC3@Oo2cMS|AXD76^o(1p*;xfe^GnAOtNC2tf-3LeK(%5VYV+
zh$N=qf6tjSf8}~}lPvbi4_?J&GKt9%JM_xK*M3{}w=LHu#Jo&YU-ZvOZEdZ*cly-g
zzXr7$gTa8q;UtkrFcJ(Borp3$JxwB!K(E(RSy{#7-`YH%)8Y5i((*BZKp)X)ltd!2
z=>6;K8yOiLd7v7Kii+9%#8xsgGL|)tJui<yUmwlQ*XZr-ArgsvVa|&U2eH{~^!D^{
z^OGC&_4E+F8zvr)qt$9Ln=N>~C9GZdb<)$*7roEGzyNRj@%OS=W@aXmBoT>305BO%
zxZEDT`RHS4wOamp`4X2ee;~_w{`q<wPA8||J;{w5ZJ#f&O2v;~`w2RoZpr;+XJ_;A
z^=3Lc`~-u;#9}cLi3AxL8Cb2k)YWam;dHJX%i;I6r;IzD1@!jzkVqtmL?V3p=_hkH
zlO(LxTmpeU0HV<-AAb06TrM~H4hN@BzQe6s|B>A**P6>$&1O0}{7g+v&BqM}1NOW;
zKKkg&1J%&h){4<+qHg1+C68mX+c|&ktYR!{juo@TqR25CjhIX(j=cRAU0rwP<9fZG
z;$jzLqoV`@eFOr1w6(U-aNrPWX=y3@Xuo|+5u2HrAwS=NHeJim@DO96F~*v%5)Oyh
zyYE>=j=^9c-{D|tYD&>}e!c^pPPgR#Y&IK*-+Ggto^DxAVPO$kt(K8s5TCF8p%e6?
zmLri!(9z*n#J~IW9-i2;jpTxjJuNMbhQ>owR8%T*rlzO3c;UQavP()zX*h6*EnBw}
zkH=-#+-}dJH9WohnUpn1lC-RGnwzdE7TfDBq4D5LY}@{%BF9@&%ISAc%EYWzt9hZm
zksUjCp*I-j<D+AvghHW37hs_{B}w9i`bKu|*^6<3?da_6V0?U>!J$D}+~e`0QmJTb
zZBf+f@px&vc6G`90gR1}Dr$RVeJy*Q*~d#SzrrKyYgdkk?(XVhdU{$GbGh8CUR|#6
zd;m2y>#$fX_)_fZc6%N-Z?-Ao8#ZhN;CgeD;`noWyo=UQR<=524Nhmlvc_p@x~j;j
ztJ^eZyINZmIVIjw?%e5AYyiLg%`f@+&wfgGcNaRH4u`|ZlRLgcPEJnBISz$F3<rm0
zv5JaH%w{ta6BBfHcF3+}WMri5+v6=E9*?Iy&6e9Az`p&@k&~SxJ2_4qKgyrpc%6a%
zehl~ha36ZhkxH2B*MDQqiuiqsYt=PtiO1t~cXuhooSB&^JJRlvW3@6oJgis<jYdOp
zv5OBbUQp!J)^12ygHETLKX#Wo&Z(2{C~~rMa)?ACT)FZu#W>D_0xV{WOpF$@g#(Aa
zhg$vl9+6BYiN#_M{4fYmSy=_ZrArr?ot>3kD=)8@w{!PnGJS<Je|w+t@o`x^D=Ula
z>}*B+LHZl$@5gMh@M7aZ{_^MJvXipEKfvL`Z}Ov8Uqh?at_(r@{q2g$DJ&{tVq$`U
zfquo#n3a`<&)3e(%#7?>X=&N~(Z0|M96S0p;cy6zMk71+oX!H$)6-MdP*7NyvIdvS
zjY_3j);JD_Q)V9kjvqV1-OnEK7TOoJTFs7~yEt*;DA8yXfRWJ=e*LRokeh2mk|biW
z7(+vY?BD+!dc8j79N$jipU<BCJCY<RysO9K<<Z9;=i-I)ik#Q~@H>i%iczUlG8^V{
zdjOWz-??-DU}$I%hr>xYg=I1sO^ZGkJam>L7z`?WUwL`OypLPxUDvFsSajzu`ApC|
zcJAV9)ivn#demw)Mx&9etSp{-YB!UUlZwS#Y7O@mZ>i(l%kg-;=yW<%DisEUfmN$k
zQB_r~Sn#T<>bX~Ib~`VB|A%bb_HEp54@RSriHQmPejlBk9ZXG5Qd6@IdtP43iI2r%
z^!D~Be67)FBp4h<rBb2S>v6k1?B27Nz5AX;k|gRjZlbJgHCn9}jYfkt$I8~N+o@T*
zPBAAQ_wxHIFJD7$u8qOL0m65~^Yu8L1#I5Dh5CjAveRfqytex?as1d3lF1}mt(Igm
zNjMZzJbcyGZjil#6#YGXh%bfrz25TseGCl^GC4WP?CdNWjb`q(p3P2m^;(KuF45mg
z{;(nttTe=@Z-EfBKp+Gy5C}mF1VYdPA!va>2wEU`==d*Z16}4O-0;l+0000<MNUMn
GLSTZ}+_FOe

literal 0
HcmV?d00001

diff --git a/images/contact.png b/images/contact.png
new file mode 100755
index 0000000000000000000000000000000000000000..ae316021c100e70514716faa6a8b6aed79b6c81f
GIT binary patch
literal 1769
zcmV<F1{V2=P)<h;3K|Lk000e1NJLTq006WA0015c0ssI23MixP00009a7bBm000XU
z000XU0RWnu7ytkO2XskIMF-Re2Llx?8lV&i0000TbVXQnLvL+uWo~o;Lvm$dbY)~9
zcWHEJAXI2&AV*0}Q14_VZU6uVUr9tkRCwC$SzAyOXB0jpn=5EYf(c2?jU-$Y#0wXZ
zJ4GpKYrWO!^g)L@KD9G_Zy);Jj;+%ttG2e|)XUWII$i;7t7yHTfC_|!TOfBylx(tD
zl1(4hSys@PnaZ@*|9jg1{D1a*=j^xtIsYaNClY{w@FH+f3J{Pu5Rf<!kT?*KI1rFH
z5Rf<!kT?*KI1v8t!2Sy)LX(rdeUChDw@4&<r*X|2>f#^b;)Qc}@7!jFpMLiFe2L`k
z6$kymdLKO;b2w;A(URgf&c*A3)!NToXRB2Ix-tMDZT5dF9*?`HyK8LB5tx{WMxy{A
z7K`-;<Ax750l<@Bu&e9d@bJ)Mzn>t8L?XfG^W|AtW=n2qX}M4+1c09It}~}kzMzJ2
zIO6nlqcNv(byGNuAK14y7K^=bS<B8{3Wd^cx81+jIX*rX#&L?GX0P1QvQw?ryo_*F
zb<HbX(8E|P*4cSy&~Ed3y+kBJQItp|Qf6mYR@G>=Isiz8$z#7iNz_`cj-n{P-xtPl
zk|ZgL5{t!4ikH?mGy;Iz?fP;556n+8GBUUr7Mh#{fcX-M*=(t)trrLcDKb&3HLri?
zh{xmS&z<e=x<Acw-aM5`ok%1cj!^)(d9&kcdmF<^tJ4t#;q!W3PN&Q1yw`bm`}P(|
zX6C?vb%q<AUhfzkr6?*iIoZ?QC6P#kB9SFGZ**iB$8ly^!J@?gpw}DZ@~q>(9qaGw
zWu}zb*)o}Y&~Bq2KLDhsrz;f7vu94djIiBqOX7l21^^s6d}wrJgc%x)Mm}HQ_xo%E
zR<&Al^2G61GEu8FH*a(#iMsdELjb@qOqrcMJ~jpbIF8@wxSnG&>-7d}e;@mYu~<yA
zP#X{kydF<rV&e9#zXE~4<}Dwl$Yf5+N?YqCcA}TBC|T3g%;9iox^}y*z4bCPyKMQ2
z=C$i_9N+WpH_RU1(Q&Qm-L->u8~e7KHgA>6WC!-`Wh`6_D=S->C{28~`)kIiQmZ#^
z+QKklXCXH)f6LZwIF5h6XE$RsnJw*Ymy;02Ff54+HYOfFp3Vq{m6cbR%@+FkUA@wl
z3KNQ=W<<Sl(-xUr&W@VL<F)MEH9Ry#i-QIkjRHVFOB@)6?P%F4lgW=AJ?!;(XyeeJ
zJw+ySby{I38USkR8t6pRj2}IGz@A-Fyc7VUQG#s@hr=Ty!z4+v=$i8j7O@K|0O)jj
z0B|@)BasMWwB+V7*AIHS+3PE-ssW($?rru)YO&-dC!E{`8{0nmc!5H}ytT)U{Ce=G
z{Vta?Jv}`|CbOe1ShRRX)GJC#<?<|>?YV7LrPc%k0iV~)SPF}l$Yk<xI6O3HXN)3|
zC`Bf7B@Vtoz#b+N&)N~XSknCjo9=8qEnZw`d%mWutf&M4yKR862!+Ch3$-(h0AMf}
znQLaBq@hqKeLgRH-{x|;#vD^}!pU7QaJigPsjTIbT_&@cF*?V`5B+j58jYsNWJc8G
zD_70-zI=Jf)YR0-@GxUhYcv@d8P<XR*>Bw+zh8;R<I{;PEJ~5dT%A^$nwn3ZIL>hT
z`QQPCLP-!2kK5h2x~aUpqOY%a^6680_Sn(G5{YDJaPV1Yo0e8xTbEz3sJ*?FxnZVM
zs@EIB;jqi;WQ;i`b6Q#&0I***062Z>gi@K!<MGz5f8S)bu(!}7hYtk;0WOz2H8sVQ
zb3UJ+oN!jwf+Q}uTrN|>JZ`sEs|y4I?8WmX5+0A2A`^C-l_`}P48|Ez>-73esdQk#
z%5ISJ@(Tc9M#Is1`67m4>>kK$$*rwx2nK_xFnNvQ;C}JtSIi(QYe8XQ5r@l(#bQ$=
ziHAbLKp+;6Yqh$n>Kd_FTwJ`2$LEtINk*fgQ0Pf8C=?18C=`W-MeE<&ke65B_xrA2
z`;)n0NokqhV6^u4^|7L=SXHS|D(S9}!$~8e1WA&KL;?~C48y9bYb26PlgUgFk*80d
z#N%<g$E>SwV1EWEEi2b(7A7am<#Lm_V0V865%GDwp-_lE>8RA|lCtvVwd*kqONEI*
zAb4fet17EiD)sGKH(jo2#WXjs1At2x&a(@jP$+ac$K&z1SS;4-4fPF;wRQCz4kyK&
z%<WMY0ReqJM?m60K;l3^;y^&+KtSR^K;l3^;y^&+KtSR^c-!$eqgCF=ZZ7BE00000
LNkvXXu0mjfkj6w4

literal 0
HcmV?d00001

diff --git a/images/favicon.ico b/images/favicon.ico
new file mode 100755
index 0000000000000000000000000000000000000000..b70c9590de2164e9743c9ddae8166aa963437a38
GIT binary patch
literal 1406
zcmeH{-AmI^7{@<*(V9!$EbT=rYg^i?&9#2ZntMr`<y$Elr4_;a^+K(5O?z2X6qy>;
zMFxQv5ndEQ7fC@zLW7Ee?4p~%+x~!vpr~N`bxMD1&}CPF-@|jx^Zjx-=iz%e4`{?N
znGo}A4rM_RP%c79l#2MR|AA&|`73vL=omT)jS=pJ9qj(5knM7!^;HoXjPatcfeVvw
z#6cQf^#qYq3PgIqZs%;rB`nbdw{Lbbc5Vk~wLCi9%)`DmUdDo8Fo4xcXHsG8grCsI
zPZV|~813~FAGyrLsY>uR@w(SX%lj1hLwB$YJOi5zBoA)+3B||bj9zI4vl;7+FVGg|
z==FZk>lr`hCVr%!r=rI5doF^}h^#2Mt|ige*U>KDW#7bGsuL-3kC(mQ6#@rZc_;2o
zL?y}wACngu7iY>84Bw~yt3q%xiLUzt=C0G|f&nT<eo`|KW7pLv5B575zIBk2GoRTh
zJbT_<OZbQIV+J!0{D%%ml2o-(Olf4*=<0IQbhFjTvehlBU|8zQ7LA~Mu3-v(zkj<C
zZ_p)@Y1p?iZ}D=KiM1Z8-5I<fp9SVXMe&?zt#nDFUhAZ+GGou$^{{Dvh9Fwl8dC;u
uTF5$^qfk|f8fJ;VU)!9cV#CT+tk{;L)-6f7C0p`5X)3ZsA&c~{PxcFp{gq$<

literal 0
HcmV?d00001

diff --git a/images/get.png b/images/get.png
new file mode 100755
index 0000000000000000000000000000000000000000..8ad718060cf6d2fff3c9e7a5bf58888f203b5f36
GIT binary patch
literal 1675
zcmV;626Xv}P)<h;3K|Lk000e1NJLTq006WA0015c0ssI23MixP00009a7bBm000XU
z000XU0RWnu7ytkO2XskIMF-Re2Llx%iXRD?0000TbVXQnLvL+uWo~o;Lvm$dbY)~9
zcWHEJAXI2&AV*0}Q14_VZU6uV0ZBwbRCwC$Sy^loM;M;0*Rj1$Y!W*@*7!(#1xOqe
zOj2?|QdAnCt)Kylc%f+;sZv`Z^|5{Edn*d1twbqRRfXVCP#{Px_fhT`QW}n2b`Bqj
z?f4=-<73^2MawFQqNq|UWafMF|9N)i)66&j{Ii=AiDv)=#6m#e6hJ_8KtOXqKyyGq
zb3j0IKtOXqKyyGqb3kM}(EnkKa40k|_|)xkaX6gUH@@*QPsjOlzdyKdroxXu*~jDa
zp*j95PYgVL;;`FErrc2Rl26C*@DTM|B9*?%&Hw=9Eck83>2%yT_uB2Ya419&#QX-W
zZS4|?)NZ#udHl$3w>=96lgT8D#S#dGTAki#tO|u@jvhIjN~IP!$q=Nqtz9G%&*4+4
zRA1lyQLDw{@x)^>f*?2?j#wh8t!t3W6#xLM)$;JKKBv<WjYJkywYRm+=k=cLIlbVZ
z7?&%TD+q${dZ(k2NFtFS2m-?}L&fUGri}mqmuu?hpMIns$;-=QplCQ00s!#%e2qri
zu)dMSVl7b#j?1zzb6mN6@$Q}5R45XQ1p?uy)iOIfOEUR99*@WGJofAO*ci!R7*<@O
z_WONKhr{V`^#A>^+)$y_>1`9^kw}E<YQ@S`005;@HQyNk0Mqdf+r$JFs)~zqb6H;R
zv}I%%$7QFxPYn$YQ2&Z0lEOj(T@{zh#c>&3ISGYQX}8%3f(VB~15cj-08kVaOC(N*
z0{{?-MDE<aRif4?m8#*P!8vA?EtdyaERWkA@cYfZ_X2^yyDdAHs3Z%I6|?yseSWn%
z{f?dQ#bU98-+WDxdVT5Ho^Hw+2!iZ=zm0=or%rZF0{{T<`+Pc`zNV(`!2YkOr=&Q(
zZF|ciQv5#O3t1>yRlQE5(UR+T?doOvdg%0}EjxBaB9TJ}_fw==qa_Gp)M}ykxovw(
zp+Io-$YF|MGMTMy?c-x(q&Y|=W@iBaLo{=sD7v?`t*}sVqU*TF?Iy{wQR@<wWM|D`
z?!8A3>*^Z-0R8<B>B&>4FEw>`P$5AOKYaf!03atPhs|aei9`m&>Y^f%%{CE>#ppg;
zT*|K9dwR}vPkTJ%u03Ju#AUKgZ*G=K@yCz)=`CyP>Hz?K56pB`TCHwkVmy&Z&=yIv
zV&$qEH?Gs4U1MA;5C|__JWnU3xGWe5kVBIwD>oDt3Zl{I*r=5vIULRsm1L(mLNhb;
zu&78B4u$UAx=Ar?Hd~=k3WP#xDg{E}hwUFB$n#rqCX*pOVYQ6VyHcr&7tt{_H7O7X
zTR&(&`J2gVdA|E6oz9M5fBAIZXH>?1e$t7=)6*V$hGQ@o#U<+N*RIf;Rlim<Uq)r6
zF_}zGjE_?cE|cZu<@NU7r8hHFtOfx5dHrfSou<fDW##m{%pyv%(;RYzf;uk%09~eI
z!C)|%Ow!W^f*@Ppdgp|xldLCvUhj8@4oD<Y6h-6lnA_#rwR;bSVf0N50O&c>Ef!0d
zOy-uYZ!;K-IpbcwbiwU%$>oYbAVBANd_I%ORBN>KWNtd%5eNhr3<f1kp;YGP=8lXE
zQ*D+N6sT0i(P(sPa*|$uEGsA&85yQm%KFk30Dw6K$EAzsQ52=uKpL%X{f4GsFt`*Y
z*<lXG=U;qDkCjT5Kj4o>Bk6RS%jJs1k`lFM)cPW|Zff4l<MH$J^DEaF^YeK*03=hX
zSTySQ`9d=@OeV9eth}t;Kz4;7Iq}(eB9X{sG9Z&dQM9hUfzMwyUq>pHipOKq9#1$N
zCM#SijvK40n>TMoQB<wg#N)A<XV22<bY6bGRElqCY@%=CwN=$D7VFl{8x&()TcuPL
z4-X9v($=!3wq7d5&AoT0rd~Lvxp@l!;KI2-=qDhX&7PWcrqgK*!<0%@W7Ed<8yXP=
zS&9;wY<bpRWxGtrGMP+nE-RDC1cL#$%SHXQuBMi}^+CL%FTrHX<yOmx+vSSK<LPvo
z!C+uqu2hOwt}&Km%V`Sn?_YvJKmhpR4FZ}20-6H?ngarw0|J@@0-6H?ngb$x@DF)6
V*yBTsL*@Vg002ovPDHLkV1noz2k8I+

literal 0
HcmV?d00001

diff --git a/images/hack.png b/images/hack.png
new file mode 100755
index 0000000000000000000000000000000000000000..c7c2651b7e5589c9448246ba95de576ab641f33b
GIT binary patch
literal 1610
zcmV-Q2DSN#P)<h;3K|Lk000e1NJLTq006WA0015c0ssI23MixP00009a7bBm000XU
z000XU0RWnu7ytkO2XskIMF-Re2Llx!(sxCO0000TbVXQnLvL+uWo~o;Lvm$dbY)~9
zcWHEJAXI2&AV*0}Q14_VZU6uUz)3_wRCwC$n%Qp?R}{vN?a5dfFNy8om3SfJ><Kgk
zLLej|ED=&GwvdRTsx+mPs#NOVQK_v^DH3f_X@v?!s(^y3hOm@M1)79332nh!7H9Jo
zkHOfEmyG)`)#Ty?$$dbo(fyw0o>}g>XMXpaJN5`7^J&1sS|UmeLR<x`=Ly4sh2g-$
zaA09LurM507!E892Ns3{3&Vl+(u-Ic>g&6A{aO#-Jov_&CX@LEbw4sZboI(*zS*(A
ztF){<Ckof|^H28&`uXOu4?dI^6ukV-VYfZvx2004(P(;c-P@49NRnJtLgz~1>~<T!
zt<~vXJ~EbZj#w-<>2~u?mSw*<b@Fj2w6L&1QIy`WvTf@&m8u8;TrTI(AA{4=Q_)C-
zW!a^dKGc0!uQzzTo(ChtQ&W>nFc^==0f3??li9Ls_ugbOIX3Fzk1wIEsZ?rUpwH!W
z1pNN_`FQ}4$>m4iJ0=u9192*q8XO!Lbvb=L-+U~_vTS~SzDBFv)YM#DY|JvZxj^8`
zkC&F2E<zzCkrWpjS(Xh1{Lx4xkw~yCOHowq>NQ*1wgG_0GaG*Lgg@nJIQ;pE<4?n3
z0FW0H(6qI=Ws6uW&b~^y0f)nGOQ#qAr;SFVQkje-$!Ihhi9{TBTPl_8?0Wsu#UE^s
z9`c82v|6Q7HR^J5w;uo`5{X)^xq9XD$nemj56NUYoj#pTPfof4U~JTtN~QR{6h)mp
zahzj<GcBFopi-$a$N+%z=gzt(Cite=Vj)R!AmDd8?0UT+o80tz!@awAGA?U0nI_$C
zmSvxY!w>)d3jhd$&}g;OQ&RvCiA3(+`E6ARZ8DirbLC()tSn~4VxQN`1cUv3zcUQ8
zucI@|OmfCKY|jq6VMAl<maU(D{1G1!2}Qr$x`B?lw5+^ie^(?D`Rw>7s14k_(TkE%
zx3+#q`%dmob4+CPH8MPuOeO(9BoZ|>w=_0xT8agy;N0Be00?4zLnBRFx%-!8ZY;}=
zx}4}W_w4OZs#K@HJjF-y^76V59~mDT<KW<wh{rQBCkWzD_hF?{b>aJSKChPxj*Ysq
z%p_;l92q_@mC0IK+a@N)6N$v)^fH_Od@zEZwW(<{01V#mM{Uz;Ek(%yfR@%a{$>*d
zkxr+b4m)Za92o$hDk|EzvFUka06^D)gDcc(e%4+%|J|9dznYz$kw_$2=9V$25}K~4
ztU{L&0I;@xok~^YblTCNPHzY?jNj+uBh@vvN~J0qjiRN?&(F^?lbnGg!{_VQttSY=
z<#eFO(6p6zMNVq9#_#u`E-ey?EUQXLu^2s!e_C<Ra<_XT7K`zFH#fIZ6vb`(yxxI<
zzUO5;J3FILD7)W2QbI4TUT3DK&whI*9*<|48_FdBG;G)i02w2#tE*2YlN00Pd_-?B
zNTpJ{;~9o(SFZtpUvJ-9SXkhLRn;|FW|A`tQq(O40zqx<8US!2B`YW_EGk-2LR(S8
zJb&&i!!RO|h@bjKlZhnB_V%5ZF8;um?3**E)oRWBe9Y_dY}?-M^?J~*%gV~<<^lu#
z|1xp=*3F9YN~uh?G~*lBuX#P5;$kDiFlby}P>`3Gmt}4a1dc+5!fdugqtV%!8Fc+o
zs8Bc@c67Fsl~-iE%>lsm-X4M=&@~WkEp2IS3xz`2WRe@sk>T@Zi$yAxh8Ttk22tAp
zfLCAJ^-A4ZilT%<p-e6>EL7~?vyWd$a@FBV`R>v88#Xj*v|5rRnPAZAum^)dli8Bt
z;To-0Dw9>$)Gj{S6N%p5o@FzxtgP1RbRN&_<4{N-5Kt6lG?}(;-|<%WJ3^r_o7@5c
ze+U7qy1IsQO>`w*RaLXpOUlbCGT!E_rDZai-0$;onb5R#Uq@$W*8zecvaHhoSpxhG
zDb}*W-;iSc$6rXXurM507!E892Ns3{3&Vkh;lRRhVCAI#0n$SOi<fN1!2kdN07*qo
IM6N<$f_P*5@Bjb+

literal 0
HcmV?d00001

diff --git a/images/help.png b/images/help.png
new file mode 100644
index 0000000000000000000000000000000000000000..e8c02cf38667501330509dce3c58a3f8ccd4690f
GIT binary patch
literal 2299
zcmV<X2n6?uP)<h;3K|Lk000e1NJLTq006WA0015c1^@s6g-SHK00006VoOIv0RI60
z0RN!9r;`8x010qNS#tmY3ljhU3ljkVnw%H_000McNliru)CV6E6b2@Y00{s903CEi
zSad^gZEa<4bO1wgWnpw>WFU8GbZ8({Xk{QrNlj4iWF>9@00>`6L_t(|+U=YDSJT%W
z$6t9MAt6X3fsh~s2qgGGq+qK~*ZEw#+O<}u9^0MO=dSCvp0j^s4{gu3v+b;{igpiH
zyVIl9*4lNgi1rBe0Z2d|g@BM~NCE_s{b0%V&4m`7cAdSi-}3o>zxRGV-}}Cw&%HN^
zDm;=%Ad%cBsO2k=NI^>^QqU5K6tqMl1uc<+mPn+aB@!uUi9`xoB9VfYd;`&botz1U
zLNr~ujNji!db)u%YuDX(FZ|fCcQ}8pUSWIjCohqemGzbMf41%nCr%t!*q(j%hd7Fg
z?n?U&4Hx+P+eZ|(O*NY-FQ5C(5cH&oFJHbycXwCP?(r<VFEfa@rCIUWmS_9Q#0=2f
z+@$zyGMOlJIPO~eO;;`}1*X;Fbe4X-GIUROH|NfsrK_uxP$)z^9-sE!9Xt16v)SnC
z?BwF5&*<*#BzPl8EEYqr*OQ%X!R2zZ=%I(XdGjWJ`2BAgA0HRmX>4quv9STQTFs7~
zd$3xqQ}#DLKF+7-&(YfIV_=}4Xf#SZ9>-uXV72D4eEB036cz%|>hp2o!l(4~bQ2DT
zzc7yN+jnt&@H%fFeQWylnp#apMg|21g~a1=t`7_lj)WN-8zUZ%V>BA^cq&=7dJO=*
zy}jJLc~d!|heN#b@-GR6LI7mV%EDP%#&=e%M6cK1k>B?G{3)+RqfxrLIu*8fJkIZa
z^D4m`K_(_9FdB{I=g(o~sx??F7JwOzrB0_~Y;26HSKAcrmy|eZZ@<c$hibp{Jr)<2
zuzJlpj7H<V6ZCs0PjKeU#|oP@*Gjg<LTjs!(b3VQeb%g5WMyTsf8Xo0w_i=#jYcCS
zB~FG02kGhQrl+Ty#)b=2coyPvx#{R=Cmaqd`j|IwJ^&6!(X?U)s6DWc&dv^nt*EFN
zy<X4tfdRbU7VP=?ymk1mG&NmO+?Qv~V|I475JyHv2KM}XA?`^E3mtTIbrO%q357yj
zzI-W}jjYx@dV0D62#3Rb^2tAOI!kdB715HC9VaK`oH+&Pb$a~$eue@=4As{W3<lU#
zv-ytvo{pB5W)dksu8c$?WSTP3>2yRQ5yIgxEiKK&VlkfDxQWAm`^${Ra_8>7c)cx5
zOiU=+cbCr<vNnLhV8G!hVrX!X{(*i%p%9IY4MZXlwrt&YZ#ISXXX}JPb-CQ^+Vec?
zAA6iwET+8XF6Zcx!-^N6R;zh#`z|&-@g&BKjHG>VXpl0Oo2NEz5;Bg>W@qEmHEevk
zhN|jCUl_p9(4bJ_7B5*!&G)zP{0lF#c*#;uz5kvd3b(tQoxAt4?$O7DI7&;)h{xl!
zw)%wrHa=a$+I8y%VWg#{v2)j6Dk?m}Goxd-M3*XPtyar(+jp_4W;3%=mK|+vt#{=2
z7ctd@TD*8E+js63s-#AvxvjAb1Ohat_^MW`aXL%!dRv6Jx9`}^rkc%|GBXv|{<FWk
zo}ugO>jc~K<&WH25;R;8gy?paQ(L=FC~2?0@+$yTDi!JJ>Ez_(;#pWpZf-7}9UVlY
zQDM@|lr3AI;q4=b=^yA%X1qfO4`8?Fvwr<|vDxihyx1r_w`|$B0XToIUWlW#%tc3g
zJ7Z&G3cJ%;%Dj2=`NxN+h4!keAHrg>a581X1z@-569@#7K2B0m;UPOan@A)=TU)D;
z!S2NG>4?Q*LLZr#nXFj3YRXt0jv`K-dT+*KIeYeOd_J#G$@=|%VSGIcD>0kR3=a<r
z0!~j)zjuO8UGD+p<mM6zh4}d6j|4{w9S$tn7RA6>vMuc1`y<rqe;0#9B9RO-^(9O$
z8D>K7wQFQsEbQ2|hd;l0P?1ruUF+eEH~z%WUi!JBEKibawbI|;FH|6nMng%7lMhb4
zFFdnk$+xEUxvF{*u~>|bj&?!JCX<P?b!UWUJf2DbPM<y{l<N8OD>#3?{<i&|j<&W|
zAqy{B^e|ejcFK61rDc59*f8U<Y-?*3Dn@zvT$-A%2yIs^xK+hIJbg--lnWMk?wz0u
z3JQf8bg*_mH$LAOq?SUpTFr(hp5)M>1Iab<^}*}B{OezkmuEw()e?<H@%#JOy7d{1
zMk8afF`?h1M-OAQ=8=|`#^W2lheo5B(!Y}@-^K6mqoAOWU?3n|&zhA*T3Q;VrDa0t
zu061iU@(A2qfx|CSm;2f)8X?e%cR+Crl`1>NF+jU?=>M4nayUr-WEYLlgCxfQ<VD?
zCyt}lYK1*OS(%F!D_3#jM)0=%p6PN!rBdNpSo!&;Qz_^N9(aJ9oSfSl%hct@<P!9w
zk3O6-ZjDAGY*1Y;H!D`Ix_5%!@WhiGKlTn?U7d`Mj$$+#$;`~8xVVH5K2T<`%F3!+
z>tDN_7k>OxK5J~i=kwCv?<X7%<MVmZ>2%CC&!)Qiq2%Ue_3E`4(hYc9ni&cVF+M&{
zG#Vuo3bA(WqtlA{Ru)@;N~NN&ua{^vib|!zU@%~@<lu6-d9bQFImrx0Bh5`$7#SJC
zWHMnkn_0196|cSaM?p*j0|Nw7CdmBx70FDOx_(};pkmt0?Jl1?<>`XU<wmVm)6vnM
z^xJOFXJO@o$w_d#eosdtkr39gMMcG!OeO+>07HQxAv@pBSmxPmw4@wI+U@z=2nHD*
z9u_8eB9Rc{u6(cxx4ZnmKDJYR*?$TT*6t^fNTAp2NhA^k0|EN{eTsXQE?t&9nvzJ8
z74*cr)YW~Wux;D+1By#Z{&(llbLJG_^Lg?6`xqG+VPawejYdO8Mg}&UovNxulsKJo
z^dwV!iE~BRXWgxDB=0ywOC<kK$R8(3q@X1dDQJmA3R)tOf|f`@OC(az63N$&e*yg~
V3ePrs5U2nE002ovPDHLkV1n;QW>WwF

literal 0
HcmV?d00001

diff --git a/images/learn.png b/images/learn.png
new file mode 100755
index 0000000000000000000000000000000000000000..d2f411983b3ca96bc6dcacf986d121ae551ae3ae
GIT binary patch
literal 1594
zcmV-A2F3Y_P)<h;3K|Lk000e1NJLTq006WA0015c0ssI23MixP00009a7bBm000XU
z000XU0RWnu7ytkO2XskIMF-Re2Llx`4xva#0000TbVXQnLvL+uWo~o;Lvm$dbY)~9
zcWHEJAXI2&AV*0}Q14_VZU6uUut`KgRCwC$TG?+CM;ITk*SCY?gTz_Kc6`OTxx!T_
zA&9CErKN=crSu`BDH3Xnkor$ls#=u-m8xC{QAjBW$|Y!_98!UDq$B}y_;&30_PUt$
zolPH%HiI1^m%dnZeoy|snVs)9Gr#%1S!-ETY6>7A%mfTA0Rj>S0ul!T5(fej2LciY
z0ul!T5(fej2LciY!v7ZdjNZY4duLAn!k8PoHk%t7(PGVl3+K<>y>pu}Km2I-9Es$`
z%p4=b52xjW<9dS;ZU5{T8yjVQD{E?A0A<XaIWn1y!(nGko!-FVaK^{o5AF|*kGubl
z#j@EfkH?cM6sCG}d;1bDmkR)}*{t{e>i2p*35ud=x_H>`p590}eEQVM;wC<y|MolY
zKC2bOFri4K)9Kf~@~S`}DDIHU<@)>Y*lpHeFqldvX_^)Y1l3CAij}L>YR!M-mXEGh
zYiODdheHX9%49M$O$&v>wt4eA*Q^Bq`2D{4qesjmkK^(E`}RDJ#{mFyBod?1w5p?%
z$K#dAgdkMqD-Nq=Y;tmvG1VH);U5n=9ge&y6bf~ELo^!kdOTi_XK>(N_x9eiXHJcd
z3^R{ZE0r>t+-|d`)9JiNBoYyX>gJ8>1+m0pF`=qWr&BSKv{=RpS~XhjxZ6$B^y7GZ
zXmCIxk*w<IEGFD{<dECtV$3?7j?3kR!y&6>j387ePaJ<fZgBMBhY#{ev|6e3dOQFC
zilS~@|3hyuYPEG^qay`kRn@9V9xoUOkkRPvTYr)yxv^_=iA>5mbBsU}z%XoN_~C@t
z%b4BUdj&$_@nb)Q0000)BaxFQj@fNC=8<}HL)WG)6h-ab^Eu-*7)>-yJM1<%kh!68
z{hJ$b90veQPEMXXdm3)tuyK=ACj0K2uNe;;pZSIqjYQxgxMb;aqtTS#zblt7!TT`_
zH@nRWkNMVyE}2{oN9S-jJ-s`e4o6-bPqJ(}4FDL0#DU{@cTcZOCO`VqkzgQ@cRK90
z5}B0sog<ga*{l}$^!R-~#-wTbtNmYo_UR`sr<2d;t2LU}*1Zw%`{5B*tb7>&(0}(f
zoHk9Sdbiuf91#G3T%ll;0RV8jU71V<S|(#dV-sA+0RS3}cE&ku*}83RRTabkXy4%j
zKYZ)+O^8II`$L1JaC5nw1<@OunhT;YYF{juE3DS1(pwFoijia}7-T#xt!*-yJdsGi
zCqW<(l*pv4?;H-hEt}0wA8vCaMN!P;<qF07J9c8&6G=@?O(m1b3+K<lBUDvYheAO(
zOS9Q*o!)Tm>SefFM@J_PWdiHdHD%fI6#xKOrhGoXwpLv{0iSO|E?4xtx8vB)eKzZp
z(?8+$9y)kn*Y1yDInKiE>XqN&ZcCTFR1h5iuyA2}Hk)-hos5T2sl;OOty?$YZf*1C
z0|2gFy$qM;=9X6YU1k<0Wi1Z4rT_rU<_1EgI@))bq9_1BBplwi_Y0-62FLMKDjD$m
zw`|>JFq+_m*>~g+Ns??fn-Q5ttL1XJ@RdSbQBm-247XNFrCM!WB9ZV-OfXKp!N_8<
ziYIXC;;#X}U#-@VBnkWHNF*E%=Q+4lN~Lvmx`OB$t+rAswOGb-xg1;;0RROTj*Gut
zz;PVD0~t;A9jn*GVzE+~l&?5wnzlf>lu)U}6&2!&ik%<q8X6q1SuKHJAVE<!tA)$u
zN@cP|?TZOQweI!xLZNVUWH^;diNxZ{N@>UHH3tuT53f!%8X==m#?#u`2Jdt@9Ew3(
z+tSjS&tX$j)1NRJpHYvSnp#*amf!D7CX*}{OCS&^=FT<Mn-?rtgke}I+)9bw+}v86
zOB&3L$z*ce?Vhd+^=1si+%9LH2|=jl&0mn$P$^8x?NyeAz9B{UcYlH*ARuudAaNid
saUdXZARuudAaNidaUdXZAiO~M2XZ0?gU%=~t^fc407*qoM6N<$f?9>yVgLXD

literal 0
HcmV?d00001

diff --git a/images/linkpad.gif b/images/linkpad.gif
new file mode 100755
index 0000000000000000000000000000000000000000..613b4f55ef395acafa20e931a3b5db6d705a0249
GIT binary patch
literal 270
zcmV+p0rCDvNk%w1VekNM0Du4h|NsC0|NkNW6+?1mVRU6=Aa`kWXdqN*WgtgMO;7+K
z`2+z90096j00000@BnTA00PX6kEzS;52Kv4+KaQ^y!#J^;z*X}iKgnxw(bkZ@=VwE
zjpzE#_x=wI3Wvm^@rX<+m&~T~35`mp)T;H0&1$#YuJ;QLi^t@$`HW7h*X*|Y4Ufy`
z^t%0y&+GU6zW)yxC^$%1Xn2U2sJO`3==ca3DLF}5X?cm6skzD7>G=s7DmqG9YI=&A
zs=CVB>iP;BD?3YDYkP~EtGmnF>-!5FEIdqHY<!HIth~(J?EDNJEj>+LZGDZMt-a0N
U?fnfNE<R3PZhnrQUQ_@8JG=XdVgLXD

literal 0
HcmV?d00001

diff --git a/images/logo.gif b/images/logo.gif
new file mode 100644
index 0000000000000000000000000000000000000000..021931be3ff22c8f5b1080fee99e4550c373a2b4
GIT binary patch
literal 4476
zcmWlcc|6nq1IOQ=ZH(RSIX5{I8Y(wK<w%ZnplfasAr%#d5@EK;QK>1EqU89NbPPEo
z6KbV0bl}@DLTK&t`~IH)KOc|hKd(PtuI^i{tb-;&Ecglo00Dpi5DFlqASpCbRt8`(
z0FMI%JVJp8ND7d$G9arWG}M5m2Bb{^I@$=mHDHY%&@(_7t_6Sq8yQ1VihoQ^fxh$~
zGjqg-4M0I{X&q?^tev&8g6wR821VrP0O{z=Iy(XdlP_CcfRW)BE!xCpSA^-h30HTZ
zx8Z~PHej*-{W?p5w-3U12QarC_45N89fo%80**HP|1x*)0ai}^E)M+x0f@bO!4{_;
z`z^iu_k)86fZLW%x_eg;19I_f4+%zY_k0o_3M6FU=J(j!=TT%hfYm`%B=Gfn0BeHi
zLjb0L$ivW%-HkCvK%js9u6+%031Hv8x;+Q)!p0yW5x}P40OL;LF~so`;9%&jpvdZz
zrvPjP!XqnAr+|pVS5woV*x1V%=>T>?#3qzxodrjZ7bhlOggp>PPjFyQkdqB1C$o;7
zX0viZ>dD;Xlw8;kq^4zGU;{W1q-JKpdjY%;aEcHaXVQy`0n7k!@P8Jw^b*L)OUcVm
zf)9bq<$%LJo?m$U8W+Gv5Ea(}oQQ&tfyzp7vE)cuX>?UJsJ;n`uf)Koz^z-zvhv6~
zw*j0E%DG{8>p;czAov`psyxuxfM{+6a6Yp7_Fk9;;0vJTA8@D6|8Wa|OTd#>(9q!B
z`V=WC2Tynaz6KsPdp>yN%Ig5|4G69R?VX_Yi3@xSban$t9cXKF?CwRu^`P$sfSW*9
zm+i|z@S=AUe+a-W$nJhi_z@U-1^Nfg;AdcT6!2fIl{^Om0f4)~@TkeyJ0R%=Zv=X9
zKlu0o!2QzWA5rh$tHFFQDFlB<z^6$7zXn2~Hv9&B`2-|mVCD<>`dRhMECT+3nwnOh
z`3B$#@O@TR@&$Ys0eBkx`&0h!zd$q(B;UaN0)T%Y#dA_izXALUEdG{-7r^og`1>2I
ztO9ri{1Jn{e}O~-U>Jg7SX-jxk`NY@7#2!BaVRm8x-&A2>gvAT2WYRLAPj(kG5C-F
zj|Is5=g4Zf)pOf2WfY9|_0(5%oFnOYTyeX9y)&0=5%oTaea(nPbvdu$-cae3CYiQ3
z>usodQDVF@cl0??zW=h-(b=8T1>>rSsh1xF?oGFbIAZY@1c{4#=Hz<AqZ~7Ia2*l=
z-G?eMhNJfwHS=Rj%tHW?zFZ^w;-5ONG?6Z<^zyL`$NjOtW=(p39>6vxLQU;A!|qLV
zsGK@q_QGl%Ac;M-uX?rwz1qxF9n|C2e(3Atx?mSd`k3JZo@t_1-A9X|seFx42TdN+
zI_|*!e`B$45Hat-<K?l&Rx3fJekvTx8w`k@;^!<aT-UH-HpO3$epA-ubL_LCSTga>
zORM^s59%qB7<c}_#JtFTKKdW}lSM^|Zuj`$&^6ofr3z&LP^iY25n?@mj^~<wWopQl
z+G^n$`9<B%%swcNXZhaFb>f_iUh@D+cb4OZU2^BRt*N0;UAGmJ(35%SmBs>3tNF(C
zlfYl0VADHB2Y%DgEpzF7H+jWw1y6HTyiIk=Z+fWZd(oMT{`zIQ#oMFWymgoGX8SJg
zIZ*St%wU3XO=p#s^X0O^hbd+X-*Za)%8}K=+!WI0Eb7&`RUOw-u`u3%>)waTNXZdR
z>0eJ~g;2m4<EUZf2BXdhhiY-op$if*W1J`<ug;XYZ{*!_EVz2U@~Q+145_&jxayac
zLj3ggP@=f#&7E!HYz9TC>W5k&%X;Zdt*4yHzuy}95+k3ck-o~qEU8_&wa(%*g;!6O
zFDq=f8QD?!y+x34xyW%~bNg2O#z-FTF^=xjA)h9=PGDgJu-;}DYKOL{*yJ%pZRl$>
zQ9D*)O^)srQHN)&L@?jonKo^Pd@MRo|JhCT_Q}*J|CX!c@dM@8L)rEm+aSGB4B;C!
zj|EepiDiqI#%Va;Oe8L@*41E26dkZbZ0ypfiNvOhhIRbgMD5Xb#<F%lOAnD)bwVC5
zAb;Qs8K_%LdLP%Uc#a{f?DTPxj@=X2_CE2A=I;*)557N_M9HjLbO;E$BVIp1dYG{s
z8{LAOPO@aZm?|rLKONkXDh-7~g)XY6hdy}a_sm@>vr8r^!squ)%vAmZjD(+H=)uyZ
z3BMH*3^N?r@82q{v+4QXI#zSX)b8WaQ<DYC2Uh$BA#$wNCchBJ<?kep(x*ZD#qDYj
znVti*m$tGMs64s0?)^_^<8FALAcw>b4B{ARH|bc5COa2o^>*H%ep=s779l26{rz<K
zQw6e!c}s^X>KnQ^7<oH+Jf6Sw+Ct@E&y=;qzcW)`P})_>qzI<7ZEM+&TJZI!b*#9M
zHQREe(?mJuosy%3Zu^-;m7jlD?Ahg;ttfI)ktqH`8#(jae+}TVJ@g#;zwwBPfq@u%
zQMaLCb@dk$IzqvX#e7-_WPRxV;~b>pM~h1q8}8-GyWK!3^4o?Lohi}U*^cKcGRAvN
zQj!(gP3G@!PO}P1ipN5Z*>g5HL4>Ttt&7^lJ!_9^SM25any+?Y>@NMha7EN@!-&su
zqPJ7-gUX+Ti2}3J`n$;OPP8A|g;=R<;8-e^w;V6EC}Y5a-OfvERi^Lkmv?QgC7|YY
zx+Cm{PQ;uF9{a+U4?G=A%H+FRzKnR<ayFfkPb+o=3z}q+j#^Kvd~p*ElUh4vF9FhW
z`L{gjy7JpB1!o-V*}SOZE{465=uT;!Ag{otOv=$qJ8x`KC4PJRit=!w+fwUH<|(0z
z$_?^!tw{*q{<jNE(6-JCCNjn^u0Q54LR+)<=xtmMk&`t(_`E6n$=;fC;IQzVgR>iZ
z-HbDKkB0}5T|*b%C#ZYQW9<8!1|GNMOYQi!S3#>tIgpm4wF%398#jkqZ`SURMh=-L
zx3#r+(zU))XYe8+(I}1tI>0&Phd6iPhkWEKpPY-k5rni6Ikw6)ur&@dJ}e56mDAv(
zy@Hz3i)JVidX~b^<Iq%on+I|Zts#nfWP8OVdBsPmAp2~t(Z&pl;iMc%K3UIAl$ju>
z(UmSe{}ePkQ??~YhHVz+m?eZ8F4?<WWjuO@9}l%r3K%txbThj!qc%#(!y@IEZ3SMZ
zzgJn2yS_%*Tr$-yO!CG-4kw3<K7W6GHdbltYmJ^<un}m^#1%S>42=R^poUgE@AxVG
z;!hftQeLj?*zmiY_{h{!EVJeFGL(C9*+u?M^VH8D0aZP#Ix=gY?A7-;WSnjXsffvF
zG3r6t^ea!+X18$fUs=*=I7DW0T=1+pGvl>yf0fW^XXa&fs@XD9F8m$3bOd=;-C$6;
z@KPrk{#3w!_eN(v?2hJ(5=eE~MQL;RS;NA&_#+#vv@Hc4HkZ_^a4}nPE9~8-f1PY5
zCkEteXU8NK{{H(~$}0Sa=Ur*fGNDvmWJ8NaMhbz+ii{jMvJ@a?FZx!nUeJwL;Y)2>
z;p8r@Ngzt=U)#IoTkFPsn;PcnPQDjaJAKL9`ggyQatt5(yjWT#^_wpp{WrcpN}8x7
zd6?i$#eE!a6AiXS-qSbD7o4IMbU!@GwKc|E`6F4AY%?jRPI_mVW_;1LTa<S?j5oIJ
zpL}AK=he_$t4RzQQE~5&$T1dRQ%8a_PYSy^q-|f;m@gqznTu=xa?ValA3=#}(izJY
z=Um3h_`bWmY45b7Jp>WbW(h*e?Ct7#$Fqa?+#e)VmfGnU2OLW_9E~IxdxSc;7`|)T
z8YDRaSmAC37%^QvxRB>>QP@WL$~!mD1HA2jSSbeKb;?q|(SjYg`q>uEBAq|qekQj2
z9$1ktI6XbmlZ8Yql`(DGFWK2phi^f(%)&Qwgd$SAbXeEjpMkhsm)_?PRiwcZr56Mp
zX3KT|I`3eW{sDE6F8_)xZ4fFvW1Y}icQt#W=^tO~6N%GB;#+km*HjdAdu^kLcd?-N
z@n3s(&)IGhPFXK#7ly|*+TbI*!Zeq04+7OcDluI?1~{P<i!wFGo5wzs=A82$45p*%
zc`AmS+<lRgzsBX99GEtwi2h8eI!XD=k77t^q=QmPY8^A@L8l|9`Yb-lEow<Pms3E1
zJ*MZu>*WgX#Szfb+lp4#`R^%APbfZ(>{Rlo(;#t?Eyj9Tl<nhlB$*D%=4StxOxzrA
zN5W>Q^mye<!v|18#d)S3(o9BDACAd7HvC5F+!QgA%2c6A@kTAxmo(dG2RK_aXVVj`
zE!DQ{(JZAVWrtz+Z-f;1R{4IK7%G|*VyNXzT;v{7p0-U=M7?6l%jh4EQ9zg~uPLXh
zq(k<zLtwiIFBamf7c}N~5}Jw`v7HE>kT^p+YCt`8d_xc^+g~J#9<6{-Tg_HTJ{cCc
zgpF#_i<&4QVSig-ma<bGgK$!riWN%zL3q`flcGq(MY^-($*8kVy^NSi6bOmh`dPdV
zhwQku&-e=6BD5_P!q(fPg}{W0t|5gBeRB3}B6;#<7I?%~rgRY5(tw9Z<e!xQYzUn=
z$aOYgA|59p^hCKI;!+5@7=lk;S5jUlSw>Mgpo5wBavD%VF^W^z{l{$Elp-uddELuk
zo~lqILS8zihGsyHTv>C7@HUj`Ax~6rL!0u#mDtXaRP10kE>MUotIjp7&(-514C11d
zjw9pg*somU6$bt_8^fw+vq-Y9>(?9JcV}<fgN{drh_I_n`Oo#7$$HZ{E;fp`JLQc0
zDw~s{n_s)j#BeT-u+>C&CTSQU2^p<G$7CEH3f8flmu=$biy8P*9=nKvpQb9zi?Erb
zol2Wxy=j<l)5LF7!e>7IUuWX;xFT=b1^*oRGnFK_8T1VXW|)Z&p1}*L#R4X_x*lz{
zOD`#l<mscA%EdgR;fL9{YAz;~SG;ZleTrX_x>AxdgHGie@pqPH1(asApsP2NPA8YL
zW=aayC@3;0Q$l>fylkqlG)uKKvsX8tiwRaGn(Gxm6Ui#{7UP5Tl4zJGO#HBq?rmns
z)QAi-;Bv+c+NzTjmQi&0?d9#x9D=XDC+*7Qh;G)XZco`2(FW3!w^u?D-h<j+FKbGi
zq!?`^f69g}{Sxc)k%02SUcJzaBKI89Ve2bLYD$uduguC`ExAsbu--FkCHK|(>SOJ~
zzBzQa%QZrq-ejd5&wZWl1aXxH*)`xF4qXM0D5|e_Df5WexYuN7*KJUA@`4KGJhaW{
zAiL{<G07E}N#YnU?q(3woXyqp(2{V``!7mIAS(<oni4ibUG3od+f*@^5P3_3APUtF
zyuoiHUSd$}mC^RIH#*}3mxeG#6W6!CQ<E?W)~o6`9<lp%<(~<n(`~ISG!4(Fs_r#L
zvu4=%>8ejdDx4F(#9fu4CygK6)Usd%M?I=ezJLD3Br#=KlOrU$Trf@WP<<#QKBdcM
zc*sgPB-w~}aRc@EaT;NVq1H{o&2vt~8agQQsQDhI9N=VsTB@eV374}cb3h020}ymO
zYYNk4R)w0R4JtT3Zh^G7+Cx>qCN?0QP(rMjT@tT$$1h%1%(w;xv&6$yk8PA@geC)1
zQh&ha*1%f7AdDEG$gdE7f{K^t$qRAiPy_TM&a2>L-8m<$n2uPQ0DL-8+r3t3qa<cy
zW`n>TE|E>T_HPvVIh%+I)LeeMb|CPc-&_F8N3%Wt@a*h8zjXX`ed^8oh-Dt$DXgA5
zapw?Sox~;l6!}YG@9&5wyk_{K+4#87I<;IfKM<7{59*lP7i=0hvtHOdPOR7HJ>zXk
zcX`C#`^a(K1`Au&-P)(W(z0#$sy<^AzwikKdW}wFcg&m7HkX^S<?z4GH+k7AMO!!D
X<=o$WxjC@4dEZ#`0qk7}0=EAH+1T2D

literal 0
HcmV?d00001

diff --git a/images/logo.png b/images/logo.png
new file mode 100644
index 0000000000000000000000000000000000000000..6df4ace6595f58ff1216495a4a125b869d29b125
GIT binary patch
literal 9329
zcmV-%B#zsOP)<h;3K|Lk000e1NJLTq008;`004Ig1^@s6D#Bem00006VoOIv0RI60
z0RN!9r;`8x010qNS#tmY4`BcR4`BhQKc{H`000McNliru)CL?20vByW;kp0-AOJ~3
zK~#9!?VWd+R7KXte|G`{2wXBKIS42sh=7WU;2J>`Fs=y`u3`1_Q*q5Xt**+tx`?`{
zV8j3_ifaH-Q9(q4AV`iPFhEZZ-Ti)lRP~)6^4u9<@T>QE?(_8Ybe~&&s@_|tPMtaj
z931vxNSv>+G?P!7(}sh?ACu&rB%&J58u|2h8gX#=<B|M8i8T_^CZrZjb+fvI!yk*}
zwIn7>Xyr;IA^jD}=SZg=2Zuin(chNP2Opqj%}{YM(n6%ByyLXv;PA&F`I8d*`fF6P
zCIa-yCw5jpgChB~by{+8*tbc3iG<dyK?faVNDk<jV^B1TGzH1$A5K#a4*M?2`$`lR
z6``(OOGuu$X3s{7A@wFlK8>8l931vNk{>9sJQ_t8T(C9C0iA!oHQz@g`CR3+=HRez
zk-VD30twxD=e9`>C?f-{T4iVT!&vFI+8iAA9g<g<_)J10Mr@ztiR<>;?X3O~lFy%=
z1|1ys4Wd6Jp=r~Q@9&)GzK_<gN6JKM!`Jdjby{?AsN5vKN+P~u1*%tX=Oj;DBS+d<
z{W>I{-cFMa4waYWCrRXHW}<H0cAeyaTDP`aZNDJx&+AT`4i1%*<ZUE!C3Nn&Wg~gw
z8aK|)>gQ4*pH5Dz4i1%z<Sir?N$7?f!jT+MpFSuSL;4cQ=Mkq_2Zzc-@~RT!B{X_8
zN=*$<bU;(5+O4+Jh{&gb)3Ad><skY<2~D4l($mXFazKLzTl0M+lF!Xf!wwF6m*7a;
zBoUu82Q_Y7ev)GYXy(sHDnL4nrEaUu!C~(by_bZtvQVc^6+`mG^}qvmR(}G?=Q5{l
z2Zy~w^1~#uCDgNL#gZIQojPdaMx^yfEtn*q6sL6uhdoR310;Tq#n6p6Ry@fQ*V9ki
zS$!yyPamgw2ZudJ@^p!b5_;i<-A8gT=hlmgkme%Q=S`=52ZudF@>Ge}B@@_^k+FM;
z4(N?H?5ut{1@h_OdcnbA_Y-}ngcdF|`QCOn$pM{sq9ytSB%i1LKkD6cL(gFklKeto
zR9+rl$BwXUnR&lvO=#E7yk52pGBe9AyMBFW(W2z<K7Am?y52kw{`NPhQwKPiO-!YY
z7h#j@5eJ8gCwUKvOvxNN*|e$T%FZ@3Zc!0x-aOo_J$kgAwRd(Ir`)~&-}LXYa5(G<
zl2<3j^DLk)b0HO|o&13YKyUc<S6Hzk+&zvv4#)*=+0F;DfS-Vk0370o?%+_->qCz`
zd$?rVUhgvu(Z`MrC%;`g*nfXuBJi5iw<Eg4-kH(O{`DyP=VoALsSlh(SD@CHUxt%^
z%rTIb27D8|^&eo_79U#*EU~XMU9UJeR6Nl=`J^VUEzJ6KiDhfoqH5K`t<Oh|vg_|Y
zNIu2#spGWn;83~N??+1L{rAIfpRHJdv<~S2B%dFhR=0+W{dL&eI1a+E&ksBh4mbeg
zXv+oQOQ%vtbcf1^fdG>yhx_ue$3ki<FeP|vvQw!ex<lnM+v@?HX3QuFo+-0AaGZT%
z9C3NTG^bfdbcf1?lY#1AePt3*lohF|W=3ZNFdu;VUWBzyt&Zppl?$f=y!T$XFSlp`
zty+~@pF6YN5#6DZneC}SpGX9zg*3LeFx$a7;vCT(DjkjhnoODmg@xe+^zQA}=Z@$O
zl^wky{I*(pIvjm8CWd`B01Mpu+`*ypneIOn6`?k5!Uf5+YGtG0K1K48e4cb#bu+p{
z<sx|lpyTY>uy}Df&33nczDr0eXNNTessTN>_*XCB2OvM`y?o$X0MBFHZX85)f%ZVl
z3KqQrSh$V%^F5F3U2I!D*lvFDKb5n6-L1~IY;UIL5!;2fWdOeYvl-BCJ0I-;tg%LO
zF7U1Av7wA@Jq4&1_7Drez=3vd|Hh8uJNZ>N(24CIL5%>@fdbDXYY#lkJj?;yE<n8s
z7C#rZxlAeaJR;>Hx<r~CjECCwRWqy9?PaOCYP+Ju&%i8<mvk(!+4G2pRA>fpg>6%N
zJ3uq`;KOpG#OkEKPxd^1OKRVrAV^=dr`rawKw>g5+LAJEJ>Cb~zU&4ZYX@cX5b}#{
zfBpv;;dw-N;XCCDd#zp_dh`I|z>T)o+c0kzzrIOg8StJRdviUn!pPka6Y19*=md1!
z!+jl*NSx@;0ZvIg)Vy72d^_N;K>y@fG7^DVvtZ5~SZC+w>C?^oTcUGklj^5K2WZ;V
z204_*OyDNZV`3SUIuJM)=m*pQC@QMLv>$rJmMm!<U$(qu9H6MM3SWKQE4Hh0+q7An
z(yG<c9qOfCy-ct3p|gUSIX$hIBaWDw$~@p$z9YsIFTzmU&VK+meg8ca6>Tl+yYC<`
zZ|nCLFAf(imXc!9C^c_x;=p_KfT~r4e^0X}?&+2u0oJdFUw$#KCryHQ9Olo5)vLFC
zpRQd^UmkZH9C1YO_B>#a=doZXeYY_)lRB+iLsp2nwQE=SG3n?^Zm#(|(cYy?VaXB`
z1Aov#rOo{&O-j;MS$qLJ;CbOpe~Bu<#g^cwCO8$3r||7}J!7+Gb&h3jtS5jC8|rK3
z%r3h;p>^ppGo^n04Lcl*eyxai_~AbWW3f){O<u>2b5r<|d<HNB_`r+s*p7ZceTf$(
zViL;DMX$VqF1yUspiWB*f7&QL-PFCl`DR-TPe}h^(avgQ+44ODC1y&*CG_jU17r8y
ze|N#5U1sH^S1rmSReSup;>s8DC8QSu$Iv|q^G#w=em<&Sf6pXB-14ek9bI@Knl`N@
zol<cz`s_1w=bh-3Q_z0<g)eI8c_#hS*s+29EImfA9rR&miTGP@h5t>12BBx3L1&+h
z+P5#;SWHPlO`4z!E<oRZAGA3pabFn;UR~lUiRB5selz9h=uJcaQP8r@(!Dko|NY$6
zMH13qgRywpj()_+5=$gBZyp*l1l6v+dj?|Nx>niWAo*;TAFLC%Y?CkXUP7r;r}l`R
zKH&Ylw2b1tqR`~);|Zr0D~@zhpxjQj&0Qq)-~a9%k|$qjY3TUl(K+X!0}j|d_qhFb
z+m};_$mh82^yA+pbl!QDLno)5hBj<K5^?>&Yx1eK3nXtN@u|swm#U8^oLb!d$Z5HI
zdmN^u$FhF@xnoQPNX?OaGUZcqdq1L?#Hwf%J@pi-Rjd38tx{zdh(0wSNuzDFshh-7
z3C)^yXsrJkALON0iSBiRld7!xjn-#pWz~#pb<qAfiR20rk4WgMtM>k&-V;|w2AVPj
zDT>sWjq*!7p{#{7y|@@PYE*gJ-L$Da(=Mdp{8v8JcR=#~iCO&P38xkxb@aEnm0=u`
zs;mwjf60-Mz759WTRU>bJpnWsHVkeKS!}jtOE~K+vwmyd9BR~noE-DN%uJX$)2#2`
zd(W)t=g)@@&4F~Fxb&8vO%ePOkTz=c#l_cN_iSNKPK`1jfk;b>a`j(^r?)+D(Kfdf
zr%&$|AN}e@#buS-?eOWTHEU*jydJ#umKPyry{;$6<Kbhu_cat2!fUTV&z`^`)L{zO
zgIUH{v;YpDF#~@8z4Eks)hamW9GEf%QcmC`GPno$+crpkGw@(Mo|19r-47N%_V_JD
zu~^xQwAQPa>78@-n6wTZ=5KQ>jvF^1I_b+kv9iiNbI`kn&*Ou)CT^4H*0IoY%^JAl
zj&Mrr&;ce+w8{DaR@$o((8j#g$5y}^F#<mN2x`{`8r#+s(+3P~Bsu|478YitU46~)
zf|p*ov^Y$gE*boC`h)l1nbD-l>g_r<&N**Pei+$<2EJ!>xOKdBOW?4nQ%jtc<wfn<
zCK{|q5A%2Z`ta$e@c#Q1Bfo1`=+(>QKd)NVI1lf-t86kRO|mbJ1xC<MKKFQ$it)B@
ziPo)+W4Cqdt^b#s3&VzO+X1>QeE&VX^Nt}rM{=De^MV&)Q4%)>01vHS-yr?Wv)|48
z`kQ0ROvIFwI1k)+SH?A0|2w^Q?akX9i_vHr&;I+`P~&{S8RLw%!Vo<Vcz1hdNplIk
z`)+tM=%$;j3G^XSOQgEijHrWDAE_bInMjW#t=uB#_Gw5y=i9c_lK53Zx8445L0EI<
zZ?`^L5RZFO4$^RY??Y@`S{gHR&2Rh1tJTOWv+Qa$^0G2B>&BIh)D+2QwS3ZT`)`!c
zt+$rnv`kM&cik1NC4;M|2(@TYe)*SNf|e{n@px(Z{rZKgbr$r$F(198@ik6DM;=+e
z_SUP1o_o&Zhu>cQ_EDqCF88F9?DwB59cd?Vpv0=8qIC7^KRz$aI84hZ&U*E=3yh;|
zJ<{EFEVi^`v7fp3#7TXkVdOV!xgt9r_oP{Y-apxqlc9!$zWp|QC-m-ZJ0J(?R-{Hq
zK8usCHMSv!^!<=l*@E@wBKZunZFxdM&pdl=VM=-|6v_LZ_EBCemLg>#of;^h<hsi!
z_n}8_FAO8UU;puW64Kj&%n?bt{3aep?b?-}<m1QN0k{$AUr7Hne@~iJev;pD2a3gP
ze~m%91u2G>FGn?MR0z?lCwZyYtX^$A_2u#R%${xUu@LEAq)U*FKx&0#b#=-qWtZK!
zv6cHZlF!nlzI;zYL;v<z=n3b>o1Z9<ke1qsX3MeoFLUo9e|bJXjQqb`{hZnPc`%T9
z<&KD+u0oa+6rh6-4&NC=hS<8)LR!Nn#kj-<wjiHs@@XZX%j7dgJ`p_}kX-U9R4)cd
ztlyAXFJ8OertC03JUyc*Yr%qcF~yM13S<|{=R^5itah|jKFf=X({xDZIXPkO@%R%r
z7fMLy2l9`%dTb(5G-povy~05Sk_kxz<T>-+x#xzL?Rn_7+w3g<8`7~>_Fs+chaV0n
zci=$V-X{W`G_g84UNQv_%cGO$>~Gh*NX@n&OIxHuQ`arbcA@84*$a?-a^%xk;vfkv
zSkNvOc88~Fi<Q~y*Vm6LAL*E&z4`JPA)f*IE8Uex@o&F1j@POa2{qoon0UO|`8gqw
z-+sqi2mjzB$#@~#w-4VTty`N;iNykQYQDrJHY%&+em=f@9<z;$%jX7(zes4*s}~i8
zeS!|Y^kwsednNecG5K7W^iVrnLT`;ZC-glQE^Hf99#T6bpMoUW=Sk?^d&@Vd@43h7
z?mKJ!_(-*hX*K%&cT}}%c-fsgS=kY!6O(lGnR&lkw{UX*X{`-iR@!uzxL-1R-(lN)
z(n<Egw6GM(*U9H0`JAY!JSw4o{3HCsPeS@7kljJzNeSI><5Qt$^M5{ly_pam2;^>(
z&yh*v<q-+pc1O4+>i$jEWas8qk84RFf2RDMoMVyC<r-;zaABbdYAMfP?bQo?`e~{4
z(_*Rg9;<xPYy+>iKm3h&+*7NzOLD?0_s1Dsqsl|-8vOV>lAVqcGbD7>G2ymHI(MC!
z6N{xtlLPs0B+36sLS4It*ITPrrY_kQzhQ>n=L*RLjFe|N5cJ8Ff$TLJKz|7>UTi)S
zM)s^(W>&S<#}fI0PUaLAnysuba#K>!S6|sSUlO!=zI<vW>HWuOG`!!UTQ@6zL@A<A
z&Cae7->+6qsF}8gpKZ2ZHzDmG$UQ%)&GjUf=j84e4?Es3y?msZ)SeFH58Zjhk57tf
zGe<YuHKEMj=pl!c&rCe}XcIVM$sU(@Su%<CEzz$_8Wg`qqp1o@^255#F#CxUgCD*?
zeo476i7ONPpk7)$)IFYf^2WlXqJ5IjIY|+PSu0kAUyG)spotT$u5J$GXUeCg#Iq7Q
z>#XqoF<^j|{eyLq`V`9NPYJy|_+U7>?c1BEyQG+iaaJcyCGx-iI((Z?IKj60`#^S{
zd^#ufX)lTR#EBJfj|9>C(p@4x{l~+jVaMX2v);|y!m|7*dA5~!PC~;+Tou}~d}Y+d
z#>sbLU=_FBweUWlM)H}h!%)JMTe}wh@BfxB^wslF&z{D^YY9J7DjgsrktVTp<;te9
zus{5g%U&{1xcdX;UXvuhwZ!J^>>BZd51AY43F@WAv!?%ecvOW*2O{}oC#r);{8>W7
zhK1MD@yA>J%(EU@pQwBWS@~-=Z#IEOVb}dX{9qhzIwH`|!&deL2_1G=IN5hu=ceuo
z<PNrShm_|50_d%`tn5nz*-vjVZa$C2P@g{G@A3HK_8x=ngY{L~O6Y?R`xl2Di%&mu
zotY5M3`p2Fsm-TI6faxWB38X-ZYcRx_sh?UL~6yAiPQwiXXVbq`dUgHoJ97<@_Ajg
ziRuRHl@)sa`S5YkiK}*P^x=nAsXsAOJ`K0r;`{9L6GAKZ?~mPLlzU<D<Zo(a*Oi!6
zUJq*XR?D+(+Y^KCgDs!X#~l}bHlH-f>gMu5{_9DzR=KL0^zCb9e^F|U+eo6eMB$=E
z;rn;a92*sPXy9yWVB0;WJWH9zjm<JrivkNITRtt4bbg{lbne{ndZ|_oty_nbiPQqg
zXO%ryp~oH{S{Qb$eEQjm#S&5{B)_B{oWubVzsKXA&OUccUb!uXH@E!&4EFGoUf%+I
zD{-qtiWgz67vX%wS-ivsjxm8RLx#X3kCZRaVe@7<`)pXS0O&+#y71{vod@Bu*o&~r
zCOa4n9Qx76{i6SR=DMP=0?!)sPC5V|mc)tJ&PxFX{q~y)zzBohy=_v3MZh~I_5--x
z{`(Ywci#=Kj3Gnpi|2#4?(ri04jc_s88;4Mv9impUmp%R#Ga2^ZbFE>2<sCOg1`R`
z^X7$X^OaXZl`6LP%-OG(y@<JsJ>x%IBK7Zo53iR&gP=hJ;8RQ)NLUcut>W-y;tT}v
zf#fxO;>nwe-hSuoXy|q)0=C``-g<XOvw1a%bx97hDUwOWo8%cEqs~YxOrS=yX64_*
zz5Mc0rrwRVEg2FkGc)VP!#?G1yZvFaXZbIri}<fyd#;es_>cM(XH+jJS4{C&UmqKl
zka`3&S7HmPZ+Qcb-hY29ul2K5cB;hO?Cfy++liSmHy3GfAUl$<rX=2yjPo>%>?^Od
z?Y_OV^V80@p#oSE*H1qo6(e;FWOui+>qv~1&<ihwm*2d3QZQ1l;2x(-)RfTYU;HVw
zbvfesE6w`(UZfj&TH;=bjS_n2-7|~JGY-A9c-FGzEn-?9nC;7UX11Rsp)bBb<HnV8
zm@SidO5zL^&_$Q=Xd)n?XU_^J`i#V^Zq{2VYTjyjcG!a^+1WMXTSiO0@#c9&wdzE&
z|M~Rwg@+zCD<`b%c-%8vFvg6WoTSGWBy`3Z;q-CPK`1}pZtv7a^2tq@s1gU4H%R8G
zr>rjS4F>ZwNl}O!Hf}UahcL1yOejT^BKaoZS>nO+Y^!zdY`4^kZM?#tSfD7KB`%U!
zlnC$&yVY2=D*EOd+xABTy{wQ=RqHQWuySS7SVpyQlS8lGlXIid)KcRxKfkITc<9c;
zMhC3T9{$`_Mf*2d6Kb4yKVn+0Wc_HS-7oKq=nqNeoNr>A;e!uQR@Sz|3$wDqC-qCd
zKC_NK>!?@|ocdaB_AYO|{gKe?=q`u<l=J)xLyAVebZODwAHSvWh@-yG&8S|GHFn&9
zV&hzF6v|?_Xz-}~EdoMrNSN&s3pQ>Hf8y`qhpj&DFFl)E`FBX@`s>3F=#?vxvXR;c
zaRmok*{4b9KmQ3QyJ17?ZC{L356Le{yDTxUsK{6oVPqe2h#~T}#$h~eX7aEkuU$K7
zV*4^^d#UZIgvD^)`EP_?N1t~3hj}Aky0mEIOP3bidG`Ya2X^>1C%tM>*7sA7h)U?o
z$;XBA>JR(p{}^A?^+CJO*cs7(*|cfvGv^H&p!3g1k3NdteA8URhN14=%OBQx-E}rp
zb{<j#B)=rhpHAZpZ9?nTHHf!uzc8nwj`7`b*MkL#K{E2COG9mEjQ^;gajx_al-nh7
z07pV&#)S8VuUlvL%{y!rRhA<0lN5f*bk<pRK))Ku{%=zMj}9B#4(RHut?Xfe>|3qe
zMiQDlxqRa#H5HwFG8#IxWE|dePk4tXn2Bo9BHQktgP<qLXMCycuN%2fLO=f4HR{*h
zoLv#)FfF4v>*Y~{ixOk;kw<SWv$L;CwZg2WOIyZNY(sy2Hf}GML!y%pk%+$c-kv%8
z+qiMkR!J_>p8^HHl;jhrp<!$`d-y%0VS^PCSCi(evV#K!_PY3zSIQhyT(9AV>`0_m
zT)&kH*hsT_yjMckToX<&7hGW5_HrQm<D|HPPLj!p5?1e@d}8IF5y<bKbVhvL#*N1F
z97c8!d~<ZLh1AZ<zDh#(-4{-7vu0**yCTP5jT+{Gk(Y-Qx8CX&flhvxZ_<(_jm74&
zx_jZpD~igS2cbj9Uvj?v?x<*D9L8cP>eP95nJ2RYJN#;5MLr4IK4xdLd3OoToEbjs
zaaV&Wo_GS~<Rl$PII?swNU3(!<}ukws1+-k#kwC6E`!I_*Zw;{H?O)`ug^!yM>#qB
z#Ty;4w#*NYbN~Ei-WDmN?oQhK|5ZZ!?;lP-pMP%ka!Mfkyre$*tAwt-Hk|B6jjZev
z(|VbF_DkNfd;a-wvKut8q*)rY`@5uezagP6UBbzJ@Im9Vxc`2W?y5ZFuVzhj#T6!W
zSVG#2bX}=f`L&6q%vKy}!RPwUeDB-uj*5oy9i>+-%DVOTM+&mCYMQY)%g9@>pk1hV
zky~$n#8{_y2JOFaXGBlYRI<#|1<jp{o_*G&94gPjmZnY7nP-}(`J6dPM+(>2XtD-D
z1Ecb}bQ?iC4b+x-8eQ__`*8ee#b=%KcHWLmsFd_r*6}BNk^9WE*A}i^)ifTDd*<}o
z)7IP;`t-9CLwP%gkGRTM1*dP7GOD>`X11_i-(X+9whc!u9X<6$d5)w8DV}Z%+WlCP
z?58BNL<=MPw9~BYlJLt%l6G=7{q|e<HS}-4l~`c2XQN9mHH0mTUQav`4Iggz;e}LW
zPw5?2isX}bWcJGEFf}7nQxZA%(lp}vD~nD(^^@ExRSS0*{yJdL*t}OpU0f82)G`Fm
zu@9JwjjX>vc1x%|`l(ZUL=_KyM}BfF%C=w*9Mt0%2GfBvfx`(B6362vBh02vFk^;!
zZ|z!`J9pdrsGU2PWFM_rGb#IM7AB+nBw!TD+1}R!r+X2;-;RQNlFBCxq$YP0BqPqs
zs-+bxo9mZf4l1?J*|X=jsZ}!ys8=u3oPo~9<UD-{_{HW7xeW>nGsw=aS>`M?HEU*j
z8O4PriLcpvZstWOmbd|UDlg9@JSZ!wQ~}=y?gx7c`av(kU5UU7V4+0y4I2oB8a1F=
z3eXi;O%&+hMObX*FU!uRMVmGz6Kq-W`s?uLbAjVAxqRUWFTym5e!%!>)Qq1nXwZO?
zvJ6K7RZK>rWy@gpZ20P{t-sTwhZ%c)`j|u=8HwcDzXR_BBT1B41}FrE0rz^5l0!+`
z8H<;Z!3fSKja$KlV8O;sb+uqY`}nF=O;ysLMI7C8N@{v~F}@!$V=>d_dwBqpaeowW
zI^^c=r~LeCW!6odI-9)IUt(|!0H1jgPTD!qeR^T?T-RfNpa*6!ceDxysJn|T$Oejm
zshBkLb8TmBEcK~;U^wuk7h&~I6x<zniRyIZNKDe{qk)D{61@%-*qj;wGk`a2ctU3I
ziDHH^8=u3=74k5fM3(j!y$C}9l+9gy#{K0Er??T=L_Tn6BD;yiv3$iFWE#g@X#5Ih
zuH|DdLO(0}C}7Hj33z?`mR)46T84CW1eh!@OM&)YgknWGpU)Uhe#xPeP<RRW3X>&$
zknR8d!7My>fK8a>({pWL(+_rx*kOgqV)UpN;pbg#ihKqDFH(nk^a4)95UmE3O2L?G
zA0YrA10Mk2S#Bi8|9F07eMzi-D12yH3)grNhVPW<iI7*|226hHwrp9hsna&T-O6@t
zGM1J4LCJ^%KLalUZ<nPYo_y*8*8$fDkDPQ&&5#5#G4(^XMilrOco?W}9|0ACzFve0
zwtanpk19y+WG`Y05L(&$S*_NuAo-Vj5k^{~KMh<rWC*<YV%Y_qaR!VV2fPCO4**Yl
z5%bFWT$WZ)n+t%|B$AQUh2XK*g_8O*(~_*kx!a6u+k`3F@U|D(K?ar`kHr?&HoTHV
z)ty>U5|9h5vUl1Vg_fF+02je7oHE-r?7uTUdE5ChoiJsU4z=_8p<6t&b_K;&_0xel
zz*k;mn<b6PqU1XEnLZFx25Nijl89X_jKw6d|J{E7ZrHJjv#Y<&i_j;jT|;3fdzib9
zXS@h+CVPGD>{AiQ2F~;%<k`^FpK^2Q+_b3)OD-#3ei;T22F?aP1E8B1;m0H^@!<+;
z_ZZ+AJBMCw`+ip+d_UUpHyIe^MJgt&RX)v(@y$SM_iit9>}pJfxUs;8UW8ox{nxg5
zJcPvx;36-w<FZ@cF8-)0c7|`V#XP#b!88q!7om{d1e=>J6;pF8VIF>CpPF$mLJ<x-
za>BL+7LFee{ri{w`_-$POs+Kw?KF_faxYTh_3n1m_XkkA&f1o>=T_PUOQ9D*ySY6X
zmP?0Od!xu&kpNLILez~ohrLDgp^~Y*6UHOnySMdXj}AQ7PdTktUbwQ!|369YS%aIf
z6-@^Yv@c3>){k|Xb#SO$L~n1xI>Tkb@jP4E<aeY4kbJUsRNchE&FBt$2Ll0Kebp4M
zEGxQogJ#WupD<fV@QxQD&#BcB-Jy~ZJr)aJ;pL)>?2GZvY<F;|tY&*diR>SL3|~ND
z*)p5ywWMNaEvH#GqdQbC^aW~!t$)_FE3{|<e1VBpfC*lNET>jSbcf1?3m~Z&Vp(ne
zgtxsUU*79Zr4A02%WQ8Xk-KP7_*02fr`lA}&4W}|^_^zjjP6jma57Lmtl8e719b0>
ziTN^S``2EC4Nk3&=nj<&g8<%pFWi^UJQF+*_&m!Bwle?#1M*2kK~#9_J*QF!hstHP
zr%7yHvLt+6wdvDs;)c#aWm;#pJ2+G_q7RTvqR%iSZ`;=7^Vf`$8e&eX&UAOEd>9Df
zW82R^AJWrF_O?5--NB)f&F1M6nd{btPqO&M7p2Vhm^0fQ94a5t`%CE6SHl-*C@i#P
zmW|my%V~ArLYh;-K2G9Qw4(_hvg0Ho4FKMLJKR0`^|M6|eN6JomZ0N<9A$-=gdab7
zo=G_A;NVcvME5yVzY<TR>yAdZeQnqfzP5c(;(B}6&lIaA&&cO7`5fzd#lc~Bko`_R
zmC)$X6<>J6^Gr6GEw2$HEXh|Pbq!4VdGcxGdc?tDcM!cHCuub*C<tHVp)6O&j<z62
zfvs?ANS-Z!r}+dO930AFzNhP1=1J&*2X-&X>()hU*4Wv+q>5*ue2#NH;oz{l$=-tt
zv=MFEgzDAXJtVJH3w`;eCHXT!efXGs{^okX!C}wL>UH!c8znS&@a`e{bI)0lPc2oq
z?0Khs2ZudL_CegKJhXHvN=d0$lHYx|CHY*WCIQLE*_{6l4i0;8R&S_D6i8^mfQlpe
zfB`mOW-ZcD0m&E1FK0bC2M33cWFNxIlBu^|5wm*RwwB~YNCN_r=h;$G4h{}`h3Jhr
zP}7Z>-Lq%;NZzugO#~^VzXT*NlFunl(+&=M*L+XWgG`jr$dTbmUacDX<P%HsR{{^a
z<nw^jvV%kAAp7xJOgt|SwQnDe=%YtllK)i7!~TlXu7g8mBKvR_OX%Kv%TDrJZb9)l
z(gLKG0m=XC$}TxLR5qgb<Wgm#_3KfcI=fEtlTJdpxk#BveFBoNkY6FSyd4}ID%gC_
z(Ce(1(6!g@8p)eCM|pWjQKWNAg}1hK8g+1}tYkljhm?=z&)+%8n>IxY7ut3C4W&Hn
zgPbNE94hy$URR&9Swa_HxP6jmWT3HQEy>4}^043OwCLclFOdBjUX##-3EQuQ{`~Wn
z<WrF91|<Kte3v}b!C~JZdJ{V88;T@!<dIvGeCSY<nMR9{+65&4N<O~Ro`b`_MD{26
zTtcHpl_vQy$JhiCSxBb_Bws6^)=p~<4*TA$ezKOEZL`*`4apldLRneXWWP8dc~m|f
zoyHs-_C=!mr0Ac_k<jqrsBvR7cdjM*Z2`%P<(rbq4h|0cD%p?bFN&CKu;a#Al7Cpr
z!~T%dl7qv(KdV>Kt1JsrH2;9qARzfj`7X!5gTo(#?3Z(!3ay8|V?gpB<WtXS$HC!`
zGpje$8|3JOfaIGT$sHX2m}Gy{l6<3lx;l+GIQ%h*ewa-Kb%oQ0gTo)2?0uaU92^`R
f92^`R_BH$;!`(O0tAiVr00000NkvXXu0mjfR(O7{

literal 0
HcmV?d00001

diff --git a/images/logo_main.gif b/images/logo_main.gif
new file mode 100644
index 0000000000000000000000000000000000000000..617d89fbd6c27448822b7db4a6a9cd65996b33fc
GIT binary patch
literal 5740
zcmWkyX*iU9AN}968ME9o*6hZNgwT)>(b%#?hLo*k5K%mhXxC%xYc--mmO({QjkP>&
zBeFy_vZO*oB}Fwvk<7fk=hOLgu5(@I_d6esi`y2fjls*{B={r+00IC3AQV8LA+!uq
z77Oq=KqLT|h)^H{IYmfW8K|lvHPnEn21L;UG#$ihDxj?ftJfg(4FG_pYmE>n#pQMD
zfF5R<p!~<w3}J2#EG&S6+RwG*pTOXYjWy8F7TazDo9!TZqmMM&7Y7D#b_D8lk)i&i
zi!<cpf^cyI>x{-%n~%DC0CW1tTFYU}^{=)uA-c_gw-4B4IpFIHHrNR_TMPeM-suOd
z9iBPb^#%n3XZtQ&=k7hbfvfWqd$$hOUf}5Qc&l4$NHAhw2-4Hz;TGnj{b4|=2E4uR
zABX_n+wVv<fm9nrL_ypA8lw+^K!5&@pt@bVZb}S+)Cj~Lfuts259`L!V_@&T>JukH
zc-Yn8h-*?S5FSw;9}l7;Oa4tjL`0WG|5KEh2&4{Bbj+pXWDpyhpOyxs?#RpxAoT!o
z$IqWQaW*>(btIm9HV2$Ioh{uCPXC*Jo(rUb;NRr5<iyn6d_;0;Qr<-%4F(zM36}~%
zMs~b30u&X4oHNIZOOd(Uqh&lGJ%r%q9hSzSE?hh$Jp!&=0Y!yTRaKDm6euc<tf>Lg
zL{P#DD=!bebrVR_!PP5!>g#|s2YKy!kn}8QZUonB{iNqXOEb9F0&eqtr3K)@J<w3k
z{O=(oEdh6$wmuL5X&Gp|>)G70rL_%6E0K5axk;~rwhnOrp_BAF=;#8{o1nFIb7wb7
z$_Gz-K*tm7-e*AC2%f(HPrJ+|cM%;u7Cqe-(*Ho;OVInmRQd=E4uZb^wbFJV?Er6H
zgP~W{k+(ql6q5FW*KhRRjUmV1fzc6lsStb^2ht%h`5ugms2|@eO-%yHTQK<rl8&N2
z&w!cFSm`(r|0UmnWD-n&llvwH(kbxcI}p!-l^HNM4}Q)8={M-d0_x8!LNW(_{sPMj
zK>7nL{K8A;!Qv8F`307K1L+c2{sUH4fK&=erBa<G6odm(U<Cf+|3AUNN`O>W!<El#
zO~xu1?&{)~x22P5?!~Tk6;HBN)*l$@lB;;McP%1=z+m}UyK8Q*+0|WtwI^kz#@3Wx
zf6Ws>)>c2ReZ2ajjFEh6{?&IO;<9Vr*e3CoGFmya(!C^0`0kFZd-P84W05k0w^?n7
zud8b8hl(72dS_90R&I{Z)<6kPC?|1kQmC5NjWRi8S+ZW?w43;*v7wrw?sKkx%zK;`
zuea5)&`hmU&20ZIL19DY{!I^XzJ6(f*ZtMo%g}7f@P>`(<!EouQ@WhDs4pM#jtJjb
zY&JF1*LuDbld2Lj<$F!Tu_1P%czO7(?r#yiv3t%SIhXPIYm1ef1iN(g_Fnshp$zkF
z#f7usME7f}vwcR(?%93UJa%*jdSU0fkQ=IYKxY0iOtZ;I^HMc0*}{+;?p+hOx$a6h
zgFaSk8oYtd!vIWOL8XrU3aTwJ9q$x!R%6fC?HMv^ckjIWm+D*pLM@6oaL!~sp>r%J
z>j5XnJk-~cy!mPzyZ=~R$wwexo)SwrjaF^&GIWm^dVTT<aaPuHrYn@B9`x;30sd`@
z1=(&tp+E^T=h5&N5DUrApzBR?q$9|se$Vvk9ncHCjgtNsro_@P#+p2?K=%Nio`~Bx
zR@>xQjx<F)KSa%!-5suVH<4ibS(uy?BP3SI*v2=1tZ|pD#GQWw4LVh(=H8yHnZAX2
z-HkYaiRwG2b9e5*Oq~PN@3ncF_rA7a^nR`yYToEz^yY;RNi)qOl6|l_ZD0#SetK7B
zaNX#&8~?aB@+;kZG}|3WoT*y}zdtbC&~VPwTbTL%5s)zw3s5p2Ns-aDZ9%OB%P6vU
zipB*+pio_3(Wdf#tIp1*OcWq2jhvtDy7#o)`H?;{+3Ri<Bu=p@)jb~h$Sf}^_LicL
zXk1|$6wKC3?k{BPrI3A6$*#217@ZRR<QGlEfUN`O%`9p+Eh?paVQANj*$iD)y0M#H
zJ0-c-Ok9x6Dtm`|-~6^j(fF5^+pB2Hmtnd-Jrc`T?w*R~t@#dJ>K?<kXq~I#Xf2Q2
z>PhF#%QOAY*5&?*iBos>s>fS19Z`*&f0KX64s+PiCsiT{)T6@};zKOV-p=O{f>95W
zi9J=SOpN&~q4Fz3f4xJspNwO9K~8)0WGii<IH}&RO}Jhr=ecU9|Ejkjk5!UT6E46#
z$Z@RJ7;CTK93Vy1zc3DUiaE1hpRCetbs}TZ%g*WwhJ!4+zy4|W%7mjWHs;}=fT#Za
zMxKEOztA^265Fqmt})f7yrrORm1XtVIqT3QkC|j=Qt}qd+6`pm;tFjYZz5m{&v}37
z(*DFtDxBY5Oqdd^T5xp{Hpir{9uQbbOy9_#@-c<&eXF$dxCIpwdhJ)$FY3;&o~ZoU
zqTeH}o&kMs7RAG){ZXv_E1=^hO5WTvPR75kx^wl^hjZ>3yu|fJXSF9=&z@Xt(>mV;
zsdCy~h#v&n0`VpLsaON!E_;~EOQ9N!%ephDx$#{{pfGSdjmajQaMfL{64OQXez`WV
zD@otQ;3@O$;q!xiNrryiPj}Y%aBt;=tzG$eF3_JBhM~0E<XCY{yAEHx;S`|wL4bAL
zHKBOJ>Isdg<L0mjN4@kkNrO<=wW$k&AMfkwc6D>#5#E}==EkdMyq6@M<F43u!cwcw
z?rk;mj!NW+07S_6ncq!6N_{24TQ=H+=gGAvY33i-vy(AYbmvzp%3FCN;Bq)%<Uk4P
z%#_#Ra(Eq?1FZaAEc{X4nJ4EfDa6QI8RzjHne$gL(=NJa5gg0*P(}SSpSS*LJ)^68
zKv!0nvXP+EU;0nGwkVJYti|}F1p`&CVOVbo>*5<OL$h1O(Wfel`)`~h)_<k|YMzj-
zIe9^UIOB=Q&mofUh_3;rI?Zmbbtry-ru|(d-S>gJpW_C21B~skLIu2fC~4E)V|CDn
zN~S*iJ$R${q{Gf!1i-gH-l=ID<*|aQ?%%{v?e#}~#Wox5pD9P)X?4rf!)O6AaO$-(
zR9%?Oak#?Bcrq>t)!2{fG?{T!-iG>eJ1SN|Dea;OP2W+z_vMv7Gv!UnSd7iKzO`|p
zZbz+C1LqxV5;w<%YU2ZjEcZaE3)s%Y@FW^nrA<Ycqi=E3Kgx&AAcdQ6$A_vQX**kY
zo?b+zBrK#Gdx%HH%AM!>d7T?9bTUl4T2&-$2kp=S6}PF-XvDaS5tVrvtBX+o=-+9L
z^;XB^2d^4srdzwl^wf^%!S^<W&{Y`fG8%}sFO+m^VI5p+_=T`cb_)KTyL$Z3lxfj*
z)TUt_ynAghAwMJCU=!snrsI>^Hgi`Kk$1N4rdREN#gOy0cSsUOdU$;ENO)D5=rG(S
zcVR$ILbXQg8t)LGud_N&NdLpGs8Zl1fAr}NE-@mG@xayIenWkEx&DU`&FBbK$U=DT
z{1<(BPg_r!qu%GJN?8snVzR<eokhab1SaeaCDf3S5_X*SY@ZWGuH!~oJ2z3w#Oc)p
zXMaXid??;e*${Og_w3gBZe`mq>!LS0VvcYs?0T#a`%~73Ta9tl8yfa*o=aCl$5FM~
zi^v8OpDD^#$*Q4$rtPeb7MZcHS}$T#ScfWr(rl~iAHkMC?AK}WwS8-+UE2t%f8MF|
zQq`TQm9~mHh;TpAy>B|VF^1lx5X~#vPgPo@<r&G=5e`aqLX^Vco7GBjG<A0MSxZTC
zd5YcBi>Aziw9Q#^$-|OgkNk(zOV=n8Mjl)zEb_J;`Pmxm+}~e%#ODbzumfxz!Hzb}
z3UTjwnf_Q<X1X~O3gqFAsnCj%xfomQo(D{%8#;@hZi@?^8$ZrceP0l3-$Boc;?uNO
z^j(bf>Qard<w%t-8;n0Q)i(dJYHnz{<-Wv9{Z;#9E~&WK{;WIWXXK*zA5&&mL!GjH
zfunW<KXuab#Zo|Th^mBryktNQ?^7U|uU_M9;9Cxdql$CLUJqtGwehD$s85%Nk)3%-
zP}r{BZ=M#M{$e9Xh$qlAzfo4yQ+US+To&$_5M?K_hFOYZ;`F^p`j}+=+=)d8xeMOy
zpO)<n!#%{x%e<n=Bdtr%UOZm)WjJKt>bGkT7btA7>S_o!txx!kpE>KkFC>vds`!+!
z_o}SXQ8h&l?z1ofqrZKT<z3y1c*pel@r$Dsw!>Vcvx7;xnUuKZ0{%A>?R`fL#RB>f
zzzdMnQx8z|y<hTRU4a+G1-WDroO*iQqW2^d@1CTFq9d9pB<$ftn+&fiE_{{Cah;{C
zuuQCvr<gs#FY#qI<bqQiQj3`BGwj#Rgi|=U751UsQwbM$rbQH_9q5v8t4~WGB)y}o
zj{TVCJ4h0XF&GZiN%4y-@LgeUg(-o`47iVvIX%2x!p=aV=z%mLse_e~uJ6<P5`$sw
z(oIAXl`<&{=~o5O5j)Ty!1f{)@7?W)i^ml(Y?&p#Y-NU5?_td9;goDLNxv`4@<;k3
z_Lhm4_yeKYy0QAkAfh@KG|}NrAG3-5q$xi7zb>ykiO?evk)N1@OwNXRKvoFIf|RP(
zzik9*Qc!LJ)F}r1njbK5eBFDIO$!^}!o|NAlA_sJ7KzZu!?KsT=Pt8lb12xF3ui|U
z8?4Wx9ApzGC^;KUWoPL2<_f7mmEJRlyk3VGVG$4uT-Eoa5;Dg<2ITTcUz2lbl{v;-
zHM)q9IDd|6Kwsg@JgZj3GbGpry8YTr)AR}b>KMc@8^30I9vn*gVU?53f*HTEPsirF
zxXHP;<a>1I*Y)KyWiOCcT{zu9)|QLhZ;DtH5nFg(K9O?1su$e~cdu|rO=1}%3WVnY
z{em6()qp^OtQc6KC<7O4Jk7#KQjjJTgcb#XuCgEeafuU9kQ#~56CqZ}M4f;&dqe<F
zE<9M6q<{BR#07vC0dq3$qxZ!+HpYq$al0>KxH|v~;K)$4z;aH^{!Ky6M<}H5u{-Dp
zG9Sn=i*yr{3Jf4~Ha6=$dB}`-hK^dtDoFaQp~@&o`+SMYDbQoe&Iy%Bci>#I$u*t8
z2+0vZ;Qoz*awZk`X?X1lqj;m}aN~tyd)=Vl!MGXGIqM49!>vK)!)6PG2?BchzAHGa
zTk?|)=xHuYuY+%k(ZR}2#4DvUpJ`d9DB;oE(@Dg=DSky_;-Ub4Eh6^R!=q$;wiv&{
zD_h~XsOIzH2av^dBDJ~Vr$81TsNqL}TPVz(&e2W5&?Yg;iyNU?320)}c7RbRQfkSE
zt*_A*#mP1HK#^N%T~oQ1w<l>4{|d-_sw4Ob4Tfmp+;W+R6!@p0VnU3-8*1nYa7!E-
z$xlbi3^7fIxm<LLlfAb9`-(!6o%d@Og!iNwmbMaS0WS8bj6}pB=m|>C%p$B(4lJ@#
zw`L&+nWR28evC`{aZyc?jGGk^?~sX$Ld;4eI3kAAnEDb<dQBqqj!AmO#$Bd+z7{#x
z8OVEZNC$n_i1{v$Cuu};>@qh1p^C0zkb*^3jB8LV15QaI*Yijvbi_)xnmHFc!8gM6
z*}eEcYG7BF9o|#|*@IPK5)Q#y=+b*pmBS)&Sv9TV^8vw7lK`GpL%VHBx^54S2_wF)
z$1E{%8ik5jCb4kALC@?4)gDal^huc~b@O0;X2Lj^LD$9Xq6SeZvOgJVh$@-jj#5=R
zs)tRq%_IlXadTvtdo2PI0uQo;uzRP<2p_el^QsaZ*(`>WK9G8NC{-T&-buDQpZMoI
zttX_i${sPr%(&1<x<ZC9>Oh8%T@+zopwi{j)xubZQj<tQ!ZKY5BWB~sHKb$YY^t2m
zGP5RO0ULjkegCOe6c4T&TC>cQrB5{I86wV*N#8rj-gHbU9sVH1NUc{{1gmNAWLM~L
zDij6Jt2|D`e4<pRw&F}!wd+F=6%_kxf%~r~W;QrB3IWpV9?0bWRZvdwM_)HZe4sb(
z^TjDnQXIIX=g9^u46N5>g#q@Fs9;hg-#+>xBvHO~x&jUsSCqt{=h--#y1J9;K`9>@
zFSc`(6sb7~9Zs7O864H=&oosrdW4PN`JZFP?B1_^;gNijNxOxzxY2?`>=RTU5;dVj
z=q0`~YPv~=ftwK)#B`!Cc%UdIKD<HWgf&z9{vL%hBA3JwL(3RVL$T}v1)C%GTVdf0
zMGsz#)3oVC_n;l#=IDD&*y~673K_OKaob9ni5#bD;`e0QqpmXv|FL9Dgy<#4;m<AF
zJuR@PxyeJ+WW-Oe#$*iNNN_qx@(cRs3%~Y=Jnr7TA}>e9-(q46ld<0(D3EbxpVsA6
zMg4P--Kjv+1K1}FLIDe9K*z6eWGCG<vdE<AK&3oEid76C3c<G`B?-(#KL^ZeJ^TU>
z|ID=YejsGX#dL|&D@5UKJE1ZGjGiLRWva<Ba4(NXF7gwr6QM=&f7U*ji;)WYoPfv<
zBlnZax<X)84u}F!ew7o%Bh2t|!-3>iERv#4(7H|)N3Lu!4YuXkn_PmNC~zAnN9mBn
zB0{bJW$ma=W*|@T2;&UWP`Vkq4$~r1KMzohc2z0^T}UUcP>5%_#4jSmcvGpV1A2nK
zrXnc7$sIc!uIrquM&Rh2S@LV*Lzo*Nk<VQiZ>efUjPgj&nV4C{%P1CfNQ^H=5(w7=
zy(!qMA@~qMI3o`EuL%E14D;By1t7s@6sb_fxOv_+Svhnd1zRb+pc+V;Ba>$N#}|bC
zb1Zm_LKLuZ@j|ZQ63LUZPrxRM#PBkc^c}z=HnCoS9shuR#vKeS8SE7jx`l+@&j{U&
zr-&G0$TLDj$<To_L!q{}k>kWZ{?Or)p-^JKm!dN~hunB6{O=|dYx}BUJ?1i(@XspJ
zGVigK@$p_Ro-4FdY$tn?(eWZ&H-JA2`xof2h)e9?%YLdr-xmx9-5d-Z9o+j2>$00{
z{@$ak@eQ)@4Ym(e{{UI<Sye!Ndv_GoSn@Xi!!tpir$BRLkHz}d63-2lv}~S$ASB-M
z(|@pgL}08ID{&ur?Bu4D`?kr`ev3RhfHOL#S^K;;ZMS(@Rj@pIDzEq>>DMteV<FQd
zV@&FY+cOPx=I)E1ogWlGY;nXcg0f%F0)kl0K!_OT@ujx(KP=e~B}!xlj*56I^U!#A
zzC+dodV$?3r$s+gq$baY4GPCcALl<3Jkk5<Rm#3Xd1yQ)CWdj4Cf_DD(eL4=&|%E?
zhnVp4gqy*wwUr`bHS=y`qW35l9^RK?W1@J23)hL7+=HPK9&CynciE;?Paz!}G!5g!
z-5i>a-ACVX*+sDoE}n1BB#to$c7OZ0R|o%%EULDLN?7;4-<<3`kN+e<K6VA$Mer`<
z<;gfL<z5DS@5o(a9zi5J_pjtrNG@@jFM=pg5jYroYicwEe$EU*F%JdVea;^<ULxaF
q_=uCKQzbAxM+{GMNU=d*pjh0@drs{wlX1=I#y!)`x27Nn*!&NvEw6h3

literal 0
HcmV?d00001

diff --git a/images/release.png b/images/release.png
new file mode 100644
index 0000000000000000000000000000000000000000..bfc8b086566a7483772062fd54845604690bd3a9
GIT binary patch
literal 1786
zcmV<W1_k+vP)<h;3K|Lk000e1NJLTq006WA0015c1^@s6g-SHK00006VoOIv0RI60
z0RN!9r;`8x010qNS#tmY3ljhU3ljkVnw%H_000McNliru)CV6B2?0gINACat03CEi
zSad^gZEa<4bO1wgWnpw>WFU8GbZ8({Xk{QrNlj4iWF>9@00v%3L_t(|+U=X`Z(HRZ
z$3Jm=ixW3WY~tj&xioezkS42WdST^~bi62oi48g^VlR40sU~e2(q3*a_zR}NVA3Qe
z5G`#3h0qJESqr7>7^Q7c+m$wn?KDYahuE>5OOH)`IoXQ}ZzsngcBGYnp3l4do}Az1
zIp62^{Ol+N@>g?n2n62~bYcqxLeK(%5VSxb1T7E<K?{VS1p*;xfj|gaAP|BU2!x;o
zLeK)icN_hk4tVL(MUEXktg=11^(mU0?-p<4Tj2Qd59qsaUS<2$ub-#1v{ZEHT<E`c
zRehrLdR#8IP}aAEXK+CEb5&*4cUH`ccIeBOFLCt9dke0c&1Rl?<`<;XX|8<nZ^lMP
znVOy=nM`6bnXuXHG&VNTzHU86qme`+!S(AyDj)UrE(`_(H%3Qu@&VxUdbxP<bNv1>
zWLZX0lm&C#v7?I$hl9`iF5vTd359~h<8c&4p{S?`hoh4F?|+c$ni_z-^2kOimC89*
zzI9B7C%^H1=yW=Yi;JnQu0c^0CPN|Qm`oy(Kv5Jd77J}{YuNmwhXEKLA7^G}M&)Dn
z<}9zg{35fnvjCK?D8=P&;GvFAOeWKk@|K*=<soRVXE3Y1q@)C=b0yJ8gx6ksRkdcZ
zSg5ae5ebL!`^WJ6$GCjyBD;3)!Q&YuoldKMzq-1HH}}24@bL9TeQe*^#rwyO(BFSe
z<)hM3Nx992&*$aVty>v;ad9z{)5+d9UT1W4MD<Kv-6~8b6O*A39?u{)yPckQ59O4{
zuHAbu7z|nW=D_}ai^h_iPTuQzC+|AWp8Z$Wm^C%E+_*7{qA1MH&T{qY7n$47;i$y#
z9|J&^Wj_7%6I?DgwRLq24)kX|kSkYKV=|hU2u=`*Mu?pMjH#(8Pi}o`NqH}e4y`B(
zLqk4|y}9{r9{=eR==FLI9(a>rD5&ZX+jn$fu~<0tb~l7>+ryDC(P)%`c^jeA>9}_7
zDuIAMCm%iU9@6C0)YQz@pFfQ(%e?gBA5?2@cLM;CNLVxGY}j~TW?hzLjvVe$iFvVF
zDk>_n?prRgPJQ&DMih(Hp(qMIpH~y_XHRUUyxhiLU;T^9ZZH_wx$8MbhOcJ?{WZ4|
zw?#K!(0aX|?K`@#*=)SkeSnGJL}qPh$hV}tm(9pAIx?a<Z2)$gJtJm7Gd?Ja!k=Gx
z34nrv0?cMJcimM%+Yi=IUS5vZ>(O+U`Q7ZBe0+TBLrtEWHa!49--Yv<tIyrg2*A_Z
zp5^G_p3LD(rBZYs+>azV*|O!wR7p}^wJap&Tw`6iayjohMuvw;BoZpS%jM>tds;a2
zkJB1|YuB#BZntytM6YH|lAJ`NQB^YnXl-r7X0s8C#WanhsHkX3c`qA5d$Noh4|a5B
z#Qe3u|94aDHaolb{1Tn+zn?Yd=H`gU;|vY?NG6k-ZXc87oPG2j|3H&dg~LHG7}Q+H
zg@uLG*Si=G1hCod?Cg4ux8FLb>T-dApS^ou=Qq#)Hm_P1BG*{+8$~X4e0=I7%`+P}
z{_yr_IImFv+`G1&WHQOf$goDtB_$=C`|PadnYOky0GvL3N;4X^w6xOKcRugDmyMw3
z&(Bt?RrA%_V?TME?(Y4_vJAjvc#@a@^hYWytI+H9#N%-$Ccb3bwr4ft20&v|Gm_-Y
z*@xTRpt<r6?BB=KRFuNPLe+t(sj0<iG;;Ff-<g>BlIrRjrlL_z4y7wfF&GSa)nc(&
zvhG=~v6fPY*Q<UXWo2d5ty)Da7Gr!opt<?V%F6I~21%t-nkE7;kY#>8aiSN!Uaz?|
z8yXtv=-kZo^i<w?-)Rbe_xl%Km~RY+!<;#DT62ZXKXF#8m3!B=v%<O}bG^o5F~Z?6
zGcz+74F+0Px6-nDHSZrgqS{<Za<XCLeL4GRZEM5jaufe5&dl^Q>2w;a)rurZbaZUi
zbdUAxH{f)xB%MkTkH-mxg511$GxK4us!C$rx(z(?=ws;h`n>X3h+JdkTZhqT;*)=#
zQQ6zu*Hc%wih+TCjmS1_dVs1biF4=9YQ(<fkw*dO?fsj&ximImHk%0q{G`)qEEWs3
zwRLoEewc?kI??HLOWOZCO@a6)S;6-S@uzQr5VSxb1T7E<K??*z&;lW7fj|gaAP|BU
c2>ze^2S69wa$qz95dZ)H07*qoM6N<$g72<wH~;_u

literal 0
HcmV?d00001

diff --git a/images/talk.png b/images/talk.png
new file mode 100755
index 0000000000000000000000000000000000000000..6c53b223192ef78885cf5c84852be4d51c61ce78
GIT binary patch
literal 1534
zcmV<a1p)erP)<h;3K|Lk000e1NJLTq006WA0015c0ssI23MixP00009a7bBm000XU
z000XU0RWnu7ytkO2XskIMF-Re2Llx;9nH`Y0000TbVXQnLvL+uWo~o;Lvm$dbY)~9
zcWHEJAXI2&AV*0}Q14_VZU6uUbV)=(RCwC$n%Qp?R}{vN$4l^dNn!`Db?n6BEgO`5
z31R1@bb**es4p~4Q7ciY|3@WMR9Xp9R8*ltQ4ve4sz4~E5~L+2g#cN+#?Im$yEtRV
zj+yjfs^OAAHT2EpeouEkkFLMD^P6+eNF$(U=K%}rc_Q!<U|~40FdSGI4lE1@7KQ^0
z!-0k2z`}4~VK}f}S&9DTx0zgSWOO(li%F%@?K^h8?9@Z|?*910MeeZE-Bm0WQOCWn
z+wO2y#4=s}`KLRc0q*e7$Db&xt6xPpSSCh>A5Kn8uuf~+vi~sk=*aNXzY&QVt<;6{
z=Qu|qku+MVN?9hacZ?hB^!itUjOW0SPNz;BKUOZ6QS<)Lz57G=2!iP8J*d%W0|Ect
zKL@9#Ci67SFwEjf5A^ib)h!K$f}GRPXa#^!Fu*xh%2qCyJ)YYEzb}<c&d$yPfI_MK
z@S{Tn@yupdE|&)fJ;8uKkx0xI3Jk+YrBba<x3Rs$WU2=MK6%oq)DM>~JZD=a2vR09
znd%vaNu`o`nl6<}48xEl*|u!?)@?fgAQp?}9zRAOo-d9bnaSk<Kv`W)QMQiFTdS(7
zcqTCzjFk#UAmF#z9g*-jP1Bs|YH9`mv)Q6n*PZ+R?AYiC_mftqQ>oO!fWKHQvW`q9
zGZ>7+4<9^v@`O9h>2!sH0hBqCB)>d*gk=H%<Z`**U{tHs3&;R~GpA2Q!eQ>v($FB0
zRHaf$zt3wh7%!YZ$0yJ4{kIlOTW>Z`L?R5s%;a(-!w=c=rq$`DCMN-ars@7$Hyf>#
z*=+HSjV^%I_?jtGRh5XxGmjn(-2Nkz$#lBAcqXaf%CTn6y7|@fpB?^`bMywop1p2%
ze68;adi{2X)4i{ors>a*97an50E{B15d=Zm?0r`+FX%|-=H>uEC=|ALY+k>9<6<mW
zJxZt1?P<;0^%P}e@87T2ukp#lFibGuN9WwL*R4{kPaHqSIbyN6r}yA^D8$0Ss#Gij
zz!(CDNF+MY)2mXc&wh705s$NGC>Y?Gq~hOJCMF_<LV-K9*&W>Y!Tllh%#H1v0ATRW
z09rzAHhZ~T4)}fOGrDBS62H%jmJOB+08rP}ZP?KMA~FD=d;hyjH5%@zJ$vTclV5)o
zjZVvCGM;(D;qg+bgxn;`)zpl(5dg4q)oQi6&hPi4rru!8W-`e{f^%A0+f*ubKA%Uo
zNU2oHGfBn6f!<dDuvi+nF;^j3X*AkoGJ#fXp-|Y+XblAe+`R_?hr<<#gi+u&b!;I?
zk{u`FagXQri}FRI)3vp#p7#%0si)oR^wiX;Z%!7AMV@(3E&*Wex($mjbH$2Pb8~ay
z@o~;E7>#nd-0ORWp|)kq0pPbA*U?S0xuun7l8S#@K_4;zxODNnR;v?>#c%9>%SzeM
z;(6xusZ1s#6bd;M>dj_}M1t-q0N`*q`}=P$aMJ0NXW$<uZe0Jx<!q8G6pO=L>$?(<
z#Z0F9OeTZ+%Ia#dSj;nz4}qhmw$@^4$mjFX>1njK)zsGdd|tFGayVT8u%O}SyLwq9
z5}`d1WwUSIvMrm<@<~$hm1EoXo$Z@CG+M1#EEWg^vxUOUOm5|>)k2|g_nU9OzG5Xw
zk_160l**c#+IRMJa!n<>QVhfRkcw?E8s!QFTEn$Eom`=4X>CJsy!vcM!l|jLMW@%t
zV$r{{S%E-6l4QNvynW}c_j*1c2!c<ZR4SQ8z-nn}WxIs=`KRAUHaE8}t|d-~t57IR
zL?Y-8t57JDi3FR3qHLY+uCDI=B9Vwsl8Sqk72t13v0kEbU}0f6urM507!E892Ns3{
k3&Vkh;lRRhVEw=JH^}qG?D<}eh5!Hn07*qoM6N<$f(b3<g#Z8m

literal 0
HcmV?d00001

diff --git a/images/think.png b/images/think.png
new file mode 100755
index 0000000000000000000000000000000000000000..198855d734e1d739140ac558b9f35707a14b7b71
GIT binary patch
literal 1804
zcmV+n2lM!eP)<h;3K|Lk000e1NJLTq006WA0015c0ssI23MixP00009a7bBm000XU
z000XU0RWnu7ytkO2XskIMF-Re2Llx*jdIO^0000TbVXQnLvL+uWo~o;Lvm$dbY)~9
zcWHEJAXI2&AV*0}Q14_VZU6uVf=NU{RCwC$n(I>&R~W|6ZZ?4|xd%x|B%6>8;V#}q
z5fr?2v=<e1tmD*D>$Ed=rhi8}wRLKpvDT?=ZMDvHypFB6Qae+%h*q$QkOW8&5|Y41
z!{$Q5rXRMm92d0t(iwEl^XcrnXHT9z`#aB`9l+Q`1|T6#Cmc-y5`qH>!GVO}KtgaJ
zAvll_97qTbBm@W2%P!)78uww>gVxrok0TMOR9a{<t$Ss?PNzrH{gS{j7L9g2d@vjc
z$mQ~;RcnNLTieYmmo5s2J9fTBQP!!KClZOVXq4l)WHK4>`x%DG5{}M}yXViH5e}QT
zY%6h=z7SJ+@s|s?+iwYndq4P4rB=UGaPUlYJ-Gj9V1TbwRnLJt^mIQI+6sljVxguT
zw`T6VIW=>mPo88l8I@X%VOW-ix}ou9GFh>meo>~fr>9$J8w(3xbTY(njEsbj96ppz
zr{Utg&W?MX9XO7+?B1hPss?;M;S|SlUmiO6I1-tdm>@~gWS-sFv`Vkf_j>!k|Lz;1
z+v>IJa&vOeojpCxmIuelygZw&c-88)a=AQ}O7-=6gtK<qkxr-E+uJ;DS2z?(BoY7s
zrAqbQ`+ITxsohdKoxXFYz1QOo27`%soZ~pTTy8KLm(|r56<GiP9*_I(Uv~xvAH`Uf
z<G86#cD3vt35TC!vZ%<yaa=eYim~kY_&CRLBuQ4!sae^$3IGrY_@hsrz-#P_1N+CK
zQ2>BSt)^*5eZ$I}oSZD3m`vsw2ZzVwc9b}M-hP&4g<@HG1pt7etOW&z&W^j8%;aBj
zW3iY*sg%iNu~>{{SyxYYI-T17=1#Y(2OgHTJ6c<>ihkHaQ3F07$8lrP=)KMkwOU=@
zu(Ge$1EWcj<iP{`c_#RvDm0n(dcBAY0Kkdk$9!I|aA>vJWU`!aIOKNqm`vu=r+(^w
z*d?4b7>zoezSrYUCX;+6FE7tzGT*#${W&JP9^3~25CmZ`8V4Ue0sycqd*k{a#deya
ztZ<<6u$pHVF*!NG;bCTU^j6!S48v@0-kPP8nV1}l7A?sv%zU=*W1&)LGHu+{JZ<I!
z02VK)U9qz1(@#DUDiT}*0C2lqLPe|7sWqBjj~l*l)8;K&o$kotLz5R0#MJRSJMN}Z
zDFA>(BB`rysI6T#6$@UYBO{ZyL=cM>*V43ue}2EUUWK1WiL<nM%Qlu}Ki|I(jwp`f
zL?$<GYS!uXut}*@+Om63e_tOD2e0vDQskT<h+QqabvpgYACCuzhxuY(uO~|<Gxt+=
zV89oT$Av>jiBo8cGGC!oHmqp$di%%6$0wJX)f!=#k#Kl&1V@RekDaDV%gW(5GyuS2
zp)#2a962OO@?-!2^!fQqm)1Rt3;@8k?K@@_6bP&K<cS}Se*Kl-Ka`i3_xHU{xaYFE
z<p6*?w{O9bKCQ{J@(Pj3`3n~6_4#i1Q@L1ZGDjFD6buTL%BpIeP9KZK;OUaf<yktJ
zxo~)(MGpY5T5UpGl=%x5E+Pm*)Sspu?x!nu+97(&EU8^4`k~z1+}X2>d_FJC<?{L!
zBuVn^;P7yJd)u?_!S5f^YIQB|?6K36yVs$?!DHVZO(v5<V)H5}FoZ%u_zfbFNNmM+
zk;%nNmQJ0GdGi*eQYmkLzfdum%?gF0$MqCL)pKe90KZ>rotT&qiWQYrSvr}yUn}tH
z0RWsmbIM>aN~O~E8(xEx6T`6T>Kf4-M6J=}=g+!w`68Ud77O+Bh4Vs1qt#NBH5QBc
zhlYe=v7N>+O!V4zI!i}J!tJ;IW#U@vuVtm>3Z-)DJzTwVX*dulDzY#P1J_k*wNxs#
z(+)VyPaHqSFpNYZ5n{<gQ8Jm#1;L@wYOPkA$fSj$G+M38)dQ~(XK9(}3l0Eq<?=;>
zAmBX^?I>wj(HMzDvT-tVlcTX|b=~s%0)s&+m0}o{h{wmqqVpFl#Bm&6TUMJ*p-@B^
zh8Z1&V?(sCthQo?8I3^Ctg^C-4<UGC%kK~13^y2!3Z=5Lsv4&DGK3wh^72Y!VPPQP
ze;kQm7)Fw$g`%2PuX(%WT^z?Zy!!gwdGkq<#Bp4yQfV~WH#Tk-Ho5$h3x`AhX|kfC
zYHF60I?LkmIQ#|YC~+#4s!%Y<JE3XE=H{(iw{0f~A{!?&>Qfd&|3iwDZE_$XAvll_
u97qTbBm@T%f&&S`frQ{dLU16xbovJ%#4T-Cslng?0000<MNUMnLSTYm%u(h5

literal 0
HcmV?d00001

diff --git a/index.html b/index.html
index a7cea1f..a2825be 100755
--- a/index.html
+++ b/index.html
@@ -1,65 +1,45 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
-<HTML>
-<HEAD>
-  <!-- don't cache this because the list of mirrors is dynamic -->
-  <META HTTP-EQUIV="pragma" CONTENT="no-cache">
-  <TITLE>SAMBA Web Pages</TITLE>
-</HEAD>
+<!--#include virtual="/samba/header.html" --> 
+  <title>Samba - opening windows to a wider world</title>
+<!--#include virtual="/samba/header2.html" -->
 
-<BODY
- BGCOLOR="WHITE"
- TEXT="#000000"
- LINK="#0000EE"
- VLINK="#551A8B"
- ALINK="#FF0000">
+    <p>Samba is an <a href="http://www.opensource.org/">Open Source</a>/<a href="http://www.gnu.org/philosophy/free-sw.html">Free Software</a> suite that provides seamless file and print services to SMB/CIFS clients.  Samba is freely available under the <a href="/samba/docs/GPL.html">GNU General Public License</a>.</p>
 
-<!--#include virtual="/samba/local_info.html" -->
 
-<H2>Web Sites</H2>
+    <h2>Current Release</h2>
 
-<P>Please choose your closest web mirror site:
+    <h4>7 August 2004</h4>
 
-<!--#include virtual="/samba/web_hosts.html" -->
+    <p class="headline"><a name="latest"> Samba 3.0.6rc2 Available for Download</a></p>
 
-<H2>Download sites</H2>
+    <p>The second release candidate of Samba 3.0.6 is now available for download.
+    Previously released snapshots in this series were referred to as 3.0.5pre1
+    and 3.0.5rc1.  These were later renamed as the 3.0.6 series due to the
+    3.0.5 security release.  Samba 3.0.6rc2 can be downloaded in
+    <a href="/samba/ftp/rc/samba-3.0.6rc2.tar.gz">gzipped format</a>.
+    The <a href="/samba/ftp/rc/samba-3.0.6rc2.tar.asc">GPG signature</a> is for the uncompressed tarball.
+    There have been several bug fixes since the 3.0.4/5 release that
+    we feel are important to make available to the Samba community
+    for wider testings.  This release is <b>not</b> intended for production
+    servers.  Use at your own risk.  All testing is very much appreciated.
+    Please refer to the <a href="/samba/ftp/rc/WHATSNEW-3-0-6rc2.txt">Release Notes</a> for
+    descriptions of the exact changes.</p>
 
-These contain the source and binary distributions but not the web pages.
+    <p><a href="http://samba.org/~jerry/RPMS/samba/">RPMS for RedHat 8/9
+    and Fedora Core 1/2</a> can also be downloaded.</p>
 
-<!--#include virtual="/samba/ftp_hosts.html" -->
+        
+    <h2>News</h2>
 
-<p>
-Please refer to these 
-<A HREF="http://samba.org/samba/mirroring.html">mirroring instructions</A>
-for information on mirroring the Samba web pages.
 
-<h2>Non-English</h2>
+    <div class="plugs">
+      <a href="/samba/tshirt.html"><img src="/samba/images/t-small.jpg"
+alt="Samba t-shirt" /></a>
+    
+      <p><a href="/samba/tshirt.html">Samba T-shirts and mugs are available!</a></p>
+    </div>
+  
+    <div class="request">
+      <p>Please select the closest <span class="punch">mirror site</span> from the menu above. The popularity of Samba puts a strain on our network. By using a mirror site you can do your bit to reduce the load.</p>
+    </div>
 
-Here you will find non-English starting points for Samba information.
-
-<table border=0>
-<tr>
-<td valign=top>
-<ul>
- <li> Deutsch: <A HREF="http://samba.sernet.de/">samba.sernet.de</A>
- <li> Fran&ccedil;ais: <A HREF="http://samba.2037.biz/">samba.2037.biz</A>
- <li> Italiano: <a href="http://samba.xsec.it/">samba.xsec.it</a>
- <li> Hebrew: <a href="http://linux.israel.net/samba/samba.html">linux.israel.net</a>
- <li> Chinese: <a href="http://hk.samba.org/">hk.samba.org</a>
-</ul>
-</td>
-</tr>
-</table>
-
-<h2>Other sites in samba.org</h2>
-
-<ul>
- <li> <A HREF="http://lists.samba.org/">Mailing Lists</A>
- <li> <A HREF="http://jcifs.samba.org/">jCIFS</A> -- CIFS in Java
- <li> <A HREF="http://rsync.samba.org/">rsync</A> -- fast file
- transfer
- <li> <A HREF="http://ccache.samba.org/">ccache</A> -- C/C++ compiler cache
- <li> <A HREF="http://distcc.samba.org/">distcc</A> -- C/C++ distributed compiler
-</ul>
-
-</BODY>
-</HTML>
+<!--#include virtual="/samba/footer.html" -->
diff --git a/irc.html b/irc.html
index 856367c..315a7d3 100644
--- a/irc.html
+++ b/irc.html
@@ -1,13 +1,15 @@
-<!--#include virtual="/samba/header.html" -->
+<!--#include virtual="/samba/header.html" --> 
+  <title>Samba IRC Channels</title>
+<!--#include virtual="/samba/header2.html" -->
 
-<h2 align="center">Samba IRC Channels</h2>
+<h2>Samba IRC Channels</h2>
 
-<p>Samba is discussed on two IRC channels on the <a href="http://www.freenode.net/">FreeNode</a> network(irc.freenode.net).
+<p>Samba is discussed on two IRC channels on the <a href="http://www.freenode.net/">FreeNode</a> network(irc.freenode.net).</p>
 
 
 <h3>#samba</h3>
 	<p>User questions about Samba can be asked in this channel. 
-	Please keep a few things in mind:
+	Please keep a few things in mind:</p>
 
 	<ul>
 		<li>Make sure you have read the right parts of the <a href="docs/man/">documentation</a> before asking a question. 
@@ -21,13 +23,13 @@
 
 <h3>#samba-technical</h3>
 	<p>This channel is the equivalent of the samba-technical mailinglist. 
-	It is used by the developers to discuss Samba internals and development.
+	It is used by the developers to discuss Samba internals and development.</p>
 
 	<p><b>Note</b>: This channel is for discussion about 
-	development issues only, not for questions about problems with Samba!
+	development issues only, not for questions about problems with Samba!</p>
 
-<p>Stats and logs for both channels are available at <a href="http://irc.vernstok.nl/">irc.vernstok.nl</a>.
+<p>Stats and logs for both channels are available at <a href="http://irc.vernstok.nl/">irc.vernstok.nl</a>.</p>
 
-<p>Freenode has a couple of <a href="http://freenode.net/channel_guidelines.shtml">general notes about behaviour in IRC channels</a>.
+<p>Freenode has a couple of <a href="http://freenode.net/channel_guidelines.shtml">general notes about behaviour in IRC channels</a>.</p>
  
 <!--#include virtual="/samba/footer.html" -->
diff --git a/local_header.html b/local_header.html
index e69de29..fab14fc 100755
--- a/local_header.html
+++ b/local_header.html
@@ -0,0 +1 @@
+(This is not the real samba.org - please go <a href="http://samba.org">here</a> instead).
diff --git a/mirroring.html b/mirroring.html
index f7f88a0..61867d7 100755
--- a/mirroring.html
+++ b/mirroring.html
@@ -1,4 +1,6 @@
-<!--#include virtual="/samba/header.html" -->
+<!--#include virtual="/samba/header.html" --> 
+  <title>Mirroring Samba</title>
+<!--#include virtual="/samba/header2.html" -->
 
 <h2 align=center>Mirroring Samba</h2>
 
diff --git a/ml-etiquette.html b/ml-etiquette.html
index eff7952..c58efeb 100755
--- a/ml-etiquette.html
+++ b/ml-etiquette.html
@@ -1,6 +1,8 @@
-<!--#include virtual="/samba/header.html" -->
+<!--#include virtual="/samba/header.html" --> 
+  <title>Samba - Mailing List Etiquette</title>
+<!--#include virtual="/samba/header2.html" -->
 
-<h2 align="center">Mailing List Etiquette</h2>
+<h2>Mailing List Etiquette</h2>
 
 <p>A few tips when submitting to this or any mailing list.
 
@@ -18,7 +20,7 @@
   only the relevant lines, enough to establish context, are included.
   Chances are (since this is a mailing list) we've already read the
   original message.</li>
-    
+
       <p>
 
   <li>Trim irrelevant headers from the original message in your reply. All
@@ -28,7 +30,7 @@
 
   <p><li>Recipients who repeatedly send mailer daemon or vacation
 messages to list posters will be unsubscribed without warning.  Correctly implemented vacation programs should not respond to mailing list postings.
-      
+
   <p><li>Please be aware that mail to these lists will be distributed to
 many subscribers, and will be permanently and publicly archived.
 In general we will not remove posted messages from the archives.
@@ -47,29 +49,27 @@ editing policy</a>.
       href="http://spamassassin.org/">filtering</a>, or post from a <a
       href="http://spamgourmet.com/">disposable address</a>.  Do
       <b>not</b> whine about it on the list.
-      
+
 
       <p>
   <li>Never say "Me too." It doesn't help anyone solve the problem.
   Instead, if you ARE having the same problem, give more information.
   Have you seen something that the other writer hasn't mentioned, which
   may be helpful?</li>
-  
+
       <p>
   <li>If you ask about a problem, then come up with the solution on your
   own or through another source, by all means post it. Someone else may have
   the same problem and is waiting for an answer, but never hears of it.</li>
 
       <p>
-  <li>Give as much *relevant* information as possible such as Samba release 
+  <li>Give as much *relevant* information as possible such as Samba release
   number, OS, kernel version, etc...</li>
 
       <p>
-	  <li><a href="docs/">RTFM</a>.
-	    <a href="http://google.com/">Google</a>.
-	    <a href="http://groups.google.com/groups?q=group%3Amailing.unix.samba*">groups.google.com</a>.</li>
+          <li><a href="docs/">RTFM</a>.
+            <a href="http://google.com/">Google</a>.
+            <a href="http://groups.google.com/groups?q=group%3Amailing.unix.samba*">groups.google.com</a>.</li>
 </ol>
 
-
-
 <!--#include virtual="/samba/footer.html" -->
diff --git a/ms_license.html b/ms_license.html
index 8e205c8..c283bfd 100755
--- a/ms_license.html
+++ b/ms_license.html
@@ -1,4 +1,6 @@
-<!--#include virtual="/samba/header.html" -->
+<!--#include virtual="/samba/header.html" --> 
+  <title>Samba - MS Liscense overview</title>
+<!--#include virtual="/samba/header2.html" -->
 
 <h2>CIFS, Microsoft and the Samba Team</h2>
 
diff --git a/ntsystems.html b/ntsystems.html
index 8a75138..b50ddc4 100755
--- a/ntsystems.html
+++ b/ntsystems.html
@@ -1,4 +1,6 @@
-<!--#include virtual="/samba/header.html" -->
+<!--#include virtual="/samba/header.html" --> 
+  <title>Samba - NT Systems Magazine Award</title>
+<!--#include virtual="/samba/header2.html" -->
 
 <H2 align="center">Award from NT Systems Magazine</H2>
 
diff --git a/samba.html b/samba.html
index a700c38..d19f9ac 100755
--- a/samba.html
+++ b/samba.html
@@ -1,159 +1,35 @@
-<!--#include virtual="/samba/header.html" --> 
-<!-- $Revision: 1.241 $ -->
-
-<H2 ALIGN=CENTER>Welcome to the Samba web pages</H2>
-
-<P>Samba is an <A HREF="http://www.opensource.org/">Open Source</A>/<A
-HREF="http://www.gnu.org/philosophy/free-sw.html">Free Software</A> suite
-that provides seamless file and print services to SMB/CIFS clients.
-Samba is freely available under the <A HREF="docs/GPL.html">GNU General
-Public License</A>.
-
-<p>Please read these <a href="download.html#verify">instructions on how 
-to verify the GPG signature for Samba releases</a>.
-
-<p>
-<b>Latest Samba 3.0 security release:</b> Samba 3.0.5
-<a href="/samba/ftp/samba-3.0.5.tar.gz">gzipped</a>&nbsp;
-<a href="/samba/whatsnew/samba-3.0.5.html">release notes</a>&nbsp;
-<a href="/samba/ftp/samba-3.0.5.tar.asc">signature</a><br>
-
-<b>Latest Samba 2.2 security release:</b> Samba 2.2.10 
-<a href="/samba/ftp/old-versions/samba-2.2.10.tar.gz">gzipped</a>&nbsp;
-<a href="/samba/whatsnew/samba-2.2.10.html">release notes</a>&nbsp;
-<a href="/samba/ftp/old-versions/samba-2.2.10.tar.asc">signature</a><br>
-
-
-<H2>Samba News</H2>
-
-
-<ul>
-<li>(7th Aug, 2004) <em>Samba 3.0.6rc2 Available for Download</em>
-    <p>The second release candidate of Samba 3.0.6 is now available for download.
-    Previously released snapshots in this series were referred to as 3.0.5pre1 
-    and 3.0.5rc1.  These were later renamed as the 3.0.6 series due to the 
-    3.0.5 security release.  Samba 3.0.6rc2 can be downloaded in 
-    <a href="/samba/ftp/rc/samba-3.0.6rc2.tar.gz">gzipped format</a>.
-    The <a href="/samba/ftp/rc/samba-3.0.6rc2.tar.asc">GPG signature</a> is for the uncompressed tarball.
-    There have been several bug fixes since the 3.0.4/5 release that
-    we feel are important to make available to the Samba community
-    for wider testings.  This release is <b>not</b> intended for production
-    servers.  Use at your own risk.  All testing is very much appreciated.  
-    Please refer to the <a href="/samba/ftp/rc/WHATSNEW-3-0-6rc2.txt">Release Notes</a> for
-    descriptions of the exact changes.
-
-    <p><a href="http://samba.org/~jerry/RPMS/samba/">RPMS for RedHat 8/9
-    and Fedora Core 1/2</a> can also be downloaded.
-</li>
-</ul>
-
-
-<ul>
-<li>(22nd Jul, 2004) <em>Security Release - Samba 2.2.10 and 3.0.5 Available for Download</em>
-    <p>Two potential buffer overruns have been discovered in Samba >= 3.0.2
-    <a href="http://cve.mitre.org/">CAN-2004-0600,CAN-2004-0686</a>).
-    One of these issues, CAN-2004-0686, also affects Samba 2.2.x.  
-    Samba administrators are encouraged to review the <a href="/samba/whatsnew/samba-3.0.5.html">3.0.5</a> 
-    and <a href="/samba/whatsnew/samba-2.2.10.html">2.2.10</a> release notes
-    and upgrade any affected servers.
-    Samba 3.0.5 and 2.2.10 are identical to the previous release in each 
-    respective series with the exception of fixing these issues.
-    Samba 3.0.5rc1 has been removed from the download area on Samba.org
-    and 3.0.6rc2 will be available later this week.</br>
-
-    <p>The 3.0.5 and 2.2.10 releases <a href="/samba/ftp/">are available for download</a>
-    including the gpg signatures of the uncompressed tarballs.  <a 
-    href="/samba/ftp/Binary_Packages/">Binary packages for various platforms</a> 
-    will be available following the initial release.
-</li>
-</ul>
-
-<ul>
-<li>(22nd Jul, 2004) <em>Security Page Added to samba.org</em>
-    <p>A security release page has been added to samba.org.  The page lists all security releases since Samba 2.0.0.  An overview is provided by date of release and features a quick-glance overview of the security concern, affected releases, and download links.  A link is provided to full release notes for those requiring more in-depth information.</p>
-    
-    <p>A link to the page has been added to the navigation menu at the top of each page.  Or go directly to the new Samba security page <a href="/samba/security.html">here</a>.</p>
-</li>
-</ul>
-
-<ul>
-<li>(22nd Jul, 2004) <em>End of Life for Samba 2.2 Announced</em>
-    <p>October 1, 2004 has been designated as the end-of-life (EOL)
-    for the Samba 2.2 codebase.  Samba 2.2 has been in maintenance
-    mode since the release of v3.0.0 last September.  With this announcement
-    it is being officially announced that there will be no further
-    2.2 releases (including security fixes) following the October 1 deadline.
-    All Samba administrators are encouraged to upgrade aging Samba 2.x servers
-    to Samba v3.0.5.
-</li>
-</ul>
-
-
-<ul>
-<li>(16th Jun, 2004) <em>Welcome new Samba Team member Vance Lankhaar</em>
-    <p>Vance is joining the Samba Team as maintainer of the <a 
-    href="http://build.samba.org">build farm</a>.  Vance has been 
-    around Samba for a while now.  He has previous contributions 
-    to the build farm and has worked on Samba's documentation, and though 
-    he didn't consider himself a C programmer at the time, he did build 
-    the 'build options' support for smbd.  We are glad to welcome Vance 
-    to the team!</p>
-</li>
-</ul>
-
-
-<ul>
-<li>(25th May, 2004) <em>Samba 3.0.5pre1 Available for Download</em>
-    <p>The first preview release of Samba 3.0.5 is now available for
-    download in <a href="/samba/ftp/pre/samba-3.0.5pre1.tar.gz">gzipped format</a>.
-    The <a href="/samba/ftp/pre/samba-3.0.5pre1.tar.asc">GPG signature</a> is for the uncompressed tarball.
-    There have been several bug fixes since the 3.0.4 release that
-    we feel are important to make available to the Samba community
-    for wider testings.  This release is  <b>not</b> intended for production 
-    servers.  Use at your own risk.    Please refer to the <a 
-    href="/samba/ftp/pre/WHATSNEW-3-0-5pre1.txt">Release Notes</a> for 
-    descriptions of the exact changes.
-
-    <P><b>ATTENTION! NEW BEHAVIOR!</b>
-
-    <p>Beginning with Samba 3.0.5pre1, clients supporting the UNIX 
-    extensions to the CIFS protocol can create symlinks to 
-    absolute paths which <em>will be followed</em> by the server.  This 
-    functionality has been requested in order to correctly support 
-    certain applications when the user's home directory is mounted 
-    using some type of CIFS client (e.g. the cifsvfs in the Linux 
-    2.6 kernel).
-
-    <p>If this behavior is not acceptable for your production environment,
-    you can set <a href="/samba/docs/man/smb.conf.5.html">wide 
-    links = no</a> in the specific share declaration in 
-    the server's smb.conf.  Be aware that disabling wide link support 
-    out of a share in Samba may impact the server's performance due 
-    to the fact that smbd will now have to check each path additional 
-    times before traversing it.
-
-    <p><a href="http://samba.org/~jerry/RPMS/samba/">RPMS for RedHat 8/9 
-    and Fedora Core 1</a> can also be downloaded.
-</li>
-</ul>
-
-<a href="whatsnew/">older news</a>
-
-<p>
-<hr>
-<CENTER>
-<a href="/samba/tshirt.html">Samba T-shirts and mugs</a>
-<a href="/samba/tshirt.html"><img src="/samba/images/t-small.jpg"
-alt="" align="MIDDLE" border=0></a>
-<a href="/samba/tshirt.html">are available!</a>
-</CENTER>
-
-<hr>
-<p align="center"><em>Please use the closest <A HREF="/samba/">mirror
-site</A> for these web pages. The popularity of Samba puts a strain on
-our network. By using a mirror site you can do your bit to reduce the
-load.</em>
-
-<p>
-
-<!--#include virtual="/samba/footer.html" -->
+<!--#include virtual="/samba/header.html" -->
+<title>You are being redirected...</title>
+
+<meta http-equiv="refresh" content="5;url=/samba/" />
+
+<style type="text/css">
+body {
+	font-family:Lucidasans, Helvetica, Verdana, sans-serif;
+	font-size:medium;
+	text-align:center;
+	border-top:75px solid #3878CD;
+	border-bottom:25px solid #3878CD;
+}
+h2 {
+	position:absolute;
+	top:25px;
+	left:10px;
+	color:#FFF;
+}
+p {
+	width:50%
+}
+</style>
+
+</head>
+
+<body>
+
+<h2>samba.org</h2> 
+
+<p>If you haven't noticed yet, we've reorganized.  You'll be redirected in 5 seconds.  If 
+nothing happens, <a href="/samba/">click here</a>.</p>
+
+</body>
+</html>
\ No newline at end of file
diff --git a/search.html b/search.html
index 314e937..606d011 100755
--- a/search.html
+++ b/search.html
@@ -1,4 +1,6 @@
-<!--#include virtual="/samba/header.html" -->
+<!--#include virtual="/samba/header.html" --> 
+  <title>Search Samba.org</title>
+<!--#include virtual="/samba/header2.html" -->
 
   <h2 align="center">Search</h2>
 
diff --git a/sitemap.html b/sitemap.html
index bdad399..e7cb16d 100644
--- a/sitemap.html
+++ b/sitemap.html
@@ -1,4 +1,6 @@
-<!--#include virtual="/samba/header.html" -->
+<!--#include virtual="/samba/header.html" --> 
+  <title>Samba - Sitemap</title>
+<!--#include virtual="/samba/header2.html" -->
 
 <h2 align="center">Samba.org Site Map</h2>
 
diff --git a/style/bugzilla.css b/style/bugzilla.css
new file mode 100644
index 0000000..cb1fcda
--- /dev/null
+++ b/style/bugzilla.css
@@ -0,0 +1,132 @@
+.header {
+	position:absolute;
+	top:0;
+	left:0;
+        padding: 3px 10px 3px 10px;
+	height:35px;
+	width:100%;
+	background-color:#FFFF64;
+        color:#000;
+	border-bottom:2px solid #3878CD;
+	z-index:1;
+}
+.header a:link,
+.header a:visited { 
+        color: rgb(56, 120, 205);
+ }
+.bughunt {
+	text-align:right;
+}
+
+/*PNG transparency across browsers*/
+#logo>.bug_logo {
+        background-image:url(http://tmp.vlankhaar.dyndns.org/samba/images/bugzilla/bug_logo.png);
+        background-position:center;
+        background-repeat:no-repeat;
+}
+#logo>.bug_logo_small {
+        background-image:url(http://tmp.vlankhaar.dyndns.org/samba/images/bugzilla/bug_logo_small.png);
+        background-position:center;
+        background-repeat:no-repeat;
+}
+#logo a:hover {
+	background:transparent;
+}
+.bug_logo {
+        float: right;
+	width:347px;
+	height:112px;
+	margin:0;
+	z-index:1;
+}
+.bug_logo_small {
+	position:absolute;
+	margin-top: 45px;
+	margin-left:10px;
+        width: 180px;
+        height: 58px];
+	z-index:1;
+}
+
+/* Styles for main content area */
+#content>.center {
+        min-height:700px;
+}
+.center {
+	position:absolute;
+	top:0;
+	min-height:700px;
+ 	margin:0 1% 0 130px;
+	padding-top:50px;
+	padding-left:75px;
+	padding-right:20px;
+	background-color:#FFF;
+	border-left:1px solid #FFFF64;
+	border-right:1px solid #FFFF64;
+}
+
+
+/* bugzilla message (like, logout) */
+.message { 
+        border: solid 2px green;
+        color: green;
+        padding: 5px;
+        margin: 10px 0px 10px 0px;
+}
+
+
+
+/* tabs in bugzilla. probably useful anywhere tabs are used? */
+
+td.unselected_tab a:link,
+td.unselected_tab a:visited {
+        color: rgb(56, 120, 205);
+}
+td.selected_tab {
+	border-style: solid;
+	border-width: 2px 2px 0px;
+	background-color: rgb(56, 120, 205);
+	margin: 4px 4px 0px 0px; 
+}
+td.unselected_tab, td.spacer { 
+	border-style: solid; 
+	border-width: 0px 0px 2px; 
+	padding: 4px 4px 0px 10px;
+	vertical-align: bottom;
+	margin:0; 
+}
+td.unselected_tab div {
+	background-color: rgb(229, 233, 245); 
+	border-style: solid;
+	border-color: rgb(56, 120, 205);
+	border-width: 2px 2px 0px 2px;
+	vertical-align: middle;
+	padding: 2px;
+	height: 80%;
+} 
+td.unselected_tab a { 
+	width:100%;
+	height:100%;
+	vertical-align: middle;
+	display:block;
+}
+
+/* used by the mouse-over help in Bugzilla query page */
+.help {
+        border-style: solid;
+        border-width: 2px;
+        border-color: rgb(56, 120, 205);
+	background-color: rgb(229, 233, 245); 
+        padding: 5;
+        position: absolute;
+}
+
+#login_info {
+        width: 100%;
+        height: 2em;
+        margin: 10px 0 10px 0;
+        padding: 5px;
+	background-color:#FFFF64;
+	border:2px solid #3878CD;
+        
+}
diff --git a/style/common.css b/style/common.css
new file mode 100644
index 0000000..7abbcca
--- /dev/null
+++ b/style/common.css
@@ -0,0 +1,182 @@
+/* common.css */
+
+	/********* Basic elements across the site **********/
+	/***************************************************/
+
+body {
+	margin:0;
+	background-color:#E5E9F5;
+	font-family:Lucidasans, Helvetica, Verdana, sans-serif;
+	font-size:medium;
+	color:#000;
+}
+h1 {
+	font-size:x-large;
+}
+h2 {
+	text-align:left;
+	color:#FFFF64;
+	font-size:large;
+	background-color:#3878CD;
+	margin-top:60px;
+	margin-bottom:15px;
+	padding:2px;
+	padding-left:5px;
+}
+h3 {
+	font-size:medium;
+}
+h5 {
+	font-size:small;
+	text-align:right;
+	display:inline;
+}
+* html h5 {
+	padding-right:4px;
+}
+h6 {
+	font-size:small;
+	text-align:right;
+	text-align:right;
+}
+h6 a {
+	margin-right:3px;
+}
+table.real thead { 
+        background-color: #E5E9F5;
+}
+table.real th,
+table.real td {
+        border: 1px solid #3878CD;
+        padding: 2px;
+}
+table.real { 
+        border: 2px solid #3878CD;
+        background-color: #F5F8FF;
+}
+a:link:hover {
+	color:#CC0033;
+	background-color:#FFFF64;
+}
+blockquote {				
+	margin:35px;			
+	padding:15px; 			
+	border-left:2px groove #CCC;
+	border-top:2px groove #CCC;
+}
+img {
+	border:0;
+}
+.punch {  			/*creates a bold typeface */
+	font-weight:bold;
+}
+
+	/********************* header styles *******************************/
+	/******************************************************************/
+#banner {
+	position:absolute;
+	top:0;
+	left:0;
+	height:90px;
+	width:100%;
+	padding-top:4px;
+	background-color:#FFFF64;
+}
+.srch, .mirrors {
+	text-align:right;
+
+}
+.srch form {
+	display:inline;
+}
+.stripe {
+	position:absolute;
+	top:40px;
+	left:0;
+	height:55px;
+	width:100%;
+	background-color:#3878CD;
+	border-top:2px solid #575756;
+	border-bottom:2px solid #575756;
+}
+.slogan {
+	position:absolute;
+	left:187px;
+	z-index:1;
+}
+html>body .slogan { 	/**** Opera needs its own rule *********/
+	top:100px;
+}
+:root .slogan {		/**** Undo the Opera rule for all other browsers ****/
+	top:80px;
+}
+* html .slogan {	/** Then, give IE 5/6 its own rule ****** */
+	top:100px;
+}
+
+		/******** PNG logo with transparency across browsers  */
+		/******************************************************/
+#logo>.logo_hack {
+	background-image:url(/samba/images/logo.png);
+	background-position:center;
+	background-repeat:no-repeat;
+}
+.logo_hack {
+	position:absolute;
+	top:25px;
+	left:0;
+	width:250px;
+	height:119px;
+	padding:0;
+	margin:0;
+}
+.logo_hack a:hover {
+	background:transparent;
+}
+
+		/******** Main nav menu styles ****************/
+		/**********************************************/
+.nav {
+	position:absolute;
+	top:152px;
+	left:20px;
+	width:180px;
+	background-color:#F5F8FF;
+	border:2px groove #3878CD;
+	padding:0;
+	padding-bottom:5px;
+	margin:0;
+	z-index:1;
+}
+.nav ul {
+	list-style-type:none;
+	text-align:center;
+	padding:0;
+	margin:0;
+}
+.nav a,
+.nav a:link,
+.nav a:visited {
+	display:block;
+	height:20px;
+	font-size:small;
+	color:#2B5C9F;
+}
+.nav a:hover {
+	color:#FFF;
+	background-color:#3878CD;
+}
+.nav a:active {
+	color:#FFFF64;
+	background-color:#3878CD;
+	font-size:14px;
+}
+.nav img {
+	padding:0;
+	margin:0;
+	width:180px;
+	height:30px;
+}
+.colophon {
+	margin-left:20px;
+}
diff --git a/style/history.css b/style/history.css
new file mode 100755
index 0000000..607c113
--- /dev/null
+++ b/style/history.css
@@ -0,0 +1,42 @@
+		/* for left border links*/
+.notes {
+	position:absolute;
+	top:265px;
+	left:0;
+}
+.notes ul {
+	list-style-type:none;
+	text-align:left;
+	padding-left:12px;
+	margin:0;
+	font-size:10px;
+}
+		/* Styles for main content (center column) */
+#content>.center {
+	
+}
+.center {
+	position:absolute;
+	top:100px;
+	left:175px;
+	margin:0 2% 0 0;
+	padding-top:30px;
+	padding-left:35px;
+	padding-bottom:50px;
+	padding-right:15px;
+	background-color:#FFF;
+	border-left:1px solid #FFFF64;
+	border-right:1px solid #FFFF64; 
+)
+.headline {
+	margin-left:40px;
+	font-style:italic;
+}
+#content h4 {
+	font-weight:bold;
+	margin:50px 10px 15px 0;
+}
+.latest ul {
+	list-style-type:none;
+	margin-left:40px;
+}
diff --git a/style/main.css b/style/main.css
new file mode 100644
index 0000000..ab41add
--- /dev/null
+++ b/style/main.css
@@ -0,0 +1,88 @@
+/* main.css */
+
+		/******* Links for right-hand side of the page ******/
+		/****************************************************/
+div#links {
+	float:right;
+	margin:115px 1em 0 0;  
+	padding:0;
+}
+* html #links { 	/* Applies to IE5/6 only */
+	margin:115px .5% 0 0;
+}
+#links h4 {
+	margin-top:10px;
+	margin-left:1.5px;
+	font-size:small;
+}
+#links ul {
+	list-style-type:none;
+	padding:0;
+	padding-top:5px;
+	margin-left:20px;
+}
+#links a {
+	font-size:small;
+}
+#links p {
+	margin-top:25px;
+	margin-left:20px;
+}
+.releases {
+	padding:2px;
+	margin-top:35px;
+	border:1px solid #CCC;
+	background-color:#E5E9F5;
+}
+.beyond, .related {
+	padding:2px;
+	margin-top:25px;
+	border:1px solid #CCC;
+	background-color:#E5E9F5;
+}
+.beyond li {
+	margin-bottom:10px;
+}
+
+		/****** Formats the page layout ********************/
+		/**************************************************/ 
+#content>.center {
+	min-height:800px;
+	z-index:0;
+}
+.center {
+	margin:0 22% 0 175px;
+	padding-top:130px;
+	padding-left:35px;
+	padding-bottom:50px;
+	padding-right:15px;
+	background-color:#FFF;
+	border-left:1px solid #FFFF64;
+	border-right:1px solid #FFFF64;
+	z-index:-1;
+}
+.headline {
+        margin-left:20px;
+        font-style:italic;
+}
+		/*********T-shirts and mirror footnotes *************/
+		/****************************************************/
+.plugs {
+	font-style:italic;
+	text-align:center;
+	border-top:2px groove #3878CD;
+	border-bottom:2px groove #3878CD;
+	padding:10px;
+	margin-top:100px;
+}
+.plugs p {
+	padding:30px;
+}
+.plugs img {
+	float:left;
+}
+.request {
+	margin-top:50px;
+	font-style:italic;
+	font-size:small;
+}
diff --git a/style/support.css b/style/support.css
new file mode 100755
index 0000000..a09c520
--- /dev/null
+++ b/style/support.css
@@ -0,0 +1,43 @@
+		/* Styles for main content (center column) */
+#content>.center {
+	min-height:800px;
+}
+.center {
+	margin:0 5% 0 175px;
+	padding-top:150px;
+	padding-left:35px;
+	padding-bottom:50px;
+	padding-right:15px;
+	background-color:#FFF;
+	border-left:1px solid #FFFF64;
+	border-right:1px solid #FFFF64;
+}
+.disclaimer {
+	margin:30px;
+	font-style:italic;
+}
+.info {
+	margin:150px 15px 15px 15px;
+	padding:10px;
+	font-size:small;
+	border-top:1px dotted #3878CD;
+	border-bottom:1px dotted #3878CD;
+}
+			/*style for countries list */
+#countries {
+	float:left;
+	margin:240px 0 0 10px;
+	padding:0;
+	background-color:#E5E9F5;
+}
+#countries ul {
+	list-style-type:none;
+}
+#countries a {
+	font-size:12px;
+}
+#countries h4 {
+	margin-top:10px;
+	margin-left:1.5px;
+	font-size:small;
+}
diff --git a/style/wide.css b/style/wide.css
new file mode 100644
index 0000000..7dfd89e
--- /dev/null
+++ b/style/wide.css
@@ -0,0 +1,25 @@
+/* Styles for main content (center column) */
+#content>.center {
+	height:auto;
+	z-index:0;
+}
+ 		     /* The .center styles only apply to IE */
+.center {
+	height:1300px;
+	margin:0 2% 0 175px;
+	padding-top:130px;
+	padding-left:35px;
+	padding-bottom:50px;
+	padding-right:15px;
+	background-color:#FFF;
+	border-left:1px solid #FFFF64;
+	border-right:1px solid #FFFF64;
+	z-index:-1;
+}
+.teampic {
+	text-align:center;
+}
+.teampic img {
+	width:431px;
+	height:300px;
+}
diff --git a/subversion.html b/subversion.html
index 6bd52f8..16b7908 100755
--- a/subversion.html
+++ b/subversion.html
@@ -1,4 +1,6 @@
-<!--#include virtual="/samba/header.html" -->
+<!--#include virtual="/samba/header.html" --> 
+  <title>Samba - Subversion Instructions</title>
+<!--#include virtual="/samba/header2.html" -->
 
 <h2 align="center">Subversion access to svnanon.samba.org</h2>
 
@@ -37,11 +39,6 @@ svn co svn://svnanon.samba.org/samba/branches/SAMBA_3_0 samba-3_0
 svn co svn://svnanon.samba.org/samba/branches/SAMBA_4_0 samba-4_0
 </blockquote>
 
-<p>Samba Documentation sources are located at:
-
-<blockquote>
-svn co svn://svnanon.samba.org/samba-docs/trunk samba-docs
-</blockquote>
 
 <H3>Access via rsync and ftp</H3>
 
diff --git a/team/header_team.html b/team/header_team.html
new file mode 100755
index 0000000..c7e5959
--- /dev/null
+++ b/team/header_team.html
@@ -0,0 +1,134 @@
+
+<link rel="stylesheet" href="/samba/style/common.css" type="text/css" media="all" />
+<link rel="stylesheet" href="/samba/style/wide.css" type="text/css" media="all" />
+<link rel="shortcut icon" href="/samba/images/favicon.ico" />
+
+<!--[if gte IE 5.5]>
+	<style type="text/css">
+	/*<![CDATA[*/
+	.logo_hack {
+filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(src='/samba/images/log
+o.png',sizingMethod='scale');
+	}
+	/*]]>*/ 
+	</style>
+<![endif]-->
+
+<!--[if lte IE 5]>
+	<style type="text/css">
+	/*<![CDATA[*/
+	.logo_hack {
+	background-image:url(/samba/images/logo.gif);
+	background-position:center;
+	background-repeat:no-repeat;
+	top:23.5px;
+	left:-10px;
+	}
+	/*]]>*/
+        </style>
+<![endif]-->
+
+<script type="text/javascript">
+
+   function changeMirror(mirrorChoice) {
+   	mirrorSite = mirrorChoice.options[mirrorChoice.selectedIndex].value 
+   	
+   	if (mirrorSite != "") { 
+   		document.location.href = mirrorSite 
+   		} 
+   }
+
+</script>
+
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<meta http-equiv="Content-Language" content="en-us" />
+<meta name="keywords" content="Samba SMB CIFS" />
+<meta name="description" content="Home of Samba, the SMB file server" />
+<meta name="robots" content="noindex" />
+
+</head>
+
+
+<body onload="document.mirrorForm.mirrorLocation.selectedIndex=0">
+
+<div id="banner">
+  <div class="stripe"></div>
+  
+  <div class="srch">
+  <h5>search samba.org:</h5>
+  <form method="post" action="http://de.samba.org/cgi-bin/htsearch">
+  <input type="text" size="15" name="words" value="" />
+  <input type="submit" value="Go" />
+  </form>
+  <span>|</span>
+  <form action="no_script_required.cgi" name="mirrorForm">
+    <select name="mirrorLocation" onchange="changeMirror(this.form.mirrorLocation)">
+    <option selected="selected">Choose A Mirror</option>
+    <!--#include virtual="http://www.samba.org/samba/mirror_options.html" --> 
+    </select>
+   </form>
+  </div>
+</div>
+
+<div id="logo">
+  <div class="logo_hack"><a href="/samba/"><img src="/samba/images/linkpad.gif" alt="Samba" /></a></div>
+</div>
+
+<div class="slogan">
+  <h4>Opening Windows to a Wider World</h4>
+</div>
+
+<div class="nav">
+  
+  <img src="/samba/images/think.png" alt="think samba" />
+  <ul>
+  <li><a href="/samba/what_is_samba.html">What Is Samba?</a></li>
+  <li><a href="http://news.samba.org/">Latest News</a></li>
+  </ul>
+    
+  <img src="/samba/images/get.png" alt="get samba" />
+  <ul>  
+  <li><a href="/samba/download/">Download Info</a></li>
+  <li><a href="/samba/ftp/Binary_Packages/">Binaries</a></li>
+  <li><a href="/samba/docs/man/Samba-HOWTO-Collection/install.html">How To Install</a></li>
+  <li><a href="/samba/GUI/">GUI Interfaces</a></li>
+  </ul>
+    
+  <img src="/samba/images/learn.png" alt="learn samba" />
+  <ul>
+  <li><a href="/samba/docs/man/Samba-HOWTO-Collection/">Official HOWTO</a></li>
+  <li><a href="/samba/docs/man/Samba-Guide/">By Example</a></li>
+  <li><a href="/samba/docs/">All The Docs</a></li>
+  </ul>
+    
+  <img src="/samba/images/talk.png" alt="talk samba" />
+  <ul>
+  <li><a href="http://lists.samba.org">List Subscribe</a></li>
+  <li><a href="/samba/archives.html">List Archives</a></li>
+  <li><a href="/samba/irc.html">IRC</a></li>
+  <li><a href="/samba/ml-etiquette.html">Etiquette</a></li>
+  </ul>
+    
+  <img src="/samba/images/hack.png" alt="hack samba" />
+  <ul>
+  <li><a href="/samba/devel/">Devel Overview</a></li>
+  <li><a href="http://websvn.samba.org">SVN Source</a></li>
+  <li><a href="http://cvs.samba.org/cgi-bin/cvsweb/">CVS Source</a></li>
+  <li><a href="http://build.samba.org/">Build Farm</a></li>
+  <li><a href="https://bugzilla.samba.org">Bug Reports</a></li>
+  </ul>
+    
+  <img src="/samba/images/contact.png" alt="contact samba" />
+  <ul>
+  <li><a href="/samba/team/">Samba Team</a></li>
+  <li><a href="/samba/donations.html">Donations</a></li>
+  <li><a href="/samba/team/tshirt.html">T-shirts, etc</a></li>
+  <li><a href="/samba/contacts.html">Contacts For...</a></li>
+  </ul>
+    
+</div>
+
+ 
+<div id="content">
+  <div class="center">
+
diff --git a/team.html b/team/index.html
similarity index 86%
rename from team.html
rename to team/index.html
index 8fa92da..c41d2e9 100755
--- a/team.html
+++ b/team/index.html
@@ -1,8 +1,10 @@
-<!--#include virtual="/samba/header.html" -->
+<!--#include virtual="/samba/header.html" --> 
+  <title>The Samba Team</title>
+<!--#include virtual="header_team.html" -->
 
 <H2 align="center">The Samba Team</H2>
 
-<P>The Samba Team is a loose-knit group of about 20 people from all over the world who contribute regularly to Samba and have direct write access to the <A HREF="/samba/subversion.html">Samba subversion tree</A>.  The number of people actively doing subversion checkins is approximately 10 - 12 people.  Of course, there is <a href="/samba/devel/TODO.html">always room to help</a>.</p>
+<p>The Samba Team is a loose-knit group of about 20 people from all over the world who contribute regularly to Samba and have direct write access to the <A HREF="/samba/subversion.html">Samba subversion tree</A>.  The number of people actively doing subversion checkins is approximately 10 - 12 people.  Of course, there is <a href="/samba/devel/TODO.html">always room to help</a>.</p>
 
 <h3>New Team Member</h3>
 <p>We are pleased to welcome <a href="vance@samba.org">Vance Lankhaar</a> as
@@ -15,14 +17,10 @@
 
 <P>Here is a photo of some of us at the CIFS conference in 2003:
 
-<P><A HREF="images/team_l2003.jpg">
-<IMG SRC="images/team_s2003.jpg" width=431 height=300
-ALT="Left to Right: Andrew Bartlett, Jelmer Vernooij, Rafal Szczesniak, Alexander Bokovoy,
-Herb Lewis, Jeremy Allison, Andrew Tridgell, Volker Lendecke, Tim Potter.
-Top: Gerald Carter"></A>
+<div class="teampic"><a href="/samba/images/team_l2003.jpg"><img src="/samba/images/team_l2003.jpg" alt="Left to Right: Andrew Bartlett, Jelmer Vernooij, Rafal Szczesniak, Alexander Bokovoy, Herb Lewis, Jeremy Allison, Andrew Tridgell, Volker Lendecke, Tim Potter." /></a></div>
 
-<P>Photo from 2002 <A HREF="/samba/team2002.html">here</A>.
-<P>Old photo from '98 <A HREF="/samba/team98.html">here</A>.
+<P>Photo from 2002 <A HREF="/samba/team/team2002.html">here</A>.
+<P>Old photo from '98 <A HREF="/samba/team/team98.html">here</A>.
 
 <P>If you want to become a member of the team then the first thing you
 should do is join the <A
@@ -80,6 +78,7 @@ mailing list</A> and start contributing to the development of Samba.
 </tr>
 </table>
 
+
 <H2>Samba Team Alumni</H2>
 
 Many thanks to the following people for their contributions to Samba
diff --git a/team2002.html b/team/team2002.html
similarity index 62%
rename from team2002.html
rename to team/team2002.html
index 0cd4775..1ef400f 100755
--- a/team2002.html
+++ b/team/team2002.html
@@ -1,11 +1,13 @@
-<!--#include virtual="/samba/header.html" -->
+<!--#include virtual="/samba/header.html" --> 
+  <title>Samba - Photo from CIFS 2002</title>
+<!--#include virtual="header_team.html" -->
 
 <H2 align="center">The Samba Team</H2>
 
 <P>Here is a photo of some of us at the CIFS conference in 2002:
 
-<P><A HREF="images/team_l2002.jpg">
-<IMG SRC="images/team_s2002.jpg" width=540 height=296
+<P><A HREF="/samba/images/team_l2002.jpg">
+<IMG SRC="/samba/images/team_s2002.jpg" width=540 height=296
 ALT="Left to Right: Tim Potter, Jelmer Vernooij, Volker Lendecke,
 Christofer Hertel, Jim McDonough, Vance, Andrew Tridgell, Herb Lewis,
 Jeremy Allison, Simo Sorce, Richard Sharpe, Gerald Carter, John Terpstra,
diff --git a/team98.html b/team/team98.html
similarity index 63%
rename from team98.html
rename to team/team98.html
index 35394c1..3a8b9e9 100755
--- a/team98.html
+++ b/team/team98.html
@@ -1,11 +1,13 @@
-<!--#include virtual="/samba/header.html" -->
+<!--#include virtual="/samba/header.html" --> 
+  <title>Samba - Photo from CIFS 1998</title>
+<!--#include virtual="header_team.html" -->
 
 <H2 align="center">The Samba Team</H2>
 
 <P>Here is a photo of some of us at the CIFS conference in 1998:
 
-<P><A HREF="images/team_large.jpg">
-<IMG SRC="images/team_small.jpg" width=469 height=305
+<P><A HREF="/samba/images/team_large.jpg">
+<IMG SRC="/samba/images/team_small.jpg" width=469 height=305
 ALT="Left to Right: John Terpstra, Larry Daasch, John Sygulla,
 Jerry Carter, Herb Lewis, Dana Treadwell, Volker Lendecke,
 Michael Warfield, Luke Leighton, Chris Hertel, Andrew Tridgell,
diff --git a/tshirt.html b/team/tshirt.html
similarity index 96%
rename from tshirt.html
rename to team/tshirt.html
index e6992ea..a1139e0 100755
--- a/tshirt.html
+++ b/team/tshirt.html
@@ -1,4 +1,6 @@
-<!--#include virtual="/samba/header.html" -->
+<!--#include virtual="/samba/header.html" --> 
+  <title>T-shirts and other Samba gear</title>
+<!--#include virtual="header_team.html" -->
 
 <P>
 <CENTER>
diff --git a/thanks.html b/thanks.html
index 22dfc39..ee0ee34 100755
--- a/thanks.html
+++ b/thanks.html
@@ -1,4 +1,6 @@
-<!--#include virtual="/samba/header.html" -->
+<!--#include virtual="/samba/header.html" --> 
+  <title>Samba Thank Yous</title>
+<!--#include virtual="/samba/header2.html" -->
 
 <H2 align="center">Thanks</H2>
 
diff --git a/tng.html b/tng.html
index 9b9e691..1644ff2 100755
--- a/tng.html
+++ b/tng.html
@@ -1,4 +1,6 @@
-<!--#include virtual="/samba/header.html" -->
+<!--#include virtual="/samba/header.html" --> 
+  <title>Samba/Samba-TNG Explained</title>
+<!--#include virtual="/samba/header2.html" -->
 
 <H2 align="center">Samba-TNG fork</H2>
 Everyone pretty much knows now that the Samba codebase has forked,
diff --git a/top_level_template b/top_level_template
new file mode 100644
index 0000000..cc87e72
--- /dev/null
+++ b/top_level_template
@@ -0,0 +1,10 @@
+<!--#include virtual="/samba/header.html" --> 
+  <title>Page Specific Title Goes Here</title>
+<!--#include virtual="/samba/header2.html" -->
+
+
+Place your content between the includes.
+
+
+
+<!--#include virtual="/samba/footer.html" -->
\ No newline at end of file
diff --git a/what_is_samba.html b/what_is_samba.html
new file mode 100755
index 0000000..4a2fbda
--- /dev/null
+++ b/what_is_samba.html
@@ -0,0 +1,31 @@
+<!--#include virtual="/samba/header.html" --> 
+  <title>What is Samba?</title>
+<!--#include virtual="/samba/header2.html" -->
+
+<h2>What is Samba?</h2>
+
+<p>As the front page at <a href="/samba/">samba.org</a> says, "Samba is an Open Source/Free Software suite that provides seamless file and print services to SMB/CIFS clients."  Samba is freely available, unlike other SMB/CIFS implementations, and allows for interoperability between Linux/Unix servers and Windows-based clients.</p>
+
+<p><a href="/samba/docs/man/guide/">Samba-3 by Example</a> explains further, saying:</p>
+
+<blockquote> Samba is software that can be run on a platform other than
+Microsoft Windows, for example, UNIX, Linux, IBM System 390, OpenVMS, and other
+operating systems. Samba uses the TCP/IP protocol that is installed on the host
+server. When correctly configured, it allows that host to interact with a Microsoft
+Windows client or server as if it is a Windows file and print
+server.</blockquote>
+
+<p>From <a href="/samba/docs/man/howto/">The Official Samba HOWTO</a>:
+
+<blockquote>The goal behind the project is one of removing barriers to
+interoperability.</blockquote>
+
+<p>Samba is a software package, then, that gives network administrators flexibility and feedom in terms of setup, configuration, and choice of systems and equipment.  Because of all that it offers, Samba has grown in popularity, and continues to do so, every year since its release in 1992.<p>
+
+<p>For more details on Samba or SMB, see:</p>
+    <ul>
+    <li><a href="/samba/docs/SambaIntro.html">Intro to Samba</a></li>
+    <li><a href="/samba/devel/#learn">SMB/CIFS Links</a></li>
+    </ul>
+
+<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/award_photo_i3.jpg b/whatsnew/award_photo_i3.jpg
deleted file mode 100755
index 3106de2b7d0778f59119048956713f112d5d2e3e..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 8748
zcmb7obyO5y(DsrGE-Af)NC-$tES(~;bPEV5(k>}W2}ntYu%t-0lr-!TN;gR75=$)7
zU821FzW1E(`}>>ubLKpAXXZI`=ia-yyHx;%x(ZYUfP;erP`g*a-9G@G(tBGgxUCJV
zw<Fwv)zHC~RTZkGd$$Ns0uT`r0tpF-fIuKIG0_7OYElvqh=k!G6*)CC_z?>;n2Cv%
zLx78wjgOs)iCdh9@0pOOsOTduNm&VD837Sd;r~Ezh>3|wKqT~}r1Zj%nH~%Of6LuZ
z03{L5Q@}bN4jTZM5(keG=dK&T1OVU={Flc66&wIA9zFpfkm%m3KmowP!^OuV00M{z
z@bT__{*RTC;NfE-LPb3)HY@jFAhmE}UQGwP$aDSoA>(T_9EkiQ(YLjowARP>2#ojG
z|11A5z<+>*z<VPf<$YjW9Q=F51^(|5aBwN{@bA$T38~oh2&_7UMMU2QC)OO_EdWUH
z?wu*|C;{?-qe6sghA1%`0w1AP`cSQ~lxUtq7hhkcAJ<sN$>v1N*s739eZ2DX%%HR3
zgg%rpV?T*TL6JIvgAxjWQYYXi)~eyE<pyy?8!JGd90|WTqSfz_a)}C~0nt!aC|itz
z$HL+Q)?l3a>aqU`VNI2H5XdUsEh?8jgE>veBR+`7O#*B`%uWvTB$a*ySy1k}17Ild
zga9jcVn5F<eQissn7nR$C-YNP7kE)iohsP{A|^^-lTAp|nkJ9781Q8?4J&AAhm{8t
z=a}*4%p9#*cS})y=$_pR-afXjGL9jVL`wGpRK*9Bt5?=|k{`|PTpDQyiE9A2A8B01
zzJjG|^qMDsX-fe(j(_&1axHt=KhvAOqgLJYEnK@U{3eV!t>EWFWeyw;eT9e0WDdB{
zepX@*L>>o14g6UYv6Tzui00u)NmL-*zRy`JY$g>L9(`?tFmNaUXP4v;CH%IXa@)le
z=fSdZ;PGO>9Kq|2qO-ci{Eq6z=k$JgW8#B^9UsUT)n<AZV@zJ<ZyjAlm4*DpCeB*f
z&g*vz2m6_LnrD7RN?+Ne7ddIsPR(-(6_g>F8AoEYt;Zz{q!bkK0pcLpl-=gOZ&C49
z1Sp#Bbsw1dY@I;iSAm1-2?KdvthGf$OqzJig||(tj~lS9>gRU)fw3gSdca-EzdDMb
z&!=I%AVOa6!W2}~yB==x&f1DU^}2S^FVLBerNzEvbZCwv4q=p}e_sX=48B3Zfw=EJ
z$9?yqMiAb22zA{1mfzO_Ag=rvsf@4hui;H@o1?I_KugES+|pw;aLgb3<Y{!Iw9k4A
z4@hZgyv|&^h*rZjqR{HC_jK=qe{Lf$Rw}siN7<79`%%p7Of{inO746~4kV^a2a%sR
zPekSh&M~-t1;3)<KAaLdm9gx$T!;xAjY;!x*>i7HX{3pfO56`SY4HPQ;kBk#am9Fv
zHo*(gjR2RIoG&%_w85zn%@Uw9tn-hj%j}c^B;;0{!|Wenbg~wzh3m(t0-<83p7Zal
zF_~Y^n9fghQQ@HvL-bTmI2wXS+&^lVeI<+SX1VdwVn70R2zp!2H6`F$iIb|JeD_H$
zxgm>5ORD|XlS9X)AYL{1!M)Tc7d2A>og0Pr_Pq0cn;aJ2nOYh`JvP=1es%R^+hAhe
zP~YK`gCh94_ak{3r{dgb4b2du!boDa5d08sRyDQ|Jeve4o}MDLzB0ZphpsX%V}1~t
znl!=DbMB9n2S;U9QG#gAuZu#7Ii{xS<LR!A=F3~&Zx`Ol#|&0(qgUoLxXvE#SE$j~
zYaiS#>{*gJ4c~HW$~RvEA92xsu042Rcx(WaL?6yOnCFmd;7|K}x8e@8H8f3k((3S@
z?s;d-FvnzhH2Ge7sWnXiJ@*=H)SY$cSp_o(_exey?fBlNEDVy3k;7UXhBV;L7rb&`
z(J?LOlvM5kE)7o^Bf$E23m7j_j>HYgClVT4Z34!xiJoPo3X6CDk?T{Mc9{B8F|`k8
z4TVWi)tGNgC{gEn#oP0nt=6xGtEyll7-^;cS=*dGiLvoWIsSR$ubd=0e|F&D1`e(K
zJWPX8ec#ps?%pna`ffeDnEUm7b4{(&5z}t)dZ{Jb{@^9%Yz;e;%NngQJxc7M%o=2h
zOEu{D0{?zm-48AN|7eS^r_72_djRFgHJ?mi%r7OQb0iMgb7M{L#^*7xp`%mWmK&;3
zBvm$|LKmj`x%lp1Shk7AR&<?8za-mjogJB@u}L;*ld1X2G_STp&bdElDLk-F4s2oV
zKW;3~Nqu)9<@5f^vePz)H076YyyTi7SvySHx+J^2C?G(!#r_UJ>N3LM0oq1h^#6p@
z%_3TVb0RXEA>Gc$d~3-qi^Xe#Swg#y^j;f|`ILlHi~#Ja<mg^;?uP^iF`AoSlONh5
zuE7&JHYP@z_OwohV*rFXp2-TJMm*(cj6Z!uHT@X<x)rlWha~0N3as6@u9Wdu4(!<>
zcm?7dIm%W_n;3dlH2@J^ZSuC!eUV%C(0l@l%L$>5288gi;X*m?C%GCJ!IY>>ouG^Z
z#W%!f3sTm7{=%GtDoCO9ZN|GDpIk@(vBXMiRdK3Z%K{RQaZL`=$KS6Oe^qgXIWjGC
zb#4G#7fP2zw^!SSBHaYK!KIid49o$*&h^UAYxYTui%ToaUnki~%ARywHnGEQC{Xn7
zPx^@MTiUVdV7?3)aYzP1eKW{dMsmc#1trM9)wPVZvB4O$8z-={dN3RMyd*JvTbI^P
z{G)rlj&a0G!WAS}gE0+`Cp}Q9Ix)Ldv{3Ez=QlF$Uzq7)=wDg!9nZa)|F9Om+b5ut
zHX=9i2z0ee;q<6HwvkmnEU#n_$<_(ksG1$VDVw)X**sA@!AdS7v<5V7eAAV~{=pUn
zA?va{i8j=;OO7Z8#f`e61&-u=)(=H<EXrDp&k+gT7bn-;qhE80|GOWcKqp;+<3*bU
zE=x!5nOwFI^;+)SXdW(r`m-SHLzQ4CV$<SraGM?}Dp?i2*Lb8wC?<{iX<n|^IoC5<
z^@oRkoDmK#%@JsHDOcOMVhKCXRHT{{oQqJ0Z}Z6&3KnfM6KE0HRFIRoysVE2X^ogC
zq+#+2uzbw@(U*nIF2e+r(|j$c?POG=Yup~3H_aRqi_`nFy-%=cuMHv%?`}dGn?FgO
z9w1{jBKaJ9xw=p2bNgT=uQNY5&Oh&aQXrt+p=%TIekUpuE8C46bw_f2;oX)4l$Teo
zE-=8rN}(Fo?&#wXC7pi%3g0Rj0Wq}d!tRgHL&a-dh)rZtvE`%v?~yqIoLa$?{YtE^
z&Jbj4{I;Cd>~&hBp$;=drfzt3F5k*;$rm7?ek~X&1a;4JX`)QM-m&%A3$&riJ)>ob
zSs`ECu<0nZEn1o@>Ev6S`x~MS%OnN|4?wBlT#C1^%AzL?;-?a8rk^Ve1Lhru(6RBV
zJ9R%Cs0&LVO)TFoYNlx&x{3$Y^5F>a9y&Y7r<juVbjgTk_*p4^Dsx|8J8-(43^RZO
z;l)yU;UY^u9!=zQk%DoSE?HDpaXJ6np6vT3M#sN=rCr7y*9d(k)s;5FVUdlneis($
z&*ym^N1ZT0RcFaX^`rZ%%tJCUqWb#Fj6U183UzHqLEM?yGN*|iUT2z{Z?&H;o{2F_
z6}Y^HG%8jy-42rDpIC5_9%a3z=rYh_Oz&THdBfto(ERb|G3z5l^ao-#iQE9*Z`rKk
z<UhJ+s}nyqlD%jM0oBI#b<oq>eu-ro)UWPUSbFW=*mYAW0M7Gz96M=H596zh4HRnH
z<jQF3+Wtq-xv1DN=OlN?>Nm%kkmwq@vZr7H@mMeHEGsJ{sOg|uR=x)4tjQw8=+}aC
zg&GHi<AOkO7irzPYqv7b%DlHqD-T-Atr>GHfFqK^wa&W}N6RkeKF61qPiDbV)>>~A
z9qX#v)7F~NK(aMm<j;+Qs7BHnS_icMxP(ATZk+H}!Ef9Z!%}$3qF!3Rd<9&{jc&+G
zxm*|fFs^?j<=>@ubo#Iq#d;Q1xD~r5POt3afB62@lB`YrJkZ&vprmK}*<#Rwk7kv_
zU+h;v0OPr(;i|$9VN~JNN4u4$7l&{hl@p876+{!gy-RQZUd>87W@(1S%)-1puhY6%
zL@@@azLmtJLPuJ~r`^bvatC;77VF4z8A2L~r%$8tcN%#IQ0c9kx-N5`N;WF}>P<oW
z$%(R|FwRg^546R$z%?R4$8NV%p{^ylQ}vNHVAAGej|RRkoAaeqisegDM$+CQJv?;s
zLr+fI77yF}Q+GcT4^A6Y5pv|KTTPN4TczaTyu_6Gtr&|VLPBQ6_Q6{yN2DZ~e@hB$
zaMu?W=s4M*O#kGtHE?98usM3>$Y7$OwiR_Sh=x8D@f8>^&YWHlBU&GXbG=V!rw#fG
zkbAn!pt5i?)5Bh?nlk2xg5=);{J7uW0n+gDEX48GiW}cWffV2L4`nMX<#e7UdB!zL
zI2K3XMs3M#&<-R^^^Ce#H<dsLCFb%l>XF~p-$bjl3O^%!**MyEHnsF90}-7bp*O4)
z99HSz;O#jBHuq#Uq;DDa*?VZ)8X*nFd<22^hrb>)1&FM>xH1>TKhxynw-$ErY;pqy
z&}r-ykY82_<hj#1*-o@vD>hAi8ny>gx3d0zeX~4Dhk&#V0XIEadP+&s<Fu527!kSN
z#N7eTO_NL^ZGE*wD-bmpoRk^sBS^BI37z{6o<>#?(lfn@#R~vCUk(Sntai_qSf*c#
zj!s9v`}RYb7@HaQmtZXadYz1Hzpfd<A_AK_Kz_))6#dIJiH5ZP@EY50=V@_dU{qeh
z0%YN@HL4rpV1#YyqyW#?a;r{GnM&b83-!~g?o)Q4MW0ZLI{?m_xdw$hbA_(t{y&id
z)#0%0jE|80bJ?Uc68oKY-*rv3bs5`eV>+PfVyb9dZ4-)rn@(z<(0a^P690GL!w;o7
z-+nx<ws0NH<wp*R?!>x>taG+hg7K!M7Uul5^_vNw;S3#w3Y7kyLMwqpBtG3l*t=uP
znv}@wm*V(6<z7w<RT7Ah3)9%CX4TYZ$%*?C$g%FK^!ns<I(a?oSK!iJBnx^vP^Woq
zVMo#5^^tv}z)A8aD<%C5)|-c^V*xlNVTqpWLkRcp#f^A{<~l6pmdnL98n|*MnrhB{
zS-?q7s-5?%bo*!?QqE2iC)p@vYS%y?cNHFuHnd7;;#B|!(D>rzeHp<Id7x98vOkDL
zmqV<gI1p@qtnIbVb@skY?v#Eh^h&$tr~d<-Y&?~&myY4_7ndmr7enc9g#d2KwX7O?
zFO_2{8%O3f=r>QyVi!_A(OU{uqs|`LRbz82<^M+90ch_4Mp)aTPiHlt$$->$aov~Q
zSktwheb;c6&@0Pyp@64f7Bz3H5m%?Qz2>fduMKux%OWVsqt$0xyC<-ka~T@1&>k0e
zfbKiM2sQkuUCjz1j>o>4h<ye`fn1w6uk|p)4<{PU55&G8f>UQ$NgM6}$agc=Fy<1N
z1aGUN|5Q!lZIu<*Hl6LBeoS2l@4Lw9Q=+~kGxC2!k=->C$K1uaq35C!)|kn+M-y28
z3Sge)=e-+;qt|xv-9^kZQ6=n^QGgF~JUQi->Fdr2i9jbN1=#VVBGn-&m7grxp;YtV
zi2QZ8)fYl5ZqyQ)wZ=10zAAxK)ifj;D$cc4p-)obu-$Iy>n)#m2VkBIh_k-Q`RmzA
zNAB8d@=6V#xNfnZ>dGRb(aA)ytA5Up*?xM;Jig+y!9UCjVk;n9?AGzcfu>XZ9l$!(
zwLw#3MdAlqsZKbA@I_$kCHfAKz!FnloD;v2b(6+_{ywlVaNq6V7vZ9Qe!yp0T)&YF
z9pSu&k@%o@>f0aPE^vR@NG~c|=D#AGhq517I1^L=LyEUh&t)bmRGI9a`_GKXynO=c
zeq~DvfkcgK=&?Gz@j$7ielwQZ2&901_SfC8tz(96Q+sj=&BFc}dM0f>q4)gJd)NsS
z%d1TG;@{_BY#Z!0+#D9}$NVOji+-S{WWI7=!^gRG8P7}UJKWpGMCaL<y$upXd_46e
zw(v<qVi-J=0}3?bm{;XsJaB|R=Ud~R`Jr?WkZ-PRbsGVF(iQ5Wz*v4f*(l9;i41Wm
zdrq7{IbZ=h8w9vB4L<GmntQ}rQM*2FA7r+hBJ#v*snuw~(M5l@CuOK&?LptTu9hC%
zE_+sc-Uw^xR&yt|c@DIaf5t-Jg>l87nHk_!igOa$V2lyM?gr*BKjN{Stn7GGT<PTY
z98b7<KM#CnnrRS(;q%Di<V#SPc#l##jyWN4I(oq;QLnG2z`5``fx!FLT8Bo31^mad
z?=?Y1JAG2`GEOkXLiC&l>57Jk&J9x=7e%S)#~!z4u+zKcxe=6|$NeNUPb0NDhW31S
zR$kOvcKY1-vp%dLZYnAu{b)#$_Mti{svh|xWpn691MK%bZ9a{aW6~~JeAz+8#(A`W
zrzi5QSe{%retf~ye_?%9SjW8!6{T(rlnLBx(690Nv9tQ>vDqx9xxp6xDO68n%k$cN
zc_plf<;ks_R7tPX?>GK{I{<ynjfItjX<qB-?l$}mu=#`T{L#(WRix!U6dORT<35!9
z;oA^|=_b&y_l4S%*;(7YEAEqrUP~XTFrgZY8P#)R@B|z+i`>TFg_7N>)^0d>dvzu0
z?H4ka28Jf#DOwi{5v<9Po4%esXE-X?U3|TOY_hlhDdxGYrIlbuC2QmojV;1HNt_L0
zxE4wIrFZ19HdkD#wZad5BSoLKInsWaB+H3kMCaQ6m?ywy(bsPXcLaSCHx}q@Wep8o
z>@C&XjHK-%t6d-jui6&V>*JMQ5Y@;<N?wXK^prdo<>7aH95u#K|IlCGbfPZb^Gos0
z9=@>5!Dh7~+q|hqRCRkWe%R(l^Qna(iQ7<3BBzB$7VRTqoI{60**-h*?%${8!+h{b
zVKET$fE2I$yG0l5ZEk=ZGd`i3gCEk1;16AP@ulgIz>?Q8{iTI~YKXy_b6kCL{cxc0
zc3t9apHYLd%FRrw@nnyl<~(>W$jdiIk+E^5^+SpAn3h3!W0_<qhdaLm+oiX%e#Q@~
zPPYNx;;<xxhAt8Ib}J9$#EQ{Synk9R+M7fu+j_iOUGu^7UIVLRgV7HEcsj8onVG-J
zG>})qV;~Oa%D0k&qFu)y{Pia%)sz+lei6emKCV`xmic<zwts(})9+`}u;BPU;OBv4
zb!s~r`^eiT$FJ49(ag^bffznBcrk<Gk}YB7tU9%1KYUU?@6YepQtHmuDFr!B3OvVc
zqr8P#7*HK>=lK#u@SX-uj%f)XcW&6@R+~Q=CP+!lQ)W%zpp*NShw`o}18xml(w98<
z$HzB?wz?4LcYVoIhO{a=5IcnKcDO~V3Ol#c7ciXQbr<kj`l?Dp#`%vNnahFSCmsFW
z4abE`xtxEczLKLl*$1UVe{#vMPxWMHSxM6Z@n<Nn?f_f9AF-x6XUBH{WjDqEfh3|~
z=k-hCLZ)oi;vneqf}s7NrY9b39~E}U5chciXj(b@9b#tsHPd2t@+hePXlr-cIA!L^
zQlIF-d@l2}_aM`LWl?g2Vni#k{K?J}(C|2>qEQSmVPUuO(GjfLFpqKbY?xN~9YtpI
z#v2%yXj1`;@~9O(#q$I@U^V@;n4NKx{aO|j93I9Ic~k@eCy^V=s?ufYT8zEnuRhZl
z4O2=Tc!XWc1VkEFGF3PPWd4#9JCOOstIP#ga~<z_ZuV=h&?H_p!zr}Z9oMUwH1rNo
zrnt86=K0n2)7JfOa_ZDOgo{1S+Xw0-5+j)<ZBw+vP<_!8z2Yi-yqX0Hul@N;&}{XC
z^l$IpX%7G8gtcL~Ua39{&XrYt)|wPv;IyO>-i-|hPW4W#4<6v&uk$yN*1Zg2n0$xa
z@Z4s4=LPZic&>SL9KIITX^g2t?R<qp+Q_qKa#i3wio_94bfOqtL!ED!-G`Df9ZoUU
zzGxo4*&bE_vTap<Iq%v^-gjo(_FY!lDya)9qox68HIB8Znks6)Sq4$65zQ1ht|A!G
zn<{^Kl7=Q@lTqmA*2$1T$lLePzS#q-?l5y=h6sM5Daxug!}QNI7?T*Yfu#XF;z2&J
z%<XinOMG^5nL29EIHCcjr16R~dzTcz;5pH`n@*FgMdndjnD*SsZpbx3+`?z)`u(d^
z5hG3&cHU)C7*M9X;lj^C=Uw!NsO5PLPrkst6;*NyxZIm_L$^J4f~sPHa0g4ZMNG|#
zUsyw!Tb<QkK8S2$+Z{m3P5Xu_@L?-bQs{@EB}2COY;<(fd^n?lu?3C!2;G(0R)U<B
z)*Ya$I#x0^LZ(*k2J6o80RpEsVbT?~%eJ<HF_5-vSY~Gvw(y$$0$R{9XN~1aWox<|
z4<e;v1!B9|in`d`upDtU@;MoUfe$984vE6LoFWw3Xw4k5C(Q7iNAwV%B7meWhRZ%T
z-x=**p7>Vk+!H?)VT>FVgV{`AN8I20Epm9UkhogMn3H{?%mZzksl#SFycmhiTz6Ve
z7jnq!K<kn_;6)|#aoxrD?&IrQg119;C1ZRg8|&CUCRfa9{OG|UokTfF2`s$vU2?Zd
zrAyXx=TIhM&#{o-lU;9l9yi7zkDsg4S1yYk87m4n_XfYfLNcUvGol(^S{-MxPhFL$
z>aa_H_X<UL%s+Nsmz~JFtfQ=}GSFRseq-RqsTAMvEz{RaIGW(+LR&z{5z^J+VbJNY
z;)xLD%k4A`enIaH!28QSv8?Apz2MzyDe+V1dVO$$b-T6e@&l$rsXhtsunS$e4?Z1-
zqKrGL%Foqd53ff0ls))HJO_|k9t3A%ZfK%1PM`7Kz8+2p`q!fu$@Kewzl%c1PSik%
zL?k2k#FPOsF$c>O>XOkvWp<rD*ygQzn(R1*3D$Jf86~mn3YxcW*!)b!6y1=)<$dT^
z{sXL<yS6+9<90K^PwqH9%#jT~Gog=QvX+?o!dWV$>Ke}W>KyGMEH9qM;TUKdNRU0>
zc;IWi$fSnkSb1-NW_4g6e`y`BXI;zh*xuUk%C}--_)ShjJd|CUPG#2u?jz4Qt(VrN
zccUioeo#46=I5<|Mg9m2?v5lgOcai^^hdxZONx52141hib!)9qW@i!0h2{?SH$#gv
zyXBoWwl8ondi+hEvtuU4vT`(#Pfi(hu8ckV7%71j9LxjXvLWkkjy(TQnYGd=9WA(d
z6N3O+(tR`j;v8Ctzd3>iALL#ZXNiQo<kX9t?6}#}k&SQLmy7;};jT?&)==2AJ3Tj@
zuJDOJK|FuD%BB4WdR?^d4WwBTWMS>KOAXQNyJF6}*_4a<RNRN5k7H!iHOCJA!eD<N
z6YTrM!mqL!jFfnovtDS&EdydK;78Uri}w`2Hr+yFoT#-2|JZ_0P}!)gvuP0nox&Q~
zVIOA2nwyGQl*wV5f@D?3mYH?GB!?I~EdMh2kGP?-O(03j`2)K_4fu3Kx}J{P<N46~
z-y=eMHcbGN^R4`kc8t|Ys}z?lzgbCZ2_w;X=i-jrVVZAMC=0Zb^Yg_?3fd-ixU!U@
zklP`lBsDC*J(2Oy`Mi&-HR$J!7xghMzqqrgyyxJ0>g)-ZHp2#%P<MIJNk+!<c-`_L
z<C)*g1E=GP_Tu_3h!K%~t<&TrSRrS;b)<*dZw!L-z`ZV04Y%_)#P~!{bC4gd67}<a
zEe<N{7ihbv_-b*ZfR)T~s%gKK!m*~?KY4Y<*0hDk#B&xg$@4vL*2C85ptVYTtHh&1
z@Ylm{pzi`2>)OlFzDU0ArH&%=H^WNKeqW#d${7zU51nZLL0wcBYjLVRgM-mZlOH-f
zerJtZUT5N7GfJiurC-k>FUjGB;%=sT57*}yjkNP^*dcVzQ+8PvxfuwwNoC&H>@nYO
zagXuIFKIUMFLC$N`!<C~mnx+a|Ly8g@6D)X&(^nCD5B2jWh>t%rh=onIol)HW8}+D
zV=k9~qUO*yulfX5G+)atTrCUHio_cm3upecbMuWw-6Y_MAG4-p`>n7H=6<~$c9CvD
z1q7lRo#fcRD~mUrg{vE@kr^-c7{NUZq|aQ1#lIR|s)JnJfXe#N`eB?wt?yU5L^~N6
zGeT7l0<MPmMg81lmA%iS1brXYtxGO-QBG;3?vItVw@?1f=4y>@F*@#|zVRETPIMRv
zL%F(7U80?B90m+~$xg#=Ax|sPL*q_JKOl_<1^-UC(avjC1)o44w=6-ozrc_9!WvKj
z!W=Y*>jr`VCbxi=HW-J_si{3Kl1FcDOpBqE@1KggcpugKixPIs1R@I(veca>@*1M(
zCSfHLP5S;uY5EkM=33zwdexAEme~xAjhZ*iR2|bV#B>}4+#KATN2+}Jh5h6IQXW_9
zN|@kZE5;8C5OgdoPV?fn`pUMasmedd5ZJTw&K@WYb7h+BU-QzhnWV&s-6S;gZnw$L
zbt$>~KQDOZ=!6q;d$1Y^lJW4>YLUDakdcI)?a5ZF%wO4MTNSL913v#zWBnU)H1U^c
zyZzHe7~uP=xhi{|lvtxS3i31Q1a-ZwD6$Ukh^QS&Zb{kq6By3P>i+fb6skRfW>23M
z8X009%FwzXvY)!zshyCD5w!y(H6J~-mi_5@)`+zQWil-?8#syKA)@s)(j}y}HfXad
z@`dG9>>f8EozGC(SB5Uq6v2ht{*x9hN%04o-twIIuHvXSV#FIe1%LCY-;qy??ij=c
zp#idnfC5)hBIHICEfM3+M<|=DzGD4WDx@&Rf@DpqB9V!|y%Bk8<iR&zT(mIimg-i%
zrLtY1$F*%PRi-c(AEu@27vxjw{gQfsS37D=Woiwzi0kZLBD#B`*E&CP$}@W?$b?Os
z_${23A=^7*VGlfh)oh$yoL9e>sfnk-blU>|g?2xX3=7FtwJEfAnRu14FLO{#XR3aI
zZNZEMem`Vx6xrux=&t_FX3HdcmclQT8l2wj<OJWKV_0BZxS^Ks*^vEmKsGY=IIn<P
z0BBVkDJ`Oe+CjM(xASFaq$l`OwpZ%eO?`58qc*5>iM!BSY1QXyrV#3L%UEB6_O&}@
zxTX%`&31DydFe>uY~*nn>T-(SzSL%0yiMRr(8X0g<IX}_JZs(y7XP)oTA&)d`j8F#
zHq_r@JF<pLKNu$;`jaD6rOazU^35Z{FeUix9bkIw7P<;zrf#440Lp)$J+H{VL>4a(
zq5ggN#+Unh87zBMF#YxyEOQkU#r5qeCT+q^4`}!^Tm01<wPv0S>|mktk8{!!(@`J4
zv+LJLu6<tiK^z`0C9$^x{)U;I@(sIJrt8^a=er(l=p0J(KFVPbe47HS>hhJV-a%&a
zQA-<LL8ORx8&&W@Y44hZKPMjYlPg*&UE!8fw=esI_Q|Sf^5^bp$f!YC2pw68UO)Fh
zV=&!8fi%7WR3SOZm%C7rOQ{x+lnX9t!ss-HDXHKjJ9zFChZEb0S!=W!nBXMl#>7;m
d(uQ~ADX^#sfBmFsM(m-ujhID3MV;^F{|8*=nWF#z

diff --git a/whatsnew/domain_name.html b/whatsnew/domain_name.html
deleted file mode 100755
index 5fa4cfa..0000000
--- a/whatsnew/domain_name.html
+++ /dev/null
@@ -1,21 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-<h2 align="center">New domain name for Samba</h2>
-
-Samba has finally got it's own domain name <em>samba.org</em> !<p>
-
-The Samba Team would like to thank <A
-HREF="http://www.fscinternet.com">FSC Internet</A> for their generous
-donation of the <em>samba.org</em> domain. <p>
-
-FSC had the forethought to register the <em>samba.org</em> domain in
-January 1998 and have been providing us with a link on their web page
-since that time. FSC have now agreed to transfer the name to the Samba
-Team. This will help people find information about Samba on the web
-more easily.<p>
-
-The domain transfer paperwork is still proceeding, but the domain name
-points at samba.anu.edu.au so we will be able to begin using it
-immediately.
-
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/index.html b/whatsnew/index.html
deleted file mode 100755
index 98ee54a..0000000
--- a/whatsnew/index.html
+++ /dev/null
@@ -1,844 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-  <H2 align="center">Announcements</H2>
-
-<!-- XXX: It might be better to call this file "OLDNEWS" (as gnu -->
-<!-- packages do), rather than the misleading name of "whatsnew", -->
-<!-- since it's actually not new at all. -->
-
-<big><b>Old announcements are put here. For the latest news see the <a
-href="/samba/samba.html">main page</a></b></big>
-
-
-<ul>
-<li>(12th Sep, 2003) <em>Samba-3.0.0 RC4 available for download</em>
-    <p>
-    The fourth release candidate of the Samba 3.0.0 code base is now available
-    for download.  A release candidate implies that the code is very close to 
-    a final release, but remember that this is still a non-production snapshot 
-    intended for testing purposes. Use at your own risk.
-    The <a href="/samba/ftp/rc/">source code and GnuPG signatures</a>
-    can be found on Samba mirrors.  RedHat RPMS for 7.3, 8.0 and 9.0
-    are also available in the <a href="/samba/ftp/Binary_Packages/RedHat/">Binary_Packages</a>
-    download area.  Packages for other platforms will follow shortly.  The
-    <a href="/samba/whatsnew/samba-3.0.0rc4.html">full release notes</a> are
-    available on-line as well.
-</li>
-</ul>
-
-
-<ul>
-<li>(8th Sep, 2003) <em>Samba-3.0.0 RC3 available for download</em>
-    <p>
-    The third release candidate of the Samba 3.0.0 code base is now available
-    for download.  A release candidate implies that the code is very close to 
-    a final release, but remember that this is still a non-production snapshot 
-    intended for testing purposes. Use at your own risk.
-    The <a href="/samba/ftp/rc/">source code and GnuPG signatures</a>
-    can be found on Samba mirrors.  RedHat RPMS for 7.3, 8.0 and 9.0
-    are also available in the <a href="/samba/ftp/Binary_Packages/RedHat/">Binary_Packages</a>
-    download area.  Packages for other platforms will follow shortly.  The
-    <a href="/samba/whatsnew/samba-3.0.0rc3.html">full release notes</a> are
-    available on-line as well.
-</li>
-</ul>
-
-
-<ul>
-<li>(29th Aug, 2003) <em>Samba-3.0.0 RC2 available for download</em>
-    <p>
-    The second release candidate of the Samba 3.0.0 code base is now available
-    for download.  A release candidate implies that the code is very close to 
-    a final release, but remember that this is still a non-production snapshot 
-    intended for testing purposes. Use at your own risk.
-    The <a href="/samba/ftp/rc/">source code and GnuPG signatures</a>
-    can be found on Samba mirrors.  RedHat RPMS for 7.3, 8.0 and 9.0
-    are also available in the <a href="/samba/ftp/Binary_Packages/RedHat/">Binary_Packages</a>
-    download area.  Packages for other platforms will follow shortly.  The
-    <a href="/samba/whatsnew/samba-3.0.0rc2.html">full release notes</a> are
-    available on-line as well.
-</li>
-</ul>
-
-
-
-<ul>
-<li>(16th Aug, 2003) <em>Samba-3.0.0 RC1 available for download</em>
-    <p>
-    The first release candidate of the Samba 3.0.0 code base is now available
-    for download.  A release candidate implies that the code is very close to 
-    a final release, but remember that this is still a non-production snapshot 
-    intended for testing purposes. Use at your own risk.  One of the main additions
-    in this release is the stable support for both client and server SMB signing.
-    The <a href="/samba/ftp/rc/">source code and GnuPG signatures</a>
-    can be found on Samba mirrors.  The
-    <a href="/samba/whatsnew/samba-3.0.0rc1.html">full release notes</a> are
-    available on-line as well.
-</li>
-</ul>
-
-<ul>
-<li>(16th Jul, 2003) <em>Samba-3.0.0beta3 available for download</em>
-    <p>
-    The third (and possibly final) beta release of Samba 3.0.0 is available
-    for download.  While significantly closer to the final release, it should still
-    be considered a non-production release provided for testing purposes only.
-    The <a href="/samba/ftp/beta/">source code and GnuPG signatures</a>
-    can be found on Samba mirrors.  RedHat RPMS for 7.3, 8.0 and 9.0
-    are also available in the <a href="/samba/ftp/Binary_Packages/RedHat/">Binary_Packages</a>
-    download area.  Packages for other platforms will follow shortly.  The
-    <a href="/samba/whatsnew/samba-3.0.0beta3.html">full release notes</a> are
-    available on-line as well.
-    <p>If all goes well, we will now move onto the Release Candidate (RC) 
-    stage.
-</li>
-</ul>
-
-<ul>
-<li>(1st Jul, 2003) <em>Samba-3.0.0beta2 available for download</em>
-    <p>
-    The second beta release of Samba 3.0.0 is available
-    for download.  While significantly closer to the final release, it should still
-    be considered a non-production release provided for testing purposes only.
-    The <a href="/samba/ftp/beta/">source code and GnuPG signatures</a>
-    can be found on Samba mirrors.  RedHat RPMS for 7.3, 8.0 and 9.0
-    are also available in the <a href="/samba/ftp/Binary_Packages/RedHat/">Binary_Packages</a>
-    download area.  Packages for other platforms will follow shortly.  The
-    <a href="/samba/whatsnew/samba-3.0.0beta2.html">full release notes</a> are
-    available on-line as well.
-</li>
-</ul>
-
-
-<ul>
-<li>(7th Jun, 2003) <em>Samba-3.0.0beta1 available for download</em>
-    <p>
-    The first beta release of Samba 3.0.0 is available
-    for download.  While significantly closer to the final release, it should still
-    be considered a non-production release provided for testing purposes only.
-    The <a href="/samba/ftp/beta/">source code and GnuPG signatures</a>
-    can be found on Samba mirrors.  RedHat RPMS for 7.3, 8.0 and 9.0
-    are also available in the <a href="/samba/ftp/Binary_Packages/RedHat/">Binary_Packages</a>
-    download area.  Packages for other platforms will follow shortly.  The
-    <a href="/samba/whatsnew/samba-3.0.0beta1.html">full release notes</a> are
-    available on-line as well.
-
-    <p>A new bug tracking server is available for beta testing in conjunction
-    with the Samba 3.0.0beta1 release.  The <a href="https://bugzilla.samba.org/">new
-    Bugzilla server</a> will eventually replace the older jitterbug installation
-    (bugs.samba.org).
-</li>
-</ul>
-
-<ul>
-<li>(14th May, 2003) <em>Samba-3.0alpha24 available for download</em>
-    <p>
-    The latest alpha snapshot of the SAMBA_3_0 cvs tree is available
-    for download.  It is being provided for testing purposes.
-    The <a href="/samba/ftp/alpha/">full release notes and source code</a>
-    can be found on Samba mirrors.  RedHat RPMS for 6.2, 7.3, 8.0 and 9.0
-    are also available in the <a href="/samba/ftp/Binary_Packages/RedHat/">Binary_Packages</a>
-    download area.
-</li>
-</ul>
-
-<ul>
-<li>(5th May, 2003) <em>New Team members</em>
-    <p>
-    A big welcome to <A HREF="mailto:mkaplan@samba.org">Marc
-    Kaplan</A> and <a href="mailto:paulg@samba.org">Paul Green</a>!
-    Marc and Paul have been contributing to Samba for some time, and
-    have been recently joined the Samba Team. Marc will be proving
-    Quality Assurance expertise and helping to maintain our new bug
-    tracking system.  Paul maintains the Stratus port of Samba.
-    </li> </ul>
-
-<ul>
-<li>(5th May, 2003) <em>New backup server</em>
-    <p>
-    The Samba Team would like to thank <A HREF="http://www.hostopia.com/">Hostopia</a> for providing the
-    team with a much needed US backup server. This server is now
-    serving as our primary US mirror site, and is a backup in case our
-    master server is unavailable for extended periods. Thanks!
-  </li> </ul>
-
-<ul>
-<li>(7 Apr, 2003) <em>Security Advisory - Samba 2.2.8a security available for download</em>
-    <p>
-    Digital Defense, Inc. has alerted the Samba Team to a serious
-    vulnerability in all stable versions of Samba currently shipping.
-    The <a href="http://www.cve.mitre.org/">Common Vulnerabilities and Exposures</a>
-    (CVE) project has assigned the ID CAN-2003-0201 to this defect.
-    <p>
-    This vulnerability, if exploited correctly, leads to an anonymous
-    user gaining root access on a Samba serving system. All versions
-    of Samba up to and including Samba 2.2.8 are vulnerable. An active exploit
-    of the bug has been reported in the wild.  Alpha versions of Samba 3.0
-    and above are *NOT* vulnerable.</p>
-    <p>
-    The 2.2.8a release contains only updates to address this security issue.
-    A rollup patch for release 2.2.7a and 2.0.10 addressing both
-    <a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0201">CAN-2003-0201</a>
-    and <a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0085">CAN-2003-0085</a>
-    can be obtained from this <a href="/samba/ftp/patches/security/">directory</a>.
-    </p>
-    <p>The source tarball is available in both
-    <a href="/samba/ftp/samba-2.2.8a.tar.gz">gzip format</a>
-    and <a href="/samba/ftp/samba-2.2.8a.tar.bz2">bzip2 format</a>.
-    The <a href="/samba/ftp/samba-2.2.8a.tar.asc">uncompressed tarball
-    signature</a> should also be downloaded to verify the archive's
-    integrity.  Here is the <a href="/samba/ftp/samba-pubkey.asc">Samba
-    Distribution Key</a> for verifying the tarball.  Finally, here
-    is the <a href="/samba/ftp/patches/patch-2.2.8-2.2.8a.diffs.gz">patchfile
-    against 2.2.8</a> (<a href="/samba/ftp/patches/patch-2.2.8-2.2.8a.diffs.asc">signature</a>).
-    </p>
-
-    <p>
-      If you suspect your system may have been attacked, please
-      consult the
-	    <a href="http://auscert.org/render.html?it=1974&cid=1920">AusCERT/CERT
-      checklist for responding to a suspected compromise</a>.  Please
-      contact security at samba.org if your machine has been attacked.
-    </p>
-</li>
-</ul>
-
-<ul>
-<li>(31 Mar, 2003) <em>Samba-3.0alpha23 available for download</em>
-    <p>
-    The latest alpha snapshot of the SAMBA_3_0 cvs tree is available
-    for download.  It is being provided for testing purposes.
-    The <a href="/samba/ftp/alpha/">full release notes and source code</a>
-    can be found on Samba mirrors.  RedHat RPMS for 6.2, 7.3, and 8.0
-    are also available in the <a href="/samba/ftp/Binary_Packages/RedHat/">Binary_Packages</a>
-    download area.
-</li>
-</ul>
-
-<ul>
-<li>(14th Mar, 2003) <em>Security Release - Samba 2.2.8</em>
-    <p>A flaw has been detected in the Samba main smbd code which
-    could allow an external attacker to remotely and anonymously gain
-    Super User (root) privileges on a server running a Samba server.
-    This flaw exists in previous versions of Samba from 2.0.x to 2.2.7a
-    inclusive.  This is a serious problem and all sites should either
-    upgrade to Samba 2.2.8 immediately or prohibit access to TCP ports 139
-    and 445.  The <a href="/samba/whatsnew/samba-2.2.8.html">Release Notes</a>
-    are available on-line.</p>
-
-    <p>In addition to addressing this security issue, Samba 2.2.8 includes
-    many unrelated improvements. These improvements result from our
-    process of continuous quality assurance and code review, and are part of
-    the Samba team's committment to excellence.</p>
-
-    <p>The source tarballs are available in both
-    <a href="/samba/ftp/old-versions/samba-2.2.8.tar.gz">gzip format</a>
-    and <a href="/samba/ftp/old-versions/samba-2.2.8.tar.bz2">bzip2 format</a>.
-    The <a href="/samba/ftp/old-versions/samba-2.2.8.tar.asc">uncompressed tarball
-    signature</a> should also be downloaded to verify the archive's
-    integrity.  Here is the <a href="/samba/ftp/samba-pubkey.asc">Samba
-    Distribution Key</a> for verifying the tarball.  Finally, here
-    is the <a href="/samba/ftp/patches/patch-2.2.7a-2.2.8.diffs.gz">patchfile
-    against 2.2.7a</a> (<a href="/samba/ftp/patches/patch-2.2.7a-2.2.8.diffs.asc">signature</a>).
-    </p>
-</li>
-</ul>
-
-<ul>
-<li>(13 Mar, 2003) <em> SambaXP 2003 conference program available</em>
-    <p>
-    The program for the Samba eXPerience 2003 is finally available on
-    <a href="http://sambaxp.org/program/schedule.html">www.sambaxp.org</a>.
-    If you hesitated to come to G&ouml;ttingen on 14/15 April, this
-    very interesting program should definitely persuade you to
-    <a href="http://sambaxp.org/registration/">register</a>!
-</li>
-</ul>
-
-<ul>
-<li>(11th Feb, 2003) <em>New Team members</em>
-    <p>
-    Welcome to <A HREF="mailto:ab@samba.org">Alexander Bokovoy</A> and
-    <a href="mailto:mimir@samba.org">Rafal Szczesniak</a>.  Alexander
-    and Rafal have both been long-standing supporters of the Samba
-    project, having submitted many patches and attended conferences.
-    AB's particular interest has been in the VFS layer, while Mimir has
-    been working on Trusted and Trusting domains.
-</li>
-</ul>
-
-
-<ul>
-<li>(5 Mar, 2003) <em>Samba-3.0alpha22 available for download</em>
-</li>
-</ul>
-
-<ul>
-<li>(8th Jan, 2003) <em>Samba XP 2003 announced</em>
-    <P>On April 14th and 15th 2003 developers and users will meet
-    again in G&ouml;ttingen, Germany at the second international SAMBA
-    conference, the "samba eXPerience 2003".<BR>
-    The <a href="http://sambaxp.org/call_for_papers/">Call for Papers</a>
-    is open until February 14th 2003. You find all necessary information
-    at the <a href="http://sambaXP.org/">conference website</a>.
-</li>
-</ul>
-
-<ul>
-<li>(19th Dec, 2002) <em>New mirror in China</em>
-    <p>The Samba team is pleased to announce the availability of a
-    new Samba mirror in Beijing, China, hosted by <a
-    href="http://linuxforum.net/">linuxforum.net</a>.
-    <p><a href="http://samba.linuxforum.net/samba.html">Web mirror</a>,
-    <a href="ftp://ftp.linuxforum.net/ftp.samba.org/">FTP mirror</a>.
-	</p>
-</li>
-</ul>
-
-
-<ul>
-<li>(11th Dec, 2002) <em>Samba 2.2.7a released</em>
-</li>
-</ul>
-
-<ul>
-<li>(26th Nov, 2002) <em>Samba 3.0 alpha21 Snapshot released for testing</em>
-</li>
-</ul>
-
-<ul>
-<li>(20th Nov, 2002) <em>Security Release - Samba 2.2.7</em>
-    <p>A security hole has been discovered in versions 2.2.2 through 2.2.6
-    of Samba that could potentially allow an attacker to gain root access
-    on the target machine.  The word "potentially" is used because there
-    is no known exploit of this bug, and the Samba Team has not been able to
-    craft one ourselves. However, the seriousness of the problem warrants
-    this immediate 2.2.7 release.</p>
-
-    <p>In addition to addressing this security issue, Samba 2.2.7 also includes
-    thirteen unrelated improvements. These improvements result from our
-    process of continuous quality assurance and code review, and are part of
-    the Samba team's committment to excellence.</p>
-
-</li>
-</ul>
-
-<UL>
-<LI>(18th Oct, 2002) <EM>IBM sponsors samba.org website</EM>
-    <p>The Samba Team is pleased to announce that IBM is now
-    sponsoring the <A HREF="http://samba.org/">samba.org</A> website.
-    IBM has been a big supporter of Samba for a long time, and it is
-    great that they were able to step forward to help with our hosting
-    costs. Thanks!
-</UL>
-
-<UL>
-<LI>(16th Oct, 2002) <EM>Samba 2.2.6 Released</EM>
-</LI>
-</UL>
-
-
-<UL>
-<LI>(26th Sept, 2002) <EM>Samba-3.0alpha20 Released for testing</EM>
-</LI>
-</UL>
-
-<UL>
-<LI>(18th Sept, 2002) <EM>Roadmap for Samba 3.0 Published</EM>
-</LI>
-</UL>
-
-
-<UL>
-<LI>(5 Sep, 2002) <EM>CIFS Technical Reference back upon SNIA website</EM>
-    <P>After a long process of reworking the SNIA web site, the <A HREF="http://www.snia.org/tech_activities/CIFS/">CIFS
-    Technical Reference</A> is once again available.
-</LI>
-</UL>
-
-<UL>
-<LI>(13th Aug, 2002) <EM>The
-    <a href="http://samba-survey.sernet.de">Samba survey</a> is back.</EM>
-    <P>The infrastructure has been
-    completely rewritten using a database. Unfortunately the
-    <a href="http://www.samba.org/samba/survey/">old data</a> could
-    not be converted into the database yet. So, the survey currently
-    is empty. Feel free to
-    <a href="http://survey-samba.sernet.de/commit.html?action=new">add</a>
-    yourself!
-</UL>
-
-
-<UL>
-<LI>(27th July, 2002) <EM>Donations accepted!</EM>
-    <P>The Samba Team is now accepting donations to help with the
-    expenses of running samba.org and developing Samba. Please see our
-    <a href="/samba/donations.html">donations page</a> if you can help out.
-</UL>
-
-<UL>
-    <LI>(19th June, 2002) <EM>Samba 2.2.5 released</EM></LI>
-</UL>
-
-<UL>
-<LI>(19th July, 2002) <EM>Annual CIFS Conference</EM>
-    <P>Samba Team members will participate in this year's <A
-    HREF="http://www.cifs2002.org/">CIFS Conference</A>, August 19th
-    through 23rd, in Santa Clara California.
-
-    <P>The <A HREF="http://www.cifs2002.org/">CIFS Conference</A> provides
-    an opportunity for developers to exchange information and test their
-    products in a cooperative environment.  Samba Team members will
-    provide tutorials, participate in the ineroperability lab, and give
-    presentations describing the inner workings of the SMB/CIFS protocol
-    suite.
-
-    <P>&nbsp;
-</UL>
-
-
-<UL>
-<LI>(8th May 2002) <em>Samba Wins <U>eWeek</U> and <U>PC Magazine</U>
-    &quot;Innovation in Infrastructure&quot; (i3) award for best Enterprise
-    Software!</em>
-
-    <P>Samba 2.2.2 was awarded the <em>Innovation in Infrastructure</em>
-    prize in the &quot;Enterprise Software&quot; catagory by eWeek and PC
-    Magazine.  Our own <a href="/samba/whatsnew/award_photo_i3.jpg">Jeremy
-    Allison</a> was in Las Vegas to accept the award.  Nice tie, Jeremy!
-    :-)
-
-    <P>Here is a link to an article with <a
-    href="http://www.eweek.com/article/0,3658,s=25420&amp;a=26153,00.asp">details
-    on the finalists</a>.
-
-    <P>&nbsp;
-</UL>
-
-<UL>
-<LI>(2nd May, 2002) <em>Samba 2.2.4 released</em>
-
-</UL>
-
-<UL>
-<LI>(29th April 2002) The Samba Team has released a <a
-    href="/samba/ms_license.html">statement</a> regarding the Microsoft CIFS
-    specification license and its effect on Samba.
-
-    <P>&nbsp;
-</UL>
-
-<UL>
-<LI>(29th April 2002) <em>Samba runs rings around Win2000</em>
-    <P><U>IT Week</U> has published an <a
-    href="http://www.itweek.co.uk/News/1131114">excellent article</a>
-    comparing Windows 2000 with Samba.
-
-    <P>&nbsp;
-</UL>
-
-
-<ul>
-
-<li>(21th March 2002) <em>Samba eXPerience conference program available</em>
-
-    <P>The Samba eXPerience conference program is available under
-       <a href="http://sambaxp.org/program/schedule.html">http://sambaxp.org/program/schedule.html</a>.<br><br>
-       If you hesitated to register for the conference because you
-       did not know what to expect, here is your chance!
-    </li>
-
-
-<li>(6th February 2002) <em>Samba 2.2.3a released</em>
-    </li>
-
-<li>(2nd February 2002) <em>Samba 2.2.3 released!</em>
-    </li>
-
-<li>(7th January 2002)
-    This week is the 10th anniversary of Samba. If you are feeling
-    nostalgic, then have a look at the <a
-    href="/samba/docs/10years.html">10 years of Samba</a> page.
-    </li>
-
-<li>(7th January 2002)
-    The samba-ntdom mailing list has been retired.  Please direct all NT
-    domain related questions to the main samba mailing list at <a
-    href="mailto:samba@lists.samba.org">samba@lists.samba.org</a>.  The
-    mailing list archives are still available at <a
-    href="http://lists.samba.org/pipermail/samba-ntdom/">here</a> or a
-    searchable version at <a
-    href="http://marc.theaimsgroup.com/?l=samba-ntdom&r=1&w=2">marc.theaimsgroup.com</a>.
-    </li>
-
-<li>(30th November 2001)
-    <a href="http://www.samba.org/samba/ftp/alpha/">Samba 3.0alpha0</a>
-    has been released. This is a test release, we are still a long way
-    from the final Samba 3.0 release. Please read the <a
-    href="http://www.samba.org/ftp/unpacked/samba/WHATSNEW.txt">release
-    notes</a>. This is the first Samba release with Active Directory
-    support.
-    </li>
-
-<li>(5th November 2001)
-    <a href="http://www.pcmag.com/article/0,2997,s%253D1474%2526a%253D16554,00.asp">Samba
-    faster than Windows 2000!</a> The <a href="http://www.pcmag.com">PC
-    Magazine</a> has tested W2K against Linux with Samba. In all their
-    tests Linux and Samba were faster than W2K on the same hardware. Find
-    the results <a
-    href="http://www.pcmag.com/article/0,2997,s%253D1474%2526a%253D16554,00.asp">here</a>.
-    </li>
-
-
-<li>(29th October 2001)
-    Samba Team at Linuxworld Expo in Frankfurt/Main, Germany. From 30th
-    October to 1st November the Samba Team will be represented at the
-    Linuxworld Expo .ORG Pavillon by Volker Lendecke who will answer
-    questions about Samba.<br><br>
-    </li>
-
-<li>(16th October 2001)
-    Welcome to <a href="mailto:sfrench@samba.org">Steve French</a> and <a
-    href="mailto:jmcd@samba.org">Jim McDonough</a> who have just joined
-    the Samba Team. Jim and Steve work in the Linux Technology Center at
-    IBM and have been actively involved in the development and testing of
-    Samba for a long time. We are delighted to have them in the
-    team!<br><br>
-    </li>
-
-  <li>(23rd July 2001) Welcome to <a
-  href="mailto:monyo@samba.org">Motonobu Takahashi</a> ("monyo") who
-  has joined the Samba Team as our Japanese expert. Monyo has been a
-  very active member of the <a href="http://www.samba.gr.jp/">Japanese
-  Samba</a> effort for some time, now we hope that his expertise will
-  help us give Samba 3.0 much better language and character set
-  support. The samba.org Samba distribution has always lagged a long
-  way behind the Japanese version in multi-byte support up till
-  now. We hope that will change with Samba 3.0.  <br><br></li>
-
-
-  <li>(23rd June 2001) <em>Samba 2.2.0a and Samba 2.0.10 security bugfixes released</em><br></li>
-
-
-  <li>(22nd June 2001) Welcome to <a href="mailto:abartlet@samba.org">Andrew Bartlett</a> who has joined the
-  Samba Team as the maintainer of our <a href="http://build.samba.org/">build farm</a>.
-  Andrew has also contributed many useful patches to Samba, especially
-  in the area of PAM, utmp and session support.<br><br></li>
-
-  <li>(19th May 2001) Welcome (better late than never right Simo?) to Simo
-  Sorce as the newest official member of the Samba Team. Simo has contributed
-  quite a few patches to Samba in the past.  Now  he has now joined the Team
-  to maintain a new bug tracking system in an effort to provide
-  better information on development to our community. Thanks Simo for helping
-  out!<br><br></li>
-
-  <li>(3rd June 2001) The German Samba Trademark problem has been solved.  <a
-href="http://www.cmg.de/">CMG</a> has given a license to <a
-href="http://www.sernet.de/">Service Network GmbH (SerNet)</a>, in this case
-representing the Open Source Community, to use the word Samba for the
-Open Source product. This license allows SerNet to issue sublicenses
-to all who sell or support Samba. More information can be found on <a
-href="http://samba.sernet.de">samba.sernet.de</a><br><br></li>
-
-  <li>(29th May 2001) <em>New French mailing list</em><br>
-      A new mailing list in French has been created for Samba users.  More
-      information is available at <a href="http://listes.ac-grenoble.fr/wws/info/samba-fr">http://listes.ac-grenoble.fr/wws/info/samba-fr</a><br><br></li>
-
-  <li>(9th May 2001) <em>Samba 2.0.9 released - SECURITY FIX</em><br></li>
-
-<li>(1st May 2001) <em>eWeek reviews Samba 2.2 - gives us an eWEEK Labs Analyst's Choice award !</em><br>
-eWeek magazine says of Samba 2.2, "This release, the first viable open-source alternative to Windows NT
-Server 4.0, can replace or augment that product in some less-critical situations and thus can save
-companies considerable amounts of money.". Read the full review
-<a href="http://www.zdnet.com/eweek/stories/general/0,11011,2712294,00.html">here</a>.
-<br><br></li>
-
-<li>(17th April 2001) <em>Official Samba 2.2.0 released !</em></li>
-
-<li>(17th April 2001) <em>Samba 2.0.8 released - SECURITY FIX</em><br></li>
-
-<li>(4th April 2001) <em>samba.org has moved</em> The main web,
-ftp, cvs and mail server for the samba.org domain has now moved! The
-new location is on a Debian Linux machine generously provided by
-<a href="http://valinux.com/">VA Linux Systems</a> on the
-<a href="http://sourceforge.net/">sourceforge</a> network.  Many thanks
-to both <a href="http://linuxcare.com/">Linuxcare</a> and
-<a href="http://www.sgi.com/">SGI</a> for providing the old machine
-and bandwidth costs over the last few years. The old IRIX box which
-provided very good service for the last 4 years is being retired and will
-be used for testing of Samba on IRIX by Samba Team
-members.<br><br></li>
-
-<li>(23rd March 2001) <em>Samba 2.2.0alpha3 snapshot released</em>
-A new alpha version of what will become Samba 2.2.0 has been released.
-This is being made available in source code form only. You can download
-<a href="/samba/ftp/alpha/samba-2.2.0-alpha3.tar.gz">a
-gzipped version here (~5.4Mb)</a> and <a href="/samba/ftp/alpha/samba-2.2.0-alpha3.tar.bz2">
-a bzipped2 version here (~4.6Mb)</a>.<br><br></li>
-
-<li>(19 December 2000) <em>Caldera funds development of Samba client
-library</em> Caldera have contracted Richard Sharpe of the Samba team
-to develop a client library for Samba.  More details are available under
-News at the <a href="http://www.caldera.com">Caldera</a> web site or on the
-<a href="http://prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/12-19-2000/0001390177&EDATE=">press release</a>. Technical details will be
-available on this site soon, and in the source code.<br><br>
-Code has now been committed to the Samba head branch.<br><br></li>
-
-
-<li>(15th November 2000) <em>New Samba Team members</em>
-Welcome aboard to our two new Samba Team members, 
-David Bannon and John Reilly.  You can find out more
-on the <a href="team.html">Samba Team Pages</a>.   This now brings 
-the number of people actively doing CVS checkins to approximately 
-8 - 10 people.  Of course, there is <a href="TODO.html">always 
-room to help</a>.<br><br></li>
-
-
-<li>(17th October 2000) If you want to know a bit of the background of
-the recent split of the Samba-TNG branch into a separate project you
-might like to read this <a href="/samba/tng.html">open letter</a>.<br><br></li>
-
-
-<li>(16th October 2000) A paper on <a href="/samba/ftp/appliance/winbind.pdf">winbind</a>
-is now available, explaining the technology behind the recently
-developed system for unifying account information between a NT domain
-and UNIX.<br><br></li>
-
-
-<LI><A HREF="/samba/tshirt.html#stickers"><IMG ALT="" BORDER=0
-ALIGN=RIGHT SRC="/samba/images/tiny-sticker.gif"></A>
-(25th September 2000) We have printed up a batch of <A
-HREF="/samba/tshirt.html#stickers">Samba Stickers</A> for your car,
-computer case, cable tray, cat...<br><br></li>
-
-<LI>(4th August 2000) <a href="http://www.cmg.de">CMG</a> as the legal
-successor of ORGA-Team Software- und Beratungsgesellschaft f&uuml;r
-Kreditinstitute mbH has dropped the trademark case in Germany. See the
-german article on <a
-href="http://www.heise.de/newsticker/data/ps-04.08.00-000/">www.heise.de</a>.
-<br><br></li>
-    
-<LI>(4th August 2000) Currently companies doing Samba support in
-Germany are in danger of being sued for using the trademark SAMBA that
-belongs to the company ORGA-Team Software- und Beratungsgesellschaft
-f&uuml;r Kreditinstitute mbH. More info on this subject can be found
-on <a href="http://samba.sernet.de/">samba.sernet.de</a> in German
-language.
-<br><br></li>
-
-<LI>(July 2000) Another Samba book by members of the Samba team. Special
-Edition, Using Samba by Richard Sharpe, Tim Potter and Jim Morris published
-by MacMillan. <br><br></li>
-
-<LI>(25th April 2000) Samba 2.0.7 has been released. This is the latest official production
-release of Samba-2. Get your copy from the <A HREF="download.html">download</A>
-page. Technical details on the changes in Samba 2.0.7 are available on the
-<A HREF="/samba/whatsnew/samba-2.0.7.html">announcements</A>
-page.  The original Samba 2.0.0 Press Release may be found
-<A HREF="/samba/whatsnew/samba2.0.press.html">here</A>.
-<br><br></li>                                                       
-
-<li>(13th January 2000) HP have announced <a
-href="http://www.unixsolutions.hp.com/products/cifs.html">support for
-Samba on HPUX</a>. We are delighted by this and have started talking
-to HP about how we can work together.  
-<br><br></li>
-
-<li>(22nd December 1999) NerdGear have produced a line of <a
-href="http://www.nerdgear.com//search.php?@category=11&affiliate=samba">Samba
-clothing</a>! A percentage of NerdGear sales from that link will go
-towards funding free Samba clothing for people who submit good <a
-href="http://samba.org/samba-patches/">patches to Samba</a>.  <br><br></li>
-
-<li>(11th November) <a href="http://www.oreilly.com/">O'Reilly</a>
-have released their new book <a
-href="http://www.oreilly.com/catalog/samba/">Using Samba</a> under an
-open content license! The book has been adopted by the Samba Team as
-the "official" Samba book and we will strive to keep it up to
-date. O'Reilly have sent us the full sources for the book and we will
-be making it available online as soon as we can, we just need to work
-out some formatting and conversion issues. We also plan to make it
-directly accessible from SWAT. A huge thanks to O'Reilly for this
-great step forward in the documentation of Samba!<br><br>
-
-
-<LI>(28th September) <a href="http://www.sco.com">SCO</A> announced
-this month that they are distributing <a
-href="http://www.sco.com/skunkware/samba/">Samba for UnixWare
-7</a>. They are also contributing some hardware to the Samba
-Team. Thanks SCO!  
-<br><br>
-
-<LI>(21st September) <a href="http://www.veritas.com">VERITAS Software Corporation</A>
-have announced in a <A HREF="http://www.veritas.com/company/pressroom/1999/pr990920-0.html">press release</A> that they'll be shipping a fully supported
-Samba on Solaris as part of their "VERITAS File Server Edition"
-product. This is something the Samba Team have been working on for a
-while behind the scenes, and it's great to see another company
-adopt Open Source in their product.
-<br><br>
-
-
-<LI>(10th November 1999) Samba 2.0.6 has been released. This is the latest official production
-release of Samba-2. Get your copy from the <A HREF="download.html">download</A>
-page. Technical details on the changes in Samba 2.0.6 are available on the
-<A HREF="/samba/whatsnew/samba-2.0.6.html">announcements</A>
-page.  The original Samba 2.0.0 Press Release may be found
-<A HREF="/samba/whatsnew/samba2.0.press.html">here</A>.
-<br><br>                    
-
-<LI>(21st July) Samba 2.0.5a has been released. This is the latest official production
-release of Samba-2. Get your copy from the <A HREF="download.html">download</A>
-page. Please read the "IMPORTANT NOTE" section of the release
-notes as this explains three security bugfixes which have
-been added in this release. It is vital that Samba admins
-understand these issues. Technical details on the changes in Samba 2.0.5 are
-available on the <A HREF="/samba/whatsnew/samba-2.0.5a.html">announcements</A>
-page.  The original Samba 2.0.0 Press Release may be found
-<A HREF="/samba/whatsnew/samba2.0.press.html">here</A>.
-<br><br>
-
-<li>(1st June) <a href="http://www.vmware.com/">VMware Inc</a> have donated VMware
-licenses to the Samba Team to help with Samba development. This makes
-testing easier as any Windows config can quickly be tested against a
-Samba server without setting up extra machines.<br><br>
-
-<li>(20th April) <EM>Another Samba book by members of the Samba Team.</em><br><br>
-SAMS Teach Yourself Samba in 24 Hours, by Jerry Carter and Richard Sharpe was published 
-in the US on 20-Apr-1999. More details <a href="/samba/docs/index.html#tys">here</a>.<br><br>
-
-<li><A HREF="samba-2.0.4.html">26th May 1999</A>: Samba 2.0.4 released.
-
-<li>A couple of new Samba articles in the computer press have been 
-published. The Strength of Teamwork: Integrating NT and Linux through Samba</a>.
-<a href="http://www.interactiveweek.com">Inter@ctive Week</a> have a feature
-by Charles Babcock called <a href="http://www.zdnet.com/intweek/stories/news/0,4164,2250200,00.html">
-Unix-To-NT Web Link: Samba: From UNIX to Windows and back</a>.
-<a href="http://www.mcp.mag">Microsoft Certified Professional Magazine</a>
-have a cover article on Samba <a href="http://www.mcpmag.com/members/99may/fea1main.asp">here</a>.
-Note that this is now on a MCP magazine members only page.<br><br>
-
-<li>Those crazy people at <a
-href="http://www.zdnet.com/sr/welcome.html">Sm@rt Reseller</a> have done
-it again!  This time they benchmarked Samba on <a
-href="http://www.pht.com/">Pacific HiTech Linux</a> against <a
-href="http://www.novell.com/">Novell NetWare 5.0</a> on the same hardware. 
-
-Out of the box, Samba and PHT Linux delivered <em>43% more throughput</em>
-than NetWare 5.0. Read the full story <a
-href="http://www.zdnet.com/sr/stories/issue/0,4537,398022,00.html">here</a>.
-
-<li><a href="http://www.zdnet.com/sr/welcome.html">Sm@rt Reseller</a>
-has published a review of Samba 2.0 as a followup to their earlier
-story. Their verdict? <em>&quot;For basic Server Message Block file and print
-serving, Samba can't be beat. No ifs, ands or buts.&quot;</em>.
-
-Read the full story <a
-href="http://www.zdnet.com/sr/stories/issue/0,4537,396321,00.html">here</a>.
-
-<LI>ZD Net/PC Week has published a review of Samba on an SGI Origin 200
-platform. They say &quot;The Origin/Samba combo kicked up astounding
-performance numbers.&quot;. The review may be found at
-<A HREF="http://www.zdnet.com/products/stories/reviews/0,4161,394079,00.html">
-<em>&quot;Samba up-tempo performer.&quot;</em></A>.
-
-<li>A benchmarking lab within <A HREF="http://www.sun.com">Sun Microsystems</A>
-has done benchmarks on Samba on a Sun E450. The statement they gave to the
-Samba Team may be seen <a href="/samba/whatsnew/sunbench.html">here.</A>
-
-
-<li><a href="http://www.zdnet.com/sr/welcome.html">Sm@rt Reseller</a> has
-<a
-href="http://www.zdnet.com/sr/stories/issue/0,4537,387506,00.html">published
-a benchmark</a> comparing NT with Samba+Linux. The <a
-href="http://www.zdnet.com/sr/stories/issue/0,4537,2196106,00.html">results</a>
-show Samba way ahead. 
-
-<LI><a href="http://www.zdnet.com/pcweek/">PC Week</a> has also <a
-href="http://www.zdnet.com/pcweek/stories/news/0,4153,387766,00.html">published
-a benchmark</a> of Samba on a Linux 2.2 kernel on a 4 processor <a
-href="http://www.varesearch.com/">VA Research</a> server. The results show
-Samba to be <em>impressive</em>. 
-
-
-
-<li><A HREF="samba-2.0.3.html">28th Feb 1999</A>: Samba 2.0.3 released.
-<li><A HREF="samba-2.0.2.html">7th Feb 1999</A>: Samba 2.0.2 released.
-<li><A HREF="samba-2.0.1.html">6th Feb 1999</A>: Samba 2.0.1 released.
-<li><A HREF="samba2.0.press.html">14th Jan 1999</A>: The Samba 2 Press release.
-<li><A HREF="samba-2.0.0.html">14th Jan 1999</A>: Samba 2.0.0 released.
-
-<li>
-Silicon Graphics has 
-<a
-href="http://www.sgi.com/newsroom/press_releases/1998/december/samba.html">announced</a>
-full support for Samba on its Origin line of servers. SGI also has a
-<a href="http://www.sgi.com/software/samba/">Samba for IRIX</a> page
-where you can find more info.
-
-<li> Samba has a new <A HREF="/samba/whatsnew/domain_name.html">domain
-name</A>
-
-<li> <A HREF="/samba/whatsnew/samba-1.9.18-security.html">Security
-vulnerabilities</A> have been found in Samba binary distributions in
-RedHat, Caldera and PHT/TurboLinux.
-
-<li> Samba has won an <A HREF="/samba/ntsystems.html">award</A> for best Unix
-Connectivity Tool from Windows NT systems magazine.
-
-<li>
-Several members of the <A HREF="/samba/team.html">Samba Team</A>
-attended the <A HREF="/samba/cifs98/">3rd annual CIFS conference and
-interop</A> in SanJose. Lots of pizza was eaten and some coding was
-done as well.
-
-<li><A HREF="samba-2.0.0beta5.html">30th Dec 98</A>: Samba 2.0.0Beta5 Released
-<li><A HREF="samba-2.0.0beta4.html">14th Dec 98</A>: Samba 2.0.0Beta4 Released
-<li><A HREF="samba-2.0.0beta3.html">7th Dec 98</A>: Samba 2.0.0Beta3 Released
-<li><A HREF="samba-2.0.0beta2.html">24th Nov 98</A>: Samba 2.0.0Beta2 Released
-<li><A HREF="domain_name.html">21th Nov 98</A>: FSC donates samba.org domain
-<li><A HREF="samba-1.9.18-security.html">19th Nov 98</A>: Security update for Samba 1.9.18 binaries
-<li><A HREF="samba-2.0.0beta1.html">14th Nov 98</A>: Samba 2.0.0Beta1 Released
-<li><A HREF="http://www.ifn.ing.tu-bs.de/ifn/sonst/samba-vms.html">2nd Oct 98</A>: Maintenance Update for Samba for VMS 1.9.17p4 Released
-<li><A HREF="samba1.9.18p10.html">24th Aug 98</A>: Samba 1.9.18p10 Released
-<li><A HREF="samba1.9.18p8.html">13th June 98</A>: Samba 1.9.18p8 Released
-<li><A HREF="samba1.9.18p7.html">13th May 98</A>: Samba 1.9.18p7 Released
-<li><A HREF="samba1.9.18p6.html">11th May 98</A>: Samba 1.9.18p6 Released
-<li><A HREF="samba1.9.18p5.html">9th May 98</A>: Samba 1.9.18p5 Released
-<li><A HREF="samba1.9.18p4.html">28th Mar 98</A>: Samba 1.9.18p4 Released
-<li><A HREF="/samba/docs/index.html#SambaBook">20th Feb 98</A>: New Samba book - "Samba: Integrating UNIX and Windows"
-<li><A HREF="samba1.9.18p3.html">19th Feb 98</A>: Samba 1.9.18p3 Released
-<li><A HREF="samba1.9.18p2.html">27th Jan 98</A>: Samba 1.9.18p2 Released
-<li><A HREF="samba1.9.18p1.html">13th Jan 98</A>: Samba 1.9.18p1 Released
-<li><A HREF="samba1.9.18-glossy.html">8th Jan 98</A>: Samba 1.9.18 glossy press release
-<li><A HREF="samba1.9.18.html">8th Jan 98</A>: Samba 1.9.18 Released
-<li><A HREF="samba1.9.18alpha14.html">24th Dec 97</A>: New alpha release - 1.9.18alpha14
-<li><A HREF="http://www.secretagent.com/interviews/tridgell.html">23rd Dec 97</A>: An Interview with Andrew Tridgell
-<li><A HREF="samba1.9.17p5.html">20th Dec 97</A>: Samba 1.9.17p5 Released
-<li><A HREF="samba1.9.18alpha13.html">16th Dec 97</A>: New alpha release - 1.9.18alpha13
-<li><A HREF="samba1.9.18alpha12.html">28th Nov 97</A>: New alpha release - 1.9.18alpha12
-<li><A HREF="http://www.ifn.ing.tu-bs.de/ifn/sonst/samba-vms.html">25th Nov 97</A>: Samba for VMS 1.9.17p4 is out!
-<li><A HREF="survey/">3nd Nov 97</A>: Samba Survey back online
-<li><A HREF="samba1.9.18alpha11.html">2nd Nov 97</A>: New alpha release - 1.9.18alpha11
-<li><A HREF="samba1.9.18alpha3.html">22nd Oct 97</A>: New alpha release - 1.9.18alpha3
-<li><A HREF="samba1.9.17p4.html">22nd Oct 97</A>: Samba 1.9.17p4 Released
-<li><A HREF="digest/1997/97oct/0411.html">21st Oct 97</A>: NTDOM: NT domain groups, SIDs and other info required
-<li><A HREF="samba1.9.18alpha1.html">20th Oct 97</A>: New alpha release - 1.9.18alpha1
-<li><A HREF="samba-redhat-1.9.17p3.html">15th Oct 97</A>: Binary/Source RPM for Red Hat 4.2
-<li><A HREF="samba1.9.17p3.html">14th Oct 97</A>: Samba 1.9.17p3 Released
-<li><A HREF="BugReports.html">11th Oct 97</A>: Samba Bug Tracking System
-<li><A HREF="samba1.9.17p2.html">26th Sep 97</A>: Samba 1.9.17p2 SECURITY BUGFIX
-<li><A HREF="samba.html#Clients">21th Sep 97</A>: Linux LAN Information web link added (smbfs and more)
-<li><A HREF="samba-redhat3.html">10th Sep 97</A>: RedHat Linux: Samba-1.9.17p1 RPMs Update 3
-<li><A HREF="samba-redhat.html">8th Sep 97</A>: RedHat Binary Packages (1.9.17p1)
-<li><A HREF="samba1.9.17p1.html">6th Sep 97</A>: Samba 1.9.17p1 Released
-<li><A HREF="binaries.html">30th Aug 97</A>: Sinix 5.42 binaries available (1.9.17, thanks Kare!)
-<li><A HREF="samba1.9.17.html">26th Aug 97</A>: Samba 1.9.17 Released
-<li><A HREF="samba1.9.17alpha5.html">1st Aug 97</A>: Samba 1.9.17alpha5 now available
-<li><A HREF="http://www.boerde.de/~horstf/">20 July 97</A>: New WWW Home for: Faxing with Samba, a solution (German/English)
-<li><A HREF="samba1.9.17alpha4.html">3rd July 97</A>: Samba 1.9.17alpha4 now available
-<li><A HREF="http://www.ifn.ing.tu-bs.de/ifn/sonst/samba-vms.html">18th Apr 97</A>: Samba for VMS 1.9.16p11 is out!
-</ul>
-
-
-<!--#include virtual="/samba/footer.html" -->
-
diff --git a/whatsnew/macroexploit.html b/whatsnew/macroexploit.html
deleted file mode 100755
index 2450a6b..0000000
--- a/whatsnew/macroexploit.html
+++ /dev/null
@@ -1,83 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-  <H2 align="center">Security Vulnerability</H2>
-<pre>
-		IMPORTANT: Security bugfix for Samba
-		------------------------------------
-
-June 23rd 2001
-
-
-Summary
--------
-
-A serious security hole has been discovered in all versions of Samba
-that allows an attacker to gain root access on the target machine for
-certain types of common Samba configuration.
-
-The immediate fix is to edit your smb.conf configuration file and
-remove all occurances of the macro "%m". Replacing occurances of %m
-with %I is probably the best solution for most sites.
-
-Details
--------
-
-A remote attacker can use a netbios name containing unix path
-characters which will then be substituted into the %m macro wherever
-it occurs in smb.conf. This can be used to cause Samba to create a log
-file on top of an important system file, which in turn can be used to
-compromise security on the server.
-
-The most commonly used configuration option that can be vulnerable to
-this attack is the "log file" option. The default value for this
-option is VARDIR/log.smbd. If the default is used then Samba is not
-vulnerable to this attack.
-
-The security hole occurs when a log file option like the following is
-used:
-
-  log file = /var/log/samba/%m.log
-
-In that case the attacker can use a locally created symbolic link to
-overwrite any file on the system. This requires local access to the
-server.
-
-If your Samba configuration has something like the following:
-
-  log file = /var/log/samba/%m
-
-Then the attacker could successfully compromise your server remotely
-as no symbolic link is required. This type of configuration is very
-rare.
-
-The most commonly used log file configuration containing %m is the
-distributed in the sample configuration file that comes with Samba:
-
-  log file = /var/log/samba/log.%m
-
-in that case your machine is not vulnerable to this attack unless you
-happen to have a subdirectory in /var/log/samba/ which starts with the
-prefix "log."
-
-Credit
-------
-
-Thanks to Michal Zalewski (lcamtuf@bos.bindview.com) for finding this
-vulnerability.
-
-
-New Release
------------
-
-While we recommend that vulnerable sites immediately change their
-smb.conf configuration file to prevent the attack we will also be
-making new releases of Samba within the next 24 hours to properly fix
-the problem. Please see http://www.samba.org/ for the new releases.
-
-Please report any attacks to the appropriate authority.
-
-	The Samba Team
-	security@samba.org
-</pre>
-
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-1.9.18-security.html b/whatsnew/samba-1.9.18-security.html
deleted file mode 100755
index 55189b1..0000000
--- a/whatsnew/samba-1.9.18-security.html
+++ /dev/null
@@ -1,173 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-<h2 align="center">Security vulnerability in Samba 1.9.18 binaries</h2>
-
-The Samba Team has discovered two security vulnerabilities in the
-samba-1.9.18 RPMs as distributed by RedHat, Caldera and TurboLinux.
-As far as we know no other distributions of Samba are affected.
-
-<h2>summary</h2>
-
-The first problem is the installation permissions of the wsmbconf
-binary. The RPM installs wsmbconf as a setgid binary owned by group
-root and executable by all users.<p>
-
-The wsmbconf program was a prototype application and was never meant to
-make its way into a Samba release. It was not designed to be setgid
-and is vulnerable to attack by local users when installed setgid.<p>
-
-The second problem is that the spec file creates a world writeable
-spool area /var/spool/samba but does not set the t bit. The t bit
-should be set on Samba spool directories.<p>
-
-<h2>impact</h2>
-
-<ol>
-<li> non-privileged users can use wsmbconf to gain read/write access to
-any file which is accessible to the root group. 
-
-<li> non-privileged users can alter the content of documents being
-printed by other users. If an interpreter such as ghostscript is used
-to process print files then the insertion of exploit code into print
-files may allow an attacker to exploit vulnerabilities in the
-interpreter to gain access to files owned by users submitting print
-jobs.
-</ol>
-
-<h2>vulnerable systems</h2>
-
-The wsmbconf vulnerability is known to affect the binary versions of
-Samba-1.9.18 distributed with RedHat Linux, Caldera OpenLinux and PHT
-TurboLinux. <p>
-
-The /var/spool/samba vulnerability is known to affect all binary
-versions of Samba distributed with RedHat from version 4.0 up to
-5.2. It is believed to also affect a wide range of Caldera and
-TurboLinux versions but specifics are not available at this time.<p>
-
-Systems on which Samba has been built from the distributed source code
-(the .tar.gz files) are not vulnerable. Both vulnerabilities are
-present only in the packaging files used for particular binary
-distributions. <p>
-
-You can tell if your system is vulnerable by looking for a file called
-/usr/sbin/wsmbconf. If you have that file then you have a vulnerable
-installation.
-
-<h2>workaround</h2>
-
-<ol>
-<li> All systems on which /usr/sbin/wsmbconf is installed should
-immediately remove that file:
-<pre><small>
-	rm -f /usr/sbin/wsmbconf
-</small></pre>
-
-removing that file will not in any way adversely affect your Samba
-installation as the file is not actually part of Samba 1.9.18. It
-was included in the distribution inadvertently.
-
-<li> All systems which have a /var/spool/samba directory should ensure
-that the t bit is set on that directory:
-<pre><small>
-    chmod +t /var/spool/samba
-</small></pre>
-</ol>
-
-<h2>fix</h2>
-
-<ol>
-<li> The cause of the first problem is the following line in the spec
-file used to compile Samba 1.9.18p10 on RedHat and Caldera systems:
-
-<pre><small>
-   %attr(2755,root,root) /usr/sbin/wsmbconf
-</small></pre>
-
-The 2755 permissions are incorrect. The correct action is to remove
-wsmbconf completely from the spec file.
-
-<li> The cause of the second problem is the following line in the spec
-file used to compile Samba 1.9.18p10 on RedHat and Caldera systems:
-
-<pre><small>
-   %attr(777,root,root) %dir /var/spool/samba
-</small></pre>
-
-the line should be changed to read:
-
-<pre><small>
-   %attr(1777,root,root) %dir /var/spool/samba
-</small></pre>
-</ol>
-
-<h2>updated packages</h2>
-
-RedHat and Caldera have released new RPMs on their ftp sites. We expect
-PHT to release new RPMs shortly.<p>
-
-The URLs I have been given are:
-
-<h3>Caldera</h3>
-<ul>
-<li> 
-<A HREF="ftp://ftp.caldera.com/pub/OpenLinux/updates/1.3/007">
-ftp://ftp.caldera.com/pub/OpenLinux/updates/1.3/007</A>
-</ul>
-
-<h3>Red Hat Linux 4.2</h3>
-<ul>
-<li>alpha 
-<A HREF="ftp://updates.redhat.com/4.2/alpha/samba-1.9.18p10-0.alpha.rpm">
-ftp://updates.redhat.com/4.2/alpha/samba-1.9.18p10-0.alpha.rpm</A>
-
-<li>i386  
-<A HREF="ftp://updates.redhat.com/4.2/i386/samba-1.9.18p10-0.i386.rpm">
-ftp://updates.redhat.com/4.2/i386/samba-1.9.18p10-0.i386.rpm</A>
-
-<li>sparc 
-<A HREF="ftp://updates.redhat.com/4.2/sparc/samba-1.9.18p10-0.sparc.rpm">
-ftp://updates.redhat.com/4.2/sparc/samba-1.9.18p10-0.sparc.rpm</A>
-</ul>
-
-<h3>Red Hat Linux 5.0, 5.1 and 5.2</h3>
-
-<ul>
-<li>alpha 
-<A HREF="ftp://updates.redhat.com/5.2/alpha/samba-1.9.18p10-5.alpha.rpm">
-ftp://updates.redhat.com/5.2/alpha/samba-1.9.18p10-5.alpha.rpm</A>
-
-<li>i386  
-<A HREF="ftp://updates.redhat.com/5.2/i386/samba-1.9.18p10-5.i386.rpm">
-ftp://updates.redhat.com/5.2/i386/samba-1.9.18p10-5.i386.rpm</A>
-
-<li>sparc
-<A HREF="ftp://updates.redhat.com/5.2/sparc/samba-1.9.18p10-5.sparc.rpm">
-ftp://updates.redhat.com/5.2/sparc/samba-1.9.18p10-5.sparc.rpm</A>
-</ul>
-
-<h3>PHT TurboLinux 2.0</h3>
-
-A beta of Samba 2.0 (which does not have this security hole) is
-available from
-<ul>
-<li>
-<A HREF="ftp://ftp.pht.com/pub/turbolinux/TurboLinux/RPMS/">
-ftp://ftp.pht.com/pub/turbolinux/TurboLinux/RPMS/</A>
-</ul>
-
-<h2>additional</h2>
-
-wsmbconf was included inadvertently in the RedHat spec file as
-distributed in Samba 1.9.18 by a Samba Team member. RedHat, Caldera
-and PHT are not responsible for this vulnerability, even though only
-those systems are affected. The Samba Team apologises to RedHat,
-Caldera and PHT users for these mistakes.<p>
-
-These vulnerabilities were discovered during routine inspection of the
-spec files. We are not aware of anyone actively exploiting these
-vulnerabilities, although exploits are certainly possible.
-
-<!--#include virtual="/samba/footer.html" -->
-
-
diff --git a/whatsnew/samba-2.0.0.html b/whatsnew/samba-2.0.0.html
deleted file mode 100755
index b59a6f4..0000000
--- a/whatsnew/samba-2.0.0.html
+++ /dev/null
@@ -1,355 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team are pleased to announce Samba&nbsp;2.0.0</H2>
-
-<p>
-<pre>
-The Samba Team is pleased to announce a new major release of Samba,
-Samba 2.0.
-
-This is the latest stable release of Samba. This is the version that
-all production Samba servers should be running for all current
-bug-fixes.
-
-Samba 2.0.0 is available in source form from
-samba.org and all of our mirror sites at the url :
-
-<a href="/samba/ftp/samba-2.0.0.tar.gz">/samba/ftp/samba-2.0.0.tar.gz </a>
-
-Binary packages will be available shortly for many popular platforms.
-Please check the main Web site or email announcements for details.
-
-If you have problems, or think you have found a bug please email
-a report to :
-
-        <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-The WHATSNEW.txt file follows.
-
-As always, any bugs are our responsibility,
-
-Regards,
-
-        The Samba Team.
-
------------------------------------------------------------
-          Issues fixed between Beta5 and 2.0.0
-          ------------------------------------
-
-1). Fixed problems with SIGCLD causing infinite looping of
-    smbd on Solaris in password changing code.
-2). Fixed compile problem with mmap for HPUX.
-3). Fixed issues with setreuid code not being used in preference
-    to seteuid code.
-4). Added capability to return the same NT ACL that NT does
-    when queried on a DOS FAT filesystem. This fixes the "not 
-    implemented" error message for GetSecurityDescriptor() calls
-    that was causing some NT apps to fail.
-5). Fixed nmbd strange name loop problem.
-6). Added fix to show full pathname for locked files.
-7). Re-added FTRUNCATE_NEEDS_ROOT code and autoconf test for
-    older systems.
-8). nmbd now reloads smb.conf in main loop rather than in
-    signal handler.
-9). Re-wrote changenotify tests to do directory scan. Needed
-    for Visual C++ to work correctly.
-10). Re-wrote directory handle code to eliminate handle leak
-     and allow infinite (well 4096) simultaneous handles using
-     bitmap code.
-11). Fixed bug where MS-Office wouldn't report file in use.
-12). Caused timeout processing to be done correctly on timestamps,
-     not on bogus counter.
-13). Cause timeout processing to be done on receipt of SMBecho.
-14). Added code to cope with NT bug where it's sending 64 bit
-     lock ranges to a server that only handles 32 bit ranges.
-15). Allows %S substitution to be used in force user.
-16). Fixed autoconf test for setreuid.
-17). Fixed bug in testparm with password changing parameter.
-18). Fixed SWAT bug - now remove 'commit' button from areas where
-     user doesn't have write access.
-
------------------------------------------------------------
-          Issues fixed between Beta4 and Beta5
-          ------------------------------------
-
-1). Recuse directory bug with NT and smbtar fixed. smbtar now
-    recurses through all directories correctly.
-2). Subtle bug fixed with the SIGCLD eating process status values
-    in cases where they are needed.
-3). Fixed autoconf detection and handling of the different
-    setresuid/seteuid/setuid calls on different UNIXs.
-4). Wrapped readdir64 for large file support.
-5). Fixed --with-nisplus compile for Solaris.
-6). Fixed wildcard bug with 16 bit clients. Also got closer
-    to NT wildcard semantics.
-7). Allowed seek fails with EPIPE when doing client seeks to
-    allow Windows clients to communicate with UNIX processes via
-    fifo's (worked on 1.9.18, was broken in 2.0.0beta1-4).
-8). Fixed compile bug with slow share mode code.
-9). Fixes for QNX compiles.
-10). Fixed recursion bug in nmbd if WINS server returns an
-     error at a bad time :-).
-11). Log AFS auth fail.
-12). Fixed Digital UNIX enhanced security problem with SWAT.
-13). Updated SID generation code to produce NT compatible SIDs.
-14). Fixed bug with ENOSPC on close() calls. This should now 
-     be detected and returned to the client.
-15). NT transact parameters weren't being zeroed out before use.
-16). Fixed lockread bug where it was asking for a read-only
-     lock. It should be using a write lock (however strange this
-     seems :-).
-17). Many SWAT printer fixes from Herb Lewis.
-18). SWAT parameters now grouped in a more logical way.
-19). Changed main smbd select loop to 60 seconds, smb.conf checks
-     to every 120 seconds to reduce load on large servers.
-
------------------------------------------------------------
-          Issues fixed between Beta3 and Beta4
-          ------------------------------------
-
-1). More sanity checks in testparm code to help diagnose smb.conf
-    problems.
-2). Ensure log header not written before log rotated.
-3). Fix getrlimit number of file descriptors problem with AIX.
-    AIX supports the call but always returns infinity. This was
-    causing smbd to try and allocate a large amount of memory.
-4). Fixed name lookup in lmhosts to match the documentation for
-    name type lookup.
-5). Removed need to link password database code into nmbd.
-6). Stop nmbd sending broadcast name refresh requests, use
-    permanent TTL on broadcast interfaces.
-7). Flag "PRINTER" and "SHARE" parameters so SWAT can display
-    them correctly.
-8). Fix SWAT so that it can display auto-generated printer list.
-9). Added AFS and DCE auth includes back.
-10). Added workaround to Windows NT redirector bug where it sends
-     64 bit lock requests to systems that don't support 64 bit offsets
-     (eg. Linux).
-11). Fixed name mangling cache bug.
-12). Fix smbpasswd bug where a missmatched password could be mis-interpreted
-     when adding a user.
-13). Updates to SWAT to display "commit" button if user has write
-     access to smb.conf.
-14). Fixed to autoconf for HPUX systems to work around broken
-     HPUX shadow.h include file.
-
------------------------------------------------------------
-          Issues fixed between Beta2 and Beta3
-          ------------------------------------
-
-1). New parameters added :
-    "add user script"
-    "delete user script"
-    Designed to allow Samba servers to be set up with
-    no UNIX users and to allow them to create the needed
-    UNIX users on the fly. See the smb.conf documentation
-    for more details.
-2). Autoconf issues including fixes for large file support for
-    Solaris and SINIX, and stat64 tests on SVR4 systems.
-3). Code dealing with dos pathnames and native pathnames split
-    to be explicit about when Samba is accessing which type of
-    name.
-4). Fix for missing PRINTCAP define under HPUX.
-5). Added Samba specific strtoul().
-6). Fix for reverse filename mapping with ISO8859-5 filenames.
-7). Fix for nmbd not starting correctly sometimes due to pid
-    locking file.
-8). Check for error returns in file descriptor limit checking code.
-9). Kernel oplock code bugfix.
-10). Restored client retarget code.
-11). Fix for potential stack overflow in Digital UNIX crypt check.
-12). Explicitly test for negative uids in smbpasswd file.
-13). Fix for NT username in Domain logon code.
-14). Patch from Scott Moomaw scott@bridgewater.edu to correctly
-     return "Invalid Info level" to Win95 printer clients.
-15). Fix to allow NT printer clients to add printers (as 1.9.18
-     code would allow).
-16). Fix to prevent ".." being used in servicename.
-17). New SWAT icons.
-
------------------------------------------------------------
-          Issues fixed between Beta1 and Beta2
-          ------------------------------------
-
-1). Many autoconf issues (too many to list here).
-2). Correctly set default printing for AIX.
-3). Attempt to fix struct rtentry not being defined problem.
-4). Convert all open() style calls to wrappers for 64 bit systems.
-5). Get more 'const' correct.
-6). Fix bug with O_EXCL not being set on exlusive open requests.
-7). Fix string_sub() problem with LinPopup.
-8). Fix lmhosts bug causing only 3 character names to be looked up.
-9). Fixed bug with NetBIOS pointers in scope names.
-10). Removed code that was preventing NT3.51 PDC logons from working.
-11). Fixed crash bug when processing DELETE_ON_CLOSE directive from MS Office.
-12). Fixed NT4.x problems adding printer.
-13). Stop multiple logs of NT ACL's not supported messages.
-14). Changed 'security=server' mode to use *SMBSERVER name if
-     initial connect refused.
-15). Fixed NT4.x problem with modify times not being preserved
-     on explorer file copy.
-16). 'Silent' switch for testparm.
-17). Added 'hosts allow/deny' checks to SWAT.
-
------------------------------------------------------------
-               WHATS NEW IN Samba 2.0.0
-               ========================
-
-This is a MAJOR new release of Samba, the UNIX based SMB/CIFS file 
-and print server for Windows systems.
-
-There have been many changes in Samba since the last major release,
-1.9.18.  These have mainly been in the areas of performance and
-SMB protocol correctness.  In addition, a Web based GUI interface
-for configuring Samba has been added.
-
-In addition, Samba has been re-written to help portability to
-other POSIX-based systems, based on the GNU autoconf tool.
-
-Major changes in Samba 2.0
---------------------------
-
-There are many major changes in Samba for version 2.0.  Here are 
-some of them:
-
-=====================================================================
-
-1). Speed
----------
-
-Samba has been benchmarked on high-end UNIX hardware as out-performing
-all other SMB/CIFS servers using the Ziff-Davis NetBench benchmark.
-Many changes to the code to optimise high-end performance have been made.
-
-2). Correctness
----------------
-
-Samba now supports the Windows NT specific SMB requests.  This
-means that on platforms that are capable Samba now presents a
-64 bit view of the filesystem to Windows NT clients and is
-capable of handling very large files.
-
-3). Portability
----------------
-
-Samba is now self-configuring using GNU autoconf, removing
-the need for people installing Samba to have to hand configure
-Makefiles, as was needed in previous versions.
-
-You now configure Samba by running "./configure" then "make".  See
-docs/textdocs/UNIX_INSTALL.txt for details.
-
-4). Web based GUI configuration
--------------------------------
-
-Samba now comes with SWAT, a web based GUI config system.  See
-the swat man page for details on how to set it up.
-
-5). Cross protocol data integrity
----------------------------------
-
-An open function interface has been defined to allow 
-"opportunistic locks" (oplocks for short) granted by Samba
-to be seen by other UNIX processes.  This allows complete
-cross protocol (NFS and SMB) data integrety using Samba
-with platforms that support this feature.
-
-6). Domain client capability
-----------------------------
-
-Samba is now capable of using a Windows NT PDC for user
-authentication in exactly the same way that a Windows NT
-workstation does, i.e. it can be a member of a Domain.  See
-docs/textdocs/DOMAIN_MEMBER.txt for details.
-
-7). Documentation Updates
--------------------------
-
-All the reference parts of the Samba documentation (the
-manual pages) have been updated and converted to a document
-format that allows automatic generation of HTML, SGML, and
-text formats.  These documents now ship as standard in HTML
-and manpage format.
-
-=====================================================================
-
-NOTE - Some important option defaults changed
----------------------------------------------
-
-Several parameters have changed their default values.  The most
-important of these is that the default security mode is now user
-level security rather than share level security.
-
-This (incompatible) change was made to ease new Samba installs
-as user level security is easier to use for Windows 95/98 and
-Windows NT clients.
-
-********IMPORTANT NOTE****************
-
-If you have no "security=" line in the [global] section of 
-your current smb.conf and you update to Samba 2.0 you will
-need to add the line :
-
-security=share
-
-to get exactly the same behaviour with Samba 2.0 as you
-did with previous versions of Samba.
-
-********END IMPORTANT NOTE*************
-
-In addition, Samba now defaults to case sensitivity options that
-match a Windows NT server precisely, that is, case insensitive 
-but case preserving.
-
-The default format of the smbpasswd file has also been
-changed for this release, although the new tools will read
-and write the old format, for backwards compatibility.
-
-=====================================================================
-
-NOTE - Primary Domain Controller Functionality
-----------------------------------------------
-
-This version of Samba contains code that correctly implements
-the undocumented Primary Domain Controller authentication
-protocols.  However, there is much more to being a Primary
-Domain Controller than serving Windows NT logon requests.
-
-A useful version of a Primary Domain Controller contains
-many remote procedure calls to do things like enumerate users, 
-groups, and security information, only some of which Samba currently
-implements. In addition, there are outstanding (known) bugs with
-using Samba as a PDC in this release that the Samba Team are actively
-working on. For this reason we have chosen not to advertise and 
-actively support Primary Domain Controller functionality with this
-release.
-
-This work is being done in the CVS (developer) versions of Samba,
-development of which continues at a fast pace.  If you are
-interested in participating in or helping with this development
-please join the Samba-NTDOM mailing list.  Details on joining
-are available at :
-
-<a href="http://lists.samba.org/listinfo/samba-ntdom/">http://lists.samba.org/listinfo/samba-ntdom/</a>
-
-Details on obtaining CVS (developer) versions of Samba
-are available at:
-
-<a href="http://www.samba.org/cvs.html">http://www.samba.org/cvs.html</a>
-
-=====================================================================
-
-If you have problems, or think you have found a bug please email 
-a report to :
-
-        <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-        The Samba Team.  
-
-----------------------------------------------------------------------
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-2.0.0beta1.html b/whatsnew/samba-2.0.0beta1.html
deleted file mode 100755
index 3263af9..0000000
--- a/whatsnew/samba-2.0.0beta1.html
+++ /dev/null
@@ -1,193 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team are pleased to announce Samba&nbsp;2.0.0Beta1</H2>
-
-<p>
-<pre>
-The Samba Team are pleased to announce Samba 2.0 Beta1
-
-This is the first of (hopefully) a short series of Beta
-releases of the 2.0 code.
-
-We are relasing these Betas to enable the Samba Team to gain
-wider testing of the new autoconf mechanism and fix any
-bugs before the first ship of the new stable version of
-Samba - Samba 2.0.
-
-Samba 2.0 Beta1 is available in source form at the
-following URL (it will be available from our mirror
-sites shortly) :
-
-<a href="/samba/ftp/beta/samba-2.0.0beta1.tar.gz">http://samba.org/samba/ftp/beta/samba-2.0.0beta1.tar.gz </a>
-
-Please try this code and give us feedback.
-
-If you have problems, or think you have found a bug please email
-a report to :
-
-        <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-The WHATSNEW.txt file follows.
-
-As always, any bugs are our responsibility,
-
-Regards,
-
-        The Samba Team.
-
------------------------------------------------------------
-          WHATS NEW IN Samba 2.0.0 beta1
-          ==============================
-
-This is a MAJOR new release of Samba, the UNIX based SMB/CIFS file 
-and print server for Windows systems.
-
-There have been many changes in Samba since the last major release,
-1.9.18.  These have mainly been in the areas of performance and
-SMB protocol correctness.  In addition, a Web based GUI interface
-for configuring Samba has been added.
-
-In addition, Samba has been re-written to help portability to
-other POSIX-based systems, based on the GNU autoconf tool.
-
-Major changes in Samba 2.0
---------------------------
-
-There are many major changes in Samba for version 2.0.  Here are 
-some of them:
-
-=====================================================================
-
-1). Speed
----------
-
-Samba has been benchmarked on high-end UNIX hardware as out-performing
-all other SMB/CIFS servers using the Ziff-Davis NetBench benchmark.
-Many changes to the code to optimise high-end performance have been made.
-
-2). Correctness
----------------
-
-Samba now supports the Windows NT specific SMB requests.  This
-means that on platforms that are capable Samba now presents a
-64 bit view of the filesystem to Windows NT clients and is
-capable of handling very large files.
-
-3). Portability
----------------
-
-Samba is now self-configuring using GNU autoconf, removing
-the need for people installing Samba to have to hand configure
-Makefiles, as was needed in previous versions.
-
-You now configure Samba by running "./configure" then "make".  See
-docs/textdocs/UNIX_INSTALL.txt for details.
-
-4). Web based GUI configuration
--------------------------------
-
-Samba now comes with SWAT, a web based GUI config system.  See
-the swat man page for details on how to set it up.
-
-5). Cross protocol data integrity
----------------------------------
-
-An open function interface has been defined to allow 
-"opportunistic locks" (oplocks for short) granted by Samba
-to be seen by other UNIX processes.  This allows complete
-cross protocol (NFS and SMB) data integrety using Samba
-with platforms that support this feature.
-
-6). Domain client capability
-----------------------------
-
-Samba is now capable of using a Windows NT PDC for user
-authentication in exactly the same way that a Windows NT
-workstation does, i.e. it can be a member of a Domain.  See
-docs/textdocs/DOMAIN_MEMBER.txt for details.
-
-7). Documentation Updates
--------------------------
-
-All the reference parts of the Samba documentation (the
-manual pages) have been updated and converted to a document
-format that allows automatic generation of HTML, SGML, and
-text formats.  These documents now ship as standard in HTML
-and manpage format.
-
-=====================================================================
-
-NOTE - Some important option defaults changed
----------------------------------------------
-
-Several parameters have changed their default values.  The most
-important of these is that the default security mode is now user
-level security rather than share level security.
-
-This (incompatible) change was made to ease new Samba installs
-as user level security is easier to use for Windows 95/98 and
-Windows NT clients.
-
-********IMPORTANT NOTE****************
-
-If you have no "security=" line in the [global] section of 
-your current smb.conf and you update to Samba 2.0 you will
-need to add the line :
-
-security=share
-
-to get exactly the same behaviour with Samba 2.0 as you
-did with previous versions of Samba.
-
-********END IMPORTANT NOTE*************
-
-In addition, Samba now defaults to case sensitivity options that
-match a Windows NT server precisely, that is, case insensitive 
-but case preserving.
-
-=====================================================================
-
-NOTE - Primary Domain Controller Functionality
-----------------------------------------------
-
-This version of Samba contains code that correctly implements
-the undocumented Primary Domain Controller authentication
-protocols.  However, there is much more to being a Primary
-Domain Controller than serving Windows NT logon requests.
-
-A useful version of a Primary Domain Controller contains
-many remote procedure calls to do things like enumerate users, 
-groups, and security information, only some of which Samba currently
-implements.  For this reason we have chosen not to advertise
-and actively support Primary Domain Controller functionality
-with this release.
-
-This work is being done in the CVS (developer) versions of Samba,
-development of which continues at a fast pace.  If you are
-interested in participating in or helping with this development
-please join the Samba-NTDOM mailing list.  Details on joining
-are available at :
-
-<a href="http://samba.org/listproc/">http://samba.org/listproc/
-
-Details on obtaining CVS (developer) versions of Samba
-are available at:
-
-<a href="http://samba.org/cvs.html">http://samba.org/cvs.html</a>
-
-=====================================================================
-
-If you have problems, or think you have found a bug please email 
-a report to :
-
-        <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-        The Samba Team.  
-
-----------------------------------------------------------------------
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-2.0.0beta2.html b/whatsnew/samba-2.0.0beta2.html
deleted file mode 100755
index 9483924..0000000
--- a/whatsnew/samba-2.0.0beta2.html
+++ /dev/null
@@ -1,217 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team are pleased to announce Samba&nbsp;2.0.0Beta2</H2>
-
-<p>
-<pre>
-The Samba Team are pleased to announce Samba 2.0 Beta2
-
-This is the second of (hopefully) a short series of Beta
-releases of the 2.0 code and incorporates bug fixes and
-changes from feedback gained from the first beta.
-
-We are relasing these Betas to enable the Samba Team to gain
-wider testing of the new autoconf mechanism and fix any
-bugs before the first ship of the new stable version of
-Samba - Samba 2.0.
-
-Samba 2.0 Beta2 is available in source form from
-samba.org and all of our mirror sites at the url :
-
-<a href="/samba/ftp/beta/samba-2.0.0beta2.tar.gz">/samba/ftp/beta/samba-2.0.0beta2.tar.gz </a>
-
-Please try this code and give us feedback.
-
-If you have problems, or think you have found a bug please email
-a report to :
-
-        <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-The WHATSNEW.txt file follows.
-
-As always, any bugs are our responsibility,
-
-Regards,
-
-        The Samba Team.
-
------------------------------------------------------------
-          Issues fixed between Beta1 and Beta2
-          ------------------------------------
-
-1). Many autoconf issues (too many to list here).
-2). Correctly set default printing for AIX.
-3). Attempt to fix struct rtentry not being defined problem.
-4). Convert all open() style calls to wrappers for 64 bit systems.
-5). Get more 'const' correct.
-6). Fix bug with O_EXCL not being set on exlusive open requests.
-7). Fix string_sub() problem with LinPopup.
-8). Fix lmhosts bug causing only 3 character names to be looked up.
-9). Fixed bug with NetBIOS pointers in scope names.
-10). Removed code that was preventing NT3.51 PDC logons from working.
-11). Fixed crash bug when processing DELETE_ON_CLOSE directive from MS Office.
-12). Fixed NT4.x problems adding printer.
-13). Stop multiple logs of NT ACL's not supported messages.
-14). Changed 'security=server' mode to use *SMBSERVER name if
-     initial connect refused.
-15). Fixed NT4.x problem with modify times not being preserved
-     on explorer file copy.
-16). 'Silent' switch for testparm.
-17). Added 'hosts allow/deny' checks to SWAT.
-
------------------------------------------------------------
-          WHATS NEW IN Samba 2.0.0 beta2
-          ==============================
-
-This is a MAJOR new release of Samba, the UNIX based SMB/CIFS file 
-and print server for Windows systems.
-
-There have been many changes in Samba since the last major release,
-1.9.18.  These have mainly been in the areas of performance and
-SMB protocol correctness.  In addition, a Web based GUI interface
-for configuring Samba has been added.
-
-In addition, Samba has been re-written to help portability to
-other POSIX-based systems, based on the GNU autoconf tool.
-
-Major changes in Samba 2.0
---------------------------
-
-There are many major changes in Samba for version 2.0.  Here are 
-some of them:
-
-=====================================================================
-
-1). Speed
----------
-
-Samba has been benchmarked on high-end UNIX hardware as out-performing
-all other SMB/CIFS servers using the Ziff-Davis NetBench benchmark.
-Many changes to the code to optimise high-end performance have been made.
-
-2). Correctness
----------------
-
-Samba now supports the Windows NT specific SMB requests.  This
-means that on platforms that are capable Samba now presents a
-64 bit view of the filesystem to Windows NT clients and is
-capable of handling very large files.
-
-3). Portability
----------------
-
-Samba is now self-configuring using GNU autoconf, removing
-the need for people installing Samba to have to hand configure
-Makefiles, as was needed in previous versions.
-
-You now configure Samba by running "./configure" then "make".  See
-docs/textdocs/UNIX_INSTALL.txt for details.
-
-4). Web based GUI configuration
--------------------------------
-
-Samba now comes with SWAT, a web based GUI config system.  See
-the swat man page for details on how to set it up.
-
-5). Cross protocol data integrity
----------------------------------
-
-An open function interface has been defined to allow 
-"opportunistic locks" (oplocks for short) granted by Samba
-to be seen by other UNIX processes.  This allows complete
-cross protocol (NFS and SMB) data integrety using Samba
-with platforms that support this feature.
-
-6). Domain client capability
-----------------------------
-
-Samba is now capable of using a Windows NT PDC for user
-authentication in exactly the same way that a Windows NT
-workstation does, i.e. it can be a member of a Domain.  See
-docs/textdocs/DOMAIN_MEMBER.txt for details.
-
-7). Documentation Updates
--------------------------
-
-All the reference parts of the Samba documentation (the
-manual pages) have been updated and converted to a document
-format that allows automatic generation of HTML, SGML, and
-text formats.  These documents now ship as standard in HTML
-and manpage format.
-
-=====================================================================
-
-NOTE - Some important option defaults changed
----------------------------------------------
-
-Several parameters have changed their default values.  The most
-important of these is that the default security mode is now user
-level security rather than share level security.
-
-This (incompatible) change was made to ease new Samba installs
-as user level security is easier to use for Windows 95/98 and
-Windows NT clients.
-
-********IMPORTANT NOTE****************
-
-If you have no "security=" line in the [global] section of 
-your current smb.conf and you update to Samba 2.0 you will
-need to add the line :
-
-security=share
-
-to get exactly the same behaviour with Samba 2.0 as you
-did with previous versions of Samba.
-
-********END IMPORTANT NOTE*************
-
-In addition, Samba now defaults to case sensitivity options that
-match a Windows NT server precisely, that is, case insensitive 
-but case preserving.
-
-=====================================================================
-
-NOTE - Primary Domain Controller Functionality
-----------------------------------------------
-
-This version of Samba contains code that correctly implements
-the undocumented Primary Domain Controller authentication
-protocols.  However, there is much more to being a Primary
-Domain Controller than serving Windows NT logon requests.
-
-A useful version of a Primary Domain Controller contains
-many remote procedure calls to do things like enumerate users, 
-groups, and security information, only some of which Samba currently
-implements.  For this reason we have chosen not to advertise
-and actively support Primary Domain Controller functionality
-with this release.
-
-This work is being done in the CVS (developer) versions of Samba,
-development of which continues at a fast pace.  If you are
-interested in participating in or helping with this development
-please join the Samba-NTDOM mailing list.  Details on joining
-are available at :
-
-<a href="http://samba.org/listproc/">http://samba.org/listproc/</a>
-
-Details on obtaining CVS (developer) versions of Samba
-are available at:
-
-<a href="http://samba.org/cvs.html">http://samba.org/cvs.html</a>
-
-=====================================================================
-
-If you have problems, or think you have found a bug please email 
-a report to :
-
-        <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-        The Samba Team.  
-
-----------------------------------------------------------------------
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-2.0.0beta3.html b/whatsnew/samba-2.0.0beta3.html
deleted file mode 100755
index f8f9c64..0000000
--- a/whatsnew/samba-2.0.0beta3.html
+++ /dev/null
@@ -1,255 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team are pleased to announce Samba&nbsp;2.0.0Beta3</H2>
-
-<p>
-<pre>
-The Samba Team are pleased to announce Samba 2.0 Beta3
-
-This is the third of (hopefully) a short series of Beta
-releases of the 2.0 code and incorporates bug fixes and
-changes from feedback gained from the first two betas.
-
-We are relasing these Betas to enable the Samba Team to gain
-wider testing of the new autoconf mechanism and fix any
-bugs before the first ship of the new stable version of
-Samba - Samba 2.0.
-
-Samba 2.0 Beta3 is available in source form from
-samba.org and all of our mirror sites at the url :
-
-<a href="/samba/ftp/beta/samba-2.0.0beta3.tar.gz">/samba/ftp/beta/samba-2.0.0beta3.tar.gz </a>
-
-Please try this code and give us feedback.
-
-If you have problems, or think you have found a bug please email
-a report to :
-
-        <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-The WHATSNEW.txt file follows.
-
-As always, any bugs are our responsibility,
-
-Regards,
-
-        The Samba Team.
-
------------------------------------------------------------
-          Issues fixed between Beta2 and Beta3
-          ------------------------------------
-
-1). New parameters added :
-    "add user script"
-    "delete user script"
-    Designed to allow Samba servers to be set up with
-    no UNIX users and to allow them to create the needed
-    UNIX users on the fly. See the smb.conf documentation
-    for more details.
-2). Autoconf issues including fixes for large file support for
-    Solaris and SINIX, and stat64 tests on SVR4 systems.
-3). Code dealing with dos pathnames and native pathnames split
-    to be explicit about when Samba is accessing which type of
-    name.
-4). Fix for missing PRINTCAP define under HPUX.
-5). Added Samba specific strtoul().
-6). Fix for reverse filename mapping with ISO8859-5 filenames.
-7). Fix for nmbd not starting correctly sometimes due to pid
-    locking file.
-8). Check for error returns in file descriptor limit checking code.
-9). Kernel oplock code bugfix.
-10). Restored client retarget code.
-11). Fix for potential stack overflow in Digital UNIX crypt check.
-12). Explicitly test for negative uids in smbpasswd file.
-13). Fix for NT username in Domain logon code.
-14). Patch from Scott Moomaw <scott@bridgewater.edu> to correctly
-     return "Invalid Info level" to Win95 printer clients.
-15). Fix to allow NT printer clients to add printers (as 1.9.18
-     code would allow).
-16). Fix to prevent ".." being used in servicename.
-17). New SWAT icons.
-
------------------------------------------------------------
-          Issues fixed between Beta1 and Beta2
-          ------------------------------------
-
-1). Many autoconf issues (too many to list here).
-2). Correctly set default printing for AIX.
-3). Attempt to fix struct rtentry not being defined problem.
-4). Convert all open() style calls to wrappers for 64 bit systems.
-5). Get more 'const' correct.
-6). Fix bug with O_EXCL not being set on exlusive open requests.
-7). Fix string_sub() problem with LinPopup.
-8). Fix lmhosts bug causing only 3 character names to be looked up.
-9). Fixed bug with NetBIOS pointers in scope names.
-10). Removed code that was preventing NT3.51 PDC logons from working.
-11). Fixed crash bug when processing DELETE_ON_CLOSE directive from MS Office.
-12). Fixed NT4.x problems adding printer.
-13). Stop multiple logs of NT ACL's not supported messages.
-14). Changed 'security=server' mode to use *SMBSERVER name if
-     initial connect refused.
-15). Fixed NT4.x problem with modify times not being preserved
-     on explorer file copy.
-16). 'Silent' switch for testparm.
-17). Added 'hosts allow/deny' checks to SWAT.
-
------------------------------------------------------------
-
-
-          WHATS NEW IN Samba 2.0.0 beta3
-          ==============================
-
-This is a MAJOR new release of Samba, the UNIX based SMB/CIFS file 
-and print server for Windows systems.
-
-There have been many changes in Samba since the last major release,
-1.9.18.  These have mainly been in the areas of performance and
-SMB protocol correctness.  In addition, a Web based GUI interface
-for configuring Samba has been added.
-
-In addition, Samba has been re-written to help portability to
-other POSIX-based systems, based on the GNU autoconf tool.
-
-Major changes in Samba 2.0
---------------------------
-
-There are many major changes in Samba for version 2.0.  Here are 
-some of them:
-
-=====================================================================
-
-1). Speed
----------
-
-Samba has been benchmarked on high-end UNIX hardware as out-performing
-all other SMB/CIFS servers using the Ziff-Davis NetBench benchmark.
-Many changes to the code to optimise high-end performance have been made.
-
-2). Correctness
----------------
-
-Samba now supports the Windows NT specific SMB requests.  This
-means that on platforms that are capable Samba now presents a
-64 bit view of the filesystem to Windows NT clients and is
-capable of handling very large files.
-
-3). Portability
----------------
-
-Samba is now self-configuring using GNU autoconf, removing
-the need for people installing Samba to have to hand configure
-Makefiles, as was needed in previous versions.
-
-You now configure Samba by running "./configure" then "make".  See
-docs/textdocs/UNIX_INSTALL.txt for details.
-
-4). Web based GUI configuration
--------------------------------
-
-Samba now comes with SWAT, a web based GUI config system.  See
-the swat man page for details on how to set it up.
-
-5). Cross protocol data integrity
----------------------------------
-
-An open function interface has been defined to allow 
-"opportunistic locks" (oplocks for short) granted by Samba
-to be seen by other UNIX processes.  This allows complete
-cross protocol (NFS and SMB) data integrety using Samba
-with platforms that support this feature.
-
-6). Domain client capability
-----------------------------
-
-Samba is now capable of using a Windows NT PDC for user
-authentication in exactly the same way that a Windows NT
-workstation does, i.e. it can be a member of a Domain.  See
-docs/textdocs/DOMAIN_MEMBER.txt for details.
-
-7). Documentation Updates
--------------------------
-
-All the reference parts of the Samba documentation (the
-manual pages) have been updated and converted to a document
-format that allows automatic generation of HTML, SGML, and
-text formats.  These documents now ship as standard in HTML
-and manpage format.
-
-=====================================================================
-
-NOTE - Some important option defaults changed
----------------------------------------------
-
-Several parameters have changed their default values.  The most
-important of these is that the default security mode is now user
-level security rather than share level security.
-
-This (incompatible) change was made to ease new Samba installs
-as user level security is easier to use for Windows 95/98 and
-Windows NT clients.
-
-********IMPORTANT NOTE****************
-
-If you have no "security=" line in the [global] section of 
-your current smb.conf and you update to Samba 2.0 you will
-need to add the line :
-
-security=share
-
-to get exactly the same behaviour with Samba 2.0 as you
-did with previous versions of Samba.
-
-********END IMPORTANT NOTE*************
-
-In addition, Samba now defaults to case sensitivity options that
-match a Windows NT server precisely, that is, case insensitive 
-but case preserving.
-
-=====================================================================
-
-NOTE - Primary Domain Controller Functionality
-----------------------------------------------
-
-This version of Samba contains code that correctly implements
-the undocumented Primary Domain Controller authentication
-protocols.  However, there is much more to being a Primary
-Domain Controller than serving Windows NT logon requests.
-
-A useful version of a Primary Domain Controller contains
-many remote procedure calls to do things like enumerate users, 
-groups, and security information, only some of which Samba currently
-implements. In addion, there are outstanding (known) bugs with
-using Samba as a PDC in this release that the Samba Team are actively
-working on. For this reason we have chosen not to advertise and 
-actively support Primary Domain Controller functionality with this
-release.
-
-This work is being done in the CVS (developer) versions of Samba,
-development of which continues at a fast pace.  If you are
-interested in participating in or helping with this development
-please join the Samba-NTDOM mailing list.  Details on joining
-are available at :
-
-<a href="http://samba.org/listproc/">http://samba.org/listproc/</a>
-
-Details on obtaining CVS (developer) versions of Samba
-are available at:
-
-<a href="http://samba.org/cvs.html">http://samba.org/cvs.html</a>
-
-=====================================================================
-
-If you have problems, or think you have found a bug please email 
-a report to :
-
-        <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-        The Samba Team.  
-
-----------------------------------------------------------------------
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-2.0.0beta4.html b/whatsnew/samba-2.0.0beta4.html
deleted file mode 100755
index b0f9649..0000000
--- a/whatsnew/samba-2.0.0beta4.html
+++ /dev/null
@@ -1,293 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team are pleased to announce Samba&nbsp;2.0.0Beta4</H2>
-
-<p>
-<pre>
-The Samba Team are pleased to announce Samba 2.0 Beta4
-
-This is the fourth of (hopefully) a short series of Beta
-releases of the 2.0 code and incorporates bug fixes and
-changes from feedback gained from the earlier betas.
-
-Show-stopper bugs notwithstanding, this is expected to be
-the last beta release before the official ship of the
-stable Samba 2.0 release, so it is very important for
-people to send feedback and patches for configuring and
-building Samba 2.0 on unusual platforms.
-
-We are relasing these Betas to enable the Samba Team to gain
-wider testing of the new autoconf mechanism and fix any
-bugs before the first ship of the new stable version of
-Samba - Samba 2.0.
-
-Samba 2.0 Beta4 is available in source form from
-samba.org and all of our mirror sites at the url :
-
-<a href="/samba/ftp/beta/samba-2.0.0beta4.tar.gz">/samba/ftp/beta/samba-2.0.0beta4.tar.gz </a>
-
-Please try this code and give us feedback.
-
-If you have problems, or think you have found a bug please email
-a report to :
-
-        <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-The WHATSNEW.txt file follows.
-
-As always, any bugs are our responsibility,
-
-Regards,
-
-        The Samba Team.
-
------------------------------------------------------------
-          Issues fixed between Beta3 and Beta4
-          ------------------------------------
-
-1). More sanity checks in testparm code to help diagnose smb.conf
-    problems.
-2). Ensure log header not written before log rotated.
-3). Fix getrlimit number of file descriptors problem with AIX.
-    AIX supports the call but always returns infinity. This was
-    causing smbd to try and allocate a large amount of memory.
-4). Fixed name lookup in lmhosts to match the documentation for
-    name type lookup.
-5). Removed need to link password database code into nmbd.
-6). Stop nmbd sending broadcast name refresh requests, use
-    permanent TTL on broadcast interfaces.
-7). Flag "PRINTER" and "SHARE" parameters so SWAT can display
-    them correctly.
-8). Fix SWAT so that it can display auto-generated printer list.
-9). Added AFS and DCE auth includes back.
-10). Added workaround to Windows NT redirector bug where it sends
-     64 bit lock requests to systems that don't support 64 bit offsets
-     (eg. Linux).
-11). Fixed name mangling cache bug.
-12). Fix smbpasswd bug where a missmatched password could be mis-interpreted
-     when adding a user.
-13). Updates to SWAT to display "commit" button if user has write
-     access to smb.conf.
-14). Fixed to autoconf for HPUX systems to work around broken
-     HPUX shadow.h include file.
-
------------------------------------------------------------
-          Issues fixed between Beta2 and Beta3
-          ------------------------------------
-
-1). New parameters added :
-    "add user script"
-    "delete user script"
-    Designed to allow Samba servers to be set up with
-    no UNIX users and to allow them to create the needed
-    UNIX users on the fly. See the smb.conf documentation
-    for more details.
-2). Autoconf issues including fixes for large file support for
-    Solaris and SINIX, and stat64 tests on SVR4 systems.
-3). Code dealing with dos pathnames and native pathnames split
-    to be explicit about when Samba is accessing which type of
-    name.
-4). Fix for missing PRINTCAP define under HPUX.
-5). Added Samba specific strtoul().
-6). Fix for reverse filename mapping with ISO8859-5 filenames.
-7). Fix for nmbd not starting correctly sometimes due to pid
-    locking file.
-8). Check for error returns in file descriptor limit checking code.
-9). Kernel oplock code bugfix.
-10). Restored client retarget code.
-11). Fix for potential stack overflow in Digital UNIX crypt check.
-12). Explicitly test for negative uids in smbpasswd file.
-13). Fix for NT username in Domain logon code.
-14). Patch from Scott Moomaw <scott@bridgewater.edu> to correctly
-     return "Invalid Info level" to Win95 printer clients.
-15). Fix to allow NT printer clients to add printers (as 1.9.18
-     code would allow).
-16). Fix to prevent ".." being used in servicename.
-17). New SWAT icons.
-
------------------------------------------------------------
-          Issues fixed between Beta1 and Beta2
-          ------------------------------------
-
-1). Many autoconf issues (too many to list here).
-2). Correctly set default printing for AIX.
-3). Attempt to fix struct rtentry not being defined problem.
-4). Convert all open() style calls to wrappers for 64 bit systems.
-5). Get more 'const' correct.
-6). Fix bug with O_EXCL not being set on exlusive open requests.
-7). Fix string_sub() problem with LinPopup.
-8). Fix lmhosts bug causing only 3 character names to be looked up.
-9). Fixed bug with NetBIOS pointers in scope names.
-10). Removed code that was preventing NT3.51 PDC logons from working.
-11). Fixed crash bug when processing DELETE_ON_CLOSE directive from MS Office.
-12). Fixed NT4.x problems adding printer.
-13). Stop multiple logs of NT ACL's not supported messages.
-14). Changed 'security=server' mode to use *SMBSERVER name if
-     initial connect refused.
-15). Fixed NT4.x problem with modify times not being preserved
-     on explorer file copy.
-16). 'Silent' switch for testparm.
-17). Added 'hosts allow/deny' checks to SWAT.
-
------------------------------------------------------------
-          WHATS NEW IN Samba 2.0.0 beta4
-          ==============================
-
-This is a MAJOR new release of Samba, the UNIX based SMB/CIFS file 
-and print server for Windows systems.
-
-There have been many changes in Samba since the last major release,
-1.9.18.  These have mainly been in the areas of performance and
-SMB protocol correctness.  In addition, a Web based GUI interface
-for configuring Samba has been added.
-
-In addition, Samba has been re-written to help portability to
-other POSIX-based systems, based on the GNU autoconf tool.
-
-Major changes in Samba 2.0
---------------------------
-
-There are many major changes in Samba for version 2.0.  Here are 
-some of them:
-
-=====================================================================
-
-1). Speed
----------
-
-Samba has been benchmarked on high-end UNIX hardware as out-performing
-all other SMB/CIFS servers using the Ziff-Davis NetBench benchmark.
-Many changes to the code to optimise high-end performance have been made.
-
-2). Correctness
----------------
-
-Samba now supports the Windows NT specific SMB requests.  This
-means that on platforms that are capable Samba now presents a
-64 bit view of the filesystem to Windows NT clients and is
-capable of handling very large files.
-
-3). Portability
----------------
-
-Samba is now self-configuring using GNU autoconf, removing
-the need for people installing Samba to have to hand configure
-Makefiles, as was needed in previous versions.
-
-You now configure Samba by running "./configure" then "make".  See
-docs/textdocs/UNIX_INSTALL.txt for details.
-
-4). Web based GUI configuration
--------------------------------
-
-Samba now comes with SWAT, a web based GUI config system.  See
-the swat man page for details on how to set it up.
-
-5). Cross protocol data integrity
----------------------------------
-
-An open function interface has been defined to allow 
-"opportunistic locks" (oplocks for short) granted by Samba
-to be seen by other UNIX processes.  This allows complete
-cross protocol (NFS and SMB) data integrety using Samba
-with platforms that support this feature.
-
-6). Domain client capability
-----------------------------
-
-Samba is now capable of using a Windows NT PDC for user
-authentication in exactly the same way that a Windows NT
-workstation does, i.e. it can be a member of a Domain.  See
-docs/textdocs/DOMAIN_MEMBER.txt for details.
-
-7). Documentation Updates
--------------------------
-
-All the reference parts of the Samba documentation (the
-manual pages) have been updated and converted to a document
-format that allows automatic generation of HTML, SGML, and
-text formats.  These documents now ship as standard in HTML
-and manpage format.
-
-=====================================================================
-
-NOTE - Some important option defaults changed
----------------------------------------------
-
-Several parameters have changed their default values.  The most
-important of these is that the default security mode is now user
-level security rather than share level security.
-
-This (incompatible) change was made to ease new Samba installs
-as user level security is easier to use for Windows 95/98 and
-Windows NT clients.
-
-********IMPORTANT NOTE****************
-
-If you have no "security=" line in the [global] section of 
-your current smb.conf and you update to Samba 2.0 you will
-need to add the line :
-
-security=share
-
-to get exactly the same behaviour with Samba 2.0 as you
-did with previous versions of Samba.
-
-********END IMPORTANT NOTE*************
-
-In addition, Samba now defaults to case sensitivity options that
-match a Windows NT server precisely, that is, case insensitive 
-but case preserving.
-
-The default format of the smbpasswd file has also been
-changed for this release, although the new tools will read
-and write the old format, for backwards compatibility.
-
-=====================================================================
-
-NOTE - Primary Domain Controller Functionality
-----------------------------------------------
-
-This version of Samba contains code that correctly implements
-the undocumented Primary Domain Controller authentication
-protocols.  However, there is much more to being a Primary
-Domain Controller than serving Windows NT logon requests.
-
-A useful version of a Primary Domain Controller contains
-many remote procedure calls to do things like enumerate users, 
-groups, and security information, only some of which Samba currently
-implements. In addition, there are outstanding (known) bugs with
-using Samba as a PDC in this release that the Samba Team are actively
-working on. For this reason we have chosen not to advertise and 
-actively support Primary Domain Controller functionality with this
-release.
-
-This work is being done in the CVS (developer) versions of Samba,
-development of which continues at a fast pace.  If you are
-interested in participating in or helping with this development
-please join the Samba-NTDOM mailing list.  Details on joining
-are available at :
-
-<a href="http://samba.org/listproc/">http://samba.org/listproc/</a>
-
-Details on obtaining CVS (developer) versions of Samba
-are available at:
-
-<a href="http://samba.org/cvs.html">http://samba.org/cvs.html</a>
-
-=====================================================================
-
-If you have problems, or think you have found a bug please email 
-a report to :
-
-        <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-        The Samba Team.  
-
-----------------------------------------------------------------------
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-2.0.0beta5.html b/whatsnew/samba-2.0.0beta5.html
deleted file mode 100755
index e2e0c1a..0000000
--- a/whatsnew/samba-2.0.0beta5.html
+++ /dev/null
@@ -1,331 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team are pleased to announce Samba&nbsp;2.0.0Beta5</H2>
-
-<p>
-<pre>
-The Samba Team is pleased to announce Samba 2.0.0 Beta5
-
-This is the fifth of (hopefully) a short series of Beta
-releases of the 2.0.0 code and incorporates bug fixes and
-changes from feedback gained from the earlier betas.
-
-Show-stopper bugs notwithstanding, this is expected to be
-the last beta release before the official ship of the
-stable Samba 2.0.0 release, so it is very important for
-people to send feedback and patches for configuring and
-building Samba 2.0.0 on unusual platforms. We made this
-same announcement for Beta4, but due to the number of
-autoconf (and other) problems fixed since the release
-of Beta4 we thought it safer to release another Beta.
-
-We are relasing these Betas to enable the Samba Team to gain
-wider testing of the new autoconf mechanism and fix any
-bugs before the first ship of the new stable version of
-Samba - Samba 2.0.0.
-
-Samba 2.0 Beta5 is available in source form from
-samba.org and all of our mirror sites at the url :
-
-<a href="/samba/ftp/beta/samba-2.0.0beta5.tar.gz">/samba/ftp/beta/samba-2.0.0beta5.tar.gz </a>
-
-Please try this code and give us feedback.
-
-If you have problems, or think you have found a bug please email
-a report to :
-
-        <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-The WHATSNEW.txt file follows.
-
-As always, any bugs are our responsibility,
-
-Regards,
-
-        The Samba Team.
-
------------------------------------------------------------
-          Issues fixed between Beta4 and Beta5
-          ------------------------------------
-
-1). Recuse directory bug with NT and smbtar fixed. smbtar now
-    recurses through all directories correctly.
-2). Subtle bug fixed with the SIGCLD eating process status values
-    in cases where they are needed.
-3). Fixed autoconf detection and handling of the different
-    setresuid/seteuid/setuid calls on different UNIXs.
-4). Wrapped readdir64 for large file support.
-5). Fixed --with-nisplus compile for Solaris.
-6). Fixed wildcard bug with 16 bit clients. Also got closer
-    to NT wildcard semantics.
-7). Allowed seek fails with EPIPE when doing client seeks to
-    allow Windows clients to communicate with UNIX processes via
-    fifo's (worked on 1.9.18, was broken in 2.0.0beta1-4).
-8). Fixed compile bug with slow share mode code.
-9). Fixes for QNX compiles.
-10). Fixed recursion bug in nmbd if WINS server returns an
-     error at a bad time :-).
-11). Log AFS auth fail.
-12). Fixed Digital UNIX enhanced security problem with SWAT.
-13). Updated SID generation code to produce NT compatible SIDs.
-14). Fixed bug with ENOSPC on close() calls. This should now 
-     be detected and returned to the client.
-15). NT transact parameters weren't being zeroed out before use.
-16). Fixed lockread bug where it was asking for a read-only
-     lock. It should be using a write lock (however strange this
-     seems :-).
-17). Many SWAT printer fixes from Herb Lewis.
-18). SWAT parameters now grouped in a more logical way.
-19). Changed main smbd select loop to 60 seconds, smb.conf checks
-     to every 120 seconds to reduce load on large servers.
-
------------------------------------------------------------
-          Issues fixed between Beta3 and Beta4
-          ------------------------------------
-
-1). More sanity checks in testparm code to help diagnose smb.conf
-    problems.
-2). Ensure log header not written before log rotated.
-3). Fix getrlimit number of file descriptors problem with AIX.
-    AIX supports the call but always returns infinity. This was
-    causing smbd to try and allocate a large amount of memory.
-4). Fixed name lookup in lmhosts to match the documentation for
-    name type lookup.
-5). Removed need to link password database code into nmbd.
-6). Stop nmbd sending broadcast name refresh requests, use
-    permanent TTL on broadcast interfaces.
-7). Flag "PRINTER" and "SHARE" parameters so SWAT can display
-    them correctly.
-8). Fix SWAT so that it can display auto-generated printer list.
-9). Added AFS and DCE auth includes back.
-10). Added workaround to Windows NT redirector bug where it sends
-     64 bit lock requests to systems that don't support 64 bit offsets
-     (eg. Linux).
-11). Fixed name mangling cache bug.
-12). Fix smbpasswd bug where a missmatched password could be mis-interpreted
-     when adding a user.
-13). Updates to SWAT to display "commit" button if user has write
-     access to smb.conf.
-14). Fixed to autoconf for HPUX systems to work around broken
-     HPUX shadow.h include file.
-
------------------------------------------------------------
-          Issues fixed between Beta2 and Beta3
-          ------------------------------------
-
-1). New parameters added :
-    "add user script"
-    "delete user script"
-    Designed to allow Samba servers to be set up with
-    no UNIX users and to allow them to create the needed
-    UNIX users on the fly. See the smb.conf documentation
-    for more details.
-2). Autoconf issues including fixes for large file support for
-    Solaris and SINIX, and stat64 tests on SVR4 systems.
-3). Code dealing with dos pathnames and native pathnames split
-    to be explicit about when Samba is accessing which type of
-    name.
-4). Fix for missing PRINTCAP define under HPUX.
-5). Added Samba specific strtoul().
-6). Fix for reverse filename mapping with ISO8859-5 filenames.
-7). Fix for nmbd not starting correctly sometimes due to pid
-    locking file.
-8). Check for error returns in file descriptor limit checking code.
-9). Kernel oplock code bugfix.
-10). Restored client retarget code.
-11). Fix for potential stack overflow in Digital UNIX crypt check.
-12). Explicitly test for negative uids in smbpasswd file.
-13). Fix for NT username in Domain logon code.
-14). Patch from Scott Moomaw <scott@bridgewater.edu> to correctly
-     return "Invalid Info level" to Win95 printer clients.
-15). Fix to allow NT printer clients to add printers (as 1.9.18
-     code would allow).
-16). Fix to prevent ".." being used in servicename.
-17). New SWAT icons.
-
------------------------------------------------------------
-          Issues fixed between Beta1 and Beta2
-          ------------------------------------
-
-1). Many autoconf issues (too many to list here).
-2). Correctly set default printing for AIX.
-3). Attempt to fix struct rtentry not being defined problem.
-4). Convert all open() style calls to wrappers for 64 bit systems.
-5). Get more 'const' correct.
-6). Fix bug with O_EXCL not being set on exlusive open requests.
-7). Fix string_sub() problem with LinPopup.
-8). Fix lmhosts bug causing only 3 character names to be looked up.
-9). Fixed bug with NetBIOS pointers in scope names.
-10). Removed code that was preventing NT3.51 PDC logons from working.
-11). Fixed crash bug when processing DELETE_ON_CLOSE directive from MS Office.
-12). Fixed NT4.x problems adding printer.
-13). Stop multiple logs of NT ACL's not supported messages.
-14). Changed 'security=server' mode to use *SMBSERVER name if
-     initial connect refused.
-15). Fixed NT4.x problem with modify times not being preserved
-     on explorer file copy.
-16). 'Silent' switch for testparm.
-17). Added 'hosts allow/deny' checks to SWAT.
-
------------------------------------------------------------
-          WHATS NEW IN Samba 2.0.0 beta5
-          ==============================
-
-This is a MAJOR new release of Samba, the UNIX based SMB/CIFS file 
-and print server for Windows systems.
-
-There have been many changes in Samba since the last major release,
-1.9.18.  These have mainly been in the areas of performance and
-SMB protocol correctness.  In addition, a Web based GUI interface
-for configuring Samba has been added.
-
-In addition, Samba has been re-written to help portability to
-other POSIX-based systems, based on the GNU autoconf tool.
-
-Major changes in Samba 2.0
---------------------------
-
-There are many major changes in Samba for version 2.0.  Here are 
-some of them:
-
-=====================================================================
-
-1). Speed
----------
-
-Samba has been benchmarked on high-end UNIX hardware as out-performing
-all other SMB/CIFS servers using the Ziff-Davis NetBench benchmark.
-Many changes to the code to optimise high-end performance have been made.
-
-2). Correctness
----------------
-
-Samba now supports the Windows NT specific SMB requests.  This
-means that on platforms that are capable Samba now presents a
-64 bit view of the filesystem to Windows NT clients and is
-capable of handling very large files.
-
-3). Portability
----------------
-
-Samba is now self-configuring using GNU autoconf, removing
-the need for people installing Samba to have to hand configure
-Makefiles, as was needed in previous versions.
-
-You now configure Samba by running "./configure" then "make".  See
-docs/textdocs/UNIX_INSTALL.txt for details.
-
-4). Web based GUI configuration
--------------------------------
-
-Samba now comes with SWAT, a web based GUI config system.  See
-the swat man page for details on how to set it up.
-
-5). Cross protocol data integrity
----------------------------------
-
-An open function interface has been defined to allow 
-"opportunistic locks" (oplocks for short) granted by Samba
-to be seen by other UNIX processes.  This allows complete
-cross protocol (NFS and SMB) data integrety using Samba
-with platforms that support this feature.
-
-6). Domain client capability
-----------------------------
-
-Samba is now capable of using a Windows NT PDC for user
-authentication in exactly the same way that a Windows NT
-workstation does, i.e. it can be a member of a Domain.  See
-docs/textdocs/DOMAIN_MEMBER.txt for details.
-
-7). Documentation Updates
--------------------------
-
-All the reference parts of the Samba documentation (the
-manual pages) have been updated and converted to a document
-format that allows automatic generation of HTML, SGML, and
-text formats.  These documents now ship as standard in HTML
-and manpage format.
-
-=====================================================================
-
-NOTE - Some important option defaults changed
----------------------------------------------
-
-Several parameters have changed their default values.  The most
-important of these is that the default security mode is now user
-level security rather than share level security.
-
-This (incompatible) change was made to ease new Samba installs
-as user level security is easier to use for Windows 95/98 and
-Windows NT clients.
-
-********IMPORTANT NOTE****************
-
-If you have no "security=" line in the [global] section of 
-your current smb.conf and you update to Samba 2.0 you will
-need to add the line :
-
-security=share
-
-to get exactly the same behaviour with Samba 2.0 as you
-did with previous versions of Samba.
-
-********END IMPORTANT NOTE*************
-
-In addition, Samba now defaults to case sensitivity options that
-match a Windows NT server precisely, that is, case insensitive 
-but case preserving.
-
-The default format of the smbpasswd file has also been
-changed for this release, although the new tools will read
-and write the old format, for backwards compatibility.
-
-=====================================================================
-
-NOTE - Primary Domain Controller Functionality
-----------------------------------------------
-
-This version of Samba contains code that correctly implements
-the undocumented Primary Domain Controller authentication
-protocols.  However, there is much more to being a Primary
-Domain Controller than serving Windows NT logon requests.
-
-A useful version of a Primary Domain Controller contains
-many remote procedure calls to do things like enumerate users, 
-groups, and security information, only some of which Samba currently
-implements. In addition, there are outstanding (known) bugs with
-using Samba as a PDC in this release that the Samba Team are actively
-working on. For this reason we have chosen not to advertise and 
-actively support Primary Domain Controller functionality with this
-release.
-
-This work is being done in the CVS (developer) versions of Samba,
-development of which continues at a fast pace.  If you are
-interested in participating in or helping with this development
-please join the Samba-NTDOM mailing list.  Details on joining
-are available at :
-
-<a href="http://samba.org/listproc/">http://samba.org/listproc/</a>
-
-Details on obtaining CVS (developer) versions of Samba
-are available at:
-
-<a href="http://samba.org/cvs.html">http://samba.org/cvs.html</a>
-
-=====================================================================
-
-If you have problems, or think you have found a bug please email 
-a report to :
-
-        <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-        The Samba Team.  
-
-----------------------------------------------------------------------
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-2.0.1.html b/whatsnew/samba-2.0.1.html
deleted file mode 100755
index 27504e2..0000000
--- a/whatsnew/samba-2.0.1.html
+++ /dev/null
@@ -1,239 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team is pleased to announce Samba&nbsp;2.0.1</H2>
-
-<p>
-<pre>
-The Samba Team is pleased to announce Samba 2.0.1.
-
-This is the latest stable release of Samba. This is the
-version that all production Samba servers should be running
-for all current bug-fixes. Due to a couple of smbd crash
-bugs that were found in Samba 2.0.0 it is recommened
-all sites using Samba 2.0.0 upgrade to this release.
-
-Samba 2.0.1 is available in source form from
-samba.org and all of our mirror sites at the url :
-
-<a href="/samba/ftp/samba-2.0.1.tar.gz">/samba/ftp/samba-2.0.1.tar.gz </a>
-
-Binary packages will be available shortly for many popular platforms.
-Please check the main Web site or email announcements for details.
-
-If you have problems, or think you have found a bug please email
-a report to :
-
-        <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-The WHATSNEW.txt file follows.
-
-As always, any bugs are our responsibility,
-
-Regards,
-
-        The Samba Team.
-
------------------------------------------------------------
-              WHATS NEW IN Samba 2.0.1
-              ========================
-
-This is the latest stable release of Samba. This is the
-version that all production Samba servers should be running
-for all current bug-fixes.
-
-Bugfixes added since 2.0.0
---------------------------
-
-1). Autoconf changes for gcc2.7.x and Solaris 2.5/2.6
-2). Autoconf changes to help HPUX configure correctly.
-3). Autoconf changes to allow lock directory to be set.
-4). Client fix to allow port to be set.
-5). clitar fix to send debug messages to stderr.
-6). smbmount race condition fix.
-7). Fix for bug where trying to browse large numbers of shares
-    generated an error from an NT client.
-8). Wrapper for setgroups for SunOS 4.x
-9). Fix for directory deleting failing from multiuser NT.
-10). Fix for crash bug if bitmap was full.
-11). Fix for Linux genrand where /dev/random could cause 
-     clients to timeout on connect if the entropy pool was
-     empty.
-12). The default PASSWD_CHAT may now be overridden in local.h
-13). HPUX printing fixes for default programs.
-14). Reverted (erroneous) code in MACHINE.SID generation that
-     was setting the sid to 0x21 - should be *decimal* 21.
-15). Fix for printing to remote machine under SVR4.
-16). Fix for chgpasswd wait being interrupted with EINTR.
-17). Fix for disk free routine. NT and Win98 now correctly
-     show greater than 2GB disks.
-18). Fix for crash bug in stat cache statistics printing.
-19). Fix for filenames ending in .~xx.
-20). Fix for access check code wait being interrupted with EINTR.
-21). Fix for password changes from "invalid password" to a valid
-     one setting the account disabled bit.
-22). Fix for smbd crash bug in SMBreadraw cache prime code.
-23). Fix for overly zealous lock range overflow reporting.
-24). Fix for large disk disk free reporting (NT SMB code).
-25). Fix for NT failing to truncate files correctly.
-26). Fix for smbd crash bug with SMBcancel calls.
-27). Additional -T flag to nmblookup to do reverse DNS on addresses.
-28). SWAT fix to start/stop smbd/nmbd correctly.
-
-Major changes in Samba 2.0
---------------------------
-
-This is a MAJOR new release of Samba, the UNIX based SMB/CIFS file 
-and print server for Windows systems.
-
-There have been many changes in Samba since the last major release,
-1.9.18.  These have mainly been in the areas of performance and
-SMB protocol correctness.  In addition, a Web based GUI interface
-for configuring Samba has been added.
-
-In addition, Samba has been re-written to help portability to
-other POSIX-based systems, based on the GNU autoconf tool.
-
-There are many major changes in Samba for version 2.0.  Here are 
-some of them:
-
-=====================================================================
-
-1). Speed
----------
-
-Samba has been benchmarked on high-end UNIX hardware as out-performing
-all other SMB/CIFS servers using the Ziff-Davis NetBench benchmark.
-Many changes to the code to optimise high-end performance have been made.
-
-2). Correctness
----------------
-
-Samba now supports the Windows NT specific SMB requests.  This
-means that on platforms that are capable Samba now presents a
-64 bit view of the filesystem to Windows NT clients and is
-capable of handling very large files.
-
-3). Portability
----------------
-
-Samba is now self-configuring using GNU autoconf, removing
-the need for people installing Samba to have to hand configure
-Makefiles, as was needed in previous versions.
-
-You now configure Samba by running "./configure" then "make".  See
-docs/textdocs/UNIX_INSTALL.txt for details.
-
-4). Web based GUI configuration
--------------------------------
-
-Samba now comes with SWAT, a web based GUI config system.  See
-the swat man page for details on how to set it up.
-
-5). Cross protocol data integrity
----------------------------------
-
-An open function interface has been defined to allow 
-"opportunistic locks" (oplocks for short) granted by Samba
-to be seen by other UNIX processes.  This allows complete
-cross protocol (NFS and SMB) data integrety using Samba
-with platforms that support this feature.
-
-6). Domain client capability
-----------------------------
-
-Samba is now capable of using a Windows NT PDC for user
-authentication in exactly the same way that a Windows NT
-workstation does, i.e. it can be a member of a Domain.  See
-docs/textdocs/DOMAIN_MEMBER.txt for details.
-
-7). Documentation Updates
--------------------------
-
-All the reference parts of the Samba documentation (the
-manual pages) have been updated and converted to a document
-format that allows automatic generation of HTML, SGML, and
-text formats.  These documents now ship as standard in HTML
-and manpage format.
-
-=====================================================================
-
-NOTE - Some important option defaults changed
----------------------------------------------
-
-Several parameters have changed their default values.  The most
-important of these is that the default security mode is now user
-level security rather than share level security.
-
-This (incompatible) change was made to ease new Samba installs
-as user level security is easier to use for Windows 95/98 and
-Windows NT clients.
-
-********IMPORTANT NOTE****************
-
-If you have no "security=" line in the [global] section of 
-your current smb.conf and you update to Samba 2.0 you will
-need to add the line :
-
-security=share
-
-to get exactly the same behaviour with Samba 2.0 as you
-did with previous versions of Samba.
-
-********END IMPORTANT NOTE*************
-
-In addition, Samba now defaults to case sensitivity options that
-match a Windows NT server precisely, that is, case insensitive 
-but case preserving.
-
-The default format of the smbpasswd file has also been
-changed for this release, although the new tools will read
-and write the old format, for backwards compatibility.
-
-=====================================================================
-
-NOTE - Primary Domain Controller Functionality
-----------------------------------------------
-
-This version of Samba contains code that correctly implements
-the undocumented Primary Domain Controller authentication
-protocols.  However, there is much more to being a Primary
-Domain Controller than serving Windows NT logon requests.
-
-A useful version of a Primary Domain Controller contains
-many remote procedure calls to do things like enumerate users, 
-groups, and security information, only some of which Samba currently
-implements. In addition, there are outstanding (known) bugs with
-using Samba as a PDC in this release that the Samba Team are actively
-working on. For this reason we have chosen not to advertise and 
-actively support Primary Domain Controller functionality with this
-release.
-
-This work is being done in the CVS (developer) versions of Samba,
-development of which continues at a fast pace.  If you are
-interested in participating in or helping with this development
-please join the Samba-NTDOM mailing list.  Details on joining
-are available at :
-
-<a href="http://samba.org/listproc/">http://samba.org/listproc/</a>
-
-Details on obtaining CVS (developer) versions of Samba
-are available at:
-
-<a href="http://samba.org/cvs.html">http://samba.org/cvs.html</a>
-
-=====================================================================
-
-If you have problems, or think you have found a bug please email 
-a report to :
-
-        <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-        The Samba Team.  
-
-----------------------------------------------------------------------
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-2.0.2.html b/whatsnew/samba-2.0.2.html
deleted file mode 100755
index 6213706..0000000
--- a/whatsnew/samba-2.0.2.html
+++ /dev/null
@@ -1,256 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team is pleased to announce Samba&nbsp;2.0.2</H2>
-
-<p>
-<pre>
-The Samba Team is pleased to announce Samba 2.0.2.
-
-This is the latest stable release of Samba. This is the
-version that all production Samba servers should be running
-for all current bug-fixes. Due to a couple of smbd crash
-bugs that were found in Samba 2.0.0 and a critical signal
-handling bug found in Samba 2.0.1 it is recommened
-all sites using Samba 2.0.0 upgrade to this release.
-
-Due to the signal handling bug Samba 2.0.1 was
-withdrawn hours after release. The Samba Team would
-like to apologise for any inconvenience caused.
-
-Samba 2.0.2 is available in source form from
-samba.org and all of our mirror sites at the url :
-
-<a href="/samba/ftp/samba-2.0.2.tar.gz">/samba/ftp/samba-2.0.2.tar.gz </a>
-
-Binary packages will be available shortly for many popular platforms.
-Please check the main Web site or email announcements for details.
-
-If you have problems, or think you have found a bug please email
-a report to :
-
-        <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-The WHATSNEW.txt file follows.
-
-As always, any bugs are our responsibility,
-
-Regards,
-
-        The Samba Team.
-
------------------------------------------------------------
-              WHATS NEW IN Samba 2.0.2
-              ========================
-
-This is the latest stable release of Samba. This is the
-version that all production Samba servers should be running
-for all current bug-fixes.
-
-Note that due to a critical signal handling bug in 2.0.1,
-this release has been removed and replaced immediately with
-2.0.2. The Samba Team would like to apologise for any problem
-this may have caused.
-
-Bugfixes added since 2.0.1
---------------------------
-
-1). Fixed smbd looping on SIGCLD problem. This was
-    caused by a missing break statement in a critical
-    piece of code.                               
-
-Bugfixes added since 2.0.0
---------------------------
-
-1). Autoconf changes for gcc2.7.x and Solaris 2.5/2.6
-2). Autoconf changes to help HPUX configure correctly.
-3). Autoconf changes to allow lock directory to be set.
-4). Client fix to allow port to be set.
-5). clitar fix to send debug messages to stderr.
-6). smbmount race condition fix.
-7). Fix for bug where trying to browse large numbers of shares
-    generated an error from an NT client.
-8). Wrapper for setgroups for SunOS 4.x
-9). Fix for directory deleting failing from multiuser NT.
-10). Fix for crash bug if bitmap was full.
-11). Fix for Linux genrand where /dev/random could cause 
-     clients to timeout on connect if the entropy pool was
-     empty.
-12). The default PASSWD_CHAT may now be overridden in local.h
-13). HPUX printing fixes for default programs.
-14). Reverted (erroneous) code in MACHINE.SID generation that
-     was setting the sid to 0x21 - should be *decimal* 21.
-15). Fix for printing to remote machine under SVR4.
-16). Fix for chgpasswd wait being interrupted with EINTR.
-17). Fix for disk free routine. NT and Win98 now correctly
-     show greater than 2GB disks.
-18). Fix for crash bug in stat cache statistics printing.
-19). Fix for filenames ending in .~xx.
-20). Fix for access check code wait being interrupted with EINTR.
-21). Fix for password changes from "invalid password" to a valid
-     one setting the account disabled bit.
-22). Fix for smbd crash bug in SMBreadraw cache prime code.
-23). Fix for overly zealous lock range overflow reporting.
-24). Fix for large disk disk free reporting (NT SMB code).
-25). Fix for NT failing to truncate files correctly.
-26). Fix for smbd crash bug with SMBcancel calls.
-27). Additional -T flag to nmblookup to do reverse DNS on addresses.
-28). SWAT fix to start/stop smbd/nmbd correctly.
-
-Major changes in Samba 2.0
---------------------------
-
-This is a MAJOR new release of Samba, the UNIX based SMB/CIFS file 
-and print server for Windows systems.
-
-There have been many changes in Samba since the last major release,
-1.9.18.  These have mainly been in the areas of performance and
-SMB protocol correctness.  In addition, a Web based GUI interface
-for configuring Samba has been added.
-
-In addition, Samba has been re-written to help portability to
-other POSIX-based systems, based on the GNU autoconf tool.
-
-There are many major changes in Samba for version 2.0.  Here are 
-some of them:
-
-=====================================================================
-
-1). Speed
----------
-
-Samba has been benchmarked on high-end UNIX hardware as out-performing
-all other SMB/CIFS servers using the Ziff-Davis NetBench benchmark.
-Many changes to the code to optimise high-end performance have been made.
-
-2). Correctness
----------------
-
-Samba now supports the Windows NT specific SMB requests.  This
-means that on platforms that are capable Samba now presents a
-64 bit view of the filesystem to Windows NT clients and is
-capable of handling very large files.
-
-3). Portability
----------------
-
-Samba is now self-configuring using GNU autoconf, removing
-the need for people installing Samba to have to hand configure
-Makefiles, as was needed in previous versions.
-
-You now configure Samba by running "./configure" then "make".  See
-docs/textdocs/UNIX_INSTALL.txt for details.
-
-4). Web based GUI configuration
--------------------------------
-
-Samba now comes with SWAT, a web based GUI config system.  See
-the swat man page for details on how to set it up.
-
-5). Cross protocol data integrity
----------------------------------
-
-An open function interface has been defined to allow 
-"opportunistic locks" (oplocks for short) granted by Samba
-to be seen by other UNIX processes.  This allows complete
-cross protocol (NFS and SMB) data integrety using Samba
-with platforms that support this feature.
-
-6). Domain client capability
-----------------------------
-
-Samba is now capable of using a Windows NT PDC for user
-authentication in exactly the same way that a Windows NT
-workstation does, i.e. it can be a member of a Domain.  See
-docs/textdocs/DOMAIN_MEMBER.txt for details.
-
-7). Documentation Updates
--------------------------
-
-All the reference parts of the Samba documentation (the
-manual pages) have been updated and converted to a document
-format that allows automatic generation of HTML, SGML, and
-text formats.  These documents now ship as standard in HTML
-and manpage format.
-
-=====================================================================
-
-NOTE - Some important option defaults changed
----------------------------------------------
-
-Several parameters have changed their default values.  The most
-important of these is that the default security mode is now user
-level security rather than share level security.
-
-This (incompatible) change was made to ease new Samba installs
-as user level security is easier to use for Windows 95/98 and
-Windows NT clients.
-
-********IMPORTANT NOTE****************
-
-If you have no "security=" line in the [global] section of 
-your current smb.conf and you update to Samba 2.0 you will
-need to add the line :
-
-security=share
-
-to get exactly the same behaviour with Samba 2.0 as you
-did with previous versions of Samba.
-
-********END IMPORTANT NOTE*************
-
-In addition, Samba now defaults to case sensitivity options that
-match a Windows NT server precisely, that is, case insensitive 
-but case preserving.
-
-The default format of the smbpasswd file has also been
-changed for this release, although the new tools will read
-and write the old format, for backwards compatibility.
-
-=====================================================================
-
-NOTE - Primary Domain Controller Functionality
-----------------------------------------------
-
-This version of Samba contains code that correctly implements
-the undocumented Primary Domain Controller authentication
-protocols.  However, there is much more to being a Primary
-Domain Controller than serving Windows NT logon requests.
-
-A useful version of a Primary Domain Controller contains
-many remote procedure calls to do things like enumerate users, 
-groups, and security information, only some of which Samba currently
-implements. In addition, there are outstanding (known) bugs with
-using Samba as a PDC in this release that the Samba Team are actively
-working on. For this reason we have chosen not to advertise and 
-actively support Primary Domain Controller functionality with this
-release.
-
-This work is being done in the CVS (developer) versions of Samba,
-development of which continues at a fast pace.  If you are
-interested in participating in or helping with this development
-please join the Samba-NTDOM mailing list.  Details on joining
-are available at :
-
-<a href="http://samba.org/listproc/">http://samba.org/listproc/</a>
-
-Details on obtaining CVS (developer) versions of Samba
-are available at:
-
-<a href="http://samba.org/cvs.html">http://samba.org/cvs.html</a>
-
-=====================================================================
-
-If you have problems, or think you have found a bug please email 
-a report to :
-
-        <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-        The Samba Team.  
-
-----------------------------------------------------------------------
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-2.0.3.html b/whatsnew/samba-2.0.3.html
deleted file mode 100755
index 838a817..0000000
--- a/whatsnew/samba-2.0.3.html
+++ /dev/null
@@ -1,342 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team is pleased to announce Samba&nbsp;2.0.3</H2>
-
-<p>
-<pre>
-The Samba Team is pleased to announce Samba 2.0.3.
-
-This is the latest stable release of Samba. This is the
-version that all production Samba servers should be running
-for all current bug-fixes.
-
-It may be fetched via ftp from :
-
-<a href="/samba/ftp/samba-2.0.3.tar.gz">/samba/ftp/samba-2.0.3.tar.gz </a>
-
-Binary packages will be available shortly for many popular platforms.
-Please check the main Web site or email announcements for details.
-
-If you have problems, or think you have found a bug please email
-a report to :
-
-        <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-The WHATSNEW.txt file follows.
-
-As always, any bugs are our responsibility,
-
-Regards,
-
-        The Samba Team.
-
------------------------------------------------------------
-              WHATS NEW IN Samba 2.0.3
-              ========================
-
-This is the latest stable release of Samba. This is the
-version that all production Samba servers should be running
-for all current bug-fixes.
-
-New/Changed parameters in 2.0.3
--------------------------------
-
-There are 2 new parameters and one enhanced parameter in
-the smb.conf file.
-
-The new parameters are :
-
-nt acl support
---------------
-
-This is a global parameter that defaults to False (at the
-present time). If set to yes it allows UNIX file permissions
-to be reported via the Windows NT "cacls.exe" program. As some
-of the RPC calls that allow cacls to report the name of the
-owner of a file are not yet implemented in 2.0.3 this parameter
-is set to "no" by default. The default state of this parameter
-will change to "yes" in a future release.
-
-min passwd length
------------------
-
-This is an integer global parameter that tells Samba the minimum
-permissible UNIX password length (in characters) when Samba is
-set to synchronise the Windows and UNIX passwords. By default
-this is set to 5, and was previously hardcoded into Samba 2.0.x.
-
-The modified parameter is :
-
-announce as
------------
-
-Prior to 2.0.3 this parameter had only one setting for Windows
-NT compatibility, "NT", which was the default. This is still
-the default and this still tells Samba to announce itself in
-browse lists as an NT server, however this parameter may now
-be set to "NT workstation" which causes Samba to announce itself
-as an NT workstation instead of a server. 
-
-All of these new parameters and changes are documented in the
-smb.conf man pages and html pages.
-
-Updated and New documentation
------------------------------
-
-The NT Domain FAQ has been updated. Three new text documents have
-been provided :
-
-docs/textdocs/File-Cacheing.txt
-docs/textdocs/NT-Guest-Access.txt
-docs/textdocs/CRLF-LF-Conversions.txt
-
-Bugfixes added since 2.0.2
---------------------------
-
-1). --with-ssl configure now include ssl include directory. Fix
-from Richard Sharpe.
-2). Patch for configure for glibc2.1 support (large files etc.).
-3). Several bugfixes for smbclient tar mode from Bob Boehmer
-(boehmer@worldnet.att.net) to fix smbclient aborting problems
-when restoring tar files.
-4). Some automount fixes for smbmount.
-5). Attempt to fix the AIX 4.1.x/3.x problems where smbd runs as
-root. As no-one has given us root access to such a server this
-cannot be tested fully, but should work.
-6). Crash bug fix in debug code where *real* uid rather than 
-*effective* uid was being checked before attempting to rotate
-log files. This fix should help a *lot* of people who were
-reporting smbd aborting in the middle of a copy operation.
-7). SIGALRM bugfix to ensure infinate file locks time out.
-8). New code to implement NT ACL reporting for cacls.exe program.
-9). UDP loopback socket rebind fix for Solaris.
-10). Ensure all UNICODE strings are correctly in little-endian
-format.
-11). smbpasswd file locking fix.
-12). Fixes for strncpy problems with glibc2.1.
-13). Ensure smbd correctly reports major and minor version number
-and server type when queried via NT rpc calls.
-14). Bugfix for short mangled names not being pulled off the
-mangled stack correctly.
-15). Fix for mapping of rwx bits being incorrectly overwritten
-when doing ATTRIB.EXE
-16). Fix for returning multiple PDU packets in NT rpc code. Should
-allow multiple shares to be returned correctly).
-17). Improved mapping of NT open access requests into UNIX open
-modes.
-18). Fix for copying files from an NTFS volume that contain
-multiple data forks. Added 'magic' error code NT needs.
-19). Fixed crash bug when primary NT authentication server
-is down, rolls over to secondaries correctly now.
-20). Fixed timeout processing to be timer based. Now will
-always occur even if smbd is under load.
-21). Fixed signed/unsigned problem in quotas code.
-22). Fixed bug where setting the password of a completely fresh
-user would end up setting the account disabled flag.
-23). Improved user logon messages to help admins having
-trouble with user authentication.
-
-
-Bugfixes added since 2.0.1
---------------------------
-
-1). Fixed smbd looping on SIGCLD problem. This was
-    caused by a missing break statement in a critical
-    piece of code.                               
-
-Bugfixes added since 2.0.0
---------------------------
-
-1). Autoconf changes for gcc2.7.x and Solaris 2.5/2.6
-2). Autoconf changes to help HPUX configure correctly.
-3). Autoconf changes to allow lock directory to be set.
-4). Client fix to allow port to be set.
-5). clitar fix to send debug messages to stderr.
-6). smbmount race condition fix.
-7). Fix for bug where trying to browse large numbers of shares
-    generated an error from an NT client.
-8). Wrapper for setgroups for SunOS 4.x
-9). Fix for directory deleting failing from multiuser NT.
-10). Fix for crash bug if bitmap was full.
-11). Fix for Linux genrand where /dev/random could cause 
-     clients to timeout on connect if the entropy pool was
-     empty.
-12). The default PASSWD_CHAT may now be overridden in local.h
-13). HPUX printing fixes for default programs.
-14). Reverted (erroneous) code in MACHINE.SID generation that
-     was setting the sid to 0x21 - should be *decimal* 21.
-15). Fix for printing to remote machine under SVR4.
-16). Fix for chgpasswd wait being interrupted with EINTR.
-17). Fix for disk free routine. NT and Win98 now correctly
-     show greater than 2GB disks.
-18). Fix for crash bug in stat cache statistics printing.
-19). Fix for filenames ending in .~xx.
-20). Fix for access check code wait being interrupted with EINTR.
-21). Fix for password changes from "invalid password" to a valid
-     one setting the account disabled bit.
-22). Fix for smbd crash bug in SMBreadraw cache prime code.
-23). Fix for overly zealous lock range overflow reporting.
-24). Fix for large disk disk free reporting (NT SMB code).
-25). Fix for NT failing to truncate files correctly.
-26). Fix for smbd crash bug with SMBcancel calls.
-27). Additional -T flag to nmblookup to do reverse DNS on addresses.
-28). SWAT fix to start/stop smbd/nmbd correctly.
-
-Major changes in Samba 2.0
---------------------------
-
-This is a MAJOR new release of Samba, the UNIX based SMB/CIFS file 
-and print server for Windows systems.
-
-There have been many changes in Samba since the last major release,
-1.9.18.  These have mainly been in the areas of performance and
-SMB protocol correctness.  In addition, a Web based GUI interface
-for configuring Samba has been added.
-
-In addition, Samba has been re-written to help portability to
-other POSIX-based systems, based on the GNU autoconf tool.
-
-There are many major changes in Samba for version 2.0.  Here are 
-some of them:
-
-=====================================================================
-
-1). Speed
----------
-
-Samba has been benchmarked on high-end UNIX hardware as out-performing
-all other SMB/CIFS servers using the Ziff-Davis NetBench benchmark.
-Many changes to the code to optimise high-end performance have been made.
-
-2). Correctness
----------------
-
-Samba now supports the Windows NT specific SMB requests.  This
-means that on platforms that are capable Samba now presents a
-64 bit view of the filesystem to Windows NT clients and is
-capable of handling very large files.
-
-3). Portability
----------------
-
-Samba is now self-configuring using GNU autoconf, removing
-the need for people installing Samba to have to hand configure
-Makefiles, as was needed in previous versions.
-
-You now configure Samba by running "./configure" then "make".  See
-docs/textdocs/UNIX_INSTALL.txt for details.
-
-4). Web based GUI configuration
--------------------------------
-
-Samba now comes with SWAT, a web based GUI config system.  See
-the swat man page for details on how to set it up.
-
-5). Cross protocol data integrity
----------------------------------
-
-An open function interface has been defined to allow 
-"opportunistic locks" (oplocks for short) granted by Samba
-to be seen by other UNIX processes.  This allows complete
-cross protocol (NFS and SMB) data integrety using Samba
-with platforms that support this feature.
-
-6). Domain client capability
-----------------------------
-
-Samba is now capable of using a Windows NT PDC for user
-authentication in exactly the same way that a Windows NT
-workstation does, i.e. it can be a member of a Domain.  See
-docs/textdocs/DOMAIN_MEMBER.txt for details.
-
-7). Documentation Updates
--------------------------
-
-All the reference parts of the Samba documentation (the
-manual pages) have been updated and converted to a document
-format that allows automatic generation of HTML, SGML, and
-text formats.  These documents now ship as standard in HTML
-and manpage format.
-
-=====================================================================
-
-NOTE - Some important option defaults changed
----------------------------------------------
-
-Several parameters have changed their default values.  The most
-important of these is that the default security mode is now user
-level security rather than share level security.
-
-This (incompatible) change was made to ease new Samba installs
-as user level security is easier to use for Windows 95/98 and
-Windows NT clients.
-
-********IMPORTANT NOTE****************
-
-If you have no "security=" line in the [global] section of 
-your current smb.conf and you update to Samba 2.0 you will
-need to add the line :
-
-security=share
-
-to get exactly the same behaviour with Samba 2.0 as you
-did with previous versions of Samba.
-
-********END IMPORTANT NOTE*************
-
-In addition, Samba now defaults to case sensitivity options that
-match a Windows NT server precisely, that is, case insensitive 
-but case preserving.
-
-The default format of the smbpasswd file has also been
-changed for this release, although the new tools will read
-and write the old format, for backwards compatibility.
-
-=====================================================================
-
-NOTE - Primary Domain Controller Functionality
-----------------------------------------------
-
-This version of Samba contains code that correctly implements
-the undocumented Primary Domain Controller authentication
-protocols.  However, there is much more to being a Primary
-Domain Controller than serving Windows NT logon requests.
-
-A useful version of a Primary Domain Controller contains
-many remote procedure calls to do things like enumerate users, 
-groups, and security information, only some of which Samba currently
-implements. In addition, there are outstanding (known) bugs with
-using Samba as a PDC in this release that the Samba Team are actively
-working on. For this reason we have chosen not to advertise and 
-actively support Primary Domain Controller functionality with this
-release.
-
-This work is being done in the CVS (developer) versions of Samba,
-development of which continues at a fast pace.  If you are
-interested in participating in or helping with this development
-please join the Samba-NTDOM mailing list.  Details on joining
-are available at :
-
-<a href="http://samba.org/listproc/">http://samba.org/listproc/</a>
-
-Details on obtaining CVS (developer) versions of Samba
-are available at:
-
-<a href="http://samba.org/cvs.html">http://samba.org/cvs.html</a>
-
-=====================================================================
-
-If you have problems, or think you have found a bug please email 
-a report to :
-
-        <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-        The Samba Team.  
-
-----------------------------------------------------------------------
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-2.0.4.html b/whatsnew/samba-2.0.4.html
deleted file mode 100755
index ebeaf86..0000000
--- a/whatsnew/samba-2.0.4.html
+++ /dev/null
@@ -1,435 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team is pleased to announce Samba&nbsp;2.0.4</H2>
-
-<p>
-<pre>
-The Samba Team is pleased to announce Samba 2.0.4.
-
-This is the latest stable release of Samba. This is the
-version that all production Samba servers should be running
-for all current bug-fixes.
-
-Samba 2.0.4 now supports the viewing and modification of
-UNIX security ownership and permissions from the standard
-Windows NT client security dialog. More details may be found
-in the NT_Security document included in this release.
-
-It may be fetched via ftp from :
-
-<a href="/samba/ftp/samba-2.0.4b.tar.gz">/samba/ftp/samba-2.0.4b.tar.gz </a>
-
-Binary packages will be available shortly for many popular platforms.
-Please check the main Web site or email announcements for details.
-
-If you have problems, or think you have found a bug please email
-a report to :
-
-        <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-The WHATSNEW.txt file follows.
-
-As always, any bugs are our responsibility,
-
-Regards,
-
-        The Samba Team.
-
------------------------------------------------------------
-              WHATS NEW IN Samba 2.0.4
-              ========================
-
-This is the latest stable release of Samba. This is the
-version that all production Samba servers should be running
-for all current bug-fixes.
-
-New/Changed parameters in 2.0.4
--------------------------------
-
-There are 5 new parameters and one modified parameter in
-the smb.conf file.
-
-allow trusted domains
-restrict anonymous
-mangle locks
-oplock break wait time
-oplock contention limit
-
-The new parameters are :
-
-allow trusted domains
----------------------
-
-This option is used in "security=domain" settings and allows
-the Samba admin to restrict access to users within the domain
-the the Samba server is in.
-
-restrict anonymous
-------------------
-
-This parameter allows the Samba admin to cause Samba to
-refuse access to anonymous users. Use of this parameter
-is only recommened for homogenous NT client environments.
-
-mangle locks
-------------
-
-This parameter was added to get around a bug in Windows NT
-when dealing with Samba running on 32-bit systems (such
-as Linux x86). This bug causes NT to send 64 bit locking
-requests to 32-bit systems even though Samba correctly 
-tells the NT client not to do so. This option causes Samba
-to map the lock requests from 64 bits to 32 bits on these
-systems.
-
-oplock break wait time
-----------------------
-
-This tuning parameter, added to help with clients that don't
-respond to oplock break requests, causes Samba to deley for
-this number of milliseconds before sending an oplock break
-request to a client that caused the break to be sent. The
-default is 10ms. This is an advanced tuning parameter and
-should not be changed lightly.
-
-oplock contention limit
------------------------
-
-This tuning parameter causes Samba not to grant oplocks
-when an smbd daemon notices that there have been this 
-many concurrent requests for an oplock on a file. This
-prevents the "baton passing" oplock problem where many
-clients accessing one file pass the oplock between themselves
-like a baton. The default is 2. This is an advanced tuning
-parameter and should not be changed lightly.
-
-The modified parameter is :
-
-nt acl support
---------------
-
-This is a global parameter that defaulted to False in
-the previous release (2.0.3) and now defaults to True
-as the RPC code has been added to Samba to allow it to
-map UNIX permissions to NT ACLs.
-
-All of these new parameters and changes are documented in the
-smb.conf man pages and html pages.
-
-Updated and New documentation
------------------------------
-
-A new document describing the manipulation of UNIX permissions
-via the Windows NT security dialogs and their interaction with
-Samba 2.0.4 is provided as :
-
-docs/textdocs/NT_Security.txt
-docs/htmldocs/NT_Security.html
-
-Bugfixes added since 2.0.3
---------------------------
-
-1). Fix for 8 character password problem when using HPUX and
-plaintext passwords.
-2). --with-pam option added to ./configure.
-3). Client fixes for memory leak and display of 64 bit values.
-4). Fixes for -E and -s option with smbclient.
-5). smbclient now allows -L //server or -L \\server
-6). smbtar fix for display of 64 bit values.
-7). Endian independence added to DCE/RPC code.
-8). DCE/RPC marshalling/unmarshalling code re-written to provide
-overflow reporting and sign and seal support.
-9). Bind NAK reply packet added to DCE/RPC code, used to correctly
-refuse bind requests (prevents NT system event log messages).
-10). Mapping of UNIX permissions into NT ACL's for get and set
-added.
-11). DCE/RPC enumeration of numbers of shares made dynamic. 
-Samba now has no limit on the number of exported shares seen.
-12). Fix to speed up random number seed generation on /dev/urandom
-being unavailable.
-13). Several memory fixes added by running Purify on the code.
-14). Read from client error messages improved.
-15). Fixed endianness used in UNICODE strings.
-16). Cope with ERRORmoredata in an RPC pipe client call.
-17). Check for malformed responses in nmbd register name.
-18). NT Encrypted password changing from the NT password dialog box
-now fully implmented.
-19). Mangle 64-bit lock ranges into 32-bits (NT bug!) on a 32-bit
-Samba platform.
-20). Allow file to be pseudo-openend in order to read security only.
-21). Improve filename mangling to reduce chance of collisions.
-22). Added code to prevent granting of oplocks when a file is under
-contention.
-23). Added tunable wait time before sending an oplock break request
-to a client if the client caused the break request. Helps with clients
-not responding to oplock breaks.
-24). Always respond negatively to queued local oplock break messages
-before shutdown. This can prevent "freezes" on an oplock error.
-25). Allow admin to restrict logons to correct domain when in domain
-level security.
-26). Added "restrict anonymous" patch from Andy (thwartedefforts@wonky.org)
-to prevent parameter substitution problems with anonymous connections.
-27). Fix SMBseek where seeking to a negative number sets the offset
-to zero.
-28). Fixed problem with mode getting corrupted in trans2 request
-(setting to zero means please ignore it).
-29). Correctly become the authenticated user on an authenticated
-DCE/RPC pipe request.
-30). Correctly reset debug level in nmbd if someone set it on the
-command line.
-31). Added more checking into testparm
-32). NetBench simulator added to smbtorture by Andrew.
-33). Fixed NIS+ option compile (was broken in 2.0.3).
-34). Recursive smbclient directory listing fix. Patch from E. Jay Berkenbilt
-(ejb@ql.org)
-
-Bugfixes added since 2.0.2
---------------------------
-
-1). --with-ssl configure now include ssl include directory. Fix
-from Richard Sharpe.
-2). Patch for configure for glibc2.1 support (large files etc.).
-3). Several bugfixes for smbclient tar mode from Bob Boehmer
-(boehmer@worldnet.att.net) to fix smbclient aborting problems
-when restoring tar files.
-4). Some automount fixes for smbmount.
-5). Attempt to fix the AIX 4.1.x/3.x problems where smbd runs as
-root. As no-one has given us root access to such a server this
-cannot be tested fully, but should work.
-6). Crash bug fix in debug code where *real* uid rather than 
-*effective* uid was being checked before attempting to rotate
-log files. This fix should help a *lot* of people who were
-reporting smbd aborting in the middle of a copy operation.
-7). SIGALRM bugfix to ensure infinate file locks time out.
-8). New code to implement NT ACL reporting for cacls.exe program.
-9). UDP loopback socket rebind fix for Solaris.
-10). Ensure all UNICODE strings are correctly in little-endian
-format.
-11). smbpasswd file locking fix.
-12). Fixes for strncpy problems with glibc2.1.
-13). Ensure smbd correctly reports major and minor version number
-and server type when queried via NT rpc calls.
-14). Bugfix for short mangled names not being pulled off the
-mangled stack correctly.
-15). Fix for mapping of rwx bits being incorrectly overwritten
-when doing ATTRIB.EXE
-16). Fix for returning multiple PDU packets in NT rpc code. Should
-allow multiple shares to be returned correctly).
-17). Improved mapping of NT open access requests into UNIX open
-modes.
-18). Fix for copying files from an NTFS volume that contain
-multiple data forks. Added 'magic' error code NT needs.
-19). Fixed crash bug when primary NT authentication server
-is down, rolls over to secondaries correctly now.
-20). Fixed timeout processing to be timer based. Now will
-always occur even if smbd is under load.
-21). Fixed signed/unsigned problem in quotas code.
-22). Fixed bug where setting the password of a completely fresh
-user would end up setting the account disabled flag.
-23). Improved user logon messages to help admins having
-trouble with user authentication.
-
-
-Bugfixes added since 2.0.1
---------------------------
-
-1). Fixed smbd looping on SIGCLD problem. This was
-    caused by a missing break statement in a critical
-    piece of code.                               
-
-Bugfixes added since 2.0.0
---------------------------
-
-1). Autoconf changes for gcc2.7.x and Solaris 2.5/2.6
-2). Autoconf changes to help HPUX configure correctly.
-3). Autoconf changes to allow lock directory to be set.
-4). Client fix to allow port to be set.
-5). clitar fix to send debug messages to stderr.
-6). smbmount race condition fix.
-7). Fix for bug where trying to browse large numbers of shares
-    generated an error from an NT client.
-8). Wrapper for setgroups for SunOS 4.x
-9). Fix for directory deleting failing from multiuser NT.
-10). Fix for crash bug if bitmap was full.
-11). Fix for Linux genrand where /dev/random could cause 
-     clients to timeout on connect if the entropy pool was
-     empty.
-12). The default PASSWD_CHAT may now be overridden in local.h
-13). HPUX printing fixes for default programs.
-14). Reverted (erroneous) code in MACHINE.SID generation that
-     was setting the sid to 0x21 - should be *decimal* 21.
-15). Fix for printing to remote machine under SVR4.
-16). Fix for chgpasswd wait being interrupted with EINTR.
-17). Fix for disk free routine. NT and Win98 now correctly
-     show greater than 2GB disks.
-18). Fix for crash bug in stat cache statistics printing.
-19). Fix for filenames ending in .~xx.
-20). Fix for access check code wait being interrupted with EINTR.
-21). Fix for password changes from "invalid password" to a valid
-     one setting the account disabled bit.
-22). Fix for smbd crash bug in SMBreadraw cache prime code.
-23). Fix for overly zealous lock range overflow reporting.
-24). Fix for large disk disk free reporting (NT SMB code).
-25). Fix for NT failing to truncate files correctly.
-26). Fix for smbd crash bug with SMBcancel calls.
-27). Additional -T flag to nmblookup to do reverse DNS on addresses.
-28). SWAT fix to start/stop smbd/nmbd correctly.
-
-Major changes in Samba 2.0
---------------------------
-
-This is a MAJOR new release of Samba, the UNIX based SMB/CIFS file 
-and print server for Windows systems.
-
-There have been many changes in Samba since the last major release,
-1.9.18.  These have mainly been in the areas of performance and
-SMB protocol correctness.  In addition, a Web based GUI interface
-for configuring Samba has been added.
-
-In addition, Samba has been re-written to help portability to
-other POSIX-based systems, based on the GNU autoconf tool.
-
-There are many major changes in Samba for version 2.0.  Here are 
-some of them:
-
-=====================================================================
-
-1). Speed
----------
-
-Samba has been benchmarked on high-end UNIX hardware as out-performing
-all other SMB/CIFS servers using the Ziff-Davis NetBench benchmark.
-Many changes to the code to optimise high-end performance have been made.
-
-2). Correctness
----------------
-
-Samba now supports the Windows NT specific SMB requests.  This
-means that on platforms that are capable Samba now presents a
-64 bit view of the filesystem to Windows NT clients and is
-capable of handling very large files.
-
-3). Portability
----------------
-
-Samba is now self-configuring using GNU autoconf, removing
-the need for people installing Samba to have to hand configure
-Makefiles, as was needed in previous versions.
-
-You now configure Samba by running "./configure" then "make".  See
-docs/textdocs/UNIX_INSTALL.txt for details.
-
-4). Web based GUI configuration
--------------------------------
-
-Samba now comes with SWAT, a web based GUI config system.  See
-the swat man page for details on how to set it up.
-
-5). Cross protocol data integrity
----------------------------------
-
-An open function interface has been defined to allow 
-"opportunistic locks" (oplocks for short) granted by Samba
-to be seen by other UNIX processes.  This allows complete
-cross protocol (NFS and SMB) data integrety using Samba
-with platforms that support this feature.
-
-6). Domain client capability
-----------------------------
-
-Samba is now capable of using a Windows NT PDC for user
-authentication in exactly the same way that a Windows NT
-workstation does, i.e. it can be a member of a Domain.  See
-docs/textdocs/DOMAIN_MEMBER.txt for details.
-
-7). Documentation Updates
--------------------------
-
-All the reference parts of the Samba documentation (the
-manual pages) have been updated and converted to a document
-format that allows automatic generation of HTML, SGML, and
-text formats.  These documents now ship as standard in HTML
-and manpage format.
-
-=====================================================================
-
-NOTE - Some important option defaults changed
----------------------------------------------
-
-Several parameters have changed their default values.  The most
-important of these is that the default security mode is now user
-level security rather than share level security.
-
-This (incompatible) change was made to ease new Samba installs
-as user level security is easier to use for Windows 95/98 and
-Windows NT clients.
-
-********IMPORTANT NOTE****************
-
-If you have no "security=" line in the [global] section of 
-your current smb.conf and you update to Samba 2.0 you will
-need to add the line :
-
-security=share
-
-to get exactly the same behaviour with Samba 2.0 as you
-did with previous versions of Samba.
-
-********END IMPORTANT NOTE*************
-
-In addition, Samba now defaults to case sensitivity options that
-match a Windows NT server precisely, that is, case insensitive 
-but case preserving.
-
-The default format of the smbpasswd file has also been
-changed for this release, although the new tools will read
-and write the old format, for backwards compatibility.
-
-=====================================================================
-
-NOTE - Primary Domain Controller Functionality
-----------------------------------------------
-
-This version of Samba contains code that correctly implements
-the undocumented Primary Domain Controller authentication
-protocols.  However, there is much more to being a Primary
-Domain Controller than serving Windows NT logon requests.
-
-A useful version of a Primary Domain Controller contains
-many remote procedure calls to do things like enumerate users, 
-groups, and security information, only some of which Samba currently
-implements. In addition, there are outstanding (known) bugs with
-using Samba as a PDC in this release that the Samba Team are actively
-working on. For this reason we have chosen not to advertise and 
-actively support Primary Domain Controller functionality with this
-release.
-
-This work is being done in the CVS (developer) versions of Samba,
-development of which continues at a fast pace.  If you are
-interested in participating in or helping with this development
-please join the Samba-NTDOM mailing list.  Details on joining
-are available at :
-
-<a href="http://samba.org/listproc/">http://samba.org/listproc/</a>
-
-Details on obtaining CVS (developer) versions of Samba
-are available at:
-
-<a href="http://samba.org/cvs.html">http://samba.org/cvs.html</a>
-
-=====================================================================
-
-If you have problems, or think you have found a bug please email 
-a report to :
-
-        <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-        The Samba Team.  
-
-----------------------------------------------------------------------
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-2.0.5.html b/whatsnew/samba-2.0.5.html
deleted file mode 100755
index f4b8b52..0000000
--- a/whatsnew/samba-2.0.5.html
+++ /dev/null
@@ -1,519 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team is pleased to announce Samba&nbsp;2.0.5</H2>
-
-<p>
-<pre>
-The Samba Team is pleased to announce Samba 2.0.5.
-
-This is the latest stable release of Samba. This is the
-version that all production Samba servers should be running
-for all current bug-fixes.
-
-Please read the "IMPORTANT NOTE" section of the release
-notes as this explains three security bugfixes which have
-been added in this release. It is vital that Samba admins
-understand these issues.
-
-It may be fetched via ftp from :
-
-<a href="/samba/ftp/samba-2.0.5.tar.gz">/samba/ftp/samba-2.0.5.tar.gz </a>
-
-Binary packages will be available shortly for many popular platforms.
-Please check the main Web site or email announcements for details.
-
-If you have problems, or think you have found a bug please email
-a report to :
-
-        <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-The WHATSNEW.txt file follows.
-
-As always, any bugs are our responsibility,
-
-Regards,
-
-        The Samba Team.
-
------------------------------------------------------------
-              WHATS NEW IN Samba 2.0.5
-              ========================
-
-This is the latest stable release of Samba. This is the
-version that all production Samba servers should be running
-for all current bug-fixes.
-
-IMPORTANT NOTE !
-----------------
-
-This version of Samba contains three security bugfixes for
-problems in previous versions of Samba found by Olaf Kirch of
-Caldera Systems (www.caldera.com). The Samba Team would like
-to publicly thank Olaf for his help in doing a security review
-of our code and finding these bugs.
-
-The three bugs are one potentially exploitable buffer overrun
-bug (although no current exploits are known) in smbd and two
-denial of service bugs in nmbd. By default the smbd bug was not
-exploitable as shipped (the problem parameter was disabled by
-default) but instructions on protecting any version of Samba
-prior to 2.0.5 are included below.
-
-All these bugs have been fixed in Samba 2.0.5. 
-
-If using any version of Samba prior to 2.0.5 the administrator
-*MUST NOT* enable the "message command" parameter in smb.conf,
-and *MUST* remove any "message command" that is listed in any
-existing smb.conf file. No known instances of this attack being
-exploited have been reported.
-
-All Samba versions of nmbd prior to 2.0.5 are vulnerable to a
-denial of service attack causing nmbd to either crash or to go
-into an infinite loop. No known instances of this attack being
-exploited have been reported.
-
-New/Changed parameters in 2.0.5
--------------------------------
-
-There are 5 new parameters in the smb.conf file.
-
-security mask
-force security mode
-directory security mask
-force directory mode
-level2 oplocks
-
-The first 4 parameters are used to control the UNIX permissions bits
-that an NT client is allowed to modify. These parameters are now
-used instead of the older "create" parameters that were used in
-2.0.4 to allow an administrator to separate the two functions.
-
-Use of these new parameters is described in the smb.conf man page,
-and also in the documents :
-
-docs/textdocs/NT_Security.txt
-docs/htmldocs/NT_Security.html
-
-The fifth new parameter is described in the following section.
-
-Level II oplocks
-----------------
-
-Samba 2.0.5 now implements level2 oplocks. As this is new
-code this parameter is set to "off" by default. The benefit
-of level2 oplocks is to allow read-only file caching from
-multiple clients. This is of great speed benefit to shares
-that are serving application executable programs (.EXE's)
-that are usually not written to. To learn more about using
-level 2 oplocks read the parameter description in the smb.conf
-documentation or read the file :
-
-docs/textdocs/Speed.txt.
-
-Changes in 2.0.5
------------------
-
-1). smbmount for Linux systems has been re-written to use
-the libsmb code and clientutil.c is no longer used with it.
-2). A bug preventing directory opens using the NT SMB calls
-has been fixed.
-3). A related bug causing a file structure leak when directory
-opens were denied has been fixed.
-4). Fix for glibc2.1 bug on 32-bit systems being reported as 64
-bit.
-5). Prevent timestamps of 0 or -1 corrupting file timestamps.
-6). Fix for unusual delays when browsing shares using Windows
-2000 - fix added by Matt.
-7). Fix for smbpassword reading problems on Sparc Linux was fixed.
-8). Fix for compiling with SSL library.
-9). smbclient fix for crash when doing CR/LF conversion.
-10). smbclient now reports short read errors.
-11). smbclient now uses remote server workgroup to list servers by default.
-12). smbclient now has -b option to change transmit/send buffer size.
-13). smbclient fix for corrupting files when issuing multiple outstanding
-read requests.
-14). Printing bug where Linux was using SYSV printing by default fixed.
-Linux now set to be BSD printing by default.
-15). Change for Linux to use SYSV shared memory by default.
-16). Fix for using IP_TOS options on some systems.
-17). Fix for some systems that complained about static struct passwd
-buffers being modified.
-18). Range checking applied to all string substitutions. Theoretically
-not a bug, but much more rebust now.
-19). Level II oplocks implemented.
-20). Fix for Win2K client printing added.
-21). Always allow loopback (127.0.0.1) connects unless specifically denied.
-22). Patch for FreeBSD interface detection code from Archie Cobbs
-(archie@whistle.com).
-23). Return correct status from smbrun.
-24). snprintf fixes for floating point numbers.
-25). Force directories to always have zero size.
-26). Fix for "force group" and "force user" options. "force user" now
-always uses primary group of user as well. Force group now enhanced with '+'
-semantics (see smb.conf man page for details).
-27). Wildcard matching fix to get closer to WinNT semantics for Win9x clients.
-28). Potential crash bug fixed in wildcard matching code. This bug could also
-cause smbd to sometimes not see exact file matches.
-29). Read/write for sockets changed to use revc/send to allow optimisations
-later.
-30). Oplocks added to client library.
-31). Several purify fixes in IPC code.
-32). nmbd crash bug in processing strange NetBIOS names fixed.
-33). nmbd loop bug in processing strange NetBIOS names fixed.
-34). Paranoia fixes to processing of incoming WinPopup messages in smbd.
-35). Share mode code now auto initialised.
-36). Detect dead processes in IPC lock code.
-37). Explicit -V version switch added to command line processing.
-38). WORKGROUP(1b) name processing with no WINS server fixed.
-39). Win2k client detection code added by Matt.
-40). Fix to allow really short changenotify times to be honoured.
-41). Fix for NT delete finding the wrong file from Tine Smukavec
-(valentin.smukavec@hermes.si)
-42). SWAT fix to prevent stderr messages from breaking the Web client.
-43). testparm fixes to check more parameter conflicts.
-44). Relative paths not fetched via SWAT in CGI scripts.
-45). SWAT remote password change - remote host name not treated as a
-password field any more.
-
-Changes in 2.0.4b
------------------
-
-A bug with MS-Word 97 saving files with zero UNIX permissions
-was fixed. Even though a workaround is available (set force
-create mode = 644 on the share) Word is such an important
-application that a point fix was neccessary.
-
-Changes in 2.0.4a
------------------
-
-The text and html versions of NT_Security were missing from
-the shipping tarball. Also a compile bug for platforms that
-don't have usleep was fixed.
-
-Changes in 2.0.4
-----------------
-
-There are 5 new parameters and one modified parameter in
-the smb.conf file.
-
-allow trusted domains
-restrict anonymous
-mangle locks
-oplock break wait time
-oplock contention limit
-
-The modified parameter is :
-
-nt acl support
-
-Bugfixes added since 2.0.3
---------------------------
-
-1). Fix for 8 character password problem when using HPUX and
-plaintext passwords.
-2). --with-pam option added to ./configure.
-3). Client fixes for memory leak and display of 64 bit values.
-4). Fixes for -E and -s option with smbclient.
-5). smbclient now allows -L //server or -L \\server
-6). smbtar fix for display of 64 bit values.
-7). Endian independence added to DCE/RPC code.
-8). DCE/RPC marshalling/unmarshalling code re-written to provide
-overflow reporting and sign and seal support.
-9). Bind NAK reply packet added to DCE/RPC code, used to correctly
-refuse bind requests (prevents NT system event log messages).
-10). Mapping of UNIX permissions into NT ACL's for get and set
-added.
-11). DCE/RPC enumeration of numbers of shares made dynamic. 
-Samba now has no limit on the number of exported shares seen.
-12). Fix to speed up random number seed generation on /dev/urandom
-being unavailable.
-13). Several memory fixes added by running Purify on the code.
-14). Read from client error messages improved.
-15). Fixed endianness used in UNICODE strings.
-16). Cope with ERRORmoredata in an RPC pipe client call.
-17). Check for malformed responses in nmbd register name.
-18). NT Encrypted password changing from the NT password dialog box
-now fully implmented.
-19). Mangle 64-bit lock ranges into 32-bits (NT bug!) on a 32-bit
-Samba platform.
-20). Allow file to be pseudo-openend in order to read security only.
-21). Improve filename mangling to reduce chance of collisions.
-22). Added code to prevent granting of oplocks when a file is under
-contention.
-23). Added tunable wait time before sending an oplock break request
-to a client if the client caused the break request. Helps with clients
-not responding to oplock breaks.
-24). Always respond negatively to queued local oplock break messages
-before shutdown. This can prevent "freezes" on an oplock error.
-25). Allow admin to restrict logons to correct domain when in domain
-level security.
-26). Added "restrict anonymous" patch from Andy (thwartedefforts@wonky.org)
-to prevent parameter substitution problems with anonymous connections.
-27). Fix SMBseek where seeking to a negative number sets the offset
-to zero.
-28). Fixed problem with mode getting corrupted in trans2 request
-(setting to zero means please ignore it).
-29). Correctly become the authenticated user on an authenticated
-DCE/RPC pipe request.
-30). Correctly reset debug level in nmbd if someone set it on the
-command line.
-31). Added more checking into testparm
-32). NetBench simulator added to smbtorture by Andrew.
-33). Fixed NIS+ option compile (was broken in 2.0.3).
-34). Recursive smbclient directory listing fix. Patch from E. Jay Berkenbilt
-(ejb@ql.org)
-
-Bugfixes added since 2.0.2
---------------------------
-
-1). --with-ssl configure now include ssl include directory. Fix
-from Richard Sharpe.
-2). Patch for configure for glibc2.1 support (large files etc.).
-3). Several bugfixes for smbclient tar mode from Bob Boehmer
-(boehmer@worldnet.att.net) to fix smbclient aborting problems
-when restoring tar files.
-4). Some automount fixes for smbmount.
-5). Attempt to fix the AIX 4.1.x/3.x problems where smbd runs as
-root. As no-one has given us root access to such a server this
-cannot be tested fully, but should work.
-6). Crash bug fix in debug code where *real* uid rather than 
-*effective* uid was being checked before attempting to rotate
-log files. This fix should help a *lot* of people who were
-reporting smbd aborting in the middle of a copy operation.
-7). SIGALRM bugfix to ensure infinate file locks time out.
-8). New code to implement NT ACL reporting for cacls.exe program.
-9). UDP loopback socket rebind fix for Solaris.
-10). Ensure all UNICODE strings are correctly in little-endian
-format.
-11). smbpasswd file locking fix.
-12). Fixes for strncpy problems with glibc2.1.
-13). Ensure smbd correctly reports major and minor version number
-and server type when queried via NT rpc calls.
-14). Bugfix for short mangled names not being pulled off the
-mangled stack correctly.
-15). Fix for mapping of rwx bits being incorrectly overwritten
-when doing ATTRIB.EXE
-16). Fix for returning multiple PDU packets in NT rpc code. Should
-allow multiple shares to be returned correctly).
-17). Improved mapping of NT open access requests into UNIX open
-modes.
-18). Fix for copying files from an NTFS volume that contain
-multiple data forks. Added 'magic' error code NT needs.
-19). Fixed crash bug when primary NT authentication server
-is down, rolls over to secondaries correctly now.
-20). Fixed timeout processing to be timer based. Now will
-always occur even if smbd is under load.
-21). Fixed signed/unsigned problem in quotas code.
-22). Fixed bug where setting the password of a completely fresh
-user would end up setting the account disabled flag.
-23). Improved user logon messages to help admins having
-trouble with user authentication.
-
-Bugfixes added since 2.0.1
---------------------------
-
-Note that due to a critical signal handling bug in 2.0.1,
-this release has been removed and replaced immediately with 
-2.0.2. The Samba Team would like to apologise for any problem
-this may have caused.
-
-1). Fixed smbd looping on SIGCLD problem. This was
-    caused by a missing break statement in a critical
-    piece of code.
-
-Bugfixes added since 2.0.0
---------------------------
-
-1). Autoconf changes for gcc2.7.x and Solaris 2.5/2.6
-2). Autoconf changes to help HPUX configure correctly.
-3). Autoconf changes to allow lock directory to be set.
-4). Client fix to allow port to be set.
-5). clitar fix to send debug messages to stderr.
-6). smbmount race condition fix.
-7). Fix for bug where trying to browse large numbers of shares
-    generated an error from an NT client.
-8). Wrapper for setgroups for SunOS 4.x
-9). Fix for directory deleting failing from multiuser NT.
-10). Fix for crash bug if bitmap was full.
-11). Fix for Linux genrand where /dev/random could cause 
-     clients to timeout on connect if the entropy pool was
-     empty.
-12). The default PASSWD_CHAT may now be overridden in local.h
-13). HPUX printing fixes for default programs.
-14). Reverted (erroneous) code in MACHINE.SID generation that
-     was setting the sid to 0x21 - should be *decimal* 21.
-15). Fix for printing to remote machine under SVR4.
-16). Fix for chgpasswd wait being interrupted with EINTR.
-17). Fix for disk free routine. NT and Win98 now correctly
-     show greater than 2GB disks.
-18). Fix for crash bug in stat cache statistics printing.
-19). Fix for filenames ending in .~xx.
-20). Fix for access check code wait being interrupted with EINTR.
-21). Fix for password changes from "invalid password" to a valid
-     one setting the account disabled bit.
-22). Fix for smbd crash bug in SMBreadraw cache prime code.
-23). Fix for overly zealous lock range overflow reporting.
-24). Fix for large disk disk free reporting (NT SMB code).
-25). Fix for NT failing to truncate files correctly.
-26). Fix for smbd crash bug with SMBcancel calls.
-27). Additional -T flag to nmblookup to do reverse DNS on addresses.
-28). SWAT fix to start/stop smbd/nmbd correctly.
-
-Major changes in Samba 2.0
---------------------------
-
-This is a MAJOR new release of Samba, the UNIX based SMB/CIFS file 
-and print server for Windows systems.
-
-There have been many changes in Samba since the last major release,
-1.9.18.  These have mainly been in the areas of performance and
-SMB protocol correctness.  In addition, a Web based GUI interface
-for configuring Samba has been added.
-
-In addition, Samba has been re-written to help portability to
-other POSIX-based systems, based on the GNU autoconf tool.
-
-There are many major changes in Samba for version 2.0.  Here are 
-some of them:
-
-=====================================================================
-
-1). Speed
----------
-
-Samba has been benchmarked on high-end UNIX hardware as out-performing
-all other SMB/CIFS servers using the Ziff-Davis NetBench benchmark.
-Many changes to the code to optimise high-end performance have been made.
-
-2). Correctness
----------------
-
-Samba now supports the Windows NT specific SMB requests.  This
-means that on platforms that are capable Samba now presents a
-64 bit view of the filesystem to Windows NT clients and is
-capable of handling very large files.
-
-3). Portability
----------------
-
-Samba is now self-configuring using GNU autoconf, removing
-the need for people installing Samba to have to hand configure
-Makefiles, as was needed in previous versions.
-
-You now configure Samba by running "./configure" then "make".  See
-docs/textdocs/UNIX_INSTALL.txt for details.
-
-4). Web based GUI configuration
--------------------------------
-
-Samba now comes with SWAT, a web based GUI config system.  See
-the swat man page for details on how to set it up.
-
-5). Cross protocol data integrity
----------------------------------
-
-An open function interface has been defined to allow 
-"opportunistic locks" (oplocks for short) granted by Samba
-to be seen by other UNIX processes.  This allows complete
-cross protocol (NFS and SMB) data integrety using Samba
-with platforms that support this feature.
-
-6). Domain client capability
-----------------------------
-
-Samba is now capable of using a Windows NT PDC for user
-authentication in exactly the same way that a Windows NT
-workstation does, i.e. it can be a member of a Domain.  See
-docs/textdocs/DOMAIN_MEMBER.txt for details.
-
-7). Documentation Updates
--------------------------
-
-All the reference parts of the Samba documentation (the
-manual pages) have been updated and converted to a document
-format that allows automatic generation of HTML, SGML, and
-text formats.  These documents now ship as standard in HTML
-and manpage format.
-
-=====================================================================
-
-NOTE - Some important option defaults changed
----------------------------------------------
-
-Several parameters have changed their default values.  The most
-important of these is that the default security mode is now user
-level security rather than share level security.
-
-This (incompatible) change was made to ease new Samba installs
-as user level security is easier to use for Windows 95/98 and
-Windows NT clients.
-
-********IMPORTANT NOTE****************
-
-If you have no "security=" line in the [global] section of 
-your current smb.conf and you update to Samba 2.0 you will
-need to add the line :
-
-security=share
-
-to get exactly the same behaviour with Samba 2.0 as you
-did with previous versions of Samba.
-
-********END IMPORTANT NOTE*************
-
-In addition, Samba now defaults to case sensitivity options that
-match a Windows NT server precisely, that is, case insensitive 
-but case preserving.
-
-The default format of the smbpasswd file has also been
-changed for this release, although the new tools will read
-and write the old format, for backwards compatibility.
-
-=====================================================================
-
-NOTE - Primary Domain Controller Functionality
-----------------------------------------------
-
-This version of Samba contains code that correctly implements
-the undocumented Primary Domain Controller authentication
-protocols.  However, there is much more to being a Primary
-Domain Controller than serving Windows NT logon requests.
-
-A useful version of a Primary Domain Controller contains
-many remote procedure calls to do things like enumerate users, 
-groups, and security information, only some of which Samba currently
-implements. In addition, there are outstanding (known) bugs with
-using Samba as a PDC in this release that the Samba Team are actively
-working on. For this reason we have chosen not to advertise and 
-actively support Primary Domain Controller functionality with this
-release.
-
-This work is being done in the CVS (developer) versions of Samba,
-development of which continues at a fast pace.  If you are
-interested in participating in or helping with this development
-please join the Samba-NTDOM mailing list.  Details on joining
-are available at :
-
-<a href="http://samba.org/listproc/">http://samba.org/listproc/</a>
-
-Details on obtaining CVS (developer) versions of Samba
-are available at:
-
-<a href="http://samba.org/cvs.html">http://samba.org/cvs.html</a>
-
-=====================================================================
-
-If you have problems, or think you have found a bug please email 
-a report to :
-
-        <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-        The Samba Team.  
-
-----------------------------------------------------------------------
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-2.0.5a.html b/whatsnew/samba-2.0.5a.html
deleted file mode 100755
index 7a4a294..0000000
--- a/whatsnew/samba-2.0.5a.html
+++ /dev/null
@@ -1,529 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team is pleased to announce Samba&nbsp;2.0.5a</H2>
-
-<p>
-<pre>
-The Samba Team is pleased to announce Samba 2.0.5a.
-
-This is the latest stable release of Samba. This is the
-version that all production Samba servers should be running
-for all current bug-fixes.
-
-Please read the "IMPORTANT NOTE" section of the release
-notes as this explains three security bugfixes which have
-been added in this release. It is vital that Samba admins
-understand these issues.
-
-It may be fetched via ftp from :
-
-<a href="/samba/ftp/samba-2.0.5a.tar.gz">/samba/ftp/samba-2.0.5a.tar.gz </a>
-
-Binary packages will be available shortly for many popular platforms.
-Please check the main Web site or email announcements for details.
-
-If you think you have found a bug please email a report to :
-
-        <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-The WHATSNEW.txt file follows.
-
-As always, any bugs are our responsibility,
-
-Regards,
-
-        The Samba Team.
-
------------------------------------------------------------
-              WHATS NEW IN Samba 2.0.5a
-              =========================
-
-This is the latest stable release of Samba. This is the
-version that all production Samba servers should be running
-for all current bug-fixes.
-
-IMPORTANT NOTE !
-----------------
-
-This version of Samba contains three security bugfixes for
-problems in previous versions of Samba found by Olaf Kirch of
-Caldera Systems (www.caldera.com). The Samba Team would like
-to publicly thank Olaf for his help in doing a security review
-of our code and finding these bugs.
-
-The three bugs are one potentially exploitable buffer overrun
-bug (although no current exploits are known) in smbd and two
-denial of service bugs in nmbd. By default the smbd bug was not
-exploitable as shipped (the problem parameter was disabled by
-default) but instructions on protecting any version of Samba
-prior to 2.0.5 are included below.
-
-All these bugs have been fixed in Samba 2.0.5 and 2.0.5a.
-
-If using any version of Samba prior to 2.0.5 the administrator
-*MUST NOT* enable the "message command" parameter in smb.conf,
-and *MUST* remove any "message command" that is listed in any
-existing smb.conf file. No known instances of this attack being
-exploited have been reported.
-
-All Samba versions of nmbd prior to 2.0.5 are vulnerable to a
-denial of service attack causing nmbd to either crash or to go
-into an infinite loop. No known instances of this attack being
-exploited have been reported.
-
-New/Changed parameters in 2.0.5 and 2.0.5a.
--------------------------------------------
-
-There are 5 new parameters in the smb.conf file.
-
-security mask
-force security mode
-directory security mask
-force directory mode
-level2 oplocks
-
-The first 4 parameters are used to control the UNIX permissions bits
-that an NT client is allowed to modify. These parameters are now
-used instead of the older "create" parameters that were used in
-2.0.4 to allow an administrator to separate the two functions.
-
-Use of these new parameters is described in the smb.conf man page,
-and also in the documents :
-
-docs/textdocs/NT_Security.txt
-docs/htmldocs/NT_Security.html
-
-The fifth new parameter is described in the following section.
-
-Level II oplocks
-----------------
-
-Samba 2.0.5 now implements level2 oplocks. As this is new
-code this parameter is set to "off" by default. The benefit
-of level2 oplocks is to allow read-only file caching from
-multiple clients. This is of great speed benefit to shares
-that are serving application executable programs (.EXE's)
-that are usually not written to. To learn more about using
-level 2 oplocks read the parameter description in the smb.conf
-documentation or read the file :
-
-docs/textdocs/Speed.txt.
-
-Changes in 2.0.5a
------------------
-
-1). Fix for smbd crash bug in string_sub(). smbd was miscalculating
-memmove lengths on multiple '%' substitutions.
-2). Fix for wildcard matching bug for old DOS programs running on Win9x.
-3). Fix for Windows NT client changing passwords against a Samba server,
-intermittently failing.
-4). Fix for PPP link being detected as primary interface if using the
-same IP address as the primary.
-5). Ensure smbmount is built with RPM build.
-
-Changes in 2.0.5
------------------
-
-1). smbmount for Linux systems has been re-written to use
-the libsmb code and clientutil.c is no longer used with it.
-2). A bug preventing directory opens using the NT SMB calls
-has been fixed.
-3). A related bug causing a file structure leak when directory
-opens were denied has been fixed.
-4). Fix for glibc2.1 bug on 32-bit systems being reported as 64
-bit.
-5). Prevent timestamps of 0 or -1 corrupting file timestamps.
-6). Fix for unusual delays when browsing shares using Windows
-2000 - fix added by Matt.
-7). Fix for smbpassword reading problems on Sparc Linux was fixed.
-8). Fix for compiling with SSL library.
-9). smbclient fix for crash when doing CR/LF conversion.
-10). smbclient now reports short read errors.
-11). smbclient now uses remote server workgroup to list servers by default.
-12). smbclient now has -b option to change transmit/send buffer size.
-13). smbclient fix for corrupting files when issuing multiple outstanding
-read requests.
-14). Printing bug where Linux was using SYSV printing by default fixed.
-Linux now set to be BSD printing by default.
-15). Change for Linux to use SYSV shared memory by default.
-16). Fix for using IP_TOS options on some systems.
-17). Fix for some systems that complained about static struct passwd
-buffers being modified.
-18). Range checking applied to all string substitutions. Theoretically
-not a bug, but much more rebust now.
-19). Level II oplocks implemented.
-20). Fix for Win2K client printing added.
-21). Always allow loopback (127.0.0.1) connects unless specifically denied.
-22). Patch for FreeBSD interface detection code from Archie Cobbs
-(archie@whistle.com).
-23). Return correct status from smbrun.
-24). snprintf fixes for floating point numbers.
-25). Force directories to always have zero size.
-26). Fix for "force group" and "force user" options. "force user" now
-always uses primary group of user as well. Force group now enhanced with '+'
-semantics (see smb.conf man page for details).
-27). Wildcard matching fix to get closer to WinNT semantics for Win9x clients.
-28). Potential crash bug fixed in wildcard matching code. This bug could also
-cause smbd to sometimes not see exact file matches.
-29). Read/write for sockets changed to use revc/send to allow optimisations
-later.
-30). Oplocks added to client library.
-31). Several purify fixes in IPC code.
-32). nmbd crash bug in processing strange NetBIOS names fixed.
-33). nmbd loop bug in processing strange NetBIOS names fixed.
-34). Paranoia fixes to processing of incoming WinPopup messages in smbd.
-35). Share mode code now auto initialised.
-36). Detect dead processes in IPC lock code.
-37). Explicit -V version switch added to command line processing.
-38). WORKGROUP(1b) name processing with no WINS server fixed.
-39). Win2k client detection code added by Matt.
-40). Fix to allow really short changenotify times to be honoured.
-41). Fix for NT delete finding the wrong file from Tine Smukavec
-(valentin.smukavec@hermes.si)
-42). SWAT fix to prevent stderr messages from breaking the Web client.
-43). testparm fixes to check more parameter conflicts.
-44). Relative paths not fetched via SWAT in CGI scripts.
-45). SWAT remote password change - remote host name not treated as a
-password field any more.
-
-Changes in 2.0.4b
------------------
-
-A bug with MS-Word 97 saving files with zero UNIX permissions
-was fixed. Even though a workaround is available (set force
-create mode = 644 on the share) Word is such an important
-application that a point fix was neccessary.
-
-Changes in 2.0.4a
------------------
-
-The text and html versions of NT_Security were missing from
-the shipping tarball. Also a compile bug for platforms that
-don't have usleep was fixed.
-
-Changes in 2.0.4
-----------------
-
-There are 5 new parameters and one modified parameter in
-the smb.conf file.
-
-allow trusted domains
-restrict anonymous
-mangle locks
-oplock break wait time
-oplock contention limit
-
-The modified parameter is :
-
-nt acl support
-
-Bugfixes added since 2.0.3
---------------------------
-
-1). Fix for 8 character password problem when using HPUX and
-plaintext passwords.
-2). --with-pam option added to ./configure.
-3). Client fixes for memory leak and display of 64 bit values.
-4). Fixes for -E and -s option with smbclient.
-5). smbclient now allows -L //server or -L \\server
-6). smbtar fix for display of 64 bit values.
-7). Endian independence added to DCE/RPC code.
-8). DCE/RPC marshalling/unmarshalling code re-written to provide
-overflow reporting and sign and seal support.
-9). Bind NAK reply packet added to DCE/RPC code, used to correctly
-refuse bind requests (prevents NT system event log messages).
-10). Mapping of UNIX permissions into NT ACL's for get and set
-added.
-11). DCE/RPC enumeration of numbers of shares made dynamic. 
-Samba now has no limit on the number of exported shares seen.
-12). Fix to speed up random number seed generation on /dev/urandom
-being unavailable.
-13). Several memory fixes added by running Purify on the code.
-14). Read from client error messages improved.
-15). Fixed endianness used in UNICODE strings.
-16). Cope with ERRORmoredata in an RPC pipe client call.
-17). Check for malformed responses in nmbd register name.
-18). NT Encrypted password changing from the NT password dialog box
-now fully implmented.
-19). Mangle 64-bit lock ranges into 32-bits (NT bug!) on a 32-bit
-Samba platform.
-20). Allow file to be pseudo-openend in order to read security only.
-21). Improve filename mangling to reduce chance of collisions.
-22). Added code to prevent granting of oplocks when a file is under
-contention.
-23). Added tunable wait time before sending an oplock break request
-to a client if the client caused the break request. Helps with clients
-not responding to oplock breaks.
-24). Always respond negatively to queued local oplock break messages
-before shutdown. This can prevent "freezes" on an oplock error.
-25). Allow admin to restrict logons to correct domain when in domain
-level security.
-26). Added "restrict anonymous" patch from Andy (thwartedefforts@wonky.org)
-to prevent parameter substitution problems with anonymous connections.
-27). Fix SMBseek where seeking to a negative number sets the offset
-to zero.
-28). Fixed problem with mode getting corrupted in trans2 request
-(setting to zero means please ignore it).
-29). Correctly become the authenticated user on an authenticated
-DCE/RPC pipe request.
-30). Correctly reset debug level in nmbd if someone set it on the
-command line.
-31). Added more checking into testparm
-32). NetBench simulator added to smbtorture by Andrew.
-33). Fixed NIS+ option compile (was broken in 2.0.3).
-34). Recursive smbclient directory listing fix. Patch from E. Jay Berkenbilt
-(ejb@ql.org)
-
-Bugfixes added since 2.0.2
---------------------------
-
-1). --with-ssl configure now include ssl include directory. Fix
-from Richard Sharpe.
-2). Patch for configure for glibc2.1 support (large files etc.).
-3). Several bugfixes for smbclient tar mode from Bob Boehmer
-(boehmer@worldnet.att.net) to fix smbclient aborting problems
-when restoring tar files.
-4). Some automount fixes for smbmount.
-5). Attempt to fix the AIX 4.1.x/3.x problems where smbd runs as
-root. As no-one has given us root access to such a server this
-cannot be tested fully, but should work.
-6). Crash bug fix in debug code where *real* uid rather than 
-*effective* uid was being checked before attempting to rotate
-log files. This fix should help a *lot* of people who were
-reporting smbd aborting in the middle of a copy operation.
-7). SIGALRM bugfix to ensure infinate file locks time out.
-8). New code to implement NT ACL reporting for cacls.exe program.
-9). UDP loopback socket rebind fix for Solaris.
-10). Ensure all UNICODE strings are correctly in little-endian
-format.
-11). smbpasswd file locking fix.
-12). Fixes for strncpy problems with glibc2.1.
-13). Ensure smbd correctly reports major and minor version number
-and server type when queried via NT rpc calls.
-14). Bugfix for short mangled names not being pulled off the
-mangled stack correctly.
-15). Fix for mapping of rwx bits being incorrectly overwritten
-when doing ATTRIB.EXE
-16). Fix for returning multiple PDU packets in NT rpc code. Should
-allow multiple shares to be returned correctly).
-17). Improved mapping of NT open access requests into UNIX open
-modes.
-18). Fix for copying files from an NTFS volume that contain
-multiple data forks. Added 'magic' error code NT needs.
-19). Fixed crash bug when primary NT authentication server
-is down, rolls over to secondaries correctly now.
-20). Fixed timeout processing to be timer based. Now will
-always occur even if smbd is under load.
-21). Fixed signed/unsigned problem in quotas code.
-22). Fixed bug where setting the password of a completely fresh
-user would end up setting the account disabled flag.
-23). Improved user logon messages to help admins having
-trouble with user authentication.
-
-Bugfixes added since 2.0.1
---------------------------
-
-Note that due to a critical signal handling bug in 2.0.1,
-this release has been removed and replaced immediately with 
-2.0.2. The Samba Team would like to apologise for any problem
-this may have caused.
-
-1). Fixed smbd looping on SIGCLD problem. This was
-    caused by a missing break statement in a critical
-    piece of code.
-
-Bugfixes added since 2.0.0
---------------------------
-
-1). Autoconf changes for gcc2.7.x and Solaris 2.5/2.6
-2). Autoconf changes to help HPUX configure correctly.
-3). Autoconf changes to allow lock directory to be set.
-4). Client fix to allow port to be set.
-5). clitar fix to send debug messages to stderr.
-6). smbmount race condition fix.
-7). Fix for bug where trying to browse large numbers of shares
-    generated an error from an NT client.
-8). Wrapper for setgroups for SunOS 4.x
-9). Fix for directory deleting failing from multiuser NT.
-10). Fix for crash bug if bitmap was full.
-11). Fix for Linux genrand where /dev/random could cause 
-     clients to timeout on connect if the entropy pool was
-     empty.
-12). The default PASSWD_CHAT may now be overridden in local.h
-13). HPUX printing fixes for default programs.
-14). Reverted (erroneous) code in MACHINE.SID generation that
-     was setting the sid to 0x21 - should be *decimal* 21.
-15). Fix for printing to remote machine under SVR4.
-16). Fix for chgpasswd wait being interrupted with EINTR.
-17). Fix for disk free routine. NT and Win98 now correctly
-     show greater than 2GB disks.
-18). Fix for crash bug in stat cache statistics printing.
-19). Fix for filenames ending in .~xx.
-20). Fix for access check code wait being interrupted with EINTR.
-21). Fix for password changes from "invalid password" to a valid
-     one setting the account disabled bit.
-22). Fix for smbd crash bug in SMBreadraw cache prime code.
-23). Fix for overly zealous lock range overflow reporting.
-24). Fix for large disk disk free reporting (NT SMB code).
-25). Fix for NT failing to truncate files correctly.
-26). Fix for smbd crash bug with SMBcancel calls.
-27). Additional -T flag to nmblookup to do reverse DNS on addresses.
-28). SWAT fix to start/stop smbd/nmbd correctly.
-
-Major changes in Samba 2.0
---------------------------
-
-This is a MAJOR new release of Samba, the UNIX based SMB/CIFS file 
-and print server for Windows systems.
-
-There have been many changes in Samba since the last major release,
-1.9.18.  These have mainly been in the areas of performance and
-SMB protocol correctness.  In addition, a Web based GUI interface
-for configuring Samba has been added.
-
-In addition, Samba has been re-written to help portability to
-other POSIX-based systems, based on the GNU autoconf tool.
-
-There are many major changes in Samba for version 2.0.  Here are 
-some of them:
-
-=====================================================================
-
-1). Speed
----------
-
-Samba has been benchmarked on high-end UNIX hardware as out-performing
-all other SMB/CIFS servers using the Ziff-Davis NetBench benchmark.
-Many changes to the code to optimise high-end performance have been made.
-
-2). Correctness
----------------
-
-Samba now supports the Windows NT specific SMB requests.  This
-means that on platforms that are capable Samba now presents a
-64 bit view of the filesystem to Windows NT clients and is
-capable of handling very large files.
-
-3). Portability
----------------
-
-Samba is now self-configuring using GNU autoconf, removing
-the need for people installing Samba to have to hand configure
-Makefiles, as was needed in previous versions.
-
-You now configure Samba by running "./configure" then "make".  See
-docs/textdocs/UNIX_INSTALL.txt for details.
-
-4). Web based GUI configuration
--------------------------------
-
-Samba now comes with SWAT, a web based GUI config system.  See
-the swat man page for details on how to set it up.
-
-5). Cross protocol data integrity
----------------------------------
-
-An open function interface has been defined to allow 
-"opportunistic locks" (oplocks for short) granted by Samba
-to be seen by other UNIX processes.  This allows complete
-cross protocol (NFS and SMB) data integrety using Samba
-with platforms that support this feature.
-
-6). Domain client capability
-----------------------------
-
-Samba is now capable of using a Windows NT PDC for user
-authentication in exactly the same way that a Windows NT
-workstation does, i.e. it can be a member of a Domain.  See
-docs/textdocs/DOMAIN_MEMBER.txt for details.
-
-7). Documentation Updates
--------------------------
-
-All the reference parts of the Samba documentation (the
-manual pages) have been updated and converted to a document
-format that allows automatic generation of HTML, SGML, and
-text formats.  These documents now ship as standard in HTML
-and manpage format.
-
-=====================================================================
-
-NOTE - Some important option defaults changed
----------------------------------------------
-
-Several parameters have changed their default values.  The most
-important of these is that the default security mode is now user
-level security rather than share level security.
-
-This (incompatible) change was made to ease new Samba installs
-as user level security is easier to use for Windows 95/98 and
-Windows NT clients.
-
-********IMPORTANT NOTE****************
-
-If you have no "security=" line in the [global] section of 
-your current smb.conf and you update to Samba 2.0 you will
-need to add the line :
-
-security=share
-
-to get exactly the same behaviour with Samba 2.0 as you
-did with previous versions of Samba.
-
-********END IMPORTANT NOTE*************
-
-In addition, Samba now defaults to case sensitivity options that
-match a Windows NT server precisely, that is, case insensitive 
-but case preserving.
-
-The default format of the smbpasswd file has also been
-changed for this release, although the new tools will read
-and write the old format, for backwards compatibility.
-
-=====================================================================
-
-NOTE - Primary Domain Controller Functionality
-----------------------------------------------
-
-This version of Samba contains code that correctly implements
-the undocumented Primary Domain Controller authentication
-protocols.  However, there is much more to being a Primary
-Domain Controller than serving Windows NT logon requests.
-
-A useful version of a Primary Domain Controller contains
-many remote procedure calls to do things like enumerate users, 
-groups, and security information, only some of which Samba currently
-implements. In addition, there are outstanding (known) bugs with
-using Samba as a PDC in this release that the Samba Team are actively
-working on. For this reason we have chosen not to advertise and 
-actively support Primary Domain Controller functionality with this
-release.
-
-This work is being done in the CVS (developer) versions of Samba,
-development of which continues at a fast pace.  If you are
-interested in participating in or helping with this development
-please join the Samba-NTDOM mailing list.  Details on joining
-are available at :
-
-<a href="http://samba.org/listproc/">http://samba.org/listproc/</a>
-
-Details on obtaining CVS (developer) versions of Samba
-are available at:
-
-<a href="http://samba.org/cvs.html">http://samba.org/cvs.html</a>
-
-=====================================================================
-
-If you think you have found a bug please email a report to :
-
-        <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-        The Samba Team.  
-
-----------------------------------------------------------------------
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-2.0.6.html b/whatsnew/samba-2.0.6.html
deleted file mode 100755
index 10b7a06..0000000
--- a/whatsnew/samba-2.0.6.html
+++ /dev/null
@@ -1,646 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team is pleased to announce Samba&nbsp;2.0.6</H2>
-
-<p>
-<pre>
-The Samba Team is pleased to announce Samba 2.0.6.
-
-This is the latest stable release of Samba. This is the
-version that all production Samba servers should be running
-for all current bug-fixes.
-
-It may be fetched via ftp from :
-
-<a href="/samba/ftp/samba-2.0.6.tar.gz">/samba/ftp/samba-2.0.6.tar.gz </a>
-
-Binary packages will be available shortly for many popular platforms.
-Please check the main Web site or email announcements for details.
-
-If you have problems, or think you have found a bug please email
-a report to :
-
-        <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-The WHATSNEW.txt file follows.
-
-As always, any bugs are our responsibility,
-
-Regards,
-
-        The Samba Team.
-
------------------------------------------------------------
-              WHATS NEW IN Samba 2.0.6
-              ========================
-
-This is the latest stable release of Samba. This is the
-version that all production Samba servers should be running
-for all current bug-fixes.
-
-New/Changed parameters in 2.0.6
--------------------------------
-
-There are 6 new parameters in the smb.conf file.
-
-wins hook
-
-This parameter allows an external program to be called
-on all changes to a Samba WINS database, allowing dynamic
-DNS updates.
-
-debug hires timestamp
-debug pid
-debug uid
-
-The above 3 parameters provide greater debug information.
-
-preexec close
-rootpreexec close
-
-The above 2 parameters control the action taken on the
-success or failure of a 'preexec' script.
-
-There is also one removed parameter.
-
-mangle locks
-
-The addition of these new parameters and the removal of the old
-is described in more detail in the smb.conf man page,
-
-When using "security=domain" the "password server"
-parameter can now be set to the string "*', which will
-cause Samba to search for Domain controllers in the
-same way that Windows NT does. See the smb.conf man
-page for more details.
-
-The "interfaces" parameter in smb.conf can now be dynamically
-detected on startup and can also now take an interface name
-such as eth0. See the smb.conf man page for the details
-on the new features of the "interfaces" parameter.
-nmbd has been enhanced to use this feature.
-
-The syntax for the Linux-specific smbmount command has been changed
-and is now compatible with the standard mount command. See the modified
-smbmount man page for details.
-
-Support for the UNIX CUPS printer standard has been added.
-See www.cups.org for details. Thanks to the folks at Easy Software
-Products for this code. Set the printcap name to "cups" to
-enable this. See the smb.conf man page for details.
-
-Changes in 2.0.6
------------------
-
-1). 64-bit locking removed from Linux autoconf build. This fixes
-several Linux specific locking issues.
-2). Crash bug fix in smbclient recursive processing. Fix from
-E. Jay Berkenbilt (ejb@ql.org).
-3). "history" command added to smbclient if readline available.
-4). smbtar - updates files and directory message on restore.
-5). smbmnt - 'u', 'g', 'r', 'f', 'd' options added by Andrew. See
-man page for details.
-6). smbmount updated to be useable by autofs on Linux. See the
-samba/examples/autofs/README file for details.
-7). Bug fixed where TCP_NODELAY was not being used by default in smbd.
-8). Many oplock fixes. Samba now waits 30 seconds, not 45. Also
-smbd no longer aborts on client break failure, but logs a message
-and continues. This is what NT does. This should fix many "oplock
-break" message problems people have been having.
-9). New code from Andrew to dynamically detect interfaces. nmbd will
-now attempt to dynamically detect interface changes and register names
-as an interface goes "up".
-10). Win95 ioctl for print jobs added by Matt.
-11). Mapping for ISO8859-1 extended for codepage 437 and 850.
-12). Code Page 737 -> ISO-8859-7 (Greek-Hellenic) mapping added.
-13). Character strings now correctly converted from UNIX character set
-format to DOS codepage when read from smb.conf or external passwd or
-group files. Samba is now much more careful about what format external
-strings should be converted to/from.
-14). snprintf crash fix for IRIX 6.2 and below.
-15). Increased timestamp debug fixes (adds milliseconds and uid/pid if
-requested).
-16). Optimisation for wildcard exact match requests.
-17). Win95 wildcard semantics fix - unused code removed.
-18). 'mangle locks' parameter removed. This now done automatically.
-19). setXid() routines re-written to provide asserts and also to fix
-AIX versions prior to 4.1.x.
-20). MSG_WAITALL optimisation removed due to bugs in FreeBSD.
-21). Length fix when writing UNICODE string.
-22). oplock processing added to libsmb client code.
-23). Added more client error message strings.
-24). Fix bug with connecting to encrypted server when non-encrypted
-password given.
-25). In security=domain, password server extended to search for DC's
-if parameter = '*'.
-26). "root did not create samaphore" bug fixed.
-27). random generator initialized early to prevent icons not showing
-up in Win9x.
-28). Logging fix after SIGHUP.
-29). WINS hook external call added when nmbd is a WINS server.
-30). Support for CUPS printer protocol added by Michael Sweet.
-31). Support for NIS+ backend password database updates.
-32). Handle dashes in print job id's. Fix from Dom.Mitchell@palmerharvey.co.uk
-33). Race condition in UNIX password sync on some platforms fixed by Matt.
-34). Dirptr leak from Win98 fixed.
-35). Logic bug in handling of level II oplocks fixed.
-36). smbd crash bug fix when opening directories.
-37). Paranoia oplock fix from Charles Hoch (hoch@exemplary.com)
-38). Fix Win2k problem where DCE/RPC is done on SMBwrite as well as SMBwriteX.
-39). Fix Win95 redirector alignment bug that caused oplock break failures.
-40). Preexec close code added.
-41). Extra sanity checks in testparm code.
-42). oplock tests added to smbtorture.
-43). Tell SWAT user if logged in as root or not.
-44). Solaris packaging fixes donated by VERITAS.
-
-Older release notes for Samba 2.0.x follow.
-
-Previous Release notes for 2.0.5a
----------------------------------
-
-IMPORTANT NOTE !
-----------------
-
-Version 2.0.5a of Samba contains three security bugfixes for
-problems in previous versions of Samba found by Olaf Kirch of
-Caldera Systems (www.caldera.com). The Samba Team would like
-to publicly thank Olaf for his help in doing a security review
-of our code and finding these bugs.
-
-The three bugs are one potentially exploitable buffer overrun
-bug (although no current exploits are known) in smbd and two
-denial of service bugs in nmbd. By default the smbd bug was not
-exploitable as shipped (the problem parameter was disabled by
-default) but instructions on protecting any version of Samba
-prior to 2.0.5 are included below.
-
-All these bugs have been fixed in Samba 2.0.5 and 2.0.5a.
-
-If using any version of Samba prior to 2.0.5 the administrator
-*MUST NOT* enable the "message command" parameter in smb.conf,
-and *MUST* remove any "message command" that is listed in any
-existing smb.conf file. No known instances of this attack being
-exploited have been reported.
-
-All Samba versions of nmbd prior to 2.0.5 are vulnerable to a
-denial of service attack causing nmbd to either crash or to go
-into an infinite loop. No known instances of this attack being
-exploited have been reported.
-
-New/Changed parameters in 2.0.5 and 2.0.5a.
--------------------------------------------
-
-There are 5 new parameters in the smb.conf file.
-
-security mask
-force security mode
-directory security mask
-force directory secruty mode
-level2 oplocks
-
-The first 4 parameters are used to control the UNIX permissions bits
-that an NT client is allowed to modify. These parameters are now
-used instead of the older "create" parameters that were used in
-2.0.4 to allow an administrator to separate the two functions.
-
-Use of these new parameters is described in the smb.conf man page,
-and also in the documents :
-
-docs/textdocs/NT_Security.txt
-docs/htmldocs/NT_Security.html
-
-The fifth new parameter is described in the following section.
-
-Level II oplocks
-----------------
-
-Samba 2.0.5 now implements level2 oplocks. As this is new
-code this parameter is set to "off" by default. The benefit
-of level2 oplocks is to allow read-only file caching from
-multiple clients. This is of great speed benefit to shares
-that are serving application executable programs (.EXE's)
-that are usually not written to. To learn more about using
-level 2 oplocks read the parameter description in the smb.conf
-documentation or read the file :
-
-docs/textdocs/Speed.txt.
-
-Changes in 2.0.5a
------------------
-
-1). Fix for smbd crash bug in string_sub(). smbd was miscalculating
-memmove lengths on multiple '%' substitutions.
-2). Fix for wildcard matching bug for old DOS programs running on Win9x.
-3). Fix for Windows NT client changing passwords against a Samba server,
-intermittently failing.
-4). Fix for PPP link being detected as primary interface if using the
-same IP address as the primary.
-5). Ensure smbmount is built with RPM build.
-
-Changes in 2.0.5
-----------------
-
-1). smbmount for Linux systems has been re-written to use
-the libsmb code and clientutil.c is no longer used with it.
-2). A bug preventing directory opens using the NT SMB calls
-has been fixed.
-3). A related bug causing a file structure leak when directory
-opens were denied has been fixed.
-4). Fix for glibc2.1 bug on 32-bit systems being reported as 64
-bit.
-5). Prevent timestamps of 0 or -1 corrupting file timestamps.
-6). Fix for unusual delays when browsing shares using Windows
-2000 - fix added by Matt.
-7). Fix for smbpassword reading problems on Sparc Linux was fixed.
-8). Fix for compiling with SSL library.
-9). smbclient fix for crash when doing CR/LF conversion.
-10). smbclient now reports short read errors.
-11). smbclient now uses remote server workgroup to list servers by default.
-12). smbclient now has -b option to change transmit/send buffer size.
-13). smbclient fix for corrupting files when issuing multiple outstanding
-read requests.
-14). Printing bug where Linux was using SYSV printing by default fixed.
-Linux now set to be BSD printing by default.
-15). Change for Linux to use SYSV shared memory by default.
-16). Fix for using IP_TOS options on some systems.
-17). Fix for some systems that complained about static struct passwd
-buffers being modified.
-18). Range checking applied to all string substitutions. Theoretically
-not a bug, but much more rebust now.
-19). Level II oplocks implemented.
-20). Fix for Win2K client printing added.
-21). Always allow loopback (127.0.0.1) connects unless specifically denied.
-22). Patch for FreeBSD interface detection code from Archie Cobbs (archie@whistle.com).
-23). Return correct status from smbrun.
-24). snprintf fixes for floating point numbers.
-25). Force directories to always have zero size.
-26). Fix for "force group" and "force user" options. "force user" now
-always uses primary group of user as well. Force group now enhanced with '+'
-semantics (see smb.conf man page for details).
-27). Wildcard matching fix to get closer to WinNT semantics for Win9x clients.
-28). Potential crash bug fixed in wildcard matching code. This bug could also
-cause smbd to sometimes not see exact file matches.
-29). Read/write for sockets changed to use revc/send to allow optimisations
-later.
-30). Oplocks added to client library.
-31). Several purify fixes in IPC code.
-32). nmbd crash bug in processing strange NetBIOS names fixed.
-33). nmbd loop bug in processing strange NetBIOS names fixed.
-34). Paranoia fixes to processing of incoming WinPopup messages in smbd.
-35). Share mode code now auto initialised.
-36). Detect dead processes in IPC lock code.
-37). Explicit -V version switch added to command line processing.
-38). WORKGROUP(1b) name processing with no WINS server fixed.
-39). Win2k client detection code added by Matt.
-40). Fix to allow really short changenotify times to be honoured.
-41). Fix for NT delete finding the wrong file from Tine Smukavec
-(valentin.smukavec@hermes.si)
-42). SWAT fix to prevent stderr messages from breaking the Web client.
-43). testparm fixes to check more parameter conflicts.
-44). Relative paths not fetched via SWAT in CGI scripts.
-45). SWAT remote password change - remote host name not treated as a
-password field any more.
-
-Changes in 2.0.4b
------------------
-
-A bug with MS-Word 97 saving files with zero UNIX permissions
-was fixed. Even though a workaround is available (set force
-create mode = 644 on the share) Word is such an important
-application that a point fix was neccessary.
-
-Changes in 2.0.4a
------------------
-
-The text and html versions of NT_Security were missing from
-the shipping tarball. Also a compile bug for platforms that
-don't have usleep was fixed.
-
-Changes in 2.0.4
-----------------
-
-There are 5 new parameters and one modified parameter in
-the smb.conf file.
-
-allow trusted domains
-restrict anonymous
-mangle locks
-oplock break wait time
-oplock contention limit
-
-The modified parameter is :
-
-nt acl support
-
-Bugfixes added since 2.0.3
---------------------------
-
-1). Fix for 8 character password problem when using HPUX and
-plaintext passwords.
-2). --with-pam option added to ./configure.
-3). Client fixes for memory leak and display of 64 bit values.
-4). Fixes for -E and -s option with smbclient.
-5). smbclient now allows -L //server or -L \\server
-6). smbtar fix for display of 64 bit values.
-7). Endian independence added to DCE/RPC code.
-8). DCE/RPC marshalling/unmarshalling code re-written to provide
-overflow reporting and sign and seal support.
-9). Bind NAK reply packet added to DCE/RPC code, used to correctly
-refuse bind requests (prevents NT system event log messages).
-10). Mapping of UNIX permissions into NT ACL's for get and set
-added.
-11). DCE/RPC enumeration of numbers of shares made dynamic. 
-Samba now has no limit on the number of exported shares seen.
-12). Fix to speed up random number seed generation on /dev/urandom
-being unavailable.
-13). Several memory fixes added by running Purify on the code.
-14). Read from client error messages improved.
-15). Fixed endianness used in UNICODE strings.
-16). Cope with ERRORmoredata in an RPC pipe client call.
-17). Check for malformed responses in nmbd register name.
-18). NT Encrypted password changing from the NT password dialog box
-now fully implmented.
-19). Mangle 64-bit lock ranges into 32-bits (NT bug!) on a 32-bit
-Samba platform.
-20). Allow file to be pseudo-openend in order to read security only.
-21). Improve filename mangling to reduce chance of collisions.
-22). Added code to prevent granting of oplocks when a file is under
-contention.
-23). Added tunable wait time before sending an oplock break request
-to a client if the client caused the break request. Helps with clients
-not responding to oplock breaks.
-24). Always respond negatively to queued local oplock break messages
-before shutdown. This can prevent "freezes" on an oplock error.
-25). Allow admin to restrict logons to correct domain when in domain
-level security.
-26). Added "restrict anonymous" patch from Andy (thwartedefforts@wonky.org)
-to prevent parameter substitution problems with anonymous connections.
-27). Fix SMBseek where seeking to a negative number sets the offset
-to zero.
-28). Fixed problem with mode getting corrupted in trans2 request
-(setting to zero means please ignore it).
-29). Correctly become the authenticated user on an authenticated
-DCE/RPC pipe request.
-30). Correctly reset debug level in nmbd if someone set it on the
-command line.
-31). Added more checking into testparm
-32). NetBench simulator added to smbtorture by Andrew.
-33). Fixed NIS+ option compile (was broken in 2.0.3).
-34). Recursive smbclient directory listing fix. Patch from E. Jay Berkenbilt
-(ejb@ql.org)
-
-Bugfixes added since 2.0.2
---------------------------
-
-1). --with-ssl configure now include ssl include directory. Fix
-from Richard Sharpe.
-2). Patch for configure for glibc2.1 support (large files etc.).
-3). Several bugfixes for smbclient tar mode from Bob Boehmer
-(boehmer@worldnet.att.net) to fix smbclient aborting problems
-when restoring tar files.
-4). Some automount fixes for smbmount.
-5). Attempt to fix the AIX 4.1.x/3.x problems where smbd runs as
-root. As no-one has given us root access to such a server this
-cannot be tested fully, but should work.
-6). Crash bug fix in debug code where *real* uid rather than 
-*effective* uid was being checked before attempting to rotate
-log files. This fix should help a *lot* of people who were
-reporting smbd aborting in the middle of a copy operation.
-7). SIGALRM bugfix to ensure infinate file locks time out.
-8). New code to implement NT ACL reporting for cacls.exe program.
-9). UDP loopback socket rebind fix for Solaris.
-10). Ensure all UNICODE strings are correctly in little-endian
-format.
-11). smbpasswd file locking fix.
-12). Fixes for strncpy problems with glibc2.1.
-13). Ensure smbd correctly reports major and minor version number
-and server type when queried via NT rpc calls.
-14). Bugfix for short mangled names not being pulled off the
-mangled stack correctly.
-15). Fix for mapping of rwx bits being incorrectly overwritten
-when doing ATTRIB.EXE
-16). Fix for returning multiple PDU packets in NT rpc code. Should
-allow multiple shares to be returned correctly).
-17). Improved mapping of NT open access requests into UNIX open
-modes.
-18). Fix for copying files from an NTFS volume that contain
-multiple data forks. Added 'magic' error code NT needs.
-19). Fixed crash bug when primary NT authentication server
-is down, rolls over to secondaries correctly now.
-20). Fixed timeout processing to be timer based. Now will
-always occur even if smbd is under load.
-21). Fixed signed/unsigned problem in quotas code.
-22). Fixed bug where setting the password of a completely fresh
-user would end up setting the account disabled flag.
-23). Improved user logon messages to help admins having
-trouble with user authentication.
-
-Bugfixes added since 2.0.1
---------------------------
-
-Note that due to a critical signal handling bug in 2.0.1,
-this release has been removed and replaced immediately with 
-2.0.2. The Samba Team would like to apologise for any problem
-this may have caused.
-
-1). Fixed smbd looping on SIGCLD problem. This was
-    caused by a missing break statement in a critical
-    piece of code.
-
-Bugfixes added since 2.0.0
---------------------------
-
-1). Autoconf changes for gcc2.7.x and Solaris 2.5/2.6
-2). Autoconf changes to help HPUX configure correctly.
-3). Autoconf changes to allow lock directory to be set.
-4). Client fix to allow port to be set.
-5). clitar fix to send debug messages to stderr.
-6). smbmount race condition fix.
-7). Fix for bug where trying to browse large numbers of shares
-    generated an error from an NT client.
-8). Wrapper for setgroups for SunOS 4.x
-9). Fix for directory deleting failing from multiuser NT.
-10). Fix for crash bug if bitmap was full.
-11). Fix for Linux genrand where /dev/random could cause 
-     clients to timeout on connect if the entropy pool was
-     empty.
-12). The default PASSWD_CHAT may now be overridden in local.h
-13). HPUX printing fixes for default programs.
-14). Reverted (erroneous) code in MACHINE.SID generation that
-     was setting the sid to 0x21 - should be *decimal* 21.
-15). Fix for printing to remote machine under SVR4.
-16). Fix for chgpasswd wait being interrupted with EINTR.
-17). Fix for disk free routine. NT and Win98 now correctly
-     show greater than 2GB disks.
-18). Fix for crash bug in stat cache statistics printing.
-19). Fix for filenames ending in .~xx.
-20). Fix for access check code wait being interrupted with EINTR.
-21). Fix for password changes from "invalid password" to a valid
-     one setting the account disabled bit.
-22). Fix for smbd crash bug in SMBreadraw cache prime code.
-23). Fix for overly zealous lock range overflow reporting.
-24). Fix for large disk disk free reporting (NT SMB code).
-25). Fix for NT failing to truncate files correctly.
-26). Fix for smbd crash bug with SMBcancel calls.
-27). Additional -T flag to nmblookup to do reverse DNS on addresses.
-28). SWAT fix to start/stop smbd/nmbd correctly.
-
-Major changes in Samba 2.0
---------------------------
-
-This is a MAJOR new release of Samba, the UNIX based SMB/CIFS file 
-and print server for Windows systems.
-
-There have been many changes in Samba since the last major release,
-1.9.18.  These have mainly been in the areas of performance and
-SMB protocol correctness.  In addition, a Web based GUI interface
-for configuring Samba has been added.
-
-In addition, Samba has been re-written to help portability to
-other POSIX-based systems, based on the GNU autoconf tool.
-
-There are many major changes in Samba for version 2.0.  Here are 
-some of them:
-
-=====================================================================
-
-1). Speed
----------
-
-Samba has been benchmarked on high-end UNIX hardware as out-performing
-all other SMB/CIFS servers using the Ziff-Davis NetBench benchmark.
-Many changes to the code to optimise high-end performance have been made.
-
-2). Correctness
----------------
-
-Samba now supports the Windows NT specific SMB requests.  This
-means that on platforms that are capable Samba now presents a
-64 bit view of the filesystem to Windows NT clients and is
-capable of handling very large files.
-
-3). Portability
----------------
-
-Samba is now self-configuring using GNU autoconf, removing
-the need for people installing Samba to have to hand configure
-Makefiles, as was needed in previous versions.
-
-You now configure Samba by running "./configure" then "make".  See
-docs/textdocs/UNIX_INSTALL.txt for details.
-
-4). Web based GUI configuration
--------------------------------
-
-Samba now comes with SWAT, a web based GUI config system.  See
-the swat man page for details on how to set it up.
-
-5). Cross protocol data integrity
----------------------------------
-
-An open function interface has been defined to allow 
-"opportunistic locks" (oplocks for short) granted by Samba
-to be seen by other UNIX processes.  This allows complete
-cross protocol (NFS and SMB) data integrety using Samba
-with platforms that support this feature.
-
-6). Domain client capability
-----------------------------
-
-Samba is now capable of using a Windows NT PDC for user
-authentication in exactly the same way that a Windows NT
-workstation does, i.e. it can be a member of a Domain.  See
-docs/textdocs/DOMAIN_MEMBER.txt for details.
-
-7). Documentation Updates
--------------------------
-
-All the reference parts of the Samba documentation (the
-manual pages) have been updated and converted to a document
-format that allows automatic generation of HTML, SGML, and
-text formats.  These documents now ship as standard in HTML
-and manpage format.
-
-=====================================================================
-
-NOTE - Some important option defaults changed
----------------------------------------------
-
-Several parameters have changed their default values.  The most
-important of these is that the default security mode is now user
-level security rather than share level security.
-
-This (incompatible) change was made to ease new Samba installs
-as user level security is easier to use for Windows 95/98 and
-Windows NT clients.
-
-********IMPORTANT NOTE****************
-
-If you have no "security=" line in the [global] section of 
-your current smb.conf and you update to Samba 2.0 you will
-need to add the line :
-
-security=share
-
-to get exactly the same behaviour with Samba 2.0 as you
-did with previous versions of Samba.
-
-********END IMPORTANT NOTE*************
-
-In addition, Samba now defaults to case sensitivity options that
-match a Windows NT server precisely, that is, case insensitive 
-but case preserving.
-
-The default format of the smbpasswd file has also been
-changed for this release, although the new tools will read
-and write the old format, for backwards compatibility.
-
-=====================================================================
-
-NOTE - Primary Domain Controller Functionality
-----------------------------------------------
-
-This version of Samba contains code that correctly implements
-the undocumented Primary Domain Controller authentication
-protocols.  However, there is much more to being a Primary
-Domain Controller than serving Windows NT logon requests.
-
-A useful version of a Primary Domain Controller contains
-many remote procedure calls to do things like enumerate users, 
-groups, and security information, only some of which Samba currently
-implements. In addition, there are outstanding (known) bugs with
-using Samba as a PDC in this release that the Samba Team are actively
-working on. For this reason we have chosen not to advertise and 
-actively support Primary Domain Controller functionality with this
-release.
-
-This work is being done in the CVS (developer) versions of Samba,
-development of which continues at a fast pace.  If you are
-interested in participating in or helping with this development
-please join the Samba-NTDOM mailing list.  Details on joining
-are available at :
-
-<a href="http://samba.org/listproc/">http://samba.org/listproc/</a>
-
-Details on obtaining CVS (developer) versions of Samba
-are available at:
-
-<a href="http://samba.org/cvs.html">http://samba.org/cvs.html</a>
-
-=====================================================================
-
-If you have problems, or think you have found a bug please email 
-a report to :
-
-        <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-        The Samba Team.  
-
-----------------------------------------------------------------------
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-2.0.7.html b/whatsnew/samba-2.0.7.html
deleted file mode 100755
index ed914fc..0000000
--- a/whatsnew/samba-2.0.7.html
+++ /dev/null
@@ -1,866 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team is pleased to announce Samba&nbsp;2.0.7</H2>
-
-<p>
-<pre>
-The Samba Team is pleased to announce Samba 2.0.7.
-
-This is the latest stable release of Samba. This is the
-version that all production Samba servers should be running
-for all current bug-fixes. This version has been tested
-against Windows 2000 and has no *known* issues with that
-release of Windows.
-
-It may be fetched via ftp from :
-
-<a href="/samba/ftp/samba-2.0.7.tar.gz">/samba/ftp/samba-2.0.7.tar.gz </a>
-
-Or just follow the link on the main page of
-your nearest http://samba.org mirror.
-
-Binary packages for supported systems will be made available
-within a short time. A separate announcement will be made
-for the release of these packages.
-
-Offers of binary Samba packages for various systems are 
-welcome and should be sent to <a href="mailto:samba@samba.org">samba@samba.org</a>.
-
-If you have problems, or think you have found a bug please email
-a report to :
-
-        <a href="mailto:samba@samba.org">samba@samba.org</a>
-
-As always, all bugs are our responsibility.
-
-Without further ado, here are the release notes.
-
-Regards,
-
-        The Samba Team.
-
-----------------------------------------------------------------------
-              WHATS NEW IN Samba 2.0.7
-              ========================
-
-This is the latest stable release of Samba. This is the
-version that all production Samba servers should be running
-for all current bug-fixes.
-
-New Documentation in 2.0.7
---------------------------
-
-O'Reilly and Associates have donated their book "Using Samba"
-to the Samba community to be updated in a collaberative way
-along with the Samba software. Starting with this release the
-html of "Using Samba" will be distributed with the Samba software
-as the online documentation for Samba. Bug fixes for the book
-are encouraged as is new material. Please help us make this
-documentation the best it can be for Samba !
-
-SWAT (Samba Web Administration Tool) has been updated to
-add a link to the full text of "Using Samba" from the start
-screen.
-
-Note that this does not mean that the other documentation
-(man pages especially) are being abandoned. The Samba Team
-is still committed to updating and improving *all* the 
-documentation shipped with Samba.
-
-Also, as the source code for the book is moved into a more
-manageable format (not raw HTML) we are committed to making
-it available for editing by all interested parties. The
-current situation of only shipping HTML with the Samba software
-is a first attempt at getting this documentation integrated
-with the Samba software and should not be regarded as the only
-way in which this material will be made available (it was just
-the quickest way to get the book integrated into 2.0.7 :-).
-
-Windows 2000 Issues
--------------------
-
-This version of Samba has been tested with Windows 2000 and
-the five known incompatibilities with Windows 2000 have been
-fixed. See the "Changes in 2.0.7" list below for details.
-
-New/Changed parameters in 2.0.7
--------------------------------
-
-There is a new option to the autoconf "./configure" script.
-This is the "--with-utmp" (and attendant "--without-utmp")
-option. Running configure with this option will cause smbd
-to attempt to use utmp accounting for users who log on and
-log off to the Samba server.
-
-There are 5 new parameters in the smb.conf file.
-
-utmp
-utmp dir
-utmp hostname
-utmp consolidate
-wtmp directory
-
-These parameters are only available if the "--with-utmp"
-option was selected at configure time. The yes/no option "utmp"
-specifies whether utmp records should be recorded on user
-logon/logoff. It defaults to "no". The "utmp dir" and "wtmp dir"
-are string parameters specifying pathnames to the directories containing
-the utmp/wtmp file databases. See the smb.conf man page for more details.
-
-inherit permissions
-
-This boolean parameter causes newly created files and directories
-to inherit their initial permissions from their parent directory.
-This can be very useful in propagating such things as the set-group
-bit in directory heirarchies. See the smb.conf man page for more
-details.
-
-write cache size
-
-This integer parameter specifies (in bytes) the size of a user level
-per-file write cache that smbd will create for an oplocked file. This
-can improve performance significantly for writing files by causing
-writes to be done in large chunk sizes. If this parameter is set (it
-defaults to zero which means no write cache) to the stripe size of
-a raid volume then it will cause writes to be much more efficient.
-Up to 10 write caches can be active simultaneously per smbd (allocated
-for the first 10 oplocked file opens). All normal warnings about the
-dangers of user level caching of data apply. See the smb.conf man page
-for more details.
-
-source environment 
-
-This pathname parameter causes Samba to read a list of environment
-variables from a named file on startup. This can be useful in setting
-up Samba in a clustered environment. See the smb.conf man page for more
-details.
-
-Ability to delete users added
------------------------------
-
-SWAT and smbpasswd can now delete users from the Samba smbpasswd file.
-See the man page for smbpasswd for details.
-
-Roving profile behavior finalized
----------------------------------
-
-The change in behavior with roving profiles (using the "logon home"
-parameter instead of the "logon path" parameter) introduced in 2.0.6
-has been discovered to be consistant with the way Windows NT behaves,
-and has been left as the default action. Please see the additional
-notes in the "logon home" parameter description in the smb.conf man
-page for more details.
-
-Changes in 2.0.7
------------------
-
-1). Fix for the semaphore promblems when compiling Samba with gcc on
-SGI IRIX 6.5.x.
-2). Quota support for Veritas filesystem added by David Lee.
-3). Incoming RPC code re-written to support multiple PDU input from
-the client. This should make the RPC subsystem more robust.
-4). Fix from Ying Chen @ IBM to inline many frequently called functions. This
-decreased CPU usage by 10%.
-5). Fix from Ying Chen @ IBM to use a hash table to lookup entries in the file
-cache. This is a significant improvement over the old linked-list
-lookup code.
-6). smbclient issues with native language support fixed. smbclient
-now uses UNIX filename character sets exclusively when communicating
-with libsmb library.
-7). smbclient fix to not print error messages when "putting" an
-empty file.
-8). smbclient fix to cope with spaces in filenames when recursing.
-9). Improved error reporting in smbclient when getting browse lists.
-10). NetBIOS "scope" now supported in all Samba code/tools.
-11). New mapping from code page 850 to UNIX "roman8" character set.
-12). Fix for crash bug if debug file handle couldn't be opened.
-13). Fix to allow mkdir to correctly set the high order permissions 
-bits for UNIX's that don't allow this by default.
-14). Fix to dynamically allocate group array for setgroups. Don't
-depend on NGROUPS_MAX being correctly defined in header files.
-15). Fix for crash bug in floating point in snprintf.
-16). "Safe" version of popen() included to allow use in code such
-as "source environment" patch.
-17). Fix for SWAT for trailing '\n' in asctime().
-18). Wildcard match fix from weidel@multichart.de for NT wildcard
-processing.
-19). unix_mask_match fixes for "veto files" parameter.
-20). Fix for system call bug when configuring on Linux kernel 2.0.x
-with glibc2.1.x.
-21). SO_REUSEPORT socket option added for HPUX.
-22). All recv() calls changed back to read() to fix Solaris 2.5.x bug.
-23). Some UNICODE conversion fixes. Not complete yet.
-24). NetShareEnum fix for Windows 2000. Don't ask for 64K as Win2k
-can't cope with this (returns "Out of memory" error).
-25). Fixes for cli_error() crashes.
-26). Fix for crash when connecting to password server by DNS name
-not NetBIOS name.
-27). Fix bug in demangling of compacted NetBIOS names.
-28). Fixes for slow locking code for VMS.
-29). Reply to short NetLogon packet in nmbd with short reply.
-30). Correctly allign userdata to prevent crashes in nmbd.
-31). Use talloc() in string buffer rotation code to prevent overwrites.
-32). Added multi-byte awareness to parameter loading code.
-33). Re-wrote password file modification code. We can now delete users
-atomically. Original patch from Bruce Tenison.
-34). Fixed bug in parsing smbpasswd type entries.
-35). Fixes from HP to the windows registry RPC emulation.
-36). Added ability to return RPC fault PDU to unknown calls. Needed to
-allow Windows 2000 to return UNIX permissions as NT ACLs.
-37). utmp code patch from T.D.Lee@durham.ac.uk. Not available on all
-platforms - test with ./configure.
-38). Inherit permissions fix from David Lee.
-39). Added write caching code for oplocked files.
-40). Workaround for new bug in Windows 2000 where NT file create using
-NTtransact call sends UNICODE without bothering to set the UNICODE flag
-bit.
-41). Workaround for new bug in Windows 2000 where it attempts to re-write
-existing ACLs to make them inherit only.
-42). Removed unused mmap code.
-43). Added correct implementation of share mode deny table. We now match
-Windows NT.
-44). Fix recursion bug with group enumeration.
-45). Fix from Bjart Kvarme to take into account changed machine passwords
-that haven't yet propagated from PDC to BDC.
-46). Correctly skip two byte length field when accepting RPC "start of
-message" packets in SMBwriteX on pipes.
-47). Added auto-detection of Windows 2000 clients.
-48). Fix bug with rollback of POSIX locks if a lock in a range fails to
-apply.
-49). Fix bug with registering startup smbd's in flat file.
-50). Ensure usernames are converted correctly between DOS codepages
-and UNIX character sets.
-51). Fix for timestamps being set incorrectly on copied files from
-Paul Eggert.
-52). Fix for parsing HP specific printer definitions in make_printerdef.
-53). Fix for smbclient doing an 'ls' on large directories from OS/2 servers
-from Christoph Pfisterer.
-54). Fix for WINS server code where "do you still want name?" request was
-being sent to the wrong IP address.
-55). Fixed "recursion desired" bits set in nmbd so we are identical to
-Windows NT.
-56). nmbd now should process logon packets from Win95, Win98 and both
-versions of the NT logon packet.
-57). Correctly set parameter offset value for first trans2 reply.
-58). Win2K will only accept volume labels in UNICODE.
-59). Ensure nmbd doesn't attempt to use the loopback interface when
-registering names.
-60). Fixed bug where smbd didn't return '.' or '..' on top level
-share directory listing.
-61). Fix for soft quotas not being set (make them equal to hardquota)
-from Norbert Püschel (Pueschel.Norbert@Walzbarren-VAW.ne.uunet.de).
-62). SWAT fixes for SCO UnixWare (SIGPIPE handling).
-63). Fix for nmbd DOS with redirect recursion.
-64). Fix for log files growing without bound from Mattias Gronlund.
-65). Fix for smbd crash bug in truncate is locked.
-66). Memory leak fix in mangle name code.
-
-Older release notes for Samba 2.0.x follow.
-
-Previous Release notes for 2.0.6
----------------------------------
-
-New/Changed parameters in 2.0.6
--------------------------------
-
-There are 6 new parameters in the smb.conf file.
-
-wins hook
-
-This parameter allows an external program to be called
-on all changes to a Samba WINS database, allowing dynamic
-DNS updates.
-
-debug hires timestamp
-debug pid
-debug uid
-
-The above 3 parameters provide greater debug information.
-
-preexec close
-rootpreexec close
-
-The above 2 parameters control the action taken on the
-success or failure of a 'preexec' script.
-
-There is also one removed parameter.
-
-mangle locks
-
-The addition of these new parameters and the removal of the old
-is described in more detail in the smb.conf man page,
-
-When using "security=domain" the "password server"
-parameter can now be set to the string "*', which will
-cause Samba to search for Domain controllers in the
-same way that Windows NT does. See the smb.conf man
-page for more details.
-
-The "interfaces" parameter in smb.conf can now be dynamically
-detected on startup and can also now take an interface name
-such as eth0. See the smb.conf man page for the details
-on the new features of the "interfaces" parameter.
-nmbd has been enhanced to use this feature.
-
-The syntax for the Linux-specific smbmount command has been changed
-and is now compatible with the standard mount command. See the modified
-smbmount man page for details.
-
-Support for the UNIX CUPS printer standard has been added.
-See www.cups.org for details. Thanks to the folks at Easy Software
-Products for this code. Set the printcap name to "cups" to
-enable this. See the smb.conf man page for details.
-
-Changes in 2.0.6
------------------
-
-1). 64-bit locking removed from Linux autoconf build. This fixes
-several Linux specific locking issues.
-2). Crash bug fix in smbclient recursive processing. Fix from
-E. Jay Berkenbilt (ejb@ql.org).
-3). "history" command added to smbclient if readline available.
-4). smbtar - updates files and directory message on restore.
-5). smbmnt - 'u', 'g', 'r', 'f', 'd' options added by Andrew. See
-man page for details.
-6). smbmount updated to be useable by autofs on Linux. See the
-samba/examples/autofs/README file for details.
-7). Bug fixed where TCP_NODELAY was not being used by default in smbd.
-8). Many oplock fixes. Samba now waits 30 seconds, not 45. Also
-smbd no longer aborts on client break failure, but logs a message
-and continues. This is what NT does. This should fix many "oplock
-break" message problems people have been having.
-9). New code from Andrew to dynamically detect interfaces. nmbd will
-now attempt to dynamically detect interface changes and register names
-as an interface goes "up".
-10). Win95 ioctl for print jobs added by Matt.
-11). Mapping for ISO8859-1 extended for codepage 437 and 850.
-12). Code Page 737 -> ISO-8859-7 (Greek-Hellenic) mapping added.
-13). Character strings now correctly converted from UNIX character set
-format to DOS codepage when read from smb.conf or external passwd or
-group files. Samba is now much more careful about what format external
-strings should be converted to/from.
-14). snprintf crash fix for IRIX 6.2 and below.
-15). Increased timestamp debug fixes (adds milliseconds and uid/pid if
-requested).
-16). Optimisation for wildcard exact match requests.
-17). Win95 wildcard semantics fix - unused code removed.
-18). 'mangle locks' parameter removed. This now done automatically.
-19). setXid() routines re-written to provide asserts and also to fix
-AIX versions prior to 4.1.x.
-20). MSG_WAITALL optimisation removed due to bugs in FreeBSD.
-21). Length fix when writing UNICODE string.
-22). oplock processing added to libsmb client code.
-23). Added more client error message strings.
-24). Fix bug with connecting to encrypted server when non-encrypted
-password given.
-25). In security=domain, password server extended to search for DC's
-if parameter = '*'.
-26). "root did not create samaphore" bug fixed.
-27). random generator initialized early to prevent icons not showing
-up in Win9x.
-28). Logging fix after SIGHUP.
-29). WINS hook external call added when nmbd is a WINS server.
-30). Support for CUPS printer protocol added by Michael Sweet.
-31). Support for NIS+ backend password database updates.
-32). Handle dashes in print job id's. Fix from Dom.Mitchell@palmerharvey.co.uk
-33). Race condition in UNIX password sync on some platforms fixed by Matt.
-34). Dirptr leak from Win98 fixed.
-35). Logic bug in handling of level II oplocks fixed.
-36). smbd crash bug fix when opening directories.
-37). Paranoia oplock fix from Charles Hoch (hoch@exemplary.com)
-38). Fix Win2k problem where DCE/RPC is done on SMBwrite as well as SMBwriteX.
-39). Fix Win95 redirector alignment bug that caused oplock break failures.
-40). Preexec close code added.
-41). Extra sanity checks in testparm code.
-42). oplock tests added to smbtorture.
-43). Tell SWAT user if logged in as root or not.
-44). Solaris packaging fixes donated by VERITAS.
-
-Older release notes for Samba 2.0.x follow.
-
-Previous Release notes for 2.0.5a
----------------------------------
-
-IMPORTANT NOTE !
-----------------
-
-Version 2.0.5a of Samba contains three security bugfixes for
-problems in previous versions of Samba found by Olaf Kirch of
-Caldera Systems (www.caldera.com). The Samba Team would like
-to publicly thank Olaf for his help in doing a security review
-of our code and finding these bugs.
-
-The three bugs are one potentially exploitable buffer overrun
-bug (although no current exploits are known) in smbd and two
-denial of service bugs in nmbd. By default the smbd bug was not
-exploitable as shipped (the problem parameter was disabled by
-default) but instructions on protecting any version of Samba
-prior to 2.0.5 are included below.
-
-All these bugs have been fixed in Samba 2.0.5 and 2.0.5a.
-
-If using any version of Samba prior to 2.0.5 the administrator
-*MUST NOT* enable the "message command" parameter in smb.conf,
-and *MUST* remove any "message command" that is listed in any
-existing smb.conf file. No known instances of this attack being
-exploited have been reported.
-
-All Samba versions of nmbd prior to 2.0.5 are vulnerable to a
-denial of service attack causing nmbd to either crash or to go
-into an infinite loop. No known instances of this attack being
-exploited have been reported.
-
-New/Changed parameters in 2.0.5 and 2.0.5a.
--------------------------------------------
-
-There are 5 new parameters in the smb.conf file.
-
-security mask
-force security mode
-directory security mask
-force directory secruty mode
-level2 oplocks
-
-The first 4 parameters are used to control the UNIX permissions bits
-that an NT client is allowed to modify. These parameters are now
-used instead of the older "create" parameters that were used in
-2.0.4 to allow an administrator to separate the two functions.
-
-Use of these new parameters is described in the smb.conf man page,
-and also in the documents :
-
-docs/textdocs/NT_Security.txt
-docs/htmldocs/NT_Security.html
-
-The fifth new parameter is described in the following section.
-
-Level II oplocks
-----------------
-
-Samba 2.0.5 now implements level2 oplocks. As this is new
-code this parameter is set to "off" by default. The benefit
-of level2 oplocks is to allow read-only file caching from
-multiple clients. This is of great speed benefit to shares
-that are serving application executable programs (.EXE's)
-that are usually not written to. To learn more about using
-level 2 oplocks read the parameter description in the smb.conf
-documentation or read the file :
-
-docs/textdocs/Speed.txt.
-
-Changes in 2.0.5a
------------------
-
-1). Fix for smbd crash bug in string_sub(). smbd was miscalculating
-memmove lengths on multiple '%' substitutions.
-2). Fix for wildcard matching bug for old DOS programs running on Win9x.
-3). Fix for Windows NT client changing passwords against a Samba server,
-intermittently failing.
-4). Fix for PPP link being detected as primary interface if using the
-same IP address as the primary.
-5). Ensure smbmount is built with RPM build.
-
-Changes in 2.0.5
-----------------
-
-1). smbmount for Linux systems has been re-written to use
-the libsmb code and clientutil.c is no longer used with it.
-2). A bug preventing directory opens using the NT SMB calls
-has been fixed.
-3). A related bug causing a file structure leak when directory
-opens were denied has been fixed.
-4). Fix for glibc2.1 bug on 32-bit systems being reported as 64
-bit.
-5). Prevent timestamps of 0 or -1 corrupting file timestamps.
-6). Fix for unusual delays when browsing shares using Windows
-2000 - fix added by Matt.
-7). Fix for smbpassword reading problems on Sparc Linux was fixed.
-8). Fix for compiling with SSL library.
-9). smbclient fix for crash when doing CR/LF conversion.
-10). smbclient now reports short read errors.
-11). smbclient now uses remote server workgroup to list servers by default.
-12). smbclient now has -b option to change transmit/send buffer size.
-13). smbclient fix for corrupting files when issuing multiple outstanding
-read requests.
-14). Printing bug where Linux was using SYSV printing by default fixed.
-Linux now set to be BSD printing by default.
-15). Change for Linux to use SYSV shared memory by default.
-16). Fix for using IP_TOS options on some systems.
-17). Fix for some systems that complained about static struct passwd
-buffers being modified.
-18). Range checking applied to all string substitutions. Theoretically
-not a bug, but much more rebust now.
-19). Level II oplocks implemented.
-20). Fix for Win2K client printing added.
-21). Always allow loopback (127.0.0.1) connects unless specifically denied.
-22). Patch for FreeBSD interface detection code from Archie Cobbs (archie@whistle.com).
-23). Return correct status from smbrun.
-24). snprintf fixes for floating point numbers.
-25). Force directories to always have zero size.
-26). Fix for "force group" and "force user" options. "force user" now
-always uses primary group of user as well. Force group now enhanced with '+'
-semantics (see smb.conf man page for details).
-27). Wildcard matching fix to get closer to WinNT semantics for Win9x clients.
-28). Potential crash bug fixed in wildcard matching code. This bug could also
-cause smbd to sometimes not see exact file matches.
-29). Read/write for sockets changed to use revc/send to allow optimisations
-later.
-30). Oplocks added to client library.
-31). Several purify fixes in IPC code.
-32). nmbd crash bug in processing strange NetBIOS names fixed.
-33). nmbd loop bug in processing strange NetBIOS names fixed.
-34). Paranoia fixes to processing of incoming WinPopup messages in smbd.
-35). Share mode code now auto initialised.
-36). Detect dead processes in IPC lock code.
-37). Explicit -V version switch added to command line processing.
-38). WORKGROUP(1b) name processing with no WINS server fixed.
-39). Win2k client detection code added by Matt.
-40). Fix to allow really short changenotify times to be honoured.
-41). Fix for NT delete finding the wrong file from Tine Smukavec
-(valentin.smukavec@hermes.si)
-42). SWAT fix to prevent stderr messages from breaking the Web client.
-43). testparm fixes to check more parameter conflicts.
-44). Relative paths not fetched via SWAT in CGI scripts.
-45). SWAT remote password change - remote host name not treated as a
-password field any more.
-
-Changes in 2.0.4b
------------------
-
-A bug with MS-Word 97 saving files with zero UNIX permissions
-was fixed. Even though a workaround is available (set force
-create mode = 644 on the share) Word is such an important
-application that a point fix was neccessary.
-
-Changes in 2.0.4a
------------------
-
-The text and html versions of NT_Security were missing from
-the shipping tarball. Also a compile bug for platforms that
-don't have usleep was fixed.
-
-Changes in 2.0.4
-----------------
-
-There are 5 new parameters and one modified parameter in
-the smb.conf file.
-
-allow trusted domains
-restrict anonymous
-mangle locks
-oplock break wait time
-oplock contention limit
-
-The modified parameter is :
-
-nt acl support
-
-Bugfixes added since 2.0.3
---------------------------
-
-1). Fix for 8 character password problem when using HPUX and
-plaintext passwords.
-2). --with-pam option added to ./configure.
-3). Client fixes for memory leak and display of 64 bit values.
-4). Fixes for -E and -s option with smbclient.
-5). smbclient now allows -L //server or -L \\server
-6). smbtar fix for display of 64 bit values.
-7). Endian independence added to DCE/RPC code.
-8). DCE/RPC marshalling/unmarshalling code re-written to provide
-overflow reporting and sign and seal support.
-9). Bind NAK reply packet added to DCE/RPC code, used to correctly
-refuse bind requests (prevents NT system event log messages).
-10). Mapping of UNIX permissions into NT ACL's for get and set
-added.
-11). DCE/RPC enumeration of numbers of shares made dynamic. 
-Samba now has no limit on the number of exported shares seen.
-12). Fix to speed up random number seed generation on /dev/urandom
-being unavailable.
-13). Several memory fixes added by running Purify on the code.
-14). Read from client error messages improved.
-15). Fixed endianness used in UNICODE strings.
-16). Cope with ERRORmoredata in an RPC pipe client call.
-17). Check for malformed responses in nmbd register name.
-18). NT Encrypted password changing from the NT password dialog box
-now fully implmented.
-19). Mangle 64-bit lock ranges into 32-bits (NT bug!) on a 32-bit
-Samba platform.
-20). Allow file to be pseudo-openend in order to read security only.
-21). Improve filename mangling to reduce chance of collisions.
-22). Added code to prevent granting of oplocks when a file is under
-contention.
-23). Added tunable wait time before sending an oplock break request
-to a client if the client caused the break request. Helps with clients
-not responding to oplock breaks.
-24). Always respond negatively to queued local oplock break messages
-before shutdown. This can prevent "freezes" on an oplock error.
-25). Allow admin to restrict logons to correct domain when in domain
-level security.
-26). Added "restrict anonymous" patch from Andy (thwartedefforts@wonky.org)
-to prevent parameter substitution problems with anonymous connections.
-27). Fix SMBseek where seeking to a negative number sets the offset
-to zero.
-28). Fixed problem with mode getting corrupted in trans2 request
-(setting to zero means please ignore it).
-29). Correctly become the authenticated user on an authenticated
-DCE/RPC pipe request.
-30). Correctly reset debug level in nmbd if someone set it on the
-command line.
-31). Added more checking into testparm
-32). NetBench simulator added to smbtorture by Andrew.
-33). Fixed NIS+ option compile (was broken in 2.0.3).
-34). Recursive smbclient directory listing fix. Patch from E. Jay Berkenbilt
-(ejb@ql.org)
-
-Bugfixes added since 2.0.2
---------------------------
-
-1). --with-ssl configure now include ssl include directory. Fix
-from Richard Sharpe.
-2). Patch for configure for glibc2.1 support (large files etc.).
-3). Several bugfixes for smbclient tar mode from Bob Boehmer
-(boehmer@worldnet.att.net) to fix smbclient aborting problems
-when restoring tar files.
-4). Some automount fixes for smbmount.
-5). Attempt to fix the AIX 4.1.x/3.x problems where smbd runs as
-root. As no-one has given us root access to such a server this
-cannot be tested fully, but should work.
-6). Crash bug fix in debug code where *real* uid rather than 
-*effective* uid was being checked before attempting to rotate
-log files. This fix should help a *lot* of people who were
-reporting smbd aborting in the middle of a copy operation.
-7). SIGALRM bugfix to ensure infinate file locks time out.
-8). New code to implement NT ACL reporting for cacls.exe program.
-9). UDP loopback socket rebind fix for Solaris.
-10). Ensure all UNICODE strings are correctly in little-endian
-format.
-11). smbpasswd file locking fix.
-12). Fixes for strncpy problems with glibc2.1.
-13). Ensure smbd correctly reports major and minor version number
-and server type when queried via NT rpc calls.
-14). Bugfix for short mangled names not being pulled off the
-mangled stack correctly.
-15). Fix for mapping of rwx bits being incorrectly overwritten
-when doing ATTRIB.EXE
-16). Fix for returning multiple PDU packets in NT rpc code. Should
-allow multiple shares to be returned correctly).
-17). Improved mapping of NT open access requests into UNIX open
-modes.
-18). Fix for copying files from an NTFS volume that contain
-multiple data forks. Added 'magic' error code NT needs.
-19). Fixed crash bug when primary NT authentication server
-is down, rolls over to secondaries correctly now.
-20). Fixed timeout processing to be timer based. Now will
-always occur even if smbd is under load.
-21). Fixed signed/unsigned problem in quotas code.
-22). Fixed bug where setting the password of a completely fresh
-user would end up setting the account disabled flag.
-23). Improved user logon messages to help admins having
-trouble with user authentication.
-
-Bugfixes added since 2.0.1
---------------------------
-
-Note that due to a critical signal handling bug in 2.0.1,
-this release has been removed and replaced immediately with 
-2.0.2. The Samba Team would like to apologise for any problem
-this may have caused.
-
-1). Fixed smbd looping on SIGCLD problem. This was
-    caused by a missing break statement in a critical
-    piece of code.
-
-Bugfixes added since 2.0.0
---------------------------
-
-1). Autoconf changes for gcc2.7.x and Solaris 2.5/2.6
-2). Autoconf changes to help HPUX configure correctly.
-3). Autoconf changes to allow lock directory to be set.
-4). Client fix to allow port to be set.
-5). clitar fix to send debug messages to stderr.
-6). smbmount race condition fix.
-7). Fix for bug where trying to browse large numbers of shares
-    generated an error from an NT client.
-8). Wrapper for setgroups for SunOS 4.x
-9). Fix for directory deleting failing from multiuser NT.
-10). Fix for crash bug if bitmap was full.
-11). Fix for Linux genrand where /dev/random could cause 
-     clients to timeout on connect if the entropy pool was
-     empty.
-12). The default PASSWD_CHAT may now be overridden in local.h
-13). HPUX printing fixes for default programs.
-14). Reverted (erroneous) code in MACHINE.SID generation that
-     was setting the sid to 0x21 - should be *decimal* 21.
-15). Fix for printing to remote machine under SVR4.
-16). Fix for chgpasswd wait being interrupted with EINTR.
-17). Fix for disk free routine. NT and Win98 now correctly
-     show greater than 2GB disks.
-18). Fix for crash bug in stat cache statistics printing.
-19). Fix for filenames ending in .~xx.
-20). Fix for access check code wait being interrupted with EINTR.
-21). Fix for password changes from "invalid password" to a valid
-     one setting the account disabled bit.
-22). Fix for smbd crash bug in SMBreadraw cache prime code.
-23). Fix for overly zealous lock range overflow reporting.
-24). Fix for large disk disk free reporting (NT SMB code).
-25). Fix for NT failing to truncate files correctly.
-26). Fix for smbd crash bug with SMBcancel calls.
-27). Additional -T flag to nmblookup to do reverse DNS on addresses.
-28). SWAT fix to start/stop smbd/nmbd correctly.
-
-Major changes in Samba 2.0
---------------------------
-
-This is a MAJOR new release of Samba, the UNIX based SMB/CIFS file 
-and print server for Windows systems.
-
-There have been many changes in Samba since the last major release,
-1.9.18.  These have mainly been in the areas of performance and
-SMB protocol correctness.  In addition, a Web based GUI interface
-for configuring Samba has been added.
-
-In addition, Samba has been re-written to help portability to
-other POSIX-based systems, based on the GNU autoconf tool.
-
-There are many major changes in Samba for version 2.0.  Here are 
-some of them:
-
-=====================================================================
-
-1). Speed
----------
-
-Samba has been benchmarked on high-end UNIX hardware as out-performing
-all other SMB/CIFS servers using the Ziff-Davis NetBench benchmark.
-Many changes to the code to optimise high-end performance have been made.
-
-2). Correctness
----------------
-
-Samba now supports the Windows NT specific SMB requests.  This
-means that on platforms that are capable Samba now presents a
-64 bit view of the filesystem to Windows NT clients and is
-capable of handling very large files.
-
-3). Portability
----------------
-
-Samba is now self-configuring using GNU autoconf, removing
-the need for people installing Samba to have to hand configure
-Makefiles, as was needed in previous versions.
-
-You now configure Samba by running "./configure" then "make".  See
-docs/textdocs/UNIX_INSTALL.txt for details.
-
-4). Web based GUI configuration
--------------------------------
-
-Samba now comes with SWAT, a web based GUI config system.  See
-the swat man page for details on how to set it up.
-
-5). Cross protocol data integrity
----------------------------------
-
-An open function interface has been defined to allow 
-"opportunistic locks" (oplocks for short) granted by Samba
-to be seen by other UNIX processes.  This allows complete
-cross protocol (NFS and SMB) data integrety using Samba
-with platforms that support this feature.
-
-6). Domain client capability
-----------------------------
-
-Samba is now capable of using a Windows NT PDC for user
-authentication in exactly the same way that a Windows NT
-workstation does, i.e. it can be a member of a Domain.  See
-docs/textdocs/DOMAIN_MEMBER.txt for details.
-
-7). Documentation Updates
--------------------------
-
-All the reference parts of the Samba documentation (the
-manual pages) have been updated and converted to a document
-format that allows automatic generation of HTML, SGML, and
-text formats.  These documents now ship as standard in HTML
-and manpage format.
-
-=====================================================================
-
-NOTE - Some important option defaults changed
----------------------------------------------
-
-Several parameters have changed their default values.  The most
-important of these is that the default security mode is now user
-level security rather than share level security.
-
-This (incompatible) change was made to ease new Samba installs
-as user level security is easier to use for Windows 95/98 and
-Windows NT clients.
-
-********IMPORTANT NOTE****************
-
-If you have no "security=" line in the [global] section of 
-your current smb.conf and you update to Samba 2.0 you will
-need to add the line :
-
-security=share
-
-to get exactly the same behaviour with Samba 2.0 as you
-did with previous versions of Samba.
-
-********END IMPORTANT NOTE*************
-
-In addition, Samba now defaults to case sensitivity options that
-match a Windows NT server precisely, that is, case insensitive 
-but case preserving.
-
-The default format of the smbpasswd file has also been
-changed for this release, although the new tools will read
-and write the old format, for backwards compatibility.
-
-=====================================================================
-
-NOTE - Primary Domain Controller Functionality
-----------------------------------------------
-
-This version of Samba contains code that correctly implements
-the undocumented Primary Domain Controller authentication
-protocols.  However, there is much more to being a Primary
-Domain Controller than serving Windows NT logon requests.
-
-A useful version of a Primary Domain Controller contains
-many remote procedure calls to do things like enumerate users, 
-groups, and security information, only some of which Samba currently
-implements. In addition, there are outstanding (known) bugs with
-using Samba as a PDC in this release that the Samba Team are actively
-working on. For this reason we have chosen not to advertise and 
-actively support Primary Domain Controller functionality with this
-release.
-
-This work is being done in the CVS (developer) versions of Samba,
-development of which continues at a fast pace.  If you are
-interested in participating in or helping with this development
-please join the Samba-NTDOM mailing list.  Details on joining
-are available at :
-
-http://lists.samba.org/listinfo/samba-ntdom
-
-Details on obtaining CVS (developer) versions of Samba
-are available at:
-
-http://www.samba.org/cvs.html
-
-=====================================================================
-
-If you think you have found a bug please email a report to :
-
-        samba@samba.org
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-        The Samba Team.
-----------------------------------------------------------------------
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-2.2.0.html b/whatsnew/samba-2.2.0.html
deleted file mode 100755
index e15f18d..0000000
--- a/whatsnew/samba-2.2.0.html
+++ /dev/null
@@ -1,146 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team are pleased to announce Samba&nbsp;2.2.0</H2>
-
-<p>
-<pre>
-The Samba Team is pleased to announce a new major release of Samba,
-Samba 2.2.0.
-
-Samba 2.2.0 is available in source form from
-samba.org and all of our mirror sites at the url :
-
-<a href="/samba/ftp/samba-2.2.0.tar.gz">/samba/ftp/samba-2.2.0.tar.gz </a>
-
-Binary packages will be available shortly for many popular platforms.
-Please check the main Web site or email announcements for details.
-
-If you have problems, or think you have found a bug please email
-a report to :
-
-        <a href="mailto:samba@samba.org">samba@samba.org</a>
-
-The WHATSNEW.txt file follows.
-
-As always, any bugs are our responsibility,
-
-Regards,
-
-        The Samba Team.
-
-----------------------------------------------------------------------
-              WHATS NEW IN Samba 2.2.0
-              ========================
-
-This is the official Samba 2.2.0 release. This version of Samba provides
-the following new features and enhancements.
-
-Integration between Windows oplocks and NFS file opens (IRIX and Linux
-2.4 kernel only). This gives complete data and locking integrity between
-Windows and UNIX file access to the same data files.
-
-Ability to act as an authentication source for Windows 2000 clients as
-well as for NT4.x clients.
-
-Integration with the winbind daemon that provides a single
-sign on facility for UNIX servers in Windows 2000/NT4 networks
-driven by a Windows 2000/NT4 PDC. winbind is not included in
-this release, it currently must be obtained separately. We are
-committed to including winbind in a future Samba 2.2.x release.
-
-Support for native Windows 2000/NT4 printing RPCs. This includes
-support for automatic printer driver download.
-
-Support for server supported Access Control Lists (ACLs).
-This release contains support for the following filesystems: 
-
-    Solaris 2.6+ 
-    SGI Irix 
-    Linux Kernel with ACL patch from http://acl.bestbits.at
-	Linux Kernel with XFS ACL support.
-	Caldera/SCO UnixWare
-	IBM AIX
-	FreeBSD (with external patch)
-
-Other platforms will be supported as resources are
-available to test and implement the encessary modules. If
-you are interested in writing the support for a particular
-ACL filesystem, please join the samba-technical mailing
-list and coordinate your efforts. 
- 
-On PAM (Pluggable Authentication Module) based systems - better debugging
-messages and encrypted password users now have access control verified via
-PAM - Note: Authentication still uses the encrypted password database.
- 
-Rewritten internal locking semantics for more robustness.
-This release supports full 64 bit locking semantics on all
-(even 32 bit) platforms. SMB locks are mapped onto POSIX
-locks (32 bit or 64 bit) as the underlying system allows.
-
-Conversion of various internal flat data structures to use
-database records for increased performance and
-flexibility. 
-
-Support for acting as a MS-DFS (Distributed File System) server.
-
-Support for manipulating Samba shares using Windows client tools
-(server manager). Per share security can be set using these tools
-and Samba will obey the access restrictions applied.
-
-Samba profiling support (see below).
-
-Compile time option for enabling a (Virtual file system) VFS layer 
-to allow non-disk resources to be exported as Windows filesystems
-(such as databases etc.).
-
-The documentation in this release has been updated and converted
-from Yodl to DocBook 4.1. There are many new parameters since 2.0.7
-and some defaults have changed.
-
-Profiling support.
-------------------
-Support for collection of profile information. A shared 
-memory area has been created which contains counters for
-the number of calls to and the amount of time spent in
-various system calls and smb transactions. See the file
-profile.h for a complete listing of the information 
-collected. Sample code for a samba pmda (collection agent
-for Performance Co-Pilot) has been included in the pcp
-directory. 
-
-To enable the profile data collection code in samba, you 
-must compile samba with profile support (run configure with 
-the --with-profile option). On startup, collection of data
-is disabled. To begin collecting data use the smbcontrol
-program to turn on profiling (see the smbcontrol man page).
-Profile information collection can be enabled for all smbd
-processes or one or more selected processes. The profiling
-data collected is the aggragate for all processes that have
-profiling enabled.
-
-With samba compiled for profile data collection, you may see
-a very slight degradation in performance even with profiling
-collection turned off. On initial tests with NetBench on an
-SGI Origin 200 server, this degradation was not measureable 
-with profile collection off compared to no profile collection
-compiled into samba. 
-
-With count profile collection enabled on all clients, the 
-degradation was less than 2%. With full profile collection 
-enabled on all clients, the degradation was about 8.5%. 
-
-=====================================================================
-
-If you think you have found a bug please email a report to :
-
-        <a href="mailto:samba@samba.org">samba@samba.org</a>
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-        The Samba Team.  
-
-----------------------------------------------------------------------
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-2.2.1.html b/whatsnew/samba-2.2.1.html
deleted file mode 100755
index a760936..0000000
--- a/whatsnew/samba-2.2.1.html
+++ /dev/null
@@ -1,333 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team are pleased to announce Samba&nbsp;2.2.1</H2>
-
-<p>
-<pre>
-The Samba Team is proud to announce the release of Samba 2.2.1.
-
-This is the latest stable release of Samba. This is the version that all
-production Samba servers should be running for all current bug-fixes.
-
-Samba 2.2.1 is available in source form from samba.org and all of our
-mirror sites at the url
-
-<a href="/samba/ftp/samba-2.2.1a.tar.gz">/samba/ftp/samba-2.2.1a.tar.gz </a>
-
-The release notes follow.
-
-If you think you have found a bug please email a report to :
-
-        <a href="mailto:samba@samba.org">samba@samba.org</a>
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-        The Samba Team.  
-
-----------------------------------------------------------------------
-              WHATS NEW IN Samba 2.2.1:  10th July 2001
-              =========================================
-
-This is the latest stable release of Samba. This is the version that all
-production Samba servers should be running for all current bug-fixes.
-
-New/Changed parameters in 2.2.1
--------------------------------
-
-Added parameters.
------------------
-
-obey pam restrictions
-
-When Samba is configured to use PAM, turns on or off Samba checking
-the PAM account restrictions. Defaults to off.
-
-pam password change
-
-When Samba is configured to use PAM, turns on or off Samba passing
-the password changes to PAM. Defaults to off.
-
-large readwrite
-
-New option to allow new Windows 2000 large file (64k) streaming
-read/write options. Needs a 64 bit underlying operating system
-(for Linux use kernel 2.4 with glibc 2.2 or above). Can improve performance
-by 10% with Windows 2000 clients. Defaults to off. Not as tested
-as some other Samba code paths.
-
-hide unreadable
-
-Prevents clients from seeing the existance of files that cannot
-be read. Off by default.
-
-enhanced browsing
-
-Turn on/off the enhanced Samba browing functionality (*1B names).
-Default is "on". Can prevent eternal machines in workgroups when
-WINS servers are not synchronised.
-
-Removed parameters.
--------------------
-
-domain groups
-domain admin users
-domain guest users
-
-Changes in 2.2.1
------------------
-
-1). "find" command removed for smbclient. Internal code now used.
-2). smbspool updates to retry connections from Michael Sweet.
-3). Fix for mapping 8859-15 characters to UNICODE.
-4). Changed "security=server" to try with invalid username to prevent
-    account lockouts.
-5). Fixes to allow Windows 2000 SP2 clients to join a Samba PDC.
-6). Support for Windows 9x Nexus tools to allow security changes from Win9x.
-7). Two locking fixes added. Samba 2.2.1 now passes the Clarion network
-    lock tester tool for distributed databases.
-8). Preliminary support added for Windows 2000 large file read/write SMBs.
-9). Changed random number generator in Samba to prevent guess attacks.
-10). Fixes for tdb corruption in connections.tdb and file locking brlock.tdb.
-     smbd's clean the tdb files on startup and shutdown.
-11). Fixes for default ACLs on Solaris.
-12). Tidyup of password entry caching code.
-13). Correct shutdowns added for send fails. Helps tdb cleanup code.
-14). Prevent invalid '/' characters in workgroup names.
-15). Removed more static arrays in SAMR code.
-16). Client code is now UNICODE on the wire.
-17). Fix 2 second timstamp resolution everywhere if dos timestamp set to yes.
-18). All tdb opens now going through logging function.
-19). Add pam password changing and pam restrictions code.
-20). Printer driver management improvements (delete driver).
-21). Fix difference between NULL security descriptors and empty
-     security descriptors.
-22). Fix SID returns for server roles.
-23). Allow Windows 2000 mmc to view and set Samba share security descriptors.
-24). Allow smbcontrol to forcibly disconnect a share.
-25). tdb fixes for HPUX, OpenBSD and other OS's that don't have a coherent
-     mmap/file read/write cache.
-26). Fix race condition in returning create disposition for file create/open.
-27). Fix NT rewriting of security descriptors to their canonical form for
-     ACLs.
-28). Fix for Samba running on top of Linux VFAT ftruncate bug.
-29). Swat fixes for being run with xinetd that doesn't set the umask.
-30). Fix for slow writes with Win9x Explorer clients. Emulates Microsoft
-     TCP stack early ack specification error.
-31). Changed lock & persistant tdb directory to /var/cache/samba by default on
-     RedHat and Mandrake as they clear the /var/lock/samba directory on reboot.
-
-Older release notes for Samba 2.2.x follow.
-
------------------------------------------------------------------------------
-The release notes for 2.2.0a follow :
-
-SECURITY FIX
-============
-
-This is a security bugfix release for Samba 2.2.0. This release provides the
-following two changes *ONLY* from the 2.2.0 release.
-
-1). Fix for the security hole discovered by Michal Zalewski (lcamtuf@bos.bindview.com)
-    and described in the security advisory below.
-2). Fix for the hosts allow/hosts deny parameters not being honoured.
-
-No other changes are being made for this release to ensure a security fix only.
-For new functionality (including these security fixes) download Samba 2.2.1
-when it is available.
-
-The security advisory follows :
-
-
-                IMPORTANT: Security bugfix for Samba
-                ------------------------------------
-
-June 23rd 2001
-
-
-Summary
--------
-
-A serious security hole has been discovered in all versions of Samba
-that allows an attacker to gain root access on the target machine for
-certain types of common Samba configuration.
-
-The immediate fix is to edit your smb.conf configuration file and
-remove all occurances of the macro "%m". Replacing occurances of %m
-with %I is probably the best solution for most sites.
-
-Details
--------
-
-A remote attacker can use a netbios name containing unix path
-characters which will then be substituted into the %m macro wherever
-it occurs in smb.conf. This can be used to cause Samba to create a log
-file on top of an important system file, which in turn can be used to
-compromise security on the server.
-
-The most commonly used configuration option that can be vulnerable to
-this attack is the "log file" option. The default value for this
-option is VARDIR/log.smbd. If the default is used then Samba is not
-vulnerable to this attack.
-
-The security hole occurs when a log file option like the following is
-used:
-
-  log file = /var/log/samba/%m.log
-
-In that case the attacker can use a locally created symbolic link to
-overwrite any file on the system. This requires local access to the
-server.
-
-If your Samba configuration has something like the following:
-
-  log file = /var/log/samba/%m
-
-Then the attacker could successfully compromise your server remotely
-as no symbolic link is required. This type of configuration is very
-rare.
-
-The most commonly used log file configuration containing %m is the
-distributed in the sample configuration file that comes with Samba:
-
-  log file = /var/log/samba/log.%m
-
-in that case your machine is not vulnerable to this attack unless you
-happen to have a subdirectory in /var/log/samba/ which starts with the
-prefix "log."
-
-Credit
-------
-
-Thanks to Michal Zalewski (lcamtuf@bos.bindview.com) for finding this
-vulnerability.
-
-
-New Release
------------
-
-While we recommend that vulnerable sites immediately change their
-smb.conf configuration file to prevent the attack we will also be
-making new releases of Samba within the next 24 hours to properly fix
-the problem. Please see http://www.samba.org/ for the new releases.
-
-Please report any attacks to the appropriate authority.
-
-        The Samba Team
-		<a href="mailto:security@samba.org">security@samba.org</a>
-
----------------------------------------------------------------------------
-
-The release notes for 2.2.0 follow :
-
-This is the official Samba 2.2.0 release. This version of Samba provides
-the following new features and enhancements.
-
-Integration between Windows oplocks and NFS file opens (IRIX and Linux
-2.4 kernel only). This gives complete data and locking integrity between
-Windows and UNIX file access to the same data files.
-
-Ability to act as an authentication source for Windows 2000 clients as
-well as for NT4.x clients.
-
-Integration with the winbind daemon that provides a single
-sign on facility for UNIX servers in Windows 2000/NT4 networks
-driven by a Windows 2000/NT4 PDC. winbind is not included in
-this release, it currently must be obtained separately. We are
-committed to including winbind in a future Samba 2.2.x release.
-
-Support for native Windows 2000/NT4 printing RPCs. This includes
-support for automatic printer driver download.
-
-Support for server supported Access Control Lists (ACLs).
-This release contains support for the following filesystems: 
-
-    Solaris 2.6+ 
-    SGI Irix 
-    Linux Kernel with ACL patch from http://acl.bestbits.at
-	Linux Kernel with XFS ACL support.
-	Caldera/SCO UnixWare
-	IBM AIX
-	FreeBSD (with external patch)
-
-Other platforms will be supported as resources are
-available to test and implement the encessary modules. If
-you are interested in writing the support for a particular
-ACL filesystem, please join the samba-technical mailing
-list and coordinate your efforts. 
- 
-On PAM (Pluggable Authentication Module) based systems - better debugging
-messages and encrypted password users now have access control verified via
-PAM - Note: Authentication still uses the encrypted password database.
- 
-Rewritten internal locking semantics for more robustness.
-This release supports full 64 bit locking semantics on all
-(even 32 bit) platforms. SMB locks are mapped onto POSIX
-locks (32 bit or 64 bit) as the underlying system allows.
-
-Conversion of various internal flat data structures to use
-database records for increased performance and
-flexibility. 
-
-Support for acting as a MS-DFS (Distributed File System) server.
-
-Support for manipulating Samba shares using Windows client tools
-(server manager). Per share security can be set using these tools
-and Samba will obey the access restrictions applied.
-
-Samba profiling support (see below).
-
-Compile time option for enabling a (Virtual file system) VFS layer 
-to allow non-disk resources to be exported as Windows filesystems
-(such as databases etc.).
-
-The documentation in this release has been updated and converted
-from Yodl to DocBook 4.1. There are many new parameters since 2.0.7
-and some defaults have changed.
-
-Profiling support.
-------------------
-Support for collection of profile information. A shared 
-memory area has been created which contains counters for
-the number of calls to and the amount of time spent in
-various system calls and smb transactions. See the file
-profile.h for a complete listing of the information 
-collected. Sample code for a samba pmda (collection agent
-for Performance Co-Pilot) has been included in the pcp
-directory. 
-
-To enable the profile data collection code in samba, you 
-must compile samba with profile support (run configure with 
-the --with-profile option). On startup, collection of data
-is disabled. To begin collecting data use the smbcontrol
-program to turn on profiling (see the smbcontrol man page).
-Profile information collection can be enabled for all smbd
-processes or one or more selected processes. The profiling
-data collected is the aggragate for all processes that have
-profiling enabled.
-
-With samba compiled for profile data collection, you may see
-a very slight degradation in performance even with profiling
-collection turned off. On initial tests with NetBench on an
-SGI Origin 200 server, this degradation was not measureable 
-with profile collection off compared to no profile collection
-compiled into samba. 
-
-With count profile collection enabled on all clients, the 
-degradation was less than 2%. With full profile collection 
-enabled on all clients, the degradation was about 8.5%. 
-
-=====================================================================
-
-If you think you have found a bug please email a report to :
-
-<a href="mailto:samba@samba.org">samba@samba.org</a>
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-        The Samba Team.  
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-2.2.10.html b/whatsnew/samba-2.2.10.html
deleted file mode 100755
index f02f990..0000000
--- a/whatsnew/samba-2.2.10.html
+++ /dev/null
@@ -1,436 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>Security Release - Samba 2.2.10 Available for Download</H2>
-
-<p>
-<pre>
-                 ==============================
-                 Release Notes for Samba 2.2.10
-                          July 22, 2004
-                 ==============================
-
-
-######################## SECURITY RELEASE ########################
-
-Summary:       Potential Buffer Overrun in Samba 2.2.x
-CVE ID:        CAN-2004-0686
-               (http://cve.mitre.org/)
-
-This is the latest stable release of the Samba 2.2 code base.
-There are no further Samba 2.2.x releases planned at this time.
-
--------------
-CAN-2004-0686
--------------
-
-Affected Versions:      Samba 2.2.0 through 2.2.9
-
-A buffer overrun has been located in the code used to support
-the 'mangling method = hash' smb.conf option.   Affected Samba
-2.2 installations can avoid this possible security bug by using
-the hash2 mangling method.  Server installations requiring
-the hash mangling method are encouraged to upgrade to Samba v2.2.10
-or v3.0.5.
-
-
-The source code can be downloaded from :
-
-    <a href="/samba/ftp">http://download.samba.org/samba/ftp/</a>
-
-in the file samba-2.2.10.tar.gz.  The uncompressed archive has
-been signed using the Samba Distribution Key.
-
-Our code, Our bugs, Our responsibility (<a href="https://bugzilla.samba.org/">Samba Bugzilla</a>).
-
-                           -- The Samba Team
-
-Older releases notes for 2.2.x distributions follow
-
-       ------------------------------------------------------
-
-                 =============================
-                 Release Notes for Samba 2.2.9
-                          May 8, 2004
-                 =============================
-
-This is the latest stable release of the Samba 2.2 code base.
-This is a maintenance release of Samba 2.2.8a to address the
-problem with user password changes after applying the Microsoft
-hotfix described in KB828741 to Windows NT 4.0/200x/XP clients.
-No other changes have been applied since Samba 2.2.8a.
-
-There are no further Samba 2.2.x releases planned at this time.
-
-
-The source code can be downloaded from :
-
-    <a href="/samba/ftp">http://download.samba.org/samba/ftp/</a>
-
-in the file samba-2.2.9.tar.gz.  The uncompressed archive has 
-been signed using the Samba Distribution Key.
-
-As always, all bugs are our responsibility.
-
-                           --Sincerely
-                           The Samba Team
-
-       ------------------------------------------------------
-
-            ===========================================
-            What's new in Samba 2.2.8a - 7th April 2003
-            ===========================================
-
-             ****************************************
-             * IMPORTANT: Security bugfix for Samba *
-             ****************************************
-
-Summary
--------
-
-Digital Defense, Inc. has alerted the Samba Team to a serious
-vulnerability in all stable versions of Samba currently shipping.
-The Common Vulnerabilities and Exposures (CVE) project has assigned
-the ID CAN-2003-0201 to this defect.
-
-This vulnerability, if exploited correctly, leads to an anonymous
-user gaining root access on a Samba serving system. All versions
-of Samba up to and including Samba 2.2.8 are vulnerable. An active
-exploit of the bug has been reported in the wild. Alpha versions of
-Samba 3.0 and above are *NOT* vulnerable.
-
-
-Credit
-------
-
-The Samba Team would like to thank Erik Parker and the team at
-Digital Defense, Inc. for their efforts spent in the responsible
-and timely reporting of this bug.
-
-
-Patch Availability
-------------------
-
-The Samba 2.2.8a release contains only updates to address this
-security issue. A roll-up patch for release 2.2.7a and 2.0.10
-addressing both CAN-2003-0201 and CAN-2003-0085 can be obtained
-from http://www.samba.org/samba/ftp/patches/security/.
-
-
-            ========================================
-
-
-The release notes for 2.2.8 follow:
-
-            ****************************************
-            * IMPORTANT: Security bugfix for Samba *
-            ****************************************
-
-
-Summary
--------
-
-The SuSE security audit team, in particular <a href="mailto:krahmer@suse.de">Sebastian 
-Krahmer</a>, has found a flaw in the Samba main smbd code which
-could allow an external attacker to remotely and anonymously gain
-Super User (root) privileges on a server running a Samba server.
-
-This flaw exists in previous versions of Samba from 2.0.x to 2.2.7a
-inclusive.  This is a serious problem and all sites should either
-upgrade to Samba 2.2.8 immediately or prohibit access to TCP ports 139
-and 445. Advice created by Andrew Tridgell, the leader of the Samba Team,
-on how to protect an unpatched Samba server is given at the end of this
-section.
-
-The SMB/CIFS protocol implemented by Samba is vulnerable to many
-attacks, even without specific security holes.  The TCP ports 139 and
-the new port 445 (used by Win2k and the Samba 3.0 alpha code in
-particular) should never be exposed to untrusted networks.
-
-Description
------------
-
-A buffer overrun condition exists in the SMB/CIFS packet fragment
-re-assembly code in smbd which would allow an attacker to cause smbd
-to overwrite arbitrary areas of memory in its own process address
-space. This could allow a skilled attacker to inject binary specific
-exploit code into smbd.
-
-This version of Samba adds explicit overrun and overflow checks on
-fragment re-assembly of SMB/CIFS packets to ensure that only valid
-re-assembly is performed by smbd.
-
-In addition, the same checks have been added to the re-assembly
-functions in the client code, making it safe for use in other
-services.
-
-Credit
-------
-
-This security flaw was discovered and reported to the Samba Team by
-Sebastian Krahmer <krahmer@suse.de> of the SuSE Security Audit Team.
-The fix was prepared by Jeremy Allison and reviewed by engineers from
-the Samba Team, SuSE, HP, SGI, Apple, and the Linux vendor engineers
-on the Linux Vendor security mailing list.
-
-The Samba Team would like to thank SuSE and Sebastian Krahmer for
-their excellent auditing work and for drawing attention to this flaw.
-
-Patch Availability
------------------
-
-As this is a security issue, patches for this flaw specific to earlier
-versions of Samba will be posted on the samba-technical@samba.org
-mailing list as requested.
-
-
-************************************
-Protecting an unpatched Samba server
-************************************
-
-  Samba Team, March 2003
-
-  This is a note on how to provide your Samba server some
-  protection against the recently discovered remote security
-  hole if you are unable to upgrade to the fixed version
-  immediately. Even if you do upgrade you might like to think
-  about the suggestions in this note to provide you with
-  additional levels of protection.
-
-
-  Using host based protection
-  ---------------------------
-
-  In many installations of Samba the greatest threat comes for
-  outside your immediate network. By default Samba will accept
-  connections from any host, which means that if you run an
-  insecure version of Samba on a host that is directly
-  connected to the Internet you can be especially vulnerable.
-
-  One of the simplest fixes in this case is to use the 'hosts
-  allow' and 'hosts deny' options in the Samba smb.conf
-  configuration file to only allow access to your server from a
-  specific range of hosts. An example might be:
-
-
-    hosts allow = 127.0.0.1 192.168.2.0/24 192.168.3.0/24
-    hosts deny = 0.0.0.0/0
-
-  The above will only allow SMB connections from 'localhost'
-  (your own computer) and from the two private networks
-  192.168.2 and 192.168.3. All other connections will be
-  refused connections as soon as the client sends its first
-  packet. The refusal will be marked as a 'not listening on
-  called name' error.
-
-
-  Using interface protection
-  --------------------------
-
-  By default Samba will accept connections on any network
-  interface that it finds on your system. That means if you
-  have a ISDN line or a PPP connection to the Internet then
-  Samba will accept connections on those links. This may not be
-  what you want.
-
-  You can change this behavior using options like the
-  following:
-
-    interfaces = eth* lo
-    bind interfaces only = yes
-
-  that tells Samba to only listen for connections on interfaces
-  with a name starting with 'eth' such as eth0, eth1, plus on
-  the loopback interface called 'lo'. The name you will need to
-  use depends on what OS you are using. In the above I used the
-  common name for ethernet adapters on Linux.
-
-  If you use the above and someone tries to make a SMB
-  connection to your host over a PPP interface called 'ppp0',
-  they will get a TCP connection refused reply. In that
-  case no Samba code is run at all as the operating system has
-  been told not to pass connections from that interface to any
-  process.
-
-
-  Using a firewall
-  ----------------
-
-  Many people use a firewall to deny access to services that
-  they don't want exposed outside their network. This can be a
-  very good idea, although I would recommend using it in
-  conjunction with the above methods so that you are protected
-  even if your firewall is not active for some reason.
-
-  If you are setting up a firewall then you need to know what
-  TCP and UDP ports to allow and block. Samba uses the
-  following:
-
-    UDP/137    - used by nmbd
-    UDP/138    - used by nmbd
-    TCP/139    - used by smbd
-    TCP/445    - used by smbd
-
-  The last one is important as many older firewall setups may
-  not be aware of it, given that this port was only added to
-  the protocol in recent years.
-
-
-  Using a IPC$ share deny
-  -----------------------
-
-  If the above methods are not suitable, then you could also
-  place a more specific deny on the IPC$ share that is used in
-  the recently discovered security hole. This allows you to
-  offer access to other shares while denying access to IPC$
-  from potentially untrustworthy hosts.
-
-  To do that you could use:
-
-    [ipc$]
-        hosts allow = 192.168.115.0/24 127.0.0.1
-        hosts deny = 0.0.0.0/0
-
-  this would tell Samba that IPC$ connections are not allowed
-  from anywhere but the two listed places (localhost and a
-  local subnet). Connections to other shares would still be
-  allowed. As the IPC$ share is the only share that is always
-  accessible anonymously this provides some level of protection
-  against attackers that do not know a username/password for
-  your host.
-
-
-  If you use this method then clients will be given a 'access
-  denied' reply when they try to access the IPC$ share. That
-  means that those clients will not be able to browse shares,
-  and may also be unable to access some other resources.
-
-  I don't recommend this method unless you cannot use one of
-  the other methods listed above for some reason.
-
-
-  Upgrading Samba
-  ---------------
-
-  Of course the best solution is to upgrade Samba to a version
-  where the bug has been fixed. If you wish to also use one of
-  the additional measures above then that would certainly be a
-  good idea.
-
-  Please check regularly on http://www.samba.org/ for updates
-  and important announcements.
-
-
-            ****************************************
-            ****************************************
-
------------------------------------------------------------------
-
-Changes since 2.2.7a
---------------------
-
-New Parameters
-
-    * acl compatibility
-
-Additional Changes:
-    See the cvs log for SAMBA_2_2 for more details
-
-1)  smbumount lazy patch from Mandrake
-2)  Check for too many processes *before* the fork.
-3)  make sure we don't run over the end of 'name' in unix_convert()
-4)  set umask to 0 before creating socket directory.
-5)  Fix the LARGE_SMB_OFF_T problems and allow smbd to do the right
-    thing in interactive mode when a log file dir is also specified.
-6)  Fix delete on close semantics to match W2K.
-7)  Correctly return access denied on share mode deny when we can't
-    open the file.
-8)  Always use safe_strcpy not pstrcpy for malloc()'d strings
-9)  Fixes for HP-UX only having limited POSIX lock range
-10) Added uid/gid caching code. Reduces load on winbindd.
-11) Removed extra copy of server name in the printername field (it was
-    mangling the the name to be \\server\\\server\printer
-12) Fix dumb perror used without errno being set.
-13) Do retries correctly if the connection to the DC has failed.
-14) Correctly check for inet_addr fail.
-15) Ensure we use getgrnam() unless BROKEN_GETGRNAM is defined.
-16) Fix for missing if (setting_acls) on default perms.
-17) Fix to cache the sidtype
-18) fix printer settings on Solaris (big-endian) print servers.
-    ASCII -> UNICODE conversion bug.
-19) Small fix check correct error return.
-20) Ensure space_avail is unsigned.
-21) patch to check for a valid [f]chmod_acl function pointer
-    before calling it.  Fixes seg fault in audit VFS module
-22) When checking is_locked() new WRITE locks conflict with existing
-    READ locks even if the context is the same.
-23) Merge off-by-one crash fixes from HEAD
-24) Move off-by-one buggy malloc()/safe_strcpy() combination to
-    strdup() instead.
-25) Merge from HEAD. Use pstrcpy not safe_strcpy.
-26) Fix to allow blocking lock notification to be done rapidly (no wait
-    for smb -> smb lock release). Adds new PENDING_LOCK type to lockdb
-    (does not interfere with existing locks).
-27) Doxygen cleanups for code documentation
-28) limit the unix domain sockets used by winbindd  by adding a
-    "last_access" field to winbindd connections, and will close
-    the oldest idle connection once the number of open connections goes
-    over WINBINDD_MAX_SIMULTANEOUS_CLIENTS (defined in local.h as 200
-    currently)
-29) Fix a couple of string handling errors in smbd/dir.c that would
-    cause smbd to crash
-30) Fix seg fault in smbpasswd when specifying the new password
-    as a command line argument
-31) Correct 64-but file sizes issues with smbtar and smbclient
-32) Add batch mode option to pdbedit
-33) Add protection in nmbd against malformed reply packets
-34) Fix bug with sendfile profiling support in smbstatus output
-35) Correct bug in "hide unreadable" smb.conf parameter that
-    resulted in incorrect directory listings
-36) Fix bug in group enumeration in winbindd
-37) Correct build issues with libsmbclient on Solaris
-38) Fix memory leak and bad pointer dereference in password
-    changing code in smbd
-39) Fix for changing attributes on a file truncate
-40) Ensure smbd process count never gets to -1 if limiting number
-    of processes
-41) Ensure we return disk full by default on short writes
-42) Don't delete jobs submitted after the lpq time
-43) Fix reference count bug where smbds would not terminate
-    with no open resources
-44) Performance fix when using quota support on HP-UX
-45) Fixes for --with-ldapsam
-    * Default to port 389 when "ldap ssl != on"
-    * add support for rebinding to the master directory server
-      for password changes when "ldap server" points to a read-only
-      slave
-46) Add -W and -X command line flags to smbpasswd for extracting and
-    setting the machine/domain SID in secrets.tdb.  See the
-    smbpasswd(8) man page for details.
-47) Added (c) Luke Howard to winbind_nss_solaris.c for coded
-    obtained from PADL's nss_ldap library.
-48) Fix bug in samr_dispinfo query in winbindd
-49) Fix segfault in NTLMSSP password changing code for
-    guest connections
-50) Correct pstring/fstring mismatches
-51) Send level II oplock break requests synchronously to prevent
-    condition where one smbd would continually lock a share entry
-    in locking.tdb
-52) Miscellaneous cleanups for tdb error conditions and appending
-    data in a record
-53) Implement correct open file truncate semantics with DOS
-    attributes
-54) Enforce wide links = no on files as well as directories
-55) Include shared library checks for Stratus VOS
-56) Include support for CUPS printer classes and logging the remote
-    client name
-57) Include  "WinXP" (Windows XP) and "Win2K3" (Windows .NET) values
-    for %a
-58) Increase the max PDU size to deal with some troublesome printer
-    drivers and Windows NT 4.0 clients
-59) increment the process counter immediately after the fork
-    (not just when we receive the first smb packet)
-60) Ensure rename sets errno correctly
-61) Unify ACL code (back-port from 3.0)
-62) Fix some further issues around off_t and large offsets
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-2.2.2.html b/whatsnew/samba-2.2.2.html
deleted file mode 100755
index 1c0aeac..0000000
--- a/whatsnew/samba-2.2.2.html
+++ /dev/null
@@ -1,550 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team are pleased to announce Samba&nbsp;2.2.2</H2>
-
-<p>
-<pre>
-The Samba Team is proud to announce the release of Samba 2.2.2.
-
-This is the latest stable release of Samba. This is the version that all
-production Samba servers should be running for all current bug-fixes.
-
-There are several important oplock logic bugs that have been fixed in
-this release, so an upgrade is recommended.
-
-Samba 2.2.2 is available in source form from samba.org and all of our
-mirror sites at the url
-
-<a href="/samba/ftp/samba-2.2.2.tar.gz">/samba/ftp/samba-2.2.2.tar.gz </a>
-
-The release notes follow.
-
-If you think you have found a bug please email a report to :
-
-        <a href="mailto:samba@samba.org">samba@samba.org</a>
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-        The Samba Team.  
-
-----------------------------------------------------------------------
-              WHATS NEW IN Samba 2.2.2: 13th October 2001
-              ===========================================
-
-This is the latest stable release of Samba. This is the version that all
-production Samba servers should be running for all current bug-fixes.
-
-There are several important oplock logic bugs that have been fixed in
-this release, so an upgrade is recommended.
-
-New daemon included - winbindd
-------------------------------
-
-Samba 2.2.2 is the first release to include the winbind daemon.
-This code allows UNIX systems that implement the name service
-switch (nss) to be entered into a Windows NT/2000 domain and
-use the Domain controller for all user and group enumeration.
-
-This allows a Samba server added to a Windows domain to serve
-file and print services with *NO* local users needed in /etc/passwd
-and /etc/group - all users and groups are read directly from the
-Windows domain controller. In addition with pam_winbind which allows
-a PAM enabled UNIX system to use a Windows domain for authentication
-service this allows single sign on and account control across
-UNIX and Windows systems.
-
-The current version of winbindd shipped in 2.2.2 does have some
-memory leaks, which will be addressed for the next Samba release,
-so it is advisable to monitor the winbind process. This code is
-being used in production by several vendors, so the leaks are
-managable. In addition, this version of winbind does not work
-correctly against a Samba PDC, due to some missing calls on the
-PDC side. These problems are being addressed for the next Samba
-release, but it was thought better to release the code now rather
-than delay the main Samba code to match the winbind release schedule.
-
-For more information on using winbind, see the man pages for 
-winbindd and wbinfo.
-
-Note that winbindd is not installed by default.
-
-New/Changed parameters in 2.2.2
--------------------------------
-
-For more information on these parameters, see the man pages for
-smb.conf.
-
-Added/changed parameters.
--------------------------
-
-strict allocate
-
-Causes Samba not to create UNIX 'sparse' files, but to follow the
-Windows behaviour of always allocating on-disk space.
-
-use mmap
-
-Set to 'on' by default, only set to 'off' on HPUX 11.x or below or other
-UNIX systems that don't have coherent mmap/read-write internal caches.
-You should not need to set this parameter.
-
-nt acl support
-
-This parameter has been changed to a per-share option, and is very
-useful in enabling Windows 2000 SP2 to load/save profiles from a 
-Samba share.
-
-New printing parameters.
-------------------------
-
-disable spoolss
-
-Setting this parameter causes Samba to go back to the old 2.0.x
-LANMAN printing behaviour, for people who wish to disable the
-new SPOOLSS pipe.
-
-use client driver
-
-Causes Windows NT/2000 clients to need have a local printer driver
-installed and to treat the printer as local.
-
-New LDAP parameters.
---------------------
-
-Samba 2.2.2 contains new code to maintain a Samba SAM database
-on a remote LDAP server. These parameters have been added as
-part of this code. These parameters are only available when Samba
-has been compiled with the --with-ldapsam option.
-
-ldap admin dn
-ldap ssl
-
-New SSL parameters.
--------------------
-
-The SSL support in Samba has been fixed. These new parameters
-are part of the changes added. These parameters are only available
-when Samba has been compiled with the --with-ssl option. 
-Please see the smb.conf man page for details.
-
-ssl egd socket
-ssl entropy file
-ssl entropy bytes
-
-New winbindd parameters.
-------------------------
-
-These parameters are used by winbindd. See the man page for
-winbindd for details.
-
-winbind separator
-winbind uid
-winbind gid
-winbind cache time
-winbind enum users
-winbind enum groups
-template homedir
-template shell
-
-Removed parameters.
--------------------
-
-share modes
-ldap root
-ldap root passwd
-
-New Documentation.
-------------------
-
-Some new README's have been added in the docs/ directory. These cover
-using roving profiles with Windows 2000 SP2 (docs/README.Win2kSP2),
-and how to use Samba to help prevent Windows virus spread
-(docs/README.Win32-Viruses).
-
-Quota problems on a Linux 2.4 kernel.
--------------------------------------
-
-Currently the quota interfaces have diverged between the Linus
-2.4.x kernels and the Alan Cox 2.4.x kernels (the Alan Cox varients
-are shipped with RedHat). Running quota-enabled Samba compiled on
-an Alan Cox kernel works correctly on an Alan Cox kernel (the one
-shipped by default with RedHat 7.x) but fails on a Linus kernel.
-
-This is a mess, and hopefully Alan and Linus will sort it out soon.
-In the meantime we need to ship.....
-
-Changes in 2.2.2
------------------
-
-1). mmap tdb code disabled on HPUX. This should prevent the reports of
-tdb corruption on HPUX.
-2). Large file support set to off in Solaris 5.5 and below.
-3). Better CUPS detection.
-4). New SAM (password database) backends - smbpasswd (traditional),
-LDAP, NIS+ and Samba TDB.
-5). Quota fixups on Linux.
-6). libsmbclient stand-alone code added. Can be built as a shared library
-under Linux.
-7). Tru64 ACL suppport added.
-8). winbindd option added.
-9). Realloc fail tidyup fixes all over the code.
-10). Large improvement in hash table code efficiency - would be found with
-large stat caches.
-11). Error code consistency improved (still needs more work).
-12). Profile shared memory support added to nmbd.
-13). New Windows 2000/NT passthrough info levels added.
-14). readraw/writeraw code rewritten - many bugs fixed.
-15). UNIX password sync (non pam) code fixed, use correct wildcard matcher.
-16). Reverse DNS lookup avoided on socket open.
-17). Bug preventing nmbd re-registering names on WINS server timeout fixed.
-18). Zero length byte range lock code added. Much closer to Windows semantics.
-19). Alignment fault fixes for Linux/Alpha.
-20). Error checking on tdb returns vastly improved.
-21). Handling of delete on close fixed. No longer possible to leave 'dead'
-file entries.
-22). Handling of oplock break failure cleanups improved. Should not be
-able to leave 'dead' entries.
-23). Fix handling of errors trying to set 64 bit locks on 32 bit NFS mounts.
-24). Misc. MS-DFS code fixes.
-25). Ignore logon packets if not a PDC (needed for PDC/BDC failover).
-26). winbind pam module added.
-27). Order N^^2 enumeration of printers problem fixed.
-28). Password backend database code re-ordered to allow different password
-backends (at compile time currently).
-29). Improved print driver version detection for Windows 2000.
-30). Driver DEVMODE initialization fixes.
-31). Improved SYSV print parse code.
-32). Fixed enumeration of large numbers of users/groups from Windows clients.
-Code still too slow.
-33). Fix for buggy NetApp RPC pipe clients.
-34). Fix for NT sending multiple SetPrinterDataEx calls.
-35). Fix for logic bug where smbd could delay oplock break request messages
-from other smbd daemons whilst client kept us busy.
-36). Fix deadlock problem with connections tdb on enumeration.
-37). Fixes for setting/getting NT ACLs - improved POSIX mapping both ways.
-38). Removed unused readbmpx/writebmpx code.
-39). Attempt to fix Linux 2.4.x quota mess.
-40). Improved ctemp code for Windows 2000 compatibilty.
-41). Finally understood difference between set EOF and set allocation requests.
-Added strict allocate parameter to help.
-42). Correctly return name types on name to SID lookups.
-43). tdb spinlock code update.
-44). Use pread/pwrite on systems that have it to fix race condition in tdb code.
-
-Older release notes for Samba 2.2.x follow.
-
------------------------------------------------------------------------------
-The release notes for 2.2.1a follow :
-
-This is a minor bugfix release for 2.2.1, *NOT* security related.
-
-1). 2.2.1 had a bug where using smbpasswd -m to add a Windows NT or
-Windows2000 machine into a Samba hosted PDC would fail due to our
-stricter user name checking. We were disallowing user names
-containing '$', which is needed when using smbpasswd to add a
-machine into a domain. Automatically adding machines (using the
-native Windows tools) into a Samba domain worked correctly.
-
-2.2.1a fixes this single problem.
-
------------------------------------------------------------------------------
-The release notes for 2.2.1 follow :
-
-New/Changed parameters in 2.2.1
--------------------------------
-
-Added parameters.
------------------
-
-obey pam restrictions
-
-When Samba is configured to use PAM, turns on or off Samba checking
-the PAM account restrictions. Defaults to off.
-
-pam password change
-
-When Samba is configured to use PAM, turns on or off Samba passing
-the password changes to PAM. Defaults to off.
-
-large readwrite
-
-New option to allow new Windows 2000 large file (64k) streaming
-read/write options. Needs a 64 bit underlying operating system
-(for Linux use kernel 2.4 with glibc 2.2 or above). Can improve performance
-by 10% with Windows 2000 clients. Defaults to off. Not as tested
-as some other Samba code paths.
-
-hide unreadable
-
-Prevents clients from seeing the existance of files that cannot
-be read. Off by default.
-
-enhanced browsing
-
-Turn on/off the enhanced Samba browing functionality (*1B names).
-Default is "on". Can prevent eternal machines in workgroups when
-WINS servers are not synchronised.
-
-Removed parameters.
--------------------
-
-domain groups
-domain admin users
-domain guest users
-
-Changes in 2.2.1
------------------
-
-1). "find" command removed for smbclient. Internal code now used.
-2). smbspool updates to retry connections from Michael Sweet.
-3). Fix for mapping 8859-15 characters to UNICODE.
-4). Changed "security=server" to try with invalid username to prevent
-    account lockouts.
-5). Fixes to allow Windows 2000 SP2 clients to join a Samba PDC.
-6). Support for Windows 9x Nexus tools to allow security changes from Win9x.
-7). Two locking fixes added. Samba 2.2.1 now passes the Clarion network
-    lock tester tool for distributed databases.
-8). Preliminary support added for Windows 2000 large file read/write SMBs.
-9). Changed random number generator in Samba to prevent guess attacks.
-10). Fixes for tdb corruption in connections.tdb and file locking brlock.tdb.
-     smbd's clean the tdb files on startup and shutdown.
-11). Fixes for default ACLs on Solaris.
-12). Tidyup of password entry caching code.
-13). Correct shutdowns added for send fails. Helps tdb cleanup code.
-14). Prevent invalid '/' characters in workgroup names.
-15). Removed more static arrays in SAMR code.
-16). Client code is now UNICODE on the wire.
-17). Fix 2 second timstamp resolution everywhere if dos timestamp set to yes.
-18). All tdb opens now going through logging function.
-19). Add pam password changing and pam restrictions code.
-20). Printer driver management improvements (delete driver).
-21). Fix difference between NULL security descriptors and empty
-     security descriptors.
-22). Fix SID returns for server roles.
-23). Allow Windows 2000 mmc to view and set Samba share security descriptors.
-24). Allow smbcontrol to forcibly disconnect a share.
-25). tdb fixes for HPUX, OpenBSD and other OS's that don't have a coherent
-     mmap/file read/write cache.
-26). Fix race condition in returning create disposition for file create/open.
-27). Fix NT rewriting of security descriptors to their canonical form for
-     ACLs.
-28). Fix for Samba running on top of Linux VFAT ftruncate bug.
-29). Swat fixes for being run with xinetd that doesn't set the umask.
-30). Fix for slow writes with Win9x Explorer clients. Emulates Microsoft
-     TCP stack early ack specification error.
-31). Changed lock & persistant tdb directory to /var/cache/samba by default on
-     RedHat and Mandrake as they clear the /var/lock/samba directory on reboot.
-
------------------------------------------------------------------------------
-The release notes for 2.2.0a follow :
-
-SECURITY FIX
-============
-
-This is a security bugfix release for Samba 2.2.0. This release provides the
-following two changes *ONLY* from the 2.2.0 release.
-
-1). Fix for the security hole discovered by Michal Zalewski (lcamtuf@bos.bindview.com)
-    and described in the security advisory below.
-2). Fix for the hosts allow/hosts deny parameters not being honoured.
-
-No other changes are being made for this release to ensure a security fix only.
-For new functionality (including these security fixes) download Samba 2.2.1
-when it is available.
-
-The security advisory follows :
-
-
-                IMPORTANT: Security bugfix for Samba
-                ------------------------------------
-
-June 23rd 2001
-
-
-Summary
--------
-
-A serious security hole has been discovered in all versions of Samba
-that allows an attacker to gain root access on the target machine for
-certain types of common Samba configuration.
-
-The immediate fix is to edit your smb.conf configuration file and
-remove all occurances of the macro "%m". Replacing occurances of %m
-with %I is probably the best solution for most sites.
-
-Details
--------
-
-A remote attacker can use a netbios name containing unix path
-characters which will then be substituted into the %m macro wherever
-it occurs in smb.conf. This can be used to cause Samba to create a log
-file on top of an important system file, which in turn can be used to
-compromise security on the server.
-
-The most commonly used configuration option that can be vulnerable to
-this attack is the "log file" option. The default value for this
-option is VARDIR/log.smbd. If the default is used then Samba is not
-vulnerable to this attack.
-
-The security hole occurs when a log file option like the following is
-used:
-
-  log file = /var/log/samba/%m.log
-
-In that case the attacker can use a locally created symbolic link to
-overwrite any file on the system. This requires local access to the
-server.
-
-If your Samba configuration has something like the following:
-
-  log file = /var/log/samba/%m
-
-Then the attacker could successfully compromise your server remotely
-as no symbolic link is required. This type of configuration is very
-rare.
-
-The most commonly used log file configuration containing %m is the
-distributed in the sample configuration file that comes with Samba:
-
-  log file = /var/log/samba/log.%m
-
-in that case your machine is not vulnerable to this attack unless you
-happen to have a subdirectory in /var/log/samba/ which starts with the
-prefix "log."
-
-Credit
-------
-
-Thanks to Michal Zalewski (lcamtuf@bos.bindview.com) for finding this
-vulnerability.
-
-
-New Release
------------
-
-While we recommend that vulnerable sites immediately change their
-smb.conf configuration file to prevent the attack we will also be
-making new releases of Samba within the next 24 hours to properly fix
-the problem. Please see http://www.samba.org/ for the new releases.
-
-Please report any attacks to the appropriate authority.
-
-        The Samba Team
-        security@samba.org
-
----------------------------------------------------------------------------
-
-The release notes for 2.2.0 follow :
-
-This is the official Samba 2.2.0 release. This version of Samba provides
-the following new features and enhancements.
-
-Integration between Windows oplocks and NFS file opens (IRIX and Linux
-2.4 kernel only). This gives complete data and locking integrity between
-Windows and UNIX file access to the same data files.
-
-Ability to act as an authentication source for Windows 2000 clients as
-well as for NT4.x clients.
-
-Integration with the winbind daemon that provides a single
-sign on facility for UNIX servers in Windows 2000/NT4 networks
-driven by a Windows 2000/NT4 PDC. winbind is not included in
-this release, it currently must be obtained separately. We are
-committed to including winbind in a future Samba 2.2.x release.
-
-Support for native Windows 2000/NT4 printing RPCs. This includes
-support for automatic printer driver download.
-
-Support for server supported Access Control Lists (ACLs).
-This release contains support for the following filesystems: 
-
-    Solaris 2.6+ 
-    SGI Irix 
-    Linux Kernel with ACL patch from http://acl.bestbits.at
-	Linux Kernel with XFS ACL support.
-	Caldera/SCO UnixWare
-	IBM AIX
-	FreeBSD (with external patch)
-
-Other platforms will be supported as resources are
-available to test and implement the encessary modules. If
-you are interested in writing the support for a particular
-ACL filesystem, please join the samba-technical mailing
-list and coordinate your efforts. 
- 
-On PAM (Pluggable Authentication Module) based systems - better debugging
-messages and encrypted password users now have access control verified via
-PAM - Note: Authentication still uses the encrypted password database.
- 
-Rewritten internal locking semantics for more robustness.
-This release supports full 64 bit locking semantics on all
-(even 32 bit) platforms. SMB locks are mapped onto POSIX
-locks (32 bit or 64 bit) as the underlying system allows.
-
-Conversion of various internal flat data structures to use
-database records for increased performance and
-flexibility. 
-
-Support for acting as a MS-DFS (Distributed File System) server.
-
-Support for manipulating Samba shares using Windows client tools
-(server manager). Per share security can be set using these tools
-and Samba will obey the access restrictions applied.
-
-Samba profiling support (see below).
-
-Compile time option for enabling a (Virtual file system) VFS layer 
-to allow non-disk resources to be exported as Windows filesystems
-(such as databases etc.).
-
-The documentation in this release has been updated and converted
-from Yodl to DocBook 4.1. There are many new parameters since 2.0.7
-and some defaults have changed.
-
-Profiling support.
-------------------
-Support for collection of profile information. A shared 
-memory area has been created which contains counters for
-the number of calls to and the amount of time spent in
-various system calls, smb transactions and nmbd activity. See 
-the file profile.h for a complete listing of the information 
-collected. Sample code for a samba pmda (collection agent
-for Performance Co-Pilot) has been included in the pcp
-directory. 
-
-To enable the profile data collection code in samba, you must 
-compile samba with profile data support (run configure with 
-the --with-profiling-data option). On startup, collection of 
-data is disabled. To begin collecting data use the smbcontrol
-program to turn on profiling (see the smbcontrol man page).
-Profile information collection can be enabled for nmbd, all smbd
-processes or one or more selected processes. The profiling
-data collected is the aggragate for all processes that have
-profiling enabled.
-
-With samba compiled for profile data collection, you may see
-a very slight degradation in performance even with profiling
-collection turned off. On initial tests with NetBench on an
-SGI Origin 200 server, this degradation was not measureable 
-with profile collection off compared to no profile collection
-compiled into samba. 
-
-With count profile collection enabled on all clients, the 
-degradation was less than 2%. With full profile collection 
-enabled on all clients, the degradation was about 8.5%. 
-
-=====================================================================
-
-If you think you have found a bug please email a report to :
-
-        <a href="mailto:samba@samba.org">samba@samba.org</a>
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-        The Samba Team.  
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-2.2.3.html b/whatsnew/samba-2.2.3.html
deleted file mode 100755
index dc37753..0000000
--- a/whatsnew/samba-2.2.3.html
+++ /dev/null
@@ -1,666 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team are pleased to announce Samba&nbsp;2.2.3</H2>
-
-<p>
-<pre>
-The Samba Team is proud to announce the release of Samba 2.2.3.
-
-This is the latest stable release of Samba. This is the version that all
-production Samba servers should be running for all current bug-fixes.
-
-There are several important scaling bugs that have been fixed in this release
-for large server systems so an upgrade is recommended.
-
-Samba 2.2.3 is available in source form from samba.org and all of our
-mirror sites at the url
-
-<a href="/samba/ftp/samba-2.2.3.tar.gz">/samba/ftp/samba-2.2.3.tar.gz </a>
-
-The release notes follow.
-
-If you think you have found a bug please email a report to :
-
-        <a href="mailto:samba@samba.org">samba@samba.org</a>
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-        The Samba Team.  
-
-----------------------------------------------------------------------
-              WHATS NEW IN Samba 2.2.3  - 2nd February 2002
-              =============================================
-
-This is the latest stable release of Samba. This is the version that all
-production Samba servers should be running for all current bug-fixes.
-
-There are several important scaling bugs that have been fixed in this release
-for large server systems so an upgrade is recommended.
-
-LDAP update
------------
-
-Much work has been done on the LDAP backend code. The configure
-option --with-ldapsam is now considered to be stable. The schema
-used has changed, see the file examples/LDAP/samba.schema for the
-new schema.
-
-New documentation explaining how to set up a Samba only PDC/BDC
-setup has been added in the files Samba-LDAP-HOWTO and Samba-BDC-HOWTO
-in the documentation tree.
-
-winbindd daemon extended
-------------------------
-
-Samba 2.2.2 was the first release to include the winbind daemon.
-This code allows UNIX systems that implement the name service
-switch (nss) to be entered into a Windows NT/2000 domain and
-use the Domain controller for all user and group enumeration.
-
-Samba 2.2.3 fixes the known memory leaks in winbindd and has
-been extended to work with SGI IRIX and HPUX (11.x) in addition
-to the earlier targets of Linux and Solaris.
-
-For more information on using winbind, see the man pages for 
-winbindd and wbinfo.
-
-Note that winbindd is not installed by default.
-
-New/Changed parameters in 2.2.3
--------------------------------
-
-For more information on these parameters, see the man pages for
-smb.conf.
-
-Added/changed parameters.
--------------------------
-
-unix extensions
-
-Enables the experimental UNIX CIFS extensions in smbd. See the manpage
-for more details.
-
-default devmode
-
-Some printer drivers will crash the Windows NT/2000 spooler service
-if they are given a default devmode, some require it. This parameter
-allows the administrator a choice of whether smbd returns such a 
-default devmode for a driver.
-
-share modes
-
-This parameter has been restored to allow people who wish smbd to ignore
-client share modes. This is *very dangerous* and should not be set without
-full knowledge of what this is designed for.
-
-Changes in 2.2.3
------------------
-
-1). Fixed shared library compile for Solaris with native compiler.
-2). UNIX CIFS extensions code added (donated by HP).
-3). Changed to using NT status codes on the wire if the client can support
-this.
-4). altname command to show 8.3 name added to smbclient.
-5). const-safe endian macros now used.
-6). client code now uses UNICODE on the wire.
-7). Correctly return fault PDU's on bad handle.
-8). Improved NT error code mapping table.
-9). Many new point and print RPC calls added.
-10). Win9x clients can now see full user list.
-11). fileid added to identify simultaneous open files (no longer
-use dev/inode/time as unique value).
-12). HPUX ACL code added (donated by HP).
-13). vfs interfaces updated (again !).
-14). MSDOS Code Page 866 -> 1251 mapping added.
-15). winbindd now processes quit/hup signals correctly.
-16). No tdb traversal done on startup/shutdown - ensures scalability.
-17). Fix bug with paths for homes share.
-18). Fixed copyfile for OS/2.
-19). Fix group membership when groups are on more than one line.
-20). Fixed core dumps in posix ACL mapping code.
-21). Tidyup of UNICODE functions (put/get).
-22). Move rpcclient to the new libsmb code.
-23). Add missing Windows 2000 passthough trans2 calls.
-24). Return check all tdb calls.
-25). Make local name lookup work even if wins server is down.
-26). pam session code added to winbind.
-27). Added winbindd cache to all lookups.
-28). Fix allocate bugs that caused file sizes to be incorrect.
-29). Fixed write cache code - now safe to use.
-30). Fixed winbindd memory leaks.
-31). winbindd will now do name lookups (to allow non Open Source
-systems to do the nsswitch WINS lookup). Fixed by SGI.
-32). passdb memory leaks fixed.
-33). LDAP code updates and now properly maintained.
-34). Finally figured out how changeid is meant to work.
-35). Downlevel printing now looks as NT does in print monitor window.
-36). Many fixups in spoolss printing RPC parsing.
-37). Speed up password enumeration as a PDC.
-38). Fix printer changed notify messages (work from HP).
-39). Fix modify timestamp on close code.
-40). Fix long standing mangled names bug.
-41). Fix delete on close semantics.
-42). Stop opening all files with O_NONBLOCK !
-43). Use O_NOFOLLOW for systems that have it and don't want symlinks.
-44). Ensure NT suplementary groups get added to user token.
-45). Try and mitigate effects of DNS timeout (do less lookups).
-46). Added current user connection context stack.
-47). Fixes to utmp code.
-48). smbw code tidyups.
-49). Added tdb open log code. Several tdb fixes.
-
-Older release notes for Samba 2.2.x follow.
-
------------------------------------------------------------------------------
-
-New daemon included - winbindd
-------------------------------
- 
-Samba 2.2.2 is the first release to include the winbind daemon.
-This code allows UNIX systems that implement the name service
-switch (nss) to be entered into a Windows NT/2000 domain and
-use the Domain controller for all user and group enumeration.
- 
-This allows a Samba server added to a Windows domain to serve
-file and print services with *NO* local users needed in /etc/passwd
-and /etc/group - all users and groups are read directly from the
-Windows domain controller. In addition with pam_winbind which allows
-a PAM enabled UNIX system to use a Windows domain for authentication
-service this allows single sign on and account control across
-UNIX and Windows systems.
- 
-The current version of winbindd shipped in 2.2.2 does have some
-memory leaks, which will be addressed for the next Samba release,
-so it is advisable to monitor the winbind process. This code is
-being used in production by several vendors, so the leaks are
-managable. In addition, this version of winbind does not work
-correctly against a Samba PDC, due to some missing calls on the
-PDC side. These problems are being addressed for the next Samba
-release, but it was thought better to release the code now rather
-than delay the main Samba code to match the winbind release schedule.
- 
-For more information on using winbind, see the man pages for
-winbindd and wbinfo.
- 
-Note that winbindd is not installed by default.
-
-New/Changed parameters in 2.2.2
--------------------------------
-
-For more information on these parameters, see the man pages for
-smb.conf.
-
-Added/changed parameters.
--------------------------
-
-strict allocate
-
-Causes Samba not to create UNIX 'sparse' files, but to follow the
-Windows behaviour of always allocating on-disk space.
-
-use mmap
-
-Set to 'on' by default, only set to 'off' on HPUX 11.x or below or other
-UNIX systems that don't have coherent mmap/read-write internal caches.
-You should not need to set this parameter.
-
-nt acl support
-
-This parameter has been changed to a per-share option, and is very
-useful in enabling Windows 2000 SP2 to load/save profiles from a 
-Samba share.
-
-New printing parameters.
-------------------------
-
-disable spoolss
-
-Setting this parameter causes Samba to go back to the old 2.0.x
-LANMAN printing behaviour, for people who wish to disable the
-new SPOOLSS pipe.
-
-use client driver
-
-Causes Windows NT/2000 clients to need have a local printer driver
-installed and to treat the printer as local.
-
-New LDAP parameters.
---------------------
-
-Samba 2.2.2 contains new code to maintain a Samba SAM database
-on a remote LDAP server. These parameters have been added as
-part of this code. These parameters are only available when Samba
-has been compiled with the --with-ldapsam option.
-
-ldap admin dn
-ldap ssl
-
-New SSL parameters.
--------------------
-
-The SSL support in Samba has been fixed. These new parameters
-are part of the changes added. These parameters are only available
-when Samba has been compiled with the --with-ssl option. 
-Please see the smb.conf man page for details.
-
-ssl egd socket
-ssl entropy file
-ssl entropy bytes
-
-New winbindd parameters.
-------------------------
-
-These parameters are used by winbindd. See the man page for
-winbindd for details.
-
-winbind separator
-winbind uid
-winbind gid
-winbind cache time
-winbind enum users
-winbind enum groups
-template homedir
-template shell
-
-Removed parameters.
--------------------
-
-share modes
-ldap root
-ldap root passwd
-
-New Documentation.
-------------------
-
-Some new README's have been added in the docs/ directory. These cover
-using roving profiles with Windows 2000 SP2 (docs/README.Win2kSP2),
-and how to use Samba to help prevent Windows virus spread
-(docs/README.Win32-Viruses).
-
-Quota problems on a Linux 2.4 kernel.
--------------------------------------
-
-Currently the quota interfaces have diverged between the Linus
-2.4.x kernels and the Alan Cox 2.4.x kernels (the Alan Cox varients
-are shipped with RedHat). Running quota-enabled Samba compiled on
-an Alan Cox kernel works correctly on an Alan Cox kernel (the one
-shipped by default with RedHat 7.x) but fails on a Linus kernel.
-
-This is a mess, and hopefully Alan and Linus will sort it out soon.
-In the meantime we need to ship.....
-
-Changes in 2.2.2
------------------
-
-1). mmap tdb code disabled on HPUX. This should prevent the reports of
-tdb corruption on HUPX.
-2). Large file support set to off in Solaris 5.5 and below.
-3). Better CUPS detection.
-4). New SAM (password database) backends - smbpasswd (traditional),
-LDAP, NIS+ and Samba TDB.
-5). Quota fixups on Linux.
-6). libsmbclient stand-alone code added. Can be built as a shared library
-under Linux.
-7). Tru64 ACL suppport added.
-8). winbindd option added.
-9). Realloc fail tidyup fixes all over the code.
-10). Large improvement in hash table code efficiency - would be found with
-large stat caches.
-11). Error code consistency improved (still needs more work).
-12). Profile shared memory support added to nmbd.
-13). New Windows 2000/NT passthrough info levels added.
-14). readraw/writeraw code rewritten - many bugs fixed.
-15). UNIX password sync (non pam) code fixed, use correct wildcard matcher.
-16). Reverse DNS lookup avoided on socket open.
-17). Bug preventing nmbd re-registering names on WINS server timeout fixed.
-18). Zero length byte range lock code added. Much closer to Windows semantics.
-19). Alignment fault fixes for Linux/Alpha.
-20). Error checking on tdb returns vastly improved.
-21). Handling of delete on close fixed. No longer possible to leave 'dead'
-file entries.
-22). Handling of oplock break failure cleanups improved. Should not be
-able to leave 'dead' entries.
-23). Fix handling of errors trying to set 64 bit locks on 32 bit NFS mounts.
-24). Misc. MS-DFS code fixes.
-25). Ignore logon packets if not a PDC (needed for PDC/BDC failover).
-26). winbind pam module added.
-27). Order N^^2 enumeration of printers problem fixed.
-28). Password backend database code re-ordered to allow different password
-backends (at compile time currently).
-29). Improved print driver version detection for Windows 2000.
-30). Driver DEVMODE initialization fixes.
-31). Improved SYSV print parse code.
-32). Fixed enumeration of large numbers of users/groups from Windows clients.
-Code still too slow.
-33). Fix for buggy NetApp RPC pipe clients.
-34). Fix for NT sending multiple SetPrinterDataEx calls.
-35). Fix for logic bug where smbd could delay oplock break request messages
-from other smbd daemons whilst client kept us busy.
-36). Fix deadlock problem with connections tdb on enumeration.
-37). Fixes for setting/getting NT ACLs - improved POSIX mapping both ways.
-38). Removed unused readbmpx/writebmpx code.
-39). Attempt to fix Linux 2.4.x quota mess.
-40). Improved ctemp code for Windows 2000 compatibilty.
-41). Finally understood difference between set EOF and set allocation requests.
-Added strict allocate parameter to help.
-42). Correctly return name types on name to SID lookups.
-43). tdb spinlock code update.
-44). Use pread/pwrite on systems that have it to fix race condition in tdb code.
-
-Older release notes for Samba 2.2.x follow.
-
------------------------------------------------------------------------------
-The release notes for 2.2.1a follow :
-
-This is a minor bugfix release for 2.2.1, *NOT* security related.
-
-1). 2.2.1 had a bug where using smbpasswd -m to add a Windows NT or
-Windows2000 machine into a Samba hosted PDC would fail due to our
-stricter user name checking. We were disallowing user names
-containing '$', which is needed when using smbpasswd to add a
-machine into a domain. Automatically adding machines (using the
-native Windows tools) into a Samba domain worked correctly.
-
-2.2.1a fixes this single problem.
-
------------------------------------------------------------------------------
-The release notes for 2.2.1 follow :
-
-New/Changed parameters in 2.2.1
--------------------------------
-
-Added parameters.
------------------
-
-obey pam restrictions
-
-When Samba is configured to use PAM, turns on or off Samba checking
-the PAM account restrictions. Defaults to off.
-
-pam password change
-
-When Samba is configured to use PAM, turns on or off Samba passing
-the password changes to PAM. Defaults to off.
-
-large readwrite
-
-New option to allow new Windows 2000 large file (64k) streaming
-read/write options. Needs a 64 bit underlying operating system
-(for Linux use kernel 2.4 with glibc 2.2 or above). Can improve performance
-by 10% with Windows 2000 clients. Defaults to off. Not as tested
-as some other Samba code paths.
-
-hide unreadable
-
-Prevents clients from seeing the existance of files that cannot
-be read. Off by default.
-
-enhanced browsing
-
-Turn on/off the enhanced Samba browing functionality (*1B names).
-Default is "on". Can prevent eternal machines in workgroups when
-WINS servers are not synchronised.
-
-Removed parameters.
--------------------
-
-domain groups
-domain admin users
-domain guest users
-
-Changes in 2.2.1
------------------
-
-1). "find" command removed for smbclient. Internal code now used.
-2). smbspool updates to retry connections from Michael Sweet.
-3). Fix for mapping 8859-15 characters to UNICODE.
-4). Changed "security=server" to try with invalid username to prevent
-    account lockouts.
-5). Fixes to allow Windows 2000 SP2 clients to join a Samba PDC.
-6). Support for Windows 9x Nexus tools to allow security changes from Win9x.
-7). Two locking fixes added. Samba 2.2.1 now passes the Clarion network
-    lock tester tool for distributed databases.
-8). Preliminary support added for Windows 2000 large file read/write SMBs.
-9). Changed random number generator in Samba to prevent guess attacks.
-10). Fixes for tdb corruption in connections.tdb and file locking brlock.tdb.
-     smbd's clean the tdb files on startup and shutdown.
-11). Fixes for default ACLs on Solaris.
-12). Tidyup of password entry caching code.
-13). Correct shutdowns added for send fails. Helps tdb cleanup code.
-14). Prevent invalid '/' characters in workgroup names.
-15). Removed more static arrays in SAMR code.
-16). Client code is now UNICODE on the wire.
-17). Fix 2 second timstamp resolution everywhere if dos timestamp set to yes.
-18). All tdb opens now going through logging function.
-19). Add pam password changing and pam restrictions code.
-20). Printer driver management improvements (delete driver).
-21). Fix difference between NULL security descriptors and empty
-     security descriptors.
-22). Fix SID returns for server roles.
-23). Allow Windows 2000 mmc to view and set Samba share security descriptors.
-24). Allow smbcontrol to forcibly disconnect a share.
-25). tdb fixes for HPUX, OpenBSD and other OS's that don't have a coherent
-     mmap/file read/write cache.
-26). Fix race condition in returning create disposition for file create/open.
-27). Fix NT rewriting of security descriptors to their canonical form for
-     ACLs.
-28). Fix for Samba running on top of Linux VFAT ftruncate bug.
-29). Swat fixes for being run with xinetd that doesn't set the umask.
-30). Fix for slow writes with Win9x Explorer clients. Emulates Microsoft
-     TCP stack early ack specification error.
-31). Changed lock & persistant tdb directory to /var/cache/samba by default on
-     RedHat and Mandrake as they clear the /var/lock/samba directory on reboot.
-
------------------------------------------------------------------------------
-The release notes for 2.2.0a follow :
-
-SECURITY FIX
-============
-
-This is a security bugfix release for Samba 2.2.0. This release provides the
-following two changes *ONLY* from the 2.2.0 release.
-
-1). Fix for the security hole discovered by Michal Zalewski (lcamtuf@bos.bindview.com)
-    and described in the security advisory below.
-2). Fix for the hosts allow/hosts deny parameters not being honoured.
-
-No other changes are being made for this release to ensure a security fix only.
-For new functionality (including these security fixes) download Samba 2.2.1
-when it is available.
-
-The security advisory follows :
-
-
-                IMPORTANT: Security bugfix for Samba
-                ------------------------------------
-
-June 23rd 2001
-
-
-Summary
--------
-
-A serious security hole has been discovered in all versions of Samba
-that allows an attacker to gain root access on the target machine for
-certain types of common Samba configuration.
-
-The immediate fix is to edit your smb.conf configuration file and
-remove all occurances of the macro "%m". Replacing occurances of %m
-with %I is probably the best solution for most sites.
-
-Details
--------
-
-A remote attacker can use a netbios name containing unix path
-characters which will then be substituted into the %m macro wherever
-it occurs in smb.conf. This can be used to cause Samba to create a log
-file on top of an important system file, which in turn can be used to
-compromise security on the server.
-
-The most commonly used configuration option that can be vulnerable to
-this attack is the "log file" option. The default value for this
-option is VARDIR/log.smbd. If the default is used then Samba is not
-vulnerable to this attack.
-
-The security hole occurs when a log file option like the following is
-used:
-
-  log file = /var/log/samba/%m.log
-
-In that case the attacker can use a locally created symbolic link to
-overwrite any file on the system. This requires local access to the
-server.
-
-If your Samba configuration has something like the following:
-
-  log file = /var/log/samba/%m
-
-Then the attacker could successfully compromise your server remotely
-as no symbolic link is required. This type of configuration is very
-rare.
-
-The most commonly used log file configuration containing %m is the
-distributed in the sample configuration file that comes with Samba:
-
-  log file = /var/log/samba/log.%m
-
-in that case your machine is not vulnerable to this attack unless you
-happen to have a subdirectory in /var/log/samba/ which starts with the
-prefix "log."
-
-Credit
-------
-
-Thanks to Michal Zalewski (lcamtuf@bos.bindview.com) for finding this
-vulnerability.
-
-
-New Release
------------
-
-While we recommend that vulnerable sites immediately change their
-smb.conf configuration file to prevent the attack we will also be
-making new releases of Samba within the next 24 hours to properly fix
-the problem. Please see http://www.samba.org/ for the new releases.
-
-Please report any attacks to the appropriate authority.
-
-        The Samba Team
-        security@samba.org
-
----------------------------------------------------------------------------
-
-The release notes for 2.2.0 follow :
-
-This is the official Samba 2.2.0 release. This version of Samba provides
-the following new features and enhancements.
-
-Integration between Windows oplocks and NFS file opens (IRIX and Linux
-2.4 kernel only). This gives complete data and locking integrity between
-Windows and UNIX file access to the same data files.
-
-Ability to act as an authentication source for Windows 2000 clients as
-well as for NT4.x clients.
-
-Integration with the winbind daemon that provides a single
-sign on facility for UNIX servers in Windows 2000/NT4 networks
-driven by a Windows 2000/NT4 PDC. winbind is not included in
-this release, it currently must be obtained separately. We are
-committed to including winbind in a future Samba 2.2.x release.
-
-Support for native Windows 2000/NT4 printing RPCs. This includes
-support for automatic printer driver download.
-
-Support for server supported Access Control Lists (ACLs).
-This release contains support for the following filesystems: 
-
-    Solaris 2.6+ 
-    SGI Irix 
-    Linux Kernel with ACL patch from http://acl.bestbits.at
-	Linux Kernel with XFS ACL support.
-	Caldera/SCO UnixWare
-	IBM AIX
-	FreeBSD (with external patch)
-
-Other platforms will be supported as resources are
-available to test and implement the encessary modules. If
-you are interested in writing the support for a particular
-ACL filesystem, please join the samba-technical mailing
-list and coordinate your efforts. 
- 
-On PAM (Pluggable Authentication Module) based systems - better debugging
-messages and encrypted password users now have access control verified via
-PAM - Note: Authentication still uses the encrypted password database.
- 
-Rewritten internal locking semantics for more robustness.
-This release supports full 64 bit locking semantics on all
-(even 32 bit) platforms. SMB locks are mapped onto POSIX
-locks (32 bit or 64 bit) as the underlying system allows.
-
-Conversion of various internal flat data structures to use
-database records for increased performance and
-flexibility. 
-
-Support for acting as a MS-DFS (Distributed File System) server.
-
-Support for manipulating Samba shares using Windows client tools
-(server manager). Per share security can be set using these tools
-and Samba will obey the access restrictions applied.
-
-Samba profiling support (see below).
-
-Compile time option for enabling a (Virtual file system) VFS layer 
-to allow non-disk resources to be exported as Windows filesystems
-(such as databases etc.).
-
-The documentation in this release has been updated and converted
-from Yodl to DocBook 4.1. There are many new parameters since 2.0.7
-and some defaults have changed.
-
-Profiling support.
-------------------
-Support for collection of profile information. A shared 
-memory area has been created which contains counters for
-the number of calls to and the amount of time spent in
-various system calls, smb transactions and nmbd activity. See 
-the file profile.h for a complete listing of the information 
-collected. Sample code for a samba pmda (collection agent
-for Performance Co-Pilot) has been included in the pcp
-directory. 
-
-To enable the profile data collection code in samba, you must 
-compile samba with profile data support (run configure with 
-the --with-profiling-data option). On startup, collection of 
-data is disabled. To begin collecting data use the smbcontrol
-program to turn on profiling (see the smbcontrol man page).
-Profile information collection can be enabled for nmbd, all smbd
-processes or one or more selected processes. The profiling
-data collected is the aggragate for all processes that have
-profiling enabled.
-
-With samba compiled for profile data collection, you may see
-a very slight degradation in performance even with profiling
-collection turned off. On initial tests with NetBench on an
-SGI Origin 200 server, this degradation was not measureable 
-with profile collection off compared to no profile collection
-compiled into samba. 
-
-With count profile collection enabled on all clients, the 
-degradation was less than 2%. With full profile collection 
-enabled on all clients, the degradation was about 8.5%. 
-
-=====================================================================
-
-If you think you have found a bug please email a report to :
-
-        <a href="mailto:samba@samba.org">samba@samba.org</a>
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-        The Samba Team.  
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-2.2.3a.html b/whatsnew/samba-2.2.3a.html
deleted file mode 100755
index a70a2ab..0000000
--- a/whatsnew/samba-2.2.3a.html
+++ /dev/null
@@ -1,696 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team announce Samba&nbsp;2.2.3a</H2>
-
-<p>
-<pre>
-The Samba Team announces the release of Samba 2.2.3a, a bugfix release to
-correct an error in Samba 2.2.3.
-
-This is the latest stable release of Samba. This is the version that all
-production Samba servers should be running for all current bug-fixes.
-
-This is a minor bugfix release for the 2.2.3 release. The 2.2.3
-release had a problem that was visible to Windows 2000 Explorer
-users in that copying files into a share that already existed
-failed with "Access Denied" rather than asking the user if an
-overwrite was required. This was due to an incorrect error mapping
-between the UNIX EEXIST error code and the corresponding NT status error.
-
-As Windows Explorer is a highly visible end user application a quick
-bugfix release was required, hence 2.2.3a.
-
-There are several important scaling bugs that have been fixed in this release
-for large server systems so an upgrade is recommended.
-
-Samba 2.2.3a is available in source form from samba.org and all of our
-mirror sites at the url
-
-<a href="/samba/ftp/samba-2.2.3a.tar.gz">/samba/ftp/samba-2.2.3a.tar.gz </a>
-
-The release notes follow.
-
-If you think you have found a bug please email a report to :
-
-        <a href="mailto:samba@samba.org">samba@samba.org</a>
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-        The Samba Team.  
-
-----------------------------------------------------------------------
-              WHATS NEW IN Samba 2.2.3a  - 6th February 2002
-              ==============================================
-
-This is the latest stable release of Samba. This is the version that all
-production Samba servers should be running for all current bug-fixes.
-
-There are several important scaling bugs that have been fixed in this release
-for large server systems so an upgrade is recommended.
-
-Change from 2.2.3
------------------
-
-This is a minor bugfix release for the 2.2.3 release. The 2.2.3
-release had a problem that was visible to Windows 2000 Explorer
-users in that copying files into a share that already existed 
-failed with "Access Denied" rather than asking the user if an
-overwrite was required. This was due to an incorrect error mapping
-between the UNIX EEXIST error code and the NT status error.
-
-As Windows Explorer is a highly visible end user application a quick
-bugfix release was required, hence 2.2.3a.
-
-Compilation on HPUX versions earlier than HPUX 11 has also been
-corrected.
-
-The cvs.log file is no longer included with this release, as it adds
-13Mb to the size of the release, and is easily available on the Web.
-
-LDAP update
------------
-
-Much work has been done on the LDAP backend code. The configure
-option --with-ldapsam is now considered to be stable. The schema
-used has changed, see the file examples/LDAP/samba.schema for the
-new schema.
-
-New documentation explaining how to set up a Samba only PDC/BDC
-setup has been added in the files Samba-LDAP-HOWTO and Samba-BDC-HOWTO
-in the documentation tree.
-
-winbindd daemon extended
-------------------------
-
-Samba 2.2.2 was the first release to include the winbind daemon.
-This code allows UNIX systems that implement the name service
-switch (nss) to be entered into a Windows NT/2000 domain and
-use the Domain controller for all user and group enumeration.
-
-Samba 2.2.3 fixes the known memory leaks in winbindd and has
-been extended to work with SGI IRIX and HPUX (11.x) in addition
-to the earlier targets of Linux and Solaris.
-
-For more information on using winbind, see the man pages for 
-winbindd and wbinfo.
-
-Note that winbindd is not installed by default.
-
-New/Changed parameters in 2.2.3a
---------------------------------
-
-For more information on these parameters, see the man pages for
-smb.conf.
-
-Added/changed parameters.
--------------------------
-
-unix extensions
-
-Enables the experimental UNIX CIFS extensions in smbd. See the manpage
-for more details.
-
-default devmode
-
-Some printer drivers will crash the Windows NT/2000 spooler service
-if they are given a default devmode, some require it. This parameter
-allows the administrator a choice of whether smbd returns such a 
-default devmode for a driver.
-
-share modes
-
-This parameter has been restored to allow people who wish smbd to ignore
-client share modes. This is *very dangerous* and should not be set without
-full knowledge of what this is designed for.
-
-Changes in 2.2.3
------------------
-
-1). Fixed shared library compile for Solaris with native compiler.
-2). UNIX CIFS extensions code added (donated by HP).
-3). Changed to using NT status codes on the wire if the client can support
-this.
-4). altname command to show 8.3 name added to smbclient.
-5). const-safe endian macros now used.
-6). client code now uses UNICODE on the wire.
-7). Correctly return fault PDU's on bad handle.
-8). Improved NT error code mapping table.
-9). Many new point and print RPC calls added.
-10). Win9x clients can now see full user list.
-11). fileid added to identify simultaneous open files (no longer
-use dev/inode/time as unique value).
-12). HPUX ACL code added (donated by HP).
-13). vfs interfaces updated (again !).
-14). MSDOS Code Page 866 -> 1251 mapping added.
-15). winbindd now processes quit/hup signals correctly.
-16). No tdb traversal done on startup/shutdown - ensures scalability.
-17). Fix bug with paths for homes share.
-18). Fixed copyfile for OS/2.
-19). Fix group membership when groups are on more than one line.
-20). Fixed core dumps in posix ACL mapping code.
-21). Tidyup of UNICODE functions (put/get).
-22). Move rpcclient to the new libsmb code.
-23). Add missing Windows 2000 passthough trans2 calls.
-24). Return check all tdb calls.
-25). Make local name lookup work even if wins server is down.
-26). pam session code added to winbind.
-27). Added winbindd cache to all lookups.
-28). Fix allocate bugs that caused file sizes to be incorrect.
-29). Fixed write cache code - now safe to use.
-30). Fixed winbindd memory leaks.
-31). winbindd will now do name lookups (to allow non Open Source
-systems to do the nsswitch WINS lookup). Fixed by SGI.
-32). passdb memory leaks fixed.
-33). LDAP code updates and now properly maintained.
-34). Finally figured out how changeid is meant to work.
-35). Downlevel printing now looks as NT does in print monitor window.
-36). Many fixups in spoolss printing RPC parsing.
-37). Speed up password enumeration as a PDC.
-38). Fix printer changed notify messages (work from HP).
-39). Fix modify timestamp on close code.
-40). Fix long standing mangled names bug.
-41). Fix delete on close semantics.
-42). Stop opening all files with O_NONBLOCK !
-43). Use O_NOFOLLOW for systems that have it and don't want symlinks.
-44). Ensure NT suplementary groups get added to user token.
-45). Try and mitigate effects of DNS timeout (do less lookups).
-46). Added current user connection context stack.
-47). Fixes to utmp code.
-48). smbw code tidyups.
-49). Added tdb open log code. Several tdb fixes.
-
-Older release notes for Samba 2.2.x follow.
-
------------------------------------------------------------------------------
-
-New daemon included - winbindd
-------------------------------
- 
-Samba 2.2.2 is the first release to include the winbind daemon.
-This code allows UNIX systems that implement the name service
-switch (nss) to be entered into a Windows NT/2000 domain and
-use the Domain controller for all user and group enumeration.
- 
-This allows a Samba server added to a Windows domain to serve
-file and print services with *NO* local users needed in /etc/passwd
-and /etc/group - all users and groups are read directly from the
-Windows domain controller. In addition with pam_winbind which allows
-a PAM enabled UNIX system to use a Windows domain for authentication
-service this allows single sign on and account control across
-UNIX and Windows systems.
- 
-The current version of winbindd shipped in 2.2.2 does have some
-memory leaks, which will be addressed for the next Samba release,
-so it is advisable to monitor the winbind process. This code is
-being used in production by several vendors, so the leaks are
-managable. In addition, this version of winbind does not work
-correctly against a Samba PDC, due to some missing calls on the
-PDC side. These problems are being addressed for the next Samba
-release, but it was thought better to release the code now rather
-than delay the main Samba code to match the winbind release schedule.
- 
-For more information on using winbind, see the man pages for
-winbindd and wbinfo.
- 
-Note that winbindd is not installed by default.
-
-New/Changed parameters in 2.2.2
--------------------------------
-
-For more information on these parameters, see the man pages for
-smb.conf.
-
-Added/changed parameters.
--------------------------
-
-strict allocate
-
-Causes Samba not to create UNIX 'sparse' files, but to follow the
-Windows behaviour of always allocating on-disk space.
-
-use mmap
-
-Set to 'on' by default, only set to 'off' on HPUX 11.x or below or other
-UNIX systems that don't have coherent mmap/read-write internal caches.
-You should not need to set this parameter.
-
-nt acl support
-
-This parameter has been changed to a per-share option, and is very
-useful in enabling Windows 2000 SP2 to load/save profiles from a 
-Samba share.
-
-New printing parameters.
-------------------------
-
-disable spoolss
-
-Setting this parameter causes Samba to go back to the old 2.0.x
-LANMAN printing behaviour, for people who wish to disable the
-new SPOOLSS pipe.
-
-use client driver
-
-Causes Windows NT/2000 clients to need have a local printer driver
-installed and to treat the printer as local.
-
-New LDAP parameters.
---------------------
-
-Samba 2.2.2 contains new code to maintain a Samba SAM database
-on a remote LDAP server. These parameters have been added as
-part of this code. These parameters are only available when Samba
-has been compiled with the --with-ldapsam option.
-
-ldap admin dn
-ldap ssl
-
-New SSL parameters.
--------------------
-
-The SSL support in Samba has been fixed. These new parameters
-are part of the changes added. These parameters are only available
-when Samba has been compiled with the --with-ssl option. 
-Please see the smb.conf man page for details.
-
-ssl egd socket
-ssl entropy file
-ssl entropy bytes
-
-New winbindd parameters.
-------------------------
-
-These parameters are used by winbindd. See the man page for
-winbindd for details.
-
-winbind separator
-winbind uid
-winbind gid
-winbind cache time
-winbind enum users
-winbind enum groups
-template homedir
-template shell
-
-Removed parameters.
--------------------
-
-share modes
-ldap root
-ldap root passwd
-
-New Documentation.
-------------------
-
-Some new README's have been added in the docs/ directory. These cover
-using roving profiles with Windows 2000 SP2 (docs/README.Win2kSP2),
-and how to use Samba to help prevent Windows virus spread
-(docs/README.Win32-Viruses).
-
-Quota problems on a Linux 2.4 kernel.
--------------------------------------
-
-Currently the quota interfaces have diverged between the Linus
-2.4.x kernels and the Alan Cox 2.4.x kernels (the Alan Cox varients
-are shipped with RedHat). Running quota-enabled Samba compiled on
-an Alan Cox kernel works correctly on an Alan Cox kernel (the one
-shipped by default with RedHat 7.x) but fails on a Linus kernel.
-
-This is a mess, and hopefully Alan and Linus will sort it out soon.
-In the meantime we need to ship.....
-
-Changes in 2.2.2
------------------
-
-1). mmap tdb code disabled on HPUX. This should prevent the reports of
-tdb corruption on HUPX.
-2). Large file support set to off in Solaris 5.5 and below.
-3). Better CUPS detection.
-4). New SAM (password database) backends - smbpasswd (traditional),
-LDAP, NIS+ and Samba TDB.
-5). Quota fixups on Linux.
-6). libsmbclient stand-alone code added. Can be built as a shared library
-under Linux.
-7). Tru64 ACL suppport added.
-8). winbindd option added.
-9). Realloc fail tidyup fixes all over the code.
-10). Large improvement in hash table code efficiency - would be found with
-large stat caches.
-11). Error code consistency improved (still needs more work).
-12). Profile shared memory support added to nmbd.
-13). New Windows 2000/NT passthrough info levels added.
-14). readraw/writeraw code rewritten - many bugs fixed.
-15). UNIX password sync (non pam) code fixed, use correct wildcard matcher.
-16). Reverse DNS lookup avoided on socket open.
-17). Bug preventing nmbd re-registering names on WINS server timeout fixed.
-18). Zero length byte range lock code added. Much closer to Windows semantics.
-19). Alignment fault fixes for Linux/Alpha.
-20). Error checking on tdb returns vastly improved.
-21). Handling of delete on close fixed. No longer possible to leave 'dead'
-file entries.
-22). Handling of oplock break failure cleanups improved. Should not be
-able to leave 'dead' entries.
-23). Fix handling of errors trying to set 64 bit locks on 32 bit NFS mounts.
-24). Misc. MS-DFS code fixes.
-25). Ignore logon packets if not a PDC (needed for PDC/BDC failover).
-26). winbind pam module added.
-27). Order N^^2 enumeration of printers problem fixed.
-28). Password backend database code re-ordered to allow different password
-backends (at compile time currently).
-29). Improved print driver version detection for Windows 2000.
-30). Driver DEVMODE initialization fixes.
-31). Improved SYSV print parse code.
-32). Fixed enumeration of large numbers of users/groups from Windows clients.
-Code still too slow.
-33). Fix for buggy NetApp RPC pipe clients.
-34). Fix for NT sending multiple SetPrinterDataEx calls.
-35). Fix for logic bug where smbd could delay oplock break request messages
-from other smbd daemons whilst client kept us busy.
-36). Fix deadlock problem with connections tdb on enumeration.
-37). Fixes for setting/getting NT ACLs - improved POSIX mapping both ways.
-38). Removed unused readbmpx/writebmpx code.
-39). Attempt to fix Linux 2.4.x quota mess.
-40). Improved ctemp code for Windows 2000 compatibilty.
-41). Finally understood difference between set EOF and set allocation requests.
-Added strict allocate parameter to help.
-42). Correctly return name types on name to SID lookups.
-43). tdb spinlock code update.
-44). Use pread/pwrite on systems that have it to fix race condition in tdb code.
-
-Older release notes for Samba 2.2.x follow.
-
------------------------------------------------------------------------------
-The release notes for 2.2.1a follow :
-
-This is a minor bugfix release for 2.2.1, *NOT* security related.
-
-1). 2.2.1 had a bug where using smbpasswd -m to add a Windows NT or
-Windows2000 machine into a Samba hosted PDC would fail due to our
-stricter user name checking. We were disallowing user names
-containing '$', which is needed when using smbpasswd to add a
-machine into a domain. Automatically adding machines (using the
-native Windows tools) into a Samba domain worked correctly.
-
-2.2.1a fixes this single problem.
-
------------------------------------------------------------------------------
-The release notes for 2.2.1 follow :
-
-New/Changed parameters in 2.2.1
--------------------------------
-
-Added parameters.
------------------
-
-obey pam restrictions
-
-When Samba is configured to use PAM, turns on or off Samba checking
-the PAM account restrictions. Defaults to off.
-
-pam password change
-
-When Samba is configured to use PAM, turns on or off Samba passing
-the password changes to PAM. Defaults to off.
-
-large readwrite
-
-New option to allow new Windows 2000 large file (64k) streaming
-read/write options. Needs a 64 bit underlying operating system
-(for Linux use kernel 2.4 with glibc 2.2 or above). Can improve performance
-by 10% with Windows 2000 clients. Defaults to off. Not as tested
-as some other Samba code paths.
-
-hide unreadable
-
-Prevents clients from seeing the existance of files that cannot
-be read. Off by default.
-
-enhanced browsing
-
-Turn on/off the enhanced Samba browing functionality (*1B names).
-Default is "on". Can prevent eternal machines in workgroups when
-WINS servers are not synchronised.
-
-Removed parameters.
--------------------
-
-domain groups
-domain admin users
-domain guest users
-
-Changes in 2.2.1
------------------
-
-1). "find" command removed for smbclient. Internal code now used.
-2). smbspool updates to retry connections from Michael Sweet.
-3). Fix for mapping 8859-15 characters to UNICODE.
-4). Changed "security=server" to try with invalid username to prevent
-    account lockouts.
-5). Fixes to allow Windows 2000 SP2 clients to join a Samba PDC.
-6). Support for Windows 9x Nexus tools to allow security changes from Win9x.
-7). Two locking fixes added. Samba 2.2.1 now passes the Clarion network
-    lock tester tool for distributed databases.
-8). Preliminary support added for Windows 2000 large file read/write SMBs.
-9). Changed random number generator in Samba to prevent guess attacks.
-10). Fixes for tdb corruption in connections.tdb and file locking brlock.tdb.
-     smbd's clean the tdb files on startup and shutdown.
-11). Fixes for default ACLs on Solaris.
-12). Tidyup of password entry caching code.
-13). Correct shutdowns added for send fails. Helps tdb cleanup code.
-14). Prevent invalid '/' characters in workgroup names.
-15). Removed more static arrays in SAMR code.
-16). Client code is now UNICODE on the wire.
-17). Fix 2 second timstamp resolution everywhere if dos timestamp set to yes.
-18). All tdb opens now going through logging function.
-19). Add pam password changing and pam restrictions code.
-20). Printer driver management improvements (delete driver).
-21). Fix difference between NULL security descriptors and empty
-     security descriptors.
-22). Fix SID returns for server roles.
-23). Allow Windows 2000 mmc to view and set Samba share security descriptors.
-24). Allow smbcontrol to forcibly disconnect a share.
-25). tdb fixes for HPUX, OpenBSD and other OS's that don't have a coherent
-     mmap/file read/write cache.
-26). Fix race condition in returning create disposition for file create/open.
-27). Fix NT rewriting of security descriptors to their canonical form for
-     ACLs.
-28). Fix for Samba running on top of Linux VFAT ftruncate bug.
-29). Swat fixes for being run with xinetd that doesn't set the umask.
-30). Fix for slow writes with Win9x Explorer clients. Emulates Microsoft
-     TCP stack early ack specification error.
-31). Changed lock & persistant tdb directory to /var/cache/samba by default on
-     RedHat and Mandrake as they clear the /var/lock/samba directory on reboot.
-
------------------------------------------------------------------------------
-The release notes for 2.2.0a follow :
-
-SECURITY FIX
-============
-
-This is a security bugfix release for Samba 2.2.0. This release provides the
-following two changes *ONLY* from the 2.2.0 release.
-
-1). Fix for the security hole discovered by Michal Zalewski (lcamtuf@bos.bindview.com)
-    and described in the security advisory below.
-2). Fix for the hosts allow/hosts deny parameters not being honoured.
-
-No other changes are being made for this release to ensure a security fix only.
-For new functionality (including these security fixes) download Samba 2.2.1
-when it is available.
-
-The security advisory follows :
-
-
-                IMPORTANT: Security bugfix for Samba
-                ------------------------------------
-
-June 23rd 2001
-
-
-Summary
--------
-
-A serious security hole has been discovered in all versions of Samba
-that allows an attacker to gain root access on the target machine for
-certain types of common Samba configuration.
-
-The immediate fix is to edit your smb.conf configuration file and
-remove all occurances of the macro "%m". Replacing occurances of %m
-with %I is probably the best solution for most sites.
-
-Details
--------
-
-A remote attacker can use a netbios name containing unix path
-characters which will then be substituted into the %m macro wherever
-it occurs in smb.conf. This can be used to cause Samba to create a log
-file on top of an important system file, which in turn can be used to
-compromise security on the server.
-
-The most commonly used configuration option that can be vulnerable to
-this attack is the "log file" option. The default value for this
-option is VARDIR/log.smbd. If the default is used then Samba is not
-vulnerable to this attack.
-
-The security hole occurs when a log file option like the following is
-used:
-
-  log file = /var/log/samba/%m.log
-
-In that case the attacker can use a locally created symbolic link to
-overwrite any file on the system. This requires local access to the
-server.
-
-If your Samba configuration has something like the following:
-
-  log file = /var/log/samba/%m
-
-Then the attacker could successfully compromise your server remotely
-as no symbolic link is required. This type of configuration is very
-rare.
-
-The most commonly used log file configuration containing %m is the
-distributed in the sample configuration file that comes with Samba:
-
-  log file = /var/log/samba/log.%m
-
-in that case your machine is not vulnerable to this attack unless you
-happen to have a subdirectory in /var/log/samba/ which starts with the
-prefix "log."
-
-Credit
-------
-
-Thanks to Michal Zalewski (lcamtuf@bos.bindview.com) for finding this
-vulnerability.
-
-
-New Release
------------
-
-While we recommend that vulnerable sites immediately change their
-smb.conf configuration file to prevent the attack we will also be
-making new releases of Samba within the next 24 hours to properly fix
-the problem. Please see http://www.samba.org/ for the new releases.
-
-Please report any attacks to the appropriate authority.
-
-        The Samba Team
-        security@samba.org
-
----------------------------------------------------------------------------
-
-The release notes for 2.2.0 follow :
-
-This is the official Samba 2.2.0 release. This version of Samba provides
-the following new features and enhancements.
-
-Integration between Windows oplocks and NFS file opens (IRIX and Linux
-2.4 kernel only). This gives complete data and locking integrity between
-Windows and UNIX file access to the same data files.
-
-Ability to act as an authentication source for Windows 2000 clients as
-well as for NT4.x clients.
-
-Integration with the winbind daemon that provides a single
-sign on facility for UNIX servers in Windows 2000/NT4 networks
-driven by a Windows 2000/NT4 PDC. winbind is not included in
-this release, it currently must be obtained separately. We are
-committed to including winbind in a future Samba 2.2.x release.
-
-Support for native Windows 2000/NT4 printing RPCs. This includes
-support for automatic printer driver download.
-
-Support for server supported Access Control Lists (ACLs).
-This release contains support for the following filesystems: 
-
-    Solaris 2.6+ 
-    SGI Irix 
-    Linux Kernel with ACL patch from http://acl.bestbits.at
-	Linux Kernel with XFS ACL support.
-	Caldera/SCO UnixWare
-	IBM AIX
-	FreeBSD (with external patch)
-
-Other platforms will be supported as resources are
-available to test and implement the encessary modules. If
-you are interested in writing the support for a particular
-ACL filesystem, please join the samba-technical mailing
-list and coordinate your efforts. 
- 
-On PAM (Pluggable Authentication Module) based systems - better debugging
-messages and encrypted password users now have access control verified via
-PAM - Note: Authentication still uses the encrypted password database.
- 
-Rewritten internal locking semantics for more robustness.
-This release supports full 64 bit locking semantics on all
-(even 32 bit) platforms. SMB locks are mapped onto POSIX
-locks (32 bit or 64 bit) as the underlying system allows.
-
-Conversion of various internal flat data structures to use
-database records for increased performance and
-flexibility. 
-
-Support for acting as a MS-DFS (Distributed File System) server.
-
-Support for manipulating Samba shares using Windows client tools
-(server manager). Per share security can be set using these tools
-and Samba will obey the access restrictions applied.
-
-Samba profiling support (see below).
-
-Compile time option for enabling a (Virtual file system) VFS layer 
-to allow non-disk resources to be exported as Windows filesystems
-(such as databases etc.).
-
-The documentation in this release has been updated and converted
-from Yodl to DocBook 4.1. There are many new parameters since 2.0.7
-and some defaults have changed.
-
-Profiling support.
-------------------
-Support for collection of profile information. A shared 
-memory area has been created which contains counters for
-the number of calls to and the amount of time spent in
-various system calls, smb transactions and nmbd activity. See 
-the file profile.h for a complete listing of the information 
-collected. Sample code for a samba pmda (collection agent
-for Performance Co-Pilot) has been included in the pcp
-directory. 
-
-To enable the profile data collection code in samba, you must 
-compile samba with profile data support (run configure with 
-the --with-profiling-data option). On startup, collection of 
-data is disabled. To begin collecting data use the smbcontrol
-program to turn on profiling (see the smbcontrol man page).
-Profile information collection can be enabled for nmbd, all smbd
-processes or one or more selected processes. The profiling
-data collected is the aggragate for all processes that have
-profiling enabled.
-
-With samba compiled for profile data collection, you may see
-a very slight degradation in performance even with profiling
-collection turned off. On initial tests with NetBench on an
-SGI Origin 200 server, this degradation was not measureable 
-with profile collection off compared to no profile collection
-compiled into samba. 
-
-With count profile collection enabled on all clients, the 
-degradation was less than 2%. With full profile collection 
-enabled on all clients, the degradation was about 8.5%. 
-
-=====================================================================
-
-If you think you have found a bug please email a report to :
-
-        <a href="mailto:samba@samba.org">samba@samba.org</a>
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-        The Samba Team.  
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-2.2.4.html b/whatsnew/samba-2.2.4.html
deleted file mode 100755
index aabe91d..0000000
--- a/whatsnew/samba-2.2.4.html
+++ /dev/null
@@ -1,824 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team are pleased to announce Samba&nbsp;2.2.4</H2>
-
-<p>
-<pre>
-The Samba Team is proud to announce the release of Samba 2.2.4.
-
-This is the latest stable release of Samba. This is the version that all
-production Samba servers should be running for all current bug-fixes.
-
-There have been several fixes and internal enhancements which include:
-
- * More/better SPOOLSS printing functionality for Windows
-   NT/2k/XP clients.
- * Several fixes relating to serving PC database files such
-   as (Access and FoxPro) from a Samba file share.
- * Several improves in Samba's VFS layer which can be seen
-   in the inclusion of a "Recycle Bin" vfs module.  See
-   examples/VFS/README for more details on this.
- * Addition of a tool (tdbbackup) for backup/restore of Samba's
-   tdb's
- * Continued improvements to winbind for greater scalability
-   and stability
- * Several fixes related to Samba's MS-DFS support
- * Rpcclient's various printer commands now work (again)
-
-Binary packages will be released shortly for major platforms. The source
-code can be downloaded from :
-
-        <a href="/samba/ftp">ftp://ftp.samba.org/pub/samba/</a>
-
-in the file samba-2.2.4.tar.gz or samba-2.2.4.tar.bz2.
-md5sum's are available in the same directory.
-
-The release notes follow.
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-        The Samba Team.
-
-
-              WHAT'S NEW IN Samba 2.2.4  - 2nd May 2002
-              =========================================
-
-
-New/Changed parameters in 2.2.4
---------------------------------
-
-For more information on these parameters, see the man pages for
-smb.conf(5).
-
-Added/changed parameters
-------------------------
-
-* csc policy
-* inherit acls
-* nt status support
-* lock spin count
-* lock spin time
-* pid directory
-* winbind use default domain
-
-
-Depreciated parameters
-----------------------
-
-The following parameters have been marked as depreciated
-and will be removed in Samba 3.0
-
-* postscript
-* printer driver
-* printer driver file
-* printer driver location
-
-
-Removed Parameters
-------------------
-
-  none
-
-
-Changes in 2.2.4
-----------------
-
-See the cvs log for SAMBA_2_2 for more details
-
-1)  added -c option to smbpasswd
-2)  reworked smbpasswd internal command line option parsing
-3)  small various bug fixes to experimental pdb_tdb.c
-4)  Enforce spoolss RPCs based on the access granted at PrinterOpen()
-5)  Added missing access checks to [add/delete/set]form
-6)  Compile fixes for pam_smbpass
-7)  fix smbd crash when netbios session request fails from
-    spoolss_connect_to_client().
-8)  fixed logic bug that prevent SetPrinter() from storing devmode
-9)  Removed extra get_printer_snum() calls from set_printer_hnd_name()
-10) fix joining domain on big endian machine when using -U to smbpasswd
-11) allow command line arg to override smb.conf log level
-12) continue to retry to register 1b name with wins server if there is an old IP there
-13) fix smbclient print crash bug
-14) 9x pnp fix when the config file and driver file are different
-15) force testparm to print the correct value for log level
-16) fix swat to show full log level info
-17) fix server GetPrinterData() fields to be more sensible
-18) fix logic error in SetPrinterDataEx()
-19) Only set smb_read_error if not already set
-20) Fix string returns that require unicode
-21) Merge of printing performance fixes from appliance
-22) lpq parsing fixes
-23) Back port tridge's xcopy /o fix from HEAD
-24) Fix the printer change notify code (unfinished)
-25) Patch for Domain users not showing up
-26) Fixed SetPrinterData(magic key) to support zero length DEVMODE
-27) Ensure that all methods of looking up and connecting to DC's work
-    using identical logic.
-28) Merge in the mutex code to stop multiple domain logon failure
-29) Ignore 0/0 lock
-30) Fix winbindd to respect command line debuglevel as nmbd/smbd
-31) Update with tdbbackup from HEAD
-32) Fix for typo on solaris nss
-33) Merge in the locking changes from HEAD
-34) Added POSIX ACL layer into the vfs
-35) Fix the returning of domain enum
-36) Fix the generation of the MACHINE.SID file into the secrets.tdb.
-37) Enable test for -rdynamic when building binaries
-38) Remove the "stat open" code - make it inline
-39) Fix the mp3 rename bug
-40) Fix for Explorer DFS problems on older Windows 9X machines
-41) implement OpenPrinter() opnum == 0x01
-42) Matched W2K *insane* open semantics....
-43) small fix that will prevent the "failed to marshall
-    R_NET_SAMLOGON" message in the logs
-42) don't do checking of local passdb in smbpasswd if using -r option
-43) fix "smbpasswd -j DOMAIN -r * -U Admin%XXXX" so that it doesn't
-    try to connect to a server named '*'
-44) merge rpcclient code from HEAD
-45) Ensure MACHINE.SID update done before child spawns
-46) Fix the bad path errors for mkdir so mkdir \a\b\c\d works
-47) Removed --with-vfs - always built if available
-48) Fixed psec for 2.2
-49) Fixed the handle leak in the connection management code
-50) fix disable spoolss after the switch to nt status codes
-51) Added Shirish's client side caching policy change
-52) Honor the specversion when parsing the the DEVICEMODE
-53) fix parsing bug when DEVICEMODE's private data does not end
-    on a 4 byte boundary
-54) do not idle an smbd when there is an open pipe
-55) when a new driver is added to a Samba server, cycle through
-    all printers and bump the change_id for each one bound to the driver
-56) allow smbclient to work with a FIFO as well (needed for KDE
-    ioslave)
-57) various updates to pdb_nisplus.c
-58) many small documentation updates
-59) removed many compiler warnings
-
-
-
-Known Bugs
-----------
-
-* Under certain conditions when serving the MS Access 2000
-  executable file and an Access database from a Samba share,
-  it is possible to experience data corruption.  This bug does not
-  occur when the database is served from a Samba file share
-  but the Access *.exe is stored on the client's local file system.
-  The exact reason for this bug is unknown at this time.
-
-              =========================================
-
-
-
-
-Older release notes for Samba 2.2.x follow.
-
------------------------------------------------------------------------------
-The release notes for 2.2.3a follow :
-
-This is a minor bugfix release for the 2.2.3 release. The 2.2.3
-release had a problem that was visible to Windows 2000 Explorer
-users in that copying files into a share that already existed
-failed with "Access Denied" rather than asking the user if an
-overwrite was required. This was due to an incorrect error mapping
-between the UNIX EXIST error code and the NT status error.
-
-As Windows Explorer is a highly visible end user application a quick
-bugfix release was required, hence 2.2.3a.
-
-Compilation on HPUX versions earlier than HPUX 11 has also been
-corrected.
-
-The cvs.log file is no longer included with this release, as it adds
-13Mb to the size of the release, and is easily available on the Web.
-
------------------------------------------------------------------------------
-The release notes for 2.2.3 follow :
-
-There are several important scaling bugs that have been fixed in this release
-for large server systems so an upgrade is recommended.
-
-LDAP update
------------
-
-Much work has been done on the LDAP backend code. The configure
-option --with-ldapsam is now considered to be stable. The schema
-used has changed, see the file examples/LDAP/samba.schema for the
-new schema.
-
-New documentation explaining how to set up a Samba only PDC/BDC
-setup has been added in the files Samba-LDAP-HOWTO and Samba-BDC-HOWTO
-in the documentation tree.
-
-winbindd daemon extended
-------------------------
-
-Samba 2.2.2 was the first release to include the winbind daemon.
-This code allows UNIX systems that implement the name service
-switch (nss) to be entered into a Windows NT/2000 domain and
-use the Domain controller for all user and group enumeration.
-
-Samba 2.2.3 fixes the known memory leaks in winbindd and has
-been extended to work with SGI IRIX and HPUX (11.x) in addition
-to the earlier targets of Linux and Solaris.
-
-For more information on using winbind, see the man pages for
-winbindd and wbinfo.
-
-Note that winbindd is not installed by default.
-
-New/Changed parameters in 2.2.3
---------------------------------
-
-For more information on these parameters, see the man pages for
-smb.conf.
-
-Added/changed parameters.
--------------------------
-
-unix extensions
-
-Enables the experimental UNIX CIFS extensions in smbd. See the manpage
-for more details.
-
-default devmode
-
-Some printer drivers will crash the Windows NT/2000 spooler service
-if they are given a default devmode, some require it. This parameter
-allows the administrator a choice of whether smbd returns such a
-default devmode for a driver.
-
-share modes
-
-This parameter has been restored to allow people who wish smbd to ignore
-client share modes. This is *very dangerous* and should not be set without
-full knowledge of what this is designed for.
-
-Changes in 2.2.3
------------------
-
-1). Fixed shared library compile for Solaris with native compiler.
-2). UNIX CIFS extensions code added (donated by HP).
-3). Changed to using NT status codes on the wire if the client can support
-this.
-4). altname command to show 8.3 name added to smbclient.
-5). const-safe endian macros now used.
-6). client code now uses UNICODE on the wire.
-7). Correctly return fault PDU's on bad handle.
-8). Improved NT error code mapping table.
-9). Many new point and print RPC calls added.
-10). Win9x clients can now see full user list.
-11). field added to identify simultaneous open files (no longer
-use dev/inode/time as unique value).
-12). HPUX ACL code added (donated by HP).
-13). vfs interfaces updated (again !).
-14). MSDOS Code Page 866 -> 1251 mapping added.
-15). winbindd now processes quit/hup signals correctly.
-16). No tdb traversal done on startup/shutdown - ensures scalability.
-17). Fix bug with paths for homes share.
-18). Fixed copyfile for OS/2.
-19). Fix group membership when groups are on more than one line.
-20). Fixed core dumps in posix ACL mapping code.
-21). Tidyup of UNICODE functions (put/get).
-22). Move rpcclient to the new libsmb code.
-23). Add missing Windows 2000 passthough trans2 calls.
-24). Return check all tdb calls.
-25). Make local name lookup work even if wins server is down.
-26). pam session code added to winbind.
-27). Added winbindd cache to all lookups.
-28). Fix allocate bugs that caused file sizes to be incorrect.
-29). Fixed write cache code - now safe to use.
-30). Fixed winbindd memory leaks.
-31). winbindd will now do name lookups (to allow non Open Source
-systems to do the nsswitch WINS lookup). Fixed by SGI.
-32). passdb memory leaks fixed.
-33). LDAP code updates and now properly maintained.
-34). Finally figured out how changeid is meant to work.
-35). Downlevel printing now looks as NT does in print monitor window.
-36). Many fixups in spoolss printing RPC parsing.
-37). Speed up password enumeration as a PDC.
-38). Fix printer changed notify messages (work from HP).
-39). Fix modify timestamp on close code.
-40). Fix long standing mangled names bug.
-41). Fix delete on close semantics.
-42). Stop opening all files with O_NONBLOCK !
-43). Use O_NOFOLLOW for systems that have it and don't want symlinks.
-44). Ensure NT supplementary groups get added to user token.
-45). Try and mitigate effects of DNS timeout (do less lookups).
-46). Added current user connection context stack.
-47). Fixes to utmp code.
-48). smbw code tidyups.
-49). Added tdb open log code. Several tdb fixes.
-
------------------------------------------------------------------------------
-The release notes for 2.2.2 follow :
-
-New daemon included - winbindd
-------------------------------
- 
-Samba 2.2.2 is the first release to include the winbind daemon.
-This code allows UNIX systems that implement the name service
-switch (nss) to be entered into a Windows NT/2000 domain and
-use the Domain controller for all user and group enumeration.
- 
-This allows a Samba server added to a Windows domain to serve
-file and print services with *NO* local users needed in /etc/passwd
-and /etc/group - all users and groups are read directly from the
-Windows domain controller. In addition with pam_winbind which allows
-a PAM enabled UNIX system to use a Windows domain for authentication
-service this allows single sign on and account control across
-UNIX and Windows systems.
- 
-The current version of winbindd shipped in 2.2.2 does have some
-memory leaks, which will be addressed for the next Samba release,
-so it is advisable to monitor the winbind process. This code is
-being used in production by several vendors, so the leaks are
-manageable. In addition, this version of winbind does not work
-correctly against a Samba PDC, due to some missing calls on the
-PDC side. These problems are being addressed for the next Samba
-release, but it was thought better to release the code now rather
-than delay the main Samba code to match the winbind release schedule.
- 
-For more information on using winbind, see the man pages for
-winbindd and wbinfo.
- 
-Note that winbindd is not installed by default.
-
-New/Changed parameters in 2.2.2
--------------------------------
-
-For more information on these parameters, see the man pages for
-smb.conf.
-
-Added/changed parameters.
--------------------------
-
-strict allocate
-
-Causes Samba not to create UNIX 'sparse' files, but to follow the
-Windows behavior of always allocating on-disk space.
-
-use mmap
-
-Set to 'on' by default, only set to 'off' on HPUX 11.x or below or other
-UNIX systems that don't have coherent mmap/read-write internal caches.
-You should not need to set this parameter.
-
-nt acl support
-
-This parameter has been changed to a per-share option, and is very
-useful in enabling Windows 2000 SP2 to load/save profiles from a 
-Samba share.
-
-New printing parameters.
-------------------------
-
-disable spoolss
-
-Setting this parameter causes Samba to go back to the old 2.0.x
-LANMAN printing behavior, for people who wish to disable the
-new SPOOLSS pipe.
-
-use client driver
-
-Causes Windows NT/2000 clients to need have a local printer driver
-installed and to treat the printer as local.
-
-New LDAP parameters.
---------------------
-
-Samba 2.2.2 contains new code to maintain a Samba SAM database
-on a remote LDAP server. These parameters have been added as
-part of this code. These parameters are only available when Samba
-has been compiled with the --with-ldapsam option.
-
-ldap admin dn
-ldap ssl
-
-New SSL parameters.
--------------------
-
-The SSL support in Samba has been fixed. These new parameters
-are part of the changes added. These parameters are only available
-when Samba has been compiled with the --with-ssl option. 
-Please see the smb.conf man page for details.
-
-ssl egd socket
-ssl entropy file
-ssl entropy bytes
-
-New winbindd parameters.
-------------------------
-
-These parameters are used by winbindd. See the man page for
-winbindd for details.
-
-winbind separator
-winbind uid
-winbind gid
-winbind cache time
-winbind enum users
-winbind enum groups
-template homedir
-template shell
-
-Removed parameters.
--------------------
-
-share modes
-ldap root
-ldap root passwd
-
-New Documentation.
-------------------
-
-Some new README's have been added in the docs/ directory. These cover
-using roving profiles with Windows 2000 SP2 (docs/README.Win2kSP2),
-and how to use Samba to help prevent Windows virus spread
-(docs/README.Win32-Viruses).
-
-Quota problems on a Linux 2.4 kernel.
--------------------------------------
-
-Currently the quota interfaces have diverged between the Linus
-2.4.x kernels and the Alan Cox 2.4.x kernels (the Alan Cox variants
-are shipped with RedHat). Running quota-enabled Samba compiled on
-an Alan Cox kernel works correctly on an Alan Cox kernel (the one
-shipped by default with RedHat 7.x) but fails on a Linus kernel.
-
-This is a mess, and hopefully Alan and Linus will sort it out soon.
-In the meantime we need to ship.....
-
-Changes in 2.2.2
------------------
-
-1). mmap tdb code disabled on HPUX. This should prevent the reports of
-tdb corruption on HUPX.
-2). Large file support set to off in Solaris 5.5 and below.
-3). Better CUPS detection.
-4). New SAM (password database) backends - smbpasswd (traditional),
-LDAP, NIS+ and Samba TDB.
-5). Quota fixups on Linux.
-6). libsmbclient stand-alone code added. Can be built as a shared library
-under Linux.
-7). Tru64 ACL support added.
-8). winbindd option added.
-9). Realloc fail tidyup fixes all over the code.
-10). Large improvement in hash table code efficiency - would be found with
-large stat caches.
-11). Error code consistency improved (still needs more work).
-12). Profile shared memory support added to nmbd.
-13). New Windows 2000/NT passthrough info levels added.
-14). readraw/writeraw code rewritten - many bugs fixed.
-15). UNIX password sync (non pam) code fixed, use correct wildcard matcher.
-16). Reverse DNS lookup avoided on socket open.
-17). Bug preventing nmbd re-registering names on WINS server timeout fixed.
-18). Zero length byte range lock code added. Much closer to Windows semantics.
-19). Alignment fault fixes for Linux/Alpha.
-20). Error checking on tdb returns vastly improved.
-21). Handling of delete on close fixed. No longer possible to leave 'dead'
-file entries.
-22). Handling of oplock break failure cleanups improved. Should not be
-able to leave 'dead' entries.
-23). Fix handling of errors trying to set 64 bit locks on 32 bit NFS mounts.
-24). Misc. MS-DFS code fixes.
-25). Ignore logon packets if not a PDC (needed for PDC/BDC failover).
-26). winbind pam module added.
-27). Order N^^2 enumeration of printers problem fixed.
-28). Password backend database code re-ordered to allow different password
-backends (at compile time currently).
-29). Improved print driver version detection for Windows 2000.
-30). Driver DEVMODE initialization fixes.
-31). Improved SYSV print parse code.
-32). Fixed enumeration of large numbers of users/groups from Windows clients.
-Code still too slow.
-33). Fix for buggy NetApp RPC pipe clients.
-34). Fix for NT sending multiple SetPrinterDataEx calls.
-35). Fix for logic bug where smbd could delay oplock break request messages
-from other smbd daemons whilst client kept us busy.
-36). Fix deadlock problem with connections tdb on enumeration.
-37). Fixes for setting/getting NT ACLs - improved POSIX mapping both ways.
-38). Removed unused readbmpx/writebmpx code.
-39). Attempt to fix Linux 2.4.x quota mess.
-40). Improved ctemp code for Windows 2000 compatibility.
-41). Finally understood difference between set EOF and set allocation requests.
-Added strict allocate parameter to help.
-42). Correctly return name types on name to SID lookups.
-43). tdb spinlock code update.
-44). Use pread/pwrite on systems that have it to fix race condition in tdb code.
-
------------------------------------------------------------------------------
-The release notes for 2.2.1a follow :
-
-This is a minor bugfix release for 2.2.1, *NOT* security related.
-
-1). 2.2.1 had a bug where using smbpasswd -m to add a Windows NT or
-Windows2000 machine into a Samba hosted PDC would fail due to our
-stricter user name checking. We were disallowing user names
-containing '$', which is needed when using smbpasswd to add a
-machine into a domain. Automatically adding machines (using the
-native Windows tools) into a Samba domain worked correctly.
-
-2.2.1a fixes this single problem.
-
------------------------------------------------------------------------------
-The release notes for 2.2.1 follow :
-
-New/Changed parameters in 2.2.1
--------------------------------
-
-Added parameters.
------------------
-
-obey pam restrictions
-
-When Samba is configured to use PAM, turns on or off Samba checking
-the PAM account restrictions. Defaults to off.
-
-pam password change
-
-When Samba is configured to use PAM, turns on or off Samba passing
-the password changes to PAM. Defaults to off.
-
-large readwrite
-
-New option to allow new Windows 2000 large file (64k) streaming
-read/write options. Needs a 64 bit underlying operating system
-(for Linux use kernel 2.4 with glibc 2.2 or above). Can improve performance
-by 10% with Windows 2000 clients. Defaults to off. Not as tested
-as some other Samba code paths.
-
-hide unreadable
-
-Prevents clients from seeing the existence of files that cannot
-be read. Off by default.
-
-enhanced browsing
-
-Turn on/off the enhanced Samba browsing functionality (*1B names).
-Default is "on". Can prevent eternal machines in workgroups when
-WINS servers are not synchronized.
-
-Removed parameters.
--------------------
-
-domain groups
-domain admin users
-domain guest users
-
-Changes in 2.2.1
------------------
-
-1). "find" command removed for smbclient. Internal code now used.
-2). smbspool updates to retry connections from Michael Sweet.
-3). Fix for mapping 8859-15 characters to UNICODE.
-4). Changed "security=server" to try with invalid username to prevent
-    account lockouts.
-5). Fixes to allow Windows 2000 SP2 clients to join a Samba PDC.
-6). Support for Windows 9x Nexus tools to allow security changes from Win9x.
-7). Two locking fixes added. Samba 2.2.1 now passes the Clarion network
-    lock tester tool for distributed databases.
-8). Preliminary support added for Windows 2000 large file read/write SMBs.
-9). Changed random number generator in Samba to prevent guess attacks.
-10). Fixes for tdb corruption in connections.tdb and file locking brlock.tdb.
-     smbd's clean the tdb files on startup and shutdown.
-11). Fixes for default ACLs on Solaris.
-12). Tidyup of password entry caching code.
-13). Correct shutdowns added for send fails. Helps tdb cleanup code.
-14). Prevent invalid '/' characters in workgroup names.
-15). Removed more static arrays in SAMR code.
-16). Client code is now UNICODE on the wire.
-17). Fix 2 second timestamp resolution everywhere if dos timestamp set to yes.
-18). All tdb opens now going through logging function.
-19). Add pam password changing and pam restrictions code.
-20). Printer driver management improvements (delete driver).
-21). Fix difference between NULL security descriptors and empty
-     security descriptors.
-22). Fix SID returns for server roles.
-23). Allow Windows 2000 mmc to view and set Samba share security descriptors.
-24). Allow smbcontrol to forcibly disconnect a share.
-25). tdb fixes for HPUX, OpenBSD and other OS's that don't have a coherent
-     mmap/file read/write cache.
-26). Fix race condition in returning create disposition for file create/open.
-27). Fix NT rewriting of security descriptors to their canonical form for
-     ACLs.
-28). Fix for Samba running on top of Linux VFAT ftruncate bug.
-29). Swat fixes for being run with xinetd that doesn't set the umask.
-30). Fix for slow writes with Win9x Explorer clients. Emulates Microsoft
-     TCP stack early ack specification error.
-31). Changed lock & persistent tdb directory to /var/cache/samba by default on
-     RedHat and Mandrake as they clear the /var/lock/samba directory on reboot.
-
------------------------------------------------------------------------------
-The release notes for 2.2.0a follow :
-
-SECURITY FIX
-============
-
-This is a security bugfix release for Samba 2.2.0. This release provides the
-following two changes *ONLY* from the 2.2.0 release.
-
-1). Fix for the security hole discovered by Michal Zalewski (lcamtuf@bos.bindview.com)
-    and described in the security advisory below.
-2). Fix for the hosts allow/hosts deny parameters not being honoured.
-
-No other changes are being made for this release to ensure a security fix only.
-For new functionality (including these security fixes) download Samba 2.2.1
-when it is available.
-
-The security advisory follows :
-
-
-                IMPORTANT: Security bugfix for Samba
-                ------------------------------------
-
-June 23rd 2001
-
-
-Summary
--------
-
-A serious security hole has been discovered in all versions of Samba
-that allows an attacker to gain root access on the target machine for
-certain types of common Samba configuration.
-
-The immediate fix is to edit your smb.conf configuration file and
-remove all occurances of the macro "%m". Replacing occurances of %m
-with %I is probably the best solution for most sites.
-
-Details
--------
-
-A remote attacker can use a netbios name containing unix path
-characters which will then be substituted into the %m macro wherever
-it occurs in smb.conf. This can be used to cause Samba to create a log
-file on top of an important system file, which in turn can be used to
-compromise security on the server.
-
-The most commonly used configuration option that can be vulnerable to
-this attack is the "log file" option. The default value for this
-option is VARDIR/log.smbd. If the default is used then Samba is not
-vulnerable to this attack.
-
-The security hole occurs when a log file option like the following is
-used:
-
-  log file = /var/log/samba/%m.log
-
-In that case the attacker can use a locally created symbolic link to
-overwrite any file on the system. This requires local access to the
-server.
-
-If your Samba configuration has something like the following:
-
-  log file = /var/log/samba/%m
-
-Then the attacker could successfully compromise your server remotely
-as no symbolic link is required. This type of configuration is very
-rare.
-
-The most commonly used log file configuration containing %m is the
-distributed in the sample configuration file that comes with Samba:
-
-  log file = /var/log/samba/log.%m
-
-in that case your machine is not vulnerable to this attack unless you
-happen to have a subdirectory in /var/log/samba/ which starts with the
-prefix "log."
-
-Credit
-------
-
-Thanks to Michal Zalewski (lcamtuf@bos.bindview.com) for finding this
-vulnerability.
-
-
-New Release
------------
-
-While we recommend that vulnerable sites immediately change their
-smb.conf configuration file to prevent the attack we will also be
-making new releases of Samba within the next 24 hours to properly fix
-the problem. Please see http://www.samba.org/ for the new releases.
-
-Please report any attacks to the appropriate authority.
-
-        The Samba Team
-        security@samba.org
-
----------------------------------------------------------------------------
-
-The release notes for 2.2.0 follow :
-
-This is the official Samba 2.2.0 release. This version of Samba provides
-the following new features and enhancements.
-
-Integration between Windows oplocks and NFS file opens (IRIX and Linux
-2.4 kernel only). This gives complete data and locking integrity between
-Windows and UNIX file access to the same data files.
-
-Ability to act as an authentication source for Windows 2000 clients as
-well as for NT4.x clients.
-
-Integration with the winbind daemon that provides a single
-sign on facility for UNIX servers in Windows 2000/NT4 networks
-driven by a Windows 2000/NT4 PDC. winbind is not included in
-this release, it currently must be obtained separately. We are
-committed to including winbind in a future Samba 2.2.x release.
-
-Support for native Windows 2000/NT4 printing RPCs. This includes
-support for automatic printer driver download.
-
-Support for server supported Access Control Lists (ACLs).
-This release contains support for the following filesystems: 
-
-    Solaris 2.6+ 
-    SGI Irix 
-    Linux Kernel with ACL patch from http://acl.bestbits.at
-	Linux Kernel with XFS ACL support.
-	Caldera/SCO UnixWare
-	IBM AIX
-	FreeBSD (with external patch)
-
-Other platforms will be supported as resources are
-available to test and implement the necessary modules. If
-you are interested in writing the support for a particular
-ACL filesystem, please join the samba-technical mailing
-list and coordinate your efforts. 
- 
-On PAM (Pluggable Authentication Module) based systems - better debugging
-messages and encrypted password users now have access control verified via
-PAM - Note: Authentication still uses the encrypted password database.
- 
-Rewritten internal locking semantics for more robustness.
-This release supports full 64 bit locking semantics on all
-(even 32 bit) platforms. SMB locks are mapped onto POSIX
-locks (32 bit or 64 bit) as the underlying system allows.
-
-Conversion of various internal flat data structures to use
-database records for increased performance and
-flexibility.
-
-Support for acting as a MS-DFS (Distributed File System) server.
-
-Support for manipulating Samba shares using Windows client tools
-(server manager). Per share security can be set using these tools
-and Samba will obey the access restrictions applied.
-
-Samba profiling support (see below).
-
-Compile time option for enabling a (Virtual file system) VFS layer 
-to allow non-disk resources to be exported as Windows filesystems
-(such as databases etc.).
-
-The documentation in this release has been updated and converted
-from Yodl to DocBook 4.1. There are many new parameters since 2.0.7
-and some defaults have changed.
-
-Profiling support.
-------------------
-Support for collection of profile information. A shared 
-memory area has been created which contains counters for
-the number of calls to and the amount of time spent in
-various system calls, smb transactions and nmbd activity. See 
-the file profile.h for a complete listing of the information 
-collected. Sample code for a samba pmda (collection agent
-for Performance Co-Pilot) has been included in the pcp
-directory. 
-
-To enable the profile data collection code in samba, you must 
-compile samba with profile data support (run configure with 
-the --with-profiling-data option). On startup, collection of 
-data is disabled. To begin collecting data use the smbcontrol
-program to turn on profiling (see the smbcontrol man page).
-Profile information collection can be enabled for nmbd, all smbd
-processes or one or more selected processes. The profiling
-data collected is the aggregate for all processes that have
-profiling enabled.
-
-With samba compiled for profile data collection, you may see
-a very slight degradation in performance even with profiling
-collection turned off. On initial tests with NetBench on an
-SGI Origin 200 server, this degradation was not measurable 
-with profile collection off compared to no profile collection
-compiled into samba.
-
-With count profile collection enabled on all clients, the 
-degradation was less than 2%. With full profile collection 
-enabled on all clients, the degradation was about 8.5%. 
-
-=====================================================================
-
-If you think you have found a bug please email a report to :
-
-        <a href="mailto:samba@samba.org">samba@samba.org</a>
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-        The Samba Team.  
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-2.2.5.html b/whatsnew/samba-2.2.5.html
deleted file mode 100755
index 04272db..0000000
--- a/whatsnew/samba-2.2.5.html
+++ /dev/null
@@ -1,943 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team are pleased to announce Samba 2.2.5</H2>
-
-<p>
-<pre>
-The Samba Team is proud to announce the release of Samba 2.2.5.
-
-This is the latest stable release of Samba. This is the version that all
-production Samba servers should be running for all current bug-fixes.
-
-There have been several fixes and internal enhancements which include:
-
-* Several compile fixes for Solaris and HP-UX
-* More printing fixes for Windows NT/2k/XP clients
-* New options for the VFS recycle bin library
-* New internal signal handling semantics relating to directory change
-  notification and oplocks
-
-
-Binary packages will be released shortly for major platforms. The source
-code can be downloaded from :
-
-        <a href="/samba/ftp">ftp://ftp.samba.org/pub/samba/</a>
-
-in the file samba-2.2.5.tar.gz or samba-2.2.5.tar.bz2.
-md5sum's are available in the same directory.
-
-The release notes follow.
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-        The Samba Team.
-
-
-
-              WHAT'S NEW IN Samba 2.2.5  - 18th June 2002
-              ===========================================
-
-This is the latest stable release of Samba. This is the version that all
-production Samba servers should be running for all current bug-fixes.
-
-There have been several fixes and internal enhancements which include:
-
-* Several compile fixes for Solaris and HP-UX
-* More printing fixes for Windows NT/2k/XP clients
-* New options for the VFS recycle bin library
-* New internal signal handling semantics relating to directory change
-  notification and oplocks
-
-New/Changed parameters in 2.2.5
---------------------------------
-
-For more information on these parameters, see the man pages for
-smb.conf(5).
-
-Added/changed parameters
-------------------------
-
-* block size = <INTEGER>
-* force unknown acl user = <boolean>
-* mangling method = [hash|hash2]
-
-
-Deprecated Parameters
----------------------
-
-The following parameters have been marked as deprecated and will be removed
-in Samba 3.0
-
-* strip dot
-* status
-
-
-Removed Parameters
-------------------
-
-  none
-
-
-Changes in 2.2.5
-----------------
-
-See the cvs log for SAMBA_2_2 for more details
-
-1)  Removal of several compiler warnings, incorrect Makefile dependencies,
-    and wrong autoconf tests on various platforms--Solaris & HP-UX 10.20
-    being the predominantly reported platforms
-2)  Fixed winbindd crash bug on the IBM s390 running Linux
-3)  Inclusion of enhanced Linux quota support
-4)  Correctly link against Sun LDAP libraries on Solaris 8 (even through
-    there is no apparent SSL support there)
-5)  POSIX conformance patches
-6)  Include new configure --enable-cups option (can also be disabled even
-    if CUPS libraries are installed on the system)
-7)  Set reasonable default for the "passwd program" parameter using an
-    autoconf test
-8)  Added --with-winbind-auth for enabling winbindd_pam_auth_crap() code
-9)  fixed bug to prevent root account from being deleted by the
-    "delete user script"
-10) Inclusion of autoconf script for building VFS modules
-11) Add new run time options to the VFS recycle bin library (see
-    examples/VFS/recycle/README for details)
-12) Include findsmb perl script as part of the "make install" process
-13) Return correct error code for EnumPrinters(PRINTER_ENUM_REMOTE, InfoLevel1)
-    to fix a bug where printers appear at the workgroup level in the Windows
-    NT/2k APW browse list
-14) Added support to nmblookup to return NMB flags (See nmblookup(8) for
-    details)
-15) Fix length bug that caused password changes from Windows NT/2k clients to
-    occasionally fail
-16) Correct false password expiration when using --with-ldapsam caused by
-    missing attributes in the directory
-17) added -S option to smbpasswd for storing the SID of a domain controller
-    as the local machine SID in secrets.tdb.  See the smbpasswd(8) man page
-    for details.
-18) Various fixes for UNIX CIFS extensions commands
-19) Fixed CIDR notation in "hosts allow/deny"
-20) Change semantics of an idle connection to mean "no open files and no
-    open handles".  We cannot idle a connection if there are open named
-    pipe handles.  This fixes scalability problem on Samba print servers
-    and NT/2k clients introduced in 2.2.4
-21) Fix germam umlaut problem when returning ACL entries
-22) Return NT_STATUS_OBJECT_NAME_NOT_FOUND for ENOENT.  This fixes the bug
-    of running the Microsoft Access executable (msaccess.exe) and database
-    files from a Samba share documented in the 2.2.4 release
-23) Corrected signal handling relating to directory change notification and
-    kernel oplocks
-24) Fix bug in unix_to_nt_time() that appeared on files dated close to Daylight
-    Savings Time
-25) Corrected alignment bug in spoolss parsing code which caused Win2k/XP
-    clients not to be able to view printer properties from a Samba host
-26) Fixed spoolss parsing bug causing printing from ACT! 2000 running on
-    Windows 2k/XP clients to fail
-27) Fixed incorrect error check in mod_share_entry()
-28) Allow %S variable in MS-DFS root paths
-29) Correct a bug regarding the use of 'wbinfo -A'
-30) Fixed libnss_wins.so to correctly work on RedHat 7.3 systems
-31) Store the key for a name-to-sid cache entry in upper case rather than
-    whatever case the request was made in.  This gets rid of duplicate
-    cache entries.
-32) Fix bug causing the pid stored in winbindd's pid file to be the wrong id
-33) Enhanced error reporting messages of wbinfo
-34) Parameterize block size on disk size return
-35) Added new parameter to allow incoming ACLs to have owner and group forced
-    to the currently logged in user. This fixes the XCOPY /O problem
-36) Fixed bug in local_change_password() caused by reusing a struct
-    passwd* pointer
-37) Change default value for "ldap port" to 389 if "ldap ssl = no"
-38) Updated HOWTO's, manpages, and general documentation....
-39) Allow root as well as domain admins to open an LDAP connection
-40) Fixed veto files bug with ".*"
-41) Fixed uninitialized variable bug in smbpasswd that was causing a random
-    IP address to be used in the connection when joining a domain
-42) Fix for joining a domain with a netbios name of 15 characters and
-    pre-creating the account on the DC
-43) Added links to new documentation on SWAT welcome page
-
-
-              =========================================
-
-Older releases notes for 2.2.x distributions follow
-
------------------------------------------------------------------------------
-The release notes for 2.2.4 follow :
-
-There have been several fixes and internal enhancements which include:
-
- * More/better SPOOLSS printing functionality for Windows
-   NT/2k/XP clients.
- * Several fixes relating to serving PC database files such
-   as (Access and FoxPro) from a Samba file share.
- * Several improves in Samba's VFS layer which can be seen
-   in the inclusion of a "Recycle Bin" vfs module.  See
-   examples/VFS/README for more details on this.
- * Addition of a tool (tdbbackup) for backup/restore of Samba's
-   tdb's
- * Continued improvements to winbind for greater scalability
-   and stability
- * Several fixes related to Samba's MS-DFS support
- * Rpcclient's various printer commands now work (again)
-
-
-New/Changed parameters in 2.2.4
---------------------------------
-
-For more information on these parameters, see the man pages for
-smb.conf(5).
-
-Added/changed parameters
-------------------------
-
-* csc policy
-* inherit acls
-* nt status support
-* lock spin count
-* lock spin time
-* pid directory
-* winbind use default domain
-
-
-Deprecated parameters
----------------------
-
-The following parameters have been marked as deprecated
-and will be removed in Samba 3.0
-
-* postscript
-* printer driver
-* printer driver file
-* printer driver location
-
-
-Removed Parameters
-------------------
-
-  none
-
-
-Changes in 2.2.4
-----------------
-
-See the cvs log for SAMBA_2_2 for more details
-
-1)  added -c option to smbpasswd
-2)  reworked smbpasswd internal command line option parsing
-3)  small various bug fixes to experimental pdb_tdb.c
-4)  Enforce spoolss RPCs based on the access granted at PrinterOpen()
-5)  Added missing access checks to [add/delete/set]form
-6)  Compile fixes for pam_smbpass
-7)  fix smbd crash when netbios session request fails from
-    spoolss_connect_to_client().
-8)  fixed logic bug that prevent SetPrinter() from storing devmode
-9)  Removed extra get_printer_snum() calls from set_printer_hnd_name()
-10) fix joining domain on big endian machine when using -U to smbpasswd
-11) allow command line arg to override smb.conf log level
-12) continue to retry to register 1b name with wins server if there is an old IP there
-13) fix smbclient print crash bug
-14) 9x pnp fix when the config file and driver file are different
-15) force testparm to print the correct value for log level
-16) fix swat to show full log level info
-17) fix server GetPrinterData() fields to be more sensible
-18) fix logic error in SetPrinterDataEx()
-19) Only set smb_read_error if not already set
-20) Fix string returns that require unicode
-21) Merge of printing performance fixes from appliance
-22) lpq parsing fixes
-23) Back port tridge's xcopy /o fix from HEAD
-24) Fix the printer change notify code (unfinished)
-25) Patch for Domain users not showing up
-26) Fixed SetPrinterData(magic key) to support zero length DEVMODE
-27) Ensure that all methods of looking up and connecting to DC's work
-    using identical logic.
-28) Merge in the mutex code to stop multiple domain logon failure
-29) Ignore 0/0 lock
-30) Fix winbindd to respect command line debuglevel as nmbd/smbd
-31) Update with tdbbackup from HEAD
-32) Fix for typo on solaris nss
-33) Merge in the locking changes from HEAD
-34) Added POSIX ACL layer into the vfs
-35) Fix the returning of domain enum
-36) Fix the generation of the MACHINE.SID file into the secrets.tdb.
-37) Enable test for -rdynamic when building binaries
-38) Remove the "stat open" code - make it inline
-39) Fix the mp3 rename bug
-40) Fix for Explorer DFS problems on older Windows 9X machines
-41) implement OpenPrinter() opnum == 0x01
-42) Matched W2K *insane* open semantics....
-43) small fix that will prevent the "failed to marshall
-    R_NET_SAMLOGON" message in the logs
-42) don't do checking of local passdb in smbpasswd if using -r option
-43) fix "smbpasswd -j DOMAIN -r * -U Admin%XXXX" so that it doesn't
-    try to connect to a server named '*'
-44) merge rpcclient code from HEAD
-45) Ensure MACHINE.SID update done before child spawns
-46) Fix the bad path errors for mkdir so mkdir \a\b\c\d works
-47) Removed --with-vfs - always built if available
-48) Fixed psec for 2.2
-49) Fixed the handle leak in the connection management code
-50) fix disable spoolss after the switch to nt status codes
-51) Added Shirish's client side caching policy change
-52) Honor the specversion when parsing the the DEVICEMODE
-53) fix parsing bug when DEVICEMODE's private data does not end
-    on a 4 byte boundary
-54) do not idle an smbd when there is an open pipe
-55) when a new driver is added to a Samba server, cycle through
-    all printers and bump the change_id for each one bound to the driver
-56) allow smbclient to work with a FIFO as well (needed for KDE
-    ioslave)
-57) various updates to pdb_nisplus.c
-58) many small documentation updates
-59) removed many compiler warnings
-
-
------------------------------------------------------------------------------
-The release notes for 2.2.3a follow :
-
-This is a minor bugfix release for the 2.2.3 release. The 2.2.3
-release had a problem that was visible to Windows 2000 Explorer
-users in that copying files into a share that already existed
-failed with "Access Denied" rather than asking the user if an
-overwrite was required. This was due to an incorrect error mapping
-between the UNIX EXIST error code and the NT status error.
-
-As Windows Explorer is a highly visible end user application a quick
-bugfix release was required, hence 2.2.3a.
-
-Compilation on HPUX versions earlier than HPUX 11 has also been
-corrected.
-
-The cvs.log file is no longer included with this release, as it adds
-13Mb to the size of the release, and is easily available on the Web.
-
------------------------------------------------------------------------------
-The release notes for 2.2.3 follow :
-
-There are several important scaling bugs that have been fixed in this release
-for large server systems so an upgrade is recommended.
-
-LDAP update
------------
-
-Much work has been done on the LDAP backend code. The configure
-option --with-ldapsam is now considered to be stable. The schema
-used has changed, see the file examples/LDAP/samba.schema for the
-new schema.
-
-New documentation explaining how to set up a Samba only PDC/BDC
-setup has been added in the files Samba-LDAP-HOWTO and Samba-BDC-HOWTO
-in the documentation tree.
-
-winbindd daemon extended
-------------------------
-
-Samba 2.2.2 was the first release to include the winbind daemon.
-This code allows UNIX systems that implement the name service
-switch (nss) to be entered into a Windows NT/2000 domain and
-use the Domain controller for all user and group enumeration.
-
-Samba 2.2.3 fixes the known memory leaks in winbindd and has
-been extended to work with SGI IRIX and HPUX (11.x) in addition
-to the earlier targets of Linux and Solaris.
-
-For more information on using winbind, see the man pages for
-winbindd and wbinfo.
-
-Note that winbindd is not installed by default.
-
-New/Changed parameters in 2.2.3
---------------------------------
-
-For more information on these parameters, see the man pages for
-smb.conf.
-
-Added/changed parameters.
--------------------------
-
-unix extensions
-
-Enables the experimental UNIX CIFS extensions in smbd. See the manpage
-for more details.
-
-default devmode
-
-Some printer drivers will crash the Windows NT/2000 spooler service
-if they are given a default devmode, some require it. This parameter
-allows the administrator a choice of whether smbd returns such a
-default devmode for a driver.
-
-share modes
-
-This parameter has been restored to allow people who wish smbd to ignore
-client share modes. This is *very dangerous* and should not be set without
-full knowledge of what this is designed for.
-
-Changes in 2.2.3
------------------
-
-1). Fixed shared library compile for Solaris with native compiler.
-2). UNIX CIFS extensions code added (donated by HP).
-3). Changed to using NT status codes on the wire if the client can support
-this.
-4). altname command to show 8.3 name added to smbclient.
-5). const-safe endian macros now used.
-6). client code now uses UNICODE on the wire.
-7). Correctly return fault PDU's on bad handle.
-8). Improved NT error code mapping table.
-9). Many new point and print RPC calls added.
-10). Win9x clients can now see full user list.
-11). field added to identify simultaneous open files (no longer
-use dev/inode/time as unique value).
-12). HPUX ACL code added (donated by HP).
-13). vfs interfaces updated (again !).
-14). MSDOS Code Page 866 -> 1251 mapping added.
-15). winbindd now processes quit/hup signals correctly.
-16). No tdb traversal done on startup/shutdown - ensures scalability.
-17). Fix bug with paths for homes share.
-18). Fixed copyfile for OS/2.
-19). Fix group membership when groups are on more than one line.
-20). Fixed core dumps in posix ACL mapping code.
-21). Tidyup of UNICODE functions (put/get).
-22). Move rpcclient to the new libsmb code.
-23). Add missing Windows 2000 passthough trans2 calls.
-24). Return check all tdb calls.
-25). Make local name lookup work even if wins server is down.
-26). pam session code added to winbind.
-27). Added winbindd cache to all lookups.
-28). Fix allocate bugs that caused file sizes to be incorrect.
-29). Fixed write cache code - now safe to use.
-30). Fixed winbindd memory leaks.
-31). winbindd will now do name lookups (to allow non Open Source
-systems to do the nsswitch WINS lookup). Fixed by SGI.
-32). passdb memory leaks fixed.
-33). LDAP code updates and now properly maintained.
-34). Finally figured out how changeid is meant to work.
-35). Downlevel printing now looks as NT does in print monitor window.
-36). Many fixups in spoolss printing RPC parsing.
-37). Speed up password enumeration as a PDC.
-38). Fix printer changed notify messages (work from HP).
-39). Fix modify timestamp on close code.
-40). Fix long standing mangled names bug.
-41). Fix delete on close semantics.
-42). Stop opening all files with O_NONBLOCK !
-43). Use O_NOFOLLOW for systems that have it and don't want symlinks.
-44). Ensure NT supplementary groups get added to user token.
-45). Try and mitigate effects of DNS timeout (do less lookups).
-46). Added current user connection context stack.
-47). Fixes to utmp code.
-48). smbw code tidyups.
-49). Added tdb open log code. Several tdb fixes.
-
------------------------------------------------------------------------------
-The release notes for 2.2.2 follow :
-
-New daemon included - winbindd
-------------------------------
- 
-Samba 2.2.2 is the first release to include the winbind daemon.
-This code allows UNIX systems that implement the name service
-switch (nss) to be entered into a Windows NT/2000 domain and
-use the Domain controller for all user and group enumeration.
- 
-This allows a Samba server added to a Windows domain to serve
-file and print services with *NO* local users needed in /etc/passwd
-and /etc/group - all users and groups are read directly from the
-Windows domain controller. In addition with pam_winbind which allows
-a PAM enabled UNIX system to use a Windows domain for authentication
-service this allows single sign on and account control across
-UNIX and Windows systems.
- 
-The current version of winbindd shipped in 2.2.2 does have some
-memory leaks, which will be addressed for the next Samba release,
-so it is advisable to monitor the winbind process. This code is
-being used in production by several vendors, so the leaks are
-manageable. In addition, this version of winbind does not work
-correctly against a Samba PDC, due to some missing calls on the
-PDC side. These problems are being addressed for the next Samba
-release, but it was thought better to release the code now rather
-than delay the main Samba code to match the winbind release schedule.
- 
-For more information on using winbind, see the man pages for
-winbindd and wbinfo.
- 
-Note that winbindd is not installed by default.
-
-New/Changed parameters in 2.2.2
--------------------------------
-
-For more information on these parameters, see the man pages for
-smb.conf.
-
-Added/changed parameters.
--------------------------
-
-strict allocate
-
-Causes Samba not to create UNIX 'sparse' files, but to follow the
-Windows behavior of always allocating on-disk space.
-
-use mmap
-
-Set to 'on' by default, only set to 'off' on HPUX 11.x or below or other
-UNIX systems that don't have coherent mmap/read-write internal caches.
-You should not need to set this parameter.
-
-nt acl support
-
-This parameter has been changed to a per-share option, and is very
-useful in enabling Windows 2000 SP2 to load/save profiles from a 
-Samba share.
-
-New printing parameters.
-------------------------
-
-disable spoolss
-
-Setting this parameter causes Samba to go back to the old 2.0.x
-LANMAN printing behavior, for people who wish to disable the
-new SPOOLSS pipe.
-
-use client driver
-
-Causes Windows NT/2000 clients to need have a local printer driver
-installed and to treat the printer as local.
-
-New LDAP parameters.
---------------------
-
-Samba 2.2.2 contains new code to maintain a Samba SAM database
-on a remote LDAP server. These parameters have been added as
-part of this code. These parameters are only available when Samba
-has been compiled with the --with-ldapsam option.
-
-ldap admin dn
-ldap ssl
-
-New SSL parameters.
--------------------
-
-The SSL support in Samba has been fixed. These new parameters
-are part of the changes added. These parameters are only available
-when Samba has been compiled with the --with-ssl option. 
-Please see the smb.conf man page for details.
-
-ssl egd socket
-ssl entropy file
-ssl entropy bytes
-
-New winbindd parameters.
-------------------------
-
-These parameters are used by winbindd. See the man page for
-winbindd for details.
-
-winbind separator
-winbind uid
-winbind gid
-winbind cache time
-winbind enum users
-winbind enum groups
-template homedir
-template shell
-
-Removed parameters.
--------------------
-
-share modes
-ldap root
-ldap root passwd
-
-New Documentation.
-------------------
-
-Some new README's have been added in the docs/ directory. These cover
-using roving profiles with Windows 2000 SP2 (docs/README.Win2kSP2),
-and how to use Samba to help prevent Windows virus spread
-(docs/README.Win32-Viruses).
-
-Quota problems on a Linux 2.4 kernel.
--------------------------------------
-
-Currently the quota interfaces have diverged between the Linus
-2.4.x kernels and the Alan Cox 2.4.x kernels (the Alan Cox variants
-are shipped with RedHat). Running quota-enabled Samba compiled on
-an Alan Cox kernel works correctly on an Alan Cox kernel (the one
-shipped by default with RedHat 7.x) but fails on a Linus kernel.
-
-This is a mess, and hopefully Alan and Linus will sort it out soon.
-In the meantime we need to ship.....
-
-Changes in 2.2.2
------------------
-
-1). mmap tdb code disabled on HPUX. This should prevent the reports of
-tdb corruption on HUPX.
-2). Large file support set to off in Solaris 5.5 and below.
-3). Better CUPS detection.
-4). New SAM (password database) backends - smbpasswd (traditional),
-LDAP, NIS+ and Samba TDB.
-5). Quota fixups on Linux.
-6). libsmbclient stand-alone code added. Can be built as a shared library
-under Linux.
-7). Tru64 ACL support added.
-8). winbindd option added.
-9). Realloc fail tidyup fixes all over the code.
-10). Large improvement in hash table code efficiency - would be found with
-large stat caches.
-11). Error code consistency improved (still needs more work).
-12). Profile shared memory support added to nmbd.
-13). New Windows 2000/NT passthrough info levels added.
-14). readraw/writeraw code rewritten - many bugs fixed.
-15). UNIX password sync (non pam) code fixed, use correct wildcard matcher.
-16). Reverse DNS lookup avoided on socket open.
-17). Bug preventing nmbd re-registering names on WINS server timeout fixed.
-18). Zero length byte range lock code added. Much closer to Windows semantics.
-19). Alignment fault fixes for Linux/Alpha.
-20). Error checking on tdb returns vastly improved.
-21). Handling of delete on close fixed. No longer possible to leave 'dead'
-file entries.
-22). Handling of oplock break failure cleanups improved. Should not be
-able to leave 'dead' entries.
-23). Fix handling of errors trying to set 64 bit locks on 32 bit NFS mounts.
-24). Misc. MS-DFS code fixes.
-25). Ignore logon packets if not a PDC (needed for PDC/BDC failover).
-26). winbind pam module added.
-27). Order N^^2 enumeration of printers problem fixed.
-28). Password backend database code re-ordered to allow different password
-backends (at compile time currently).
-29). Improved print driver version detection for Windows 2000.
-30). Driver DEVMODE initialization fixes.
-31). Improved SYSV print parse code.
-32). Fixed enumeration of large numbers of users/groups from Windows clients.
-Code still too slow.
-33). Fix for buggy NetApp RPC pipe clients.
-34). Fix for NT sending multiple SetPrinterDataEx calls.
-35). Fix for logic bug where smbd could delay oplock break request messages
-from other smbd daemons whilst client kept us busy.
-36). Fix deadlock problem with connections tdb on enumeration.
-37). Fixes for setting/getting NT ACLs - improved POSIX mapping both ways.
-38). Removed unused readbmpx/writebmpx code.
-39). Attempt to fix Linux 2.4.x quota mess.
-40). Improved ctemp code for Windows 2000 compatibility.
-41). Finally understood difference between set EOF and set allocation requests.
-Added strict allocate parameter to help.
-42). Correctly return name types on name to SID lookups.
-43). tdb spinlock code update.
-44). Use pread/pwrite on systems that have it to fix race condition in tdb code.
-
------------------------------------------------------------------------------
-The release notes for 2.2.1a follow :
-
-This is a minor bugfix release for 2.2.1, *NOT* security related.
-
-1). 2.2.1 had a bug where using smbpasswd -m to add a Windows NT or
-Windows2000 machine into a Samba hosted PDC would fail due to our
-stricter user name checking. We were disallowing user names
-containing '$', which is needed when using smbpasswd to add a
-machine into a domain. Automatically adding machines (using the
-native Windows tools) into a Samba domain worked correctly.
-
-2.2.1a fixes this single problem.
-
------------------------------------------------------------------------------
-The release notes for 2.2.1 follow :
-
-New/Changed parameters in 2.2.1
--------------------------------
-
-Added parameters.
------------------
-
-obey pam restrictions
-
-When Samba is configured to use PAM, turns on or off Samba checking
-the PAM account restrictions. Defaults to off.
-
-pam password change
-
-When Samba is configured to use PAM, turns on or off Samba passing
-the password changes to PAM. Defaults to off.
-
-large readwrite
-
-New option to allow new Windows 2000 large file (64k) streaming
-read/write options. Needs a 64 bit underlying operating system
-(for Linux use kernel 2.4 with glibc 2.2 or above). Can improve performance
-by 10% with Windows 2000 clients. Defaults to off. Not as tested
-as some other Samba code paths.
-
-hide unreadable
-
-Prevents clients from seeing the existence of files that cannot
-be read. Off by default.
-
-enhanced browsing
-
-Turn on/off the enhanced Samba browsing functionality (*1B names).
-Default is "on". Can prevent eternal machines in workgroups when
-WINS servers are not synchronized.
-
-Removed parameters.
--------------------
-
-domain groups
-domain admin users
-domain guest users
-
-Changes in 2.2.1
------------------
-
-1). "find" command removed for smbclient. Internal code now used.
-2). smbspool updates to retry connections from Michael Sweet.
-3). Fix for mapping 8859-15 characters to UNICODE.
-4). Changed "security=server" to try with invalid username to prevent
-    account lockouts.
-5). Fixes to allow Windows 2000 SP2 clients to join a Samba PDC.
-6). Support for Windows 9x Nexus tools to allow security changes from Win9x.
-7). Two locking fixes added. Samba 2.2.1 now passes the Clarion network
-    lock tester tool for distributed databases.
-8). Preliminary support added for Windows 2000 large file read/write SMBs.
-9). Changed random number generator in Samba to prevent guess attacks.
-10). Fixes for tdb corruption in connections.tdb and file locking brlock.tdb.
-     smbd's clean the tdb files on startup and shutdown.
-11). Fixes for default ACLs on Solaris.
-12). Tidyup of password entry caching code.
-13). Correct shutdowns added for send fails. Helps tdb cleanup code.
-14). Prevent invalid '/' characters in workgroup names.
-15). Removed more static arrays in SAMR code.
-16). Client code is now UNICODE on the wire.
-17). Fix 2 second timestamp resolution everywhere if dos timestamp set to yes.
-18). All tdb opens now going through logging function.
-19). Add pam password changing and pam restrictions code.
-20). Printer driver management improvements (delete driver).
-21). Fix difference between NULL security descriptors and empty
-     security descriptors.
-22). Fix SID returns for server roles.
-23). Allow Windows 2000 mmc to view and set Samba share security descriptors.
-24). Allow smbcontrol to forcibly disconnect a share.
-25). tdb fixes for HPUX, OpenBSD and other OS's that don't have a coherent
-     mmap/file read/write cache.
-26). Fix race condition in returning create disposition for file create/open.
-27). Fix NT rewriting of security descriptors to their canonical form for
-     ACLs.
-28). Fix for Samba running on top of Linux VFAT ftruncate bug.
-29). Swat fixes for being run with xinetd that doesn't set the umask.
-30). Fix for slow writes with Win9x Explorer clients. Emulates Microsoft
-     TCP stack early ack specification error.
-31). Changed lock & persistent tdb directory to /var/cache/samba by default on
-     RedHat and Mandrake as they clear the /var/lock/samba directory on reboot.
-
------------------------------------------------------------------------------
-The release notes for 2.2.0a follow :
-
-SECURITY FIX
-============
-
-This is a security bugfix release for Samba 2.2.0. This release provides the
-following two changes *ONLY* from the 2.2.0 release.
-
-1). Fix for the security hole discovered by Michal Zalewski (lcamtuf@bos.bindview.com)
-    and described in the security advisory below.
-2). Fix for the hosts allow/hosts deny parameters not being honoured.
-
-No other changes are being made for this release to ensure a security fix only.
-For new functionality (including these security fixes) download Samba 2.2.1
-when it is available.
-
-The security advisory follows :
-
-
-                IMPORTANT: Security bugfix for Samba
-                ------------------------------------
-
-June 23rd 2001
-
-
-Summary
--------
-
-A serious security hole has been discovered in all versions of Samba
-that allows an attacker to gain root access on the target machine for
-certain types of common Samba configuration.
-
-The immediate fix is to edit your smb.conf configuration file and
-remove all occurances of the macro "%m". Replacing occurances of %m
-with %I is probably the best solution for most sites.
-
-Details
--------
-
-A remote attacker can use a netbios name containing unix path
-characters which will then be substituted into the %m macro wherever
-it occurs in smb.conf. This can be used to cause Samba to create a log
-file on top of an important system file, which in turn can be used to
-compromise security on the server.
-
-The most commonly used configuration option that can be vulnerable to
-this attack is the "log file" option. The default value for this
-option is VARDIR/log.smbd. If the default is used then Samba is not
-vulnerable to this attack.
-
-The security hole occurs when a log file option like the following is
-used:
-
-  log file = /var/log/samba/%m.log
-
-In that case the attacker can use a locally created symbolic link to
-overwrite any file on the system. This requires local access to the
-server.
-
-If your Samba configuration has something like the following:
-
-  log file = /var/log/samba/%m
-
-Then the attacker could successfully compromise your server remotely
-as no symbolic link is required. This type of configuration is very
-rare.
-
-The most commonly used log file configuration containing %m is the
-distributed in the sample configuration file that comes with Samba:
-
-  log file = /var/log/samba/log.%m
-
-in that case your machine is not vulnerable to this attack unless you
-happen to have a subdirectory in /var/log/samba/ which starts with the
-prefix "log."
-
-Credit
-------
-
-Thanks to Michal Zalewski (lcamtuf@bos.bindview.com) for finding this
-vulnerability.
-
-
-New Release
------------
-
-While we recommend that vulnerable sites immediately change their
-smb.conf configuration file to prevent the attack we will also be
-making new releases of Samba within the next 24 hours to properly fix
-the problem. Please see http://www.samba.org/ for the new releases.
-
-Please report any attacks to the appropriate authority.
-
-        The Samba Team
-        security@samba.org
-
----------------------------------------------------------------------------
-
-The release notes for 2.2.0 follow :
-
-This is the official Samba 2.2.0 release. This version of Samba provides
-the following new features and enhancements.
-
-Integration between Windows oplocks and NFS file opens (IRIX and Linux
-2.4 kernel only). This gives complete data and locking integrity between
-Windows and UNIX file access to the same data files.
-
-Ability to act as an authentication source for Windows 2000 clients as
-well as for NT4.x clients.
-
-Integration with the winbind daemon that provides a single
-sign on facility for UNIX servers in Windows 2000/NT4 networks
-driven by a Windows 2000/NT4 PDC. winbind is not included in
-this release, it currently must be obtained separately. We are
-committed to including winbind in a future Samba 2.2.x release.
-
-Support for native Windows 2000/NT4 printing RPCs. This includes
-support for automatic printer driver download.
-
-Support for server supported Access Control Lists (ACLs).
-This release contains support for the following filesystems: 
-
-    Solaris 2.6+ 
-    SGI Irix 
-    Linux Kernel with ACL patch from http://acl.bestbits.at
-	Linux Kernel with XFS ACL support.
-	Caldera/SCO UnixWare
-	IBM AIX
-	FreeBSD (with external patch)
-
-Other platforms will be supported as resources are
-available to test and implement the necessary modules. If
-you are interested in writing the support for a particular
-ACL filesystem, please join the samba-technical mailing
-list and coordinate your efforts. 
- 
-On PAM (Pluggable Authentication Module) based systems - better debugging
-messages and encrypted password users now have access control verified via
-PAM - Note: Authentication still uses the encrypted password database.
- 
-Rewritten internal locking semantics for more robustness.
-This release supports full 64 bit locking semantics on all
-(even 32 bit) platforms. SMB locks are mapped onto POSIX
-locks (32 bit or 64 bit) as the underlying system allows.
-
-Conversion of various internal flat data structures to use
-database records for increased performance and
-flexibility.
-
-Support for acting as a MS-DFS (Distributed File System) server.
-
-Support for manipulating Samba shares using Windows client tools
-(server manager). Per share security can be set using these tools
-and Samba will obey the access restrictions applied.
-
-Samba profiling support (see below).
-
-Compile time option for enabling a (Virtual file system) VFS layer 
-to allow non-disk resources to be exported as Windows filesystems
-(such as databases etc.).
-
-The documentation in this release has been updated and converted
-from Yodl to DocBook 4.1. There are many new parameters since 2.0.7
-and some defaults have changed.
-
-Profiling support.
-------------------
-Support for collection of profile information. A shared 
-memory area has been created which contains counters for
-the number of calls to and the amount of time spent in
-various system calls, smb transactions and nmbd activity. See 
-the file profile.h for a complete listing of the information 
-collected. Sample code for a samba pmda (collection agent
-for Performance Co-Pilot) has been included in the pcp
-directory. 
-
-To enable the profile data collection code in samba, you must 
-compile samba with profile data support (run configure with 
-the --with-profiling-data option). On startup, collection of 
-data is disabled. To begin collecting data use the smbcontrol
-program to turn on profiling (see the smbcontrol man page).
-Profile information collection can be enabled for nmbd, all smbd
-processes or one or more selected processes. The profiling
-data collected is the aggregate for all processes that have
-profiling enabled.
-
-With samba compiled for profile data collection, you may see
-a very slight degradation in performance even with profiling
-collection turned off. On initial tests with NetBench on an
-SGI Origin 200 server, this degradation was not measurable 
-with profile collection off compared to no profile collection
-compiled into samba.
-
-With count profile collection enabled on all clients, the 
-degradation was less than 2%. With full profile collection 
-enabled on all clients, the degradation was about 8.5%. 
-
-=====================================================================
-
-If you think you have found a bug please email a report to :
-
-        samba@samba.org
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-        The Samba Team.
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-2.2.6.html b/whatsnew/samba-2.2.6.html
deleted file mode 100755
index 9b31751..0000000
--- a/whatsnew/samba-2.2.6.html
+++ /dev/null
@@ -1,1103 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team are pleased to announce Samba 2.2.6</H2>
-
-<p>
-<pre>
-The Samba Team is proud to announce the release of Samba 2.2.6.
-
-This is the latest stable release of Samba and the last planned 
-release of the Samba 2.2. branch. This is the version that all 
-production Samba servers should be running for all current bug-fixes.
-
-The source code can be downloaded from :
-
-    <a href="/samba/ftp">http://download.samba.org/samba/ftp/</a>
-
-in the file samba-2.2.6.tar.gz or samba-2.2.6.tar.bz2.
-Both archives have been signed as well using the 
-<a href="/samba/ftp/samba-pubkey.asc">Samba Distribution Key</a>
-
-Binary packages will be released shortly for major platforms and 
-can be found at
-
-    <a href="/samba/ftp/Binary_Packages">http://download.samba.org/samba/ftp/Binary_Packages/</a>
-
-The release notes follow.
-
-As always, all bugs are our responsibility.
-
-                                  --Enjoy
-                                  The Samba Team
-
-
-            WHAT'S NEW IN Samba 2.2.6 - 16th October 2002
-            =============================================
-
-This is the latest stable release of Samba. This is the version that all
-production Samba servers should be running for all current bug-fixes.
-
-There have been several fixes and internal enhancements which include:
-
- * Fixes for MS-RPC printing issues affecting Windows 2000 clients
- * New support for smb.conf generation in SWAT
- * Inclusion of several performance enhancements (See --with-sendfile
-   & and the modified smb.conf(5) parameters in these Release Notes)
- * Fixes for several file locking bugs and returned status codes
-
-
-New Parameters
---------------
-
-Refer to the smb.conf(5) man page for complete descriptions of new parameters.
-
-  * profile acls (S)		workaround for issue with WinXP SP1
-				and roaming user profiles
-
-Removed Parameters
-------------------
-
-  * max packet (G)
-  * packet size (G)
-
-Modified Parameters
--------------------
-
-  * max xmit (G) 		new default value
-  * large readwrite (G)		new default value
-
-New ./configure Options
------------------------
-
-  --with-sendfile		Enable experimental sendfile support
-  --with-winbind-ldap-hack	Enable winbindd_ldap_hack() functionality
-				for Windows 2000 native mode domains
-
-
-Changes since 2.2.5
---------------------
-
-See the cvs log for SAMBA_2_2 for more details
-
-1)  Fixed several compiler warnings caused by the use of const parameters
-2)  Fixed a hang in the main smbd process caused by an EINTR in the
-    wrong place
-3)  Fixed string substitutions to accept a length for sanity checks
-4)  Fixed 17-bit length field in nmb header
-5)  Removed non-portable inline declaration for functions
-6)  Performance fix for including files with an smb.conf variable in the
-    path name
-7)  Fix for parsing LPRng lpq output
-8)  Parsing fix for PRINTER_INFO_2 structure which was causing viewing
-    printer properties to fail
-9)  Fix for printer change notification and Windows NT clients which caused
-    the client to go into an infinite loop of refreshing the local printers
-    folder
-10) Allow trans2 and nttrans messages to be processed in oplock break state
-    which fixes a problem with oplock break requests and Win2k clients
-11) Don't crash on setfileinfo on printer fsp
-12) Memory fixes caught by Valgrind
-13) Updates to stop spurious error message in tdb
-14) Fix silly logic bug in 'make smbd processes' and 'status = no' check
-15) Fix compilation of pam_smbpass and --with-ldap
-16) Fix compilation of smbwrapper on Solaris hosts
-17) fix logic error in a check for enabling the winbind_pam_auth_crap() code
-    & fix formatting typo in --with-winbind-auth-challenge
-18) Correcting check for ldap_start_tls()
-19) Fixed a problem with getgroups() where it could include our current
-    effective gid
-20) fix incorrect semantics in the DeletePrinterDriver() spoolss rpc
-    to only attempt to delete the architecture specified by the client
-21) Don't allow TEMP attribute on directory open
-22) Restore VxFS quotas to the 2.2 branch
-23) Added basic "Wizard" functionality to SWAT
-24) Fix initial "allocation size" in NTcreate&X call
-25) Fix for open fid, "nametoolong"
-26) Exit server on receipt of a non-SMB packet.  Ensure we have
-    at least smb_size bytes before processing a packet
-27) Replace inet_aton with inet_addr() to correct compile problems on Solaris
-28) Include the "account" objectclass when adding a new account to --with-ldapsam
-    in order to comply with the data model implemented by OpenLDAP 2.1.x
-29) Various fixes for POSIX compliance
-30) Correct alignment & offset bug in EnumPrinterDataEx()
-31) Fix access checks when modifying forms using a print server handle
-    (not just a printer handle)
-32) Account for case data_len == 0 in EnumPrinterDataEx()
-33) Fix logic error in blocking lock code
-34) Fixed various incorrect return codes to clients
-35) Add RESOLVE_DFSPATH to mkdir operations
-36) Fix longstanding bug in Win2k clients by clearing the shortname
-    buffer before returning ASCII short name
-37) added -t option to smbpasswd for explicitly changing a trust
-    account password when operating in security = domain
-38) installed -x option to testparm to eXclude printing all parameter
-    values that are at default settings.
-39) Fix shares/printers view in SWAT so that only Basic options are exposed
-    upon initial entry.
-40) Added 1125 & KOI8-U to codepage list in Makefile.in
-41) Include separate configure checks for *openbsd* & *freebsd* when
-    determining flags used to compile shared libraries.
-42) Merge in free list unlock on error fix
-43) Correctly fail opens with mismatching SYSTEM or HIDDEN attributes
-    if we are mapping system or hidden
-44) Fix bug with stat mode open being done on read-only open with truncate
-45) Fix crash bug discovered where cli struct was being deallocated in a
-    called function
-46) Ensure we open UNIX fifo's non-blocking
-47) Fix DeletePrinterDriver() (hopefully for the last time...yeah right....)
-48) only lowercase global_myname in the %L substitution, not the whole string
-49) Merged Steve French's fix for OS/2 EA return error being removed
-50) Patch from Steve French to fix difference in responses to smbclient
-    //server/share ls / on Samba and Windows 2000
-51) Print error and exit if smb.conf doesn't have security=domain and
-    encrypt passwords=yes when joining domain
-52) Added final Steve French patch for "required" attributes with old dir
-    listings
-53) Initialize user_rid value in WINBIND_USERINFO structure returned by
-    the rpc version of query_user()
-54) Ensure we've failed a lock with a lock denied message before automatically
-    pushing it onto the	blocking queue
-55) Add experimental --with-sendfile code
-56) alignment fix in printing code merged from HEAD
-57) Merge fix for other sids in token from HEAD
-58) Merge winbindd with current (more advanced) state of play in APPLIANCE_HEAD
-59) fix smbclient / Win98 off by one bug
-60) Never, *ever* hold a mutex lock in the message database where there may be
-    traversals being attempted
-61) Add LDAP hack for retrieving the SAM sequence number when a member of a
-    Windows 2000 native mode domain
-62) Fix race condition when changing a machine account password as we were
-    no longer locking the secrets entry
-63) Allow '@' as a valid character in domain names
-64) remove jobs from the spool directory when using cups
-65) removed -lresolv for --enable-ldapsam
-66) Memory leak fix and correct use of negative caching in winbindd
-67) Updated spoolss parsing code with known good state of APPLIANCE_HEAD
-68) Delete printer security check was reversed
-69) Windows allows delete printer on a handle opened by an admin user, then
-    used on a pipe handle created by an anonymous user...We do to now...
-70) Make explicit the difference between a tdb key with no data attached, and
-    a non existent entry
-71) Ensure we register the 1c name on the unicast subnet.
-72) Fix inheritance problem when recursively setting ACLs on directories
-73) prevent ACL set on read-only share
-74) Ensure we never have more than MAX_PRINT_JOBS in a queue
-75) Added timeout to tdb_lock_bystring()
-76) Ensure we set FIRST+LAST flags on a bind request
-77) Add version strings to the usage message for smbcacls and smbpasswd
-78) Fix bug in the write cache code
-79) make the default printed values for boolean the same for all parameters
-80) Default all LDAP connections to v3 with compiling with --with-ldapsam
-81) Fix memory leak in smbspool
-82) Fix bug in mangling code that resulted in Win9x clients not being
-    able to execute batch files in deep, non 8.3  directory paths
-83) Fix infinite looping bug in winbindd_getgrent()
-84) Fix crash bug on 64-bit systems (merge from HEAD)
-85) Fix extended character bug when setting LanMan/NT password
-86) Negotiate same SMB read size as a Windows 2000 file server
-    to fix performance bug with NT4 clients
-
-
-              =========================================
-
-Older releases notes for 2.2.x distributions follow
-
------------------------------------------------------------------------------
-The release notes for 2.2.5 follow :
-
-There have been several fixes and internal enhancements which include:
-
-* Several compile fixes for Solaris and HP-UX
-* More printing fixes for Windows NT/2k/XP clients
-* New options for the VFS recycle bin library
-* New internal signal handling semantics relating to directory change
-  notification and oplocks
-
-New/Changed parameters in 2.2.5
---------------------------------
-
-For more information on these parameters, see the man pages for
-smb.conf(5).
-
-Added/changed parameters
-------------------------
-
-* block size = <INTEGER>
-* force unknown acl user = <boolean>
-* mangling method = [hash|hash2]
-
-
-Deprecated Parameters
----------------------
-
-The following parameters have been marked as deprecated and will be removed
-in Samba 3.0
-
-* strip dot
-* status
-
-
-Removed Parameters
-------------------
-
-  none
-
-
-Changes in 2.2.5
-----------------
-
-See the cvs log for SAMBA_2_2 for more details
-
-1)  Removal of several compiler warnings, incorrect Makefile dependencies,
-    and wrong autoconf tests on various platforms--Solaris & HP-UX 10.20
-    being the predominantly reported platforms
-2)  Fixed winbindd crash bug on the IBM s390 running Linux
-3)  Inclusion of enhanced Linux quota support
-4)  Correctly link against Sun LDAP libraries on Solaris 8 (even through
-    there is no apparent SSL support there)
-5)  POSIX conformance patches
-6)  Include new configure --enable-cups option (can also be disabled even
-    if CUPS libraries are installed on the system)
-7)  Set reasonable default for the "passwd program" parameter using an
-    autoconf test
-8)  Added --with-winbind-auth for enabling winbindd_pam_auth_crap() code
-9)  fixed bug to prevent root account from being deleted by the
-    "delete user script"
-10) Inclusion of autoconf script for building VFS modules
-11) Add new run time options to the VFS recycle bin library (see
-    examples/VFS/recycle/README for details)
-12) Include findsmb perl script as part of the "make install" process
-13) Return correct error code for EnumPrinters(PRINTER_ENUM_REMOTE, InfoLevel1)
-    to fix a bug where printers appear at the workgroup level in the Windows
-    NT/2k APW browse list
-14) Added support to nmblookup to return NMB flags (See nmblookup(8) for
-    details)
-15) Fix length bug that caused password changes from Windows NT/2k clients to
-    occasionally fail
-16) Correct false password expiration when using --with-ldapsam caused by
-    missing attributes in the directory
-17) added -S option to smbpasswd for storing the SID of a domain controller
-    as the local machine SID in secrets.tdb.  See the smbpasswd(8) man page
-    for details.
-18) Various fixes for UNIX CIFS extensions commands
-19) Fixed CIDR notation in "hosts allow/deny"
-20) Change semantics of an idle connection to mean "no open files and no
-    open handles".  We cannot idle a connection if there are open named
-    pipe handles.  This fixes scalability problem on Samba print servers
-    and NT/2k clients introduced in 2.2.4
-21) Fix germam umlaut problem when returning ACL entries
-22) Return NT_STATUS_OBJECT_NAME_NOT_FOUND for ENOENT.  This fixes the bug
-    of running the Microsoft Access executable (msaccess.exe) and database
-    files from a Samba share documented in the 2.2.4 release
-23) Corrected signal handling relating to directory change notification and
-    kernel oplocks
-24) Fix bug in unix_to_nt_time() that appeared on files dated close to Daylight
-    Savings Time
-25) Corrected alignment bug in spoolss parsing code which caused Win2k/XP
-    clients not to be able to view printer properties from a Samba host
-26) Fixed spoolss parsing bug causing printing from ACT! 2000 running on
-    Windows 2k/XP clients to fail
-27) Fixed incorrect error check in mod_share_entry()
-28) Allow %S variable in MS-DFS root paths
-29) Correct a bug regarding the use of 'wbinfo -A'
-30) Fixed libnss_wins.so to correctly work on RedHat 7.3 systems
-31) Store the key for a name-to-sid cache entry in upper case rather than
-    whatever case the request was made in.  This gets rid of duplicate
-    cache entries.
-32) Fix bug causing the pid stored in winbindd's pid file to be the wrong id
-33) Enhanced error reporting messages of wbinfo
-34) Parameterize block size on disk size return
-35) Added new parameter to allow incoming ACLs to have owner and group forced
-    to the currently logged in user. This fixes the XCOPY /O problem
-36) Fixed bug in local_change_password() caused by reusing a struct
-    passwd* pointer
-37) Change default value for "ldap port" to 389 if "ldap ssl = no"
-38) Updated HOWTO's, manpages, and general documentation....
-39) Allow root as well as domain admins to open an LDAP connection
-40) Fixed veto files bug with ".*"
-41) Fixed uninitialized variable bug in smbpasswd that was causing a random
-    IP address to be used in the connection when joining a domain
-42) Fix for joining a domain with a netbios name of 15 characters and
-    pre-creating the account on the DC
-43) Added links to new documentation on SWAT welcome page
-
-
-
------------------------------------------------------------------------------
-The release notes for 2.2.4 follow :
-
-There have been several fixes and internal enhancements which include:
-
- * More/better SPOOLSS printing functionality for Windows
-   NT/2k/XP clients.
- * Several fixes relating to serving PC database files such
-   as (Access and FoxPro) from a Samba file share.
- * Several improves in Samba's VFS layer which can be seen
-   in the inclusion of a "Recycle Bin" vfs module.  See
-   examples/VFS/README for more details on this.
- * Addition of a tool (tdbbackup) for backup/restore of Samba's
-   tdb's
- * Continued improvements to winbind for greater scalability
-   and stability
- * Several fixes related to Samba's MS-DFS support
- * Rpcclient's various printer commands now work (again)
-
-
-New/Changed parameters in 2.2.4
---------------------------------
-
-For more information on these parameters, see the man pages for
-smb.conf(5).
-
-Added/changed parameters
-------------------------
-
-* csc policy
-* inherit acls
-* nt status support
-* lock spin count
-* lock spin time
-* pid directory
-* winbind use default domain
-
-
-Deprecated parameters
----------------------
-
-The following parameters have been marked as deprecated
-and will be removed in Samba 3.0
-
-* postscript
-* printer driver
-* printer driver file
-* printer driver location
-
-
-Removed Parameters
-------------------
-
-  none
-
-
-Changes in 2.2.4
-----------------
-
-See the cvs log for SAMBA_2_2 for more details
-
-1)  added -c option to smbpasswd
-2)  reworked smbpasswd internal command line option parsing
-3)  small various bug fixes to experimental pdb_tdb.c
-4)  Enforce spoolss RPCs based on the access granted at PrinterOpen()
-5)  Added missing access checks to [add/delete/set]form
-6)  Compile fixes for pam_smbpass
-7)  fix smbd crash when netbios session request fails from
-    spoolss_connect_to_client().
-8)  fixed logic bug that prevent SetPrinter() from storing devmode
-9)  Removed extra get_printer_snum() calls from set_printer_hnd_name()
-10) fix joining domain on big endian machine when using -U to smbpasswd
-11) allow command line arg to override smb.conf log level
-12) continue to retry to register 1b name with wins server if there is an old IP there
-13) fix smbclient print crash bug
-14) 9x pnp fix when the config file and driver file are different
-15) force testparm to print the correct value for log level
-16) fix swat to show full log level info
-17) fix server GetPrinterData() fields to be more sensible
-18) fix logic error in SetPrinterDataEx()
-19) Only set smb_read_error if not already set
-20) Fix string returns that require unicode
-21) Merge of printing performance fixes from appliance
-22) lpq parsing fixes
-23) Back port tridge's xcopy /o fix from HEAD
-24) Fix the printer change notify code (unfinished)
-25) Patch for Domain users not showing up
-26) Fixed SetPrinterData(magic key) to support zero length DEVMODE
-27) Ensure that all methods of looking up and connecting to DC's work
-    using identical logic.
-28) Merge in the mutex code to stop multiple domain logon failure
-29) Ignore 0/0 lock
-30) Fix winbindd to respect command line debuglevel as nmbd/smbd
-31) Update with tdbbackup from HEAD
-32) Fix for typo on solaris nss
-33) Merge in the locking changes from HEAD
-34) Added POSIX ACL layer into the vfs
-35) Fix the returning of domain enum
-36) Fix the generation of the MACHINE.SID file into the secrets.tdb.
-37) Enable test for -rdynamic when building binaries
-38) Remove the "stat open" code - make it inline
-39) Fix the mp3 rename bug
-40) Fix for Explorer DFS problems on older Windows 9X machines
-41) implement OpenPrinter() opnum == 0x01
-42) Matched W2K *insane* open semantics....
-43) small fix that will prevent the "failed to marshall
-    R_NET_SAMLOGON" message in the logs
-42) don't do checking of local passdb in smbpasswd if using -r option
-43) fix "smbpasswd -j DOMAIN -r * -U Admin%XXXX" so that it doesn't
-    try to connect to a server named '*'
-44) merge rpcclient code from HEAD
-45) Ensure MACHINE.SID update done before child spawns
-46) Fix the bad path errors for mkdir so mkdir \a\b\c\d works
-47) Removed --with-vfs - always built if available
-48) Fixed psec for 2.2
-49) Fixed the handle leak in the connection management code
-50) fix disable spoolss after the switch to nt status codes
-51) Added Shirish's client side caching policy change
-52) Honor the specversion when parsing the the DEVICEMODE
-53) fix parsing bug when DEVICEMODE's private data does not end
-    on a 4 byte boundary
-54) do not idle an smbd when there is an open pipe
-55) when a new driver is added to a Samba server, cycle through
-    all printers and bump the change_id for each one bound to the driver
-56) allow smbclient to work with a FIFO as well (needed for KDE
-    ioslave)
-57) various updates to pdb_nisplus.c
-58) many small documentation updates
-59) removed many compiler warnings
-
-
------------------------------------------------------------------------------
-The release notes for 2.2.3a follow :
-
-This is a minor bugfix release for the 2.2.3 release. The 2.2.3
-release had a problem that was visible to Windows 2000 Explorer
-users in that copying files into a share that already existed
-failed with "Access Denied" rather than asking the user if an
-overwrite was required. This was due to an incorrect error mapping
-between the UNIX EXIST error code and the NT status error.
-
-As Windows Explorer is a highly visible end user application a quick
-bugfix release was required, hence 2.2.3a.
-
-Compilation on HPUX versions earlier than HPUX 11 has also been
-corrected.
-
-The cvs.log file is no longer included with this release, as it adds
-13Mb to the size of the release, and is easily available on the Web.
-
------------------------------------------------------------------------------
-The release notes for 2.2.3 follow :
-
-There are several important scaling bugs that have been fixed in this release
-for large server systems so an upgrade is recommended.
-
-LDAP update
------------
-
-Much work has been done on the LDAP backend code. The configure
-option --with-ldapsam is now considered to be stable. The schema
-used has changed, see the file examples/LDAP/samba.schema for the
-new schema.
-
-New documentation explaining how to set up a Samba only PDC/BDC
-setup has been added in the files Samba-LDAP-HOWTO and Samba-BDC-HOWTO
-in the documentation tree.
-
-winbindd daemon extended
-------------------------
-
-Samba 2.2.2 was the first release to include the winbind daemon.
-This code allows UNIX systems that implement the name service
-switch (nss) to be entered into a Windows NT/2000 domain and
-use the Domain controller for all user and group enumeration.
-
-Samba 2.2.3 fixes the known memory leaks in winbindd and has
-been extended to work with SGI IRIX and HPUX (11.x) in addition
-to the earlier targets of Linux and Solaris.
-
-For more information on using winbind, see the man pages for
-winbindd and wbinfo.
-
-Note that winbindd is not installed by default.
-
-New/Changed parameters in 2.2.3
---------------------------------
-
-For more information on these parameters, see the man pages for
-smb.conf.
-
-Added/changed parameters.
--------------------------
-
-unix extensions
-
-Enables the experimental UNIX CIFS extensions in smbd. See the manpage
-for more details.
-
-default devmode
-
-Some printer drivers will crash the Windows NT/2000 spooler service
-if they are given a default devmode, some require it. This parameter
-allows the administrator a choice of whether smbd returns such a
-default devmode for a driver.
-
-share modes
-
-This parameter has been restored to allow people who wish smbd to ignore
-client share modes. This is *very dangerous* and should not be set without
-full knowledge of what this is designed for.
-
-Changes in 2.2.3
------------------
-
-1). Fixed shared library compile for Solaris with native compiler.
-2). UNIX CIFS extensions code added (donated by HP).
-3). Changed to using NT status codes on the wire if the client can support
-this.
-4). altname command to show 8.3 name added to smbclient.
-5). const-safe endian macros now used.
-6). client code now uses UNICODE on the wire.
-7). Correctly return fault PDU's on bad handle.
-8). Improved NT error code mapping table.
-9). Many new point and print RPC calls added.
-10). Win9x clients can now see full user list.
-11). field added to identify simultaneous open files (no longer
-use dev/inode/time as unique value).
-12). HPUX ACL code added (donated by HP).
-13). vfs interfaces updated (again !).
-14). MSDOS Code Page 866 -> 1251 mapping added.
-15). winbindd now processes quit/hup signals correctly.
-16). No tdb traversal done on startup/shutdown - ensures scalability.
-17). Fix bug with paths for homes share.
-18). Fixed copyfile for OS/2.
-19). Fix group membership when groups are on more than one line.
-20). Fixed core dumps in posix ACL mapping code.
-21). Tidyup of UNICODE functions (put/get).
-22). Move rpcclient to the new libsmb code.
-23). Add missing Windows 2000 passthough trans2 calls.
-24). Return check all tdb calls.
-25). Make local name lookup work even if wins server is down.
-26). pam session code added to winbind.
-27). Added winbindd cache to all lookups.
-28). Fix allocate bugs that caused file sizes to be incorrect.
-29). Fixed write cache code - now safe to use.
-30). Fixed winbindd memory leaks.
-31). winbindd will now do name lookups (to allow non Open Source
-systems to do the nsswitch WINS lookup). Fixed by SGI.
-32). passdb memory leaks fixed.
-33). LDAP code updates and now properly maintained.
-34). Finally figured out how changeid is meant to work.
-35). Downlevel printing now looks as NT does in print monitor window.
-36). Many fixups in spoolss printing RPC parsing.
-37). Speed up password enumeration as a PDC.
-38). Fix printer changed notify messages (work from HP).
-39). Fix modify timestamp on close code.
-40). Fix long standing mangled names bug.
-41). Fix delete on close semantics.
-42). Stop opening all files with O_NONBLOCK !
-43). Use O_NOFOLLOW for systems that have it and don't want symlinks.
-44). Ensure NT supplementary groups get added to user token.
-45). Try and mitigate effects of DNS timeout (do less lookups).
-46). Added current user connection context stack.
-47). Fixes to utmp code.
-48). smbw code tidyups.
-49). Added tdb open log code. Several tdb fixes.
-
------------------------------------------------------------------------------
-The release notes for 2.2.2 follow :
-
-New daemon included - winbindd
-------------------------------
- 
-Samba 2.2.2 is the first release to include the winbind daemon.
-This code allows UNIX systems that implement the name service
-switch (nss) to be entered into a Windows NT/2000 domain and
-use the Domain controller for all user and group enumeration.
- 
-This allows a Samba server added to a Windows domain to serve
-file and print services with *NO* local users needed in /etc/passwd
-and /etc/group - all users and groups are read directly from the
-Windows domain controller. In addition with pam_winbind which allows
-a PAM enabled UNIX system to use a Windows domain for authentication
-service this allows single sign on and account control across
-UNIX and Windows systems.
- 
-The current version of winbindd shipped in 2.2.2 does have some
-memory leaks, which will be addressed for the next Samba release,
-so it is advisable to monitor the winbind process. This code is
-being used in production by several vendors, so the leaks are
-manageable. In addition, this version of winbind does not work
-correctly against a Samba PDC, due to some missing calls on the
-PDC side. These problems are being addressed for the next Samba
-release, but it was thought better to release the code now rather
-than delay the main Samba code to match the winbind release schedule.
- 
-For more information on using winbind, see the man pages for
-winbindd and wbinfo.
- 
-Note that winbindd is not installed by default.
-
-New/Changed parameters in 2.2.2
--------------------------------
-
-For more information on these parameters, see the man pages for
-smb.conf.
-
-Added/changed parameters.
--------------------------
-
-strict allocate
-
-Causes Samba not to create UNIX 'sparse' files, but to follow the
-Windows behavior of always allocating on-disk space.
-
-use mmap
-
-Set to 'on' by default, only set to 'off' on HPUX 11.x or below or other
-UNIX systems that don't have coherent mmap/read-write internal caches.
-You should not need to set this parameter.
-
-nt acl support
-
-This parameter has been changed to a per-share option, and is very
-useful in enabling Windows 2000 SP2 to load/save profiles from a 
-Samba share.
-
-New printing parameters.
-------------------------
-
-disable spoolss
-
-Setting this parameter causes Samba to go back to the old 2.0.x
-LANMAN printing behavior, for people who wish to disable the
-new SPOOLSS pipe.
-
-use client driver
-
-Causes Windows NT/2000 clients to need have a local printer driver
-installed and to treat the printer as local.
-
-New LDAP parameters.
---------------------
-
-Samba 2.2.2 contains new code to maintain a Samba SAM database
-on a remote LDAP server. These parameters have been added as
-part of this code. These parameters are only available when Samba
-has been compiled with the --with-ldapsam option.
-
-ldap admin dn
-ldap ssl
-
-New SSL parameters.
--------------------
-
-The SSL support in Samba has been fixed. These new parameters
-are part of the changes added. These parameters are only available
-when Samba has been compiled with the --with-ssl option. 
-Please see the smb.conf man page for details.
-
-ssl egd socket
-ssl entropy file
-ssl entropy bytes
-
-New winbindd parameters.
-------------------------
-
-These parameters are used by winbindd. See the man page for
-winbindd for details.
-
-winbind separator
-winbind uid
-winbind gid
-winbind cache time
-winbind enum users
-winbind enum groups
-template homedir
-template shell
-
-Removed parameters.
--------------------
-
-share modes
-ldap root
-ldap root passwd
-
-New Documentation.
-------------------
-
-Some new README's have been added in the docs/ directory. These cover
-using roving profiles with Windows 2000 SP2 (docs/README.Win2kSP2),
-and how to use Samba to help prevent Windows virus spread
-(docs/README.Win32-Viruses).
-
-Quota problems on a Linux 2.4 kernel.
--------------------------------------
-
-Currently the quota interfaces have diverged between the Linus
-2.4.x kernels and the Alan Cox 2.4.x kernels (the Alan Cox variants
-are shipped with RedHat). Running quota-enabled Samba compiled on
-an Alan Cox kernel works correctly on an Alan Cox kernel (the one
-shipped by default with RedHat 7.x) but fails on a Linus kernel.
-
-This is a mess, and hopefully Alan and Linus will sort it out soon.
-In the meantime we need to ship.....
-
-Changes in 2.2.2
------------------
-
-1). mmap tdb code disabled on HPUX. This should prevent the reports of
-tdb corruption on HUPX.
-2). Large file support set to off in Solaris 5.5 and below.
-3). Better CUPS detection.
-4). New SAM (password database) backends - smbpasswd (traditional),
-LDAP, NIS+ and Samba TDB.
-5). Quota fixups on Linux.
-6). libsmbclient stand-alone code added. Can be built as a shared library
-under Linux.
-7). Tru64 ACL support added.
-8). winbindd option added.
-9). Realloc fail tidyup fixes all over the code.
-10). Large improvement in hash table code efficiency - would be found with
-large stat caches.
-11). Error code consistency improved (still needs more work).
-12). Profile shared memory support added to nmbd.
-13). New Windows 2000/NT passthrough info levels added.
-14). readraw/writeraw code rewritten - many bugs fixed.
-15). UNIX password sync (non pam) code fixed, use correct wildcard matcher.
-16). Reverse DNS lookup avoided on socket open.
-17). Bug preventing nmbd re-registering names on WINS server timeout fixed.
-18). Zero length byte range lock code added. Much closer to Windows semantics.
-19). Alignment fault fixes for Linux/Alpha.
-20). Error checking on tdb returns vastly improved.
-21). Handling of delete on close fixed. No longer possible to leave 'dead'
-file entries.
-22). Handling of oplock break failure cleanups improved. Should not be
-able to leave 'dead' entries.
-23). Fix handling of errors trying to set 64 bit locks on 32 bit NFS mounts.
-24). Misc. MS-DFS code fixes.
-25). Ignore logon packets if not a PDC (needed for PDC/BDC failover).
-26). winbind pam module added.
-27). Order N^^2 enumeration of printers problem fixed.
-28). Password backend database code re-ordered to allow different password
-backends (at compile time currently).
-29). Improved print driver version detection for Windows 2000.
-30). Driver DEVMODE initialization fixes.
-31). Improved SYSV print parse code.
-32). Fixed enumeration of large numbers of users/groups from Windows clients.
-Code still too slow.
-33). Fix for buggy NetApp RPC pipe clients.
-34). Fix for NT sending multiple SetPrinterDataEx calls.
-35). Fix for logic bug where smbd could delay oplock break request messages
-from other smbd daemons whilst client kept us busy.
-36). Fix deadlock problem with connections tdb on enumeration.
-37). Fixes for setting/getting NT ACLs - improved POSIX mapping both ways.
-38). Removed unused readbmpx/writebmpx code.
-39). Attempt to fix Linux 2.4.x quota mess.
-40). Improved ctemp code for Windows 2000 compatibility.
-41). Finally understood difference between set EOF and set allocation requests.
-Added strict allocate parameter to help.
-42). Correctly return name types on name to SID lookups.
-43). tdb spinlock code update.
-44). Use pread/pwrite on systems that have it to fix race condition in tdb code.
-
------------------------------------------------------------------------------
-The release notes for 2.2.1a follow :
-
-This is a minor bugfix release for 2.2.1, *NOT* security related.
-
-1). 2.2.1 had a bug where using smbpasswd -m to add a Windows NT or
-Windows2000 machine into a Samba hosted PDC would fail due to our
-stricter user name checking. We were disallowing user names
-containing '$', which is needed when using smbpasswd to add a
-machine into a domain. Automatically adding machines (using the
-native Windows tools) into a Samba domain worked correctly.
-
-2.2.1a fixes this single problem.
-
------------------------------------------------------------------------------
-The release notes for 2.2.1 follow :
-
-New/Changed parameters in 2.2.1
--------------------------------
-
-Added parameters.
------------------
-
-obey pam restrictions
-
-When Samba is configured to use PAM, turns on or off Samba checking
-the PAM account restrictions. Defaults to off.
-
-pam password change
-
-When Samba is configured to use PAM, turns on or off Samba passing
-the password changes to PAM. Defaults to off.
-
-large readwrite
-
-New option to allow new Windows 2000 large file (64k) streaming
-read/write options. Needs a 64 bit underlying operating system
-(for Linux use kernel 2.4 with glibc 2.2 or above). Can improve performance
-by 10% with Windows 2000 clients. Defaults to off. Not as tested
-as some other Samba code paths.
-
-hide unreadable
-
-Prevents clients from seeing the existence of files that cannot
-be read. Off by default.
-
-enhanced browsing
-
-Turn on/off the enhanced Samba browsing functionality (*1B names).
-Default is "on". Can prevent eternal machines in workgroups when
-WINS servers are not synchronized.
-
-Removed parameters.
--------------------
-
-domain groups
-domain admin users
-domain guest users
-
-Changes in 2.2.1
------------------
-
-1). "find" command removed for smbclient. Internal code now used.
-2). smbspool updates to retry connections from Michael Sweet.
-3). Fix for mapping 8859-15 characters to UNICODE.
-4). Changed "security=server" to try with invalid username to prevent
-    account lockouts.
-5). Fixes to allow Windows 2000 SP2 clients to join a Samba PDC.
-6). Support for Windows 9x Nexus tools to allow security changes from Win9x.
-7). Two locking fixes added. Samba 2.2.1 now passes the Clarion network
-    lock tester tool for distributed databases.
-8). Preliminary support added for Windows 2000 large file read/write SMBs.
-9). Changed random number generator in Samba to prevent guess attacks.
-10). Fixes for tdb corruption in connections.tdb and file locking brlock.tdb.
-     smbd's clean the tdb files on startup and shutdown.
-11). Fixes for default ACLs on Solaris.
-12). Tidyup of password entry caching code.
-13). Correct shutdowns added for send fails. Helps tdb cleanup code.
-14). Prevent invalid '/' characters in workgroup names.
-15). Removed more static arrays in SAMR code.
-16). Client code is now UNICODE on the wire.
-17). Fix 2 second timestamp resolution everywhere if dos timestamp set to yes.
-18). All tdb opens now going through logging function.
-19). Add pam password changing and pam restrictions code.
-20). Printer driver management improvements (delete driver).
-21). Fix difference between NULL security descriptors and empty
-     security descriptors.
-22). Fix SID returns for server roles.
-23). Allow Windows 2000 mmc to view and set Samba share security descriptors.
-24). Allow smbcontrol to forcibly disconnect a share.
-25). tdb fixes for HPUX, OpenBSD and other OS's that don't have a coherent
-     mmap/file read/write cache.
-26). Fix race condition in returning create disposition for file create/open.
-27). Fix NT rewriting of security descriptors to their canonical form for
-     ACLs.
-28). Fix for Samba running on top of Linux VFAT ftruncate bug.
-29). Swat fixes for being run with xinetd that doesn't set the umask.
-30). Fix for slow writes with Win9x Explorer clients. Emulates Microsoft
-     TCP stack early ack specification error.
-31). Changed lock & persistent tdb directory to /var/cache/samba by default on
-     RedHat and Mandrake as they clear the /var/lock/samba directory on reboot.
-
------------------------------------------------------------------------------
-The release notes for 2.2.0a follow :
-
-SECURITY FIX
-============
-
-This is a security bugfix release for Samba 2.2.0. This release provides the
-following two changes *ONLY* from the 2.2.0 release.
-
-1). Fix for the security hole discovered by Michal Zalewski (lcamtuf@bos.bindview.com)
-    and described in the security advisory below.
-2). Fix for the hosts allow/hosts deny parameters not being honoured.
-
-No other changes are being made for this release to ensure a security fix only.
-For new functionality (including these security fixes) download Samba 2.2.1
-when it is available.
-
-The security advisory follows :
-
-
-                IMPORTANT: Security bugfix for Samba
-                ------------------------------------
-
-June 23rd 2001
-
-
-Summary
--------
-
-A serious security hole has been discovered in all versions of Samba
-that allows an attacker to gain root access on the target machine for
-certain types of common Samba configuration.
-
-The immediate fix is to edit your smb.conf configuration file and
-remove all occurances of the macro "%m". Replacing occurances of %m
-with %I is probably the best solution for most sites.
-
-Details
--------
-
-A remote attacker can use a netbios name containing unix path
-characters which will then be substituted into the %m macro wherever
-it occurs in smb.conf. This can be used to cause Samba to create a log
-file on top of an important system file, which in turn can be used to
-compromise security on the server.
-
-The most commonly used configuration option that can be vulnerable to
-this attack is the "log file" option. The default value for this
-option is VARDIR/log.smbd. If the default is used then Samba is not
-vulnerable to this attack.
-
-The security hole occurs when a log file option like the following is
-used:
-
-  log file = /var/log/samba/%m.log
-
-In that case the attacker can use a locally created symbolic link to
-overwrite any file on the system. This requires local access to the
-server.
-
-If your Samba configuration has something like the following:
-
-  log file = /var/log/samba/%m
-
-Then the attacker could successfully compromise your server remotely
-as no symbolic link is required. This type of configuration is very
-rare.
-
-The most commonly used log file configuration containing %m is the
-distributed in the sample configuration file that comes with Samba:
-
-  log file = /var/log/samba/log.%m
-
-in that case your machine is not vulnerable to this attack unless you
-happen to have a subdirectory in /var/log/samba/ which starts with the
-prefix "log."
-
-Credit
-------
-
-Thanks to Michal Zalewski (lcamtuf@bos.bindview.com) for finding this
-vulnerability.
-
-
-New Release
------------
-
-While we recommend that vulnerable sites immediately change their
-smb.conf configuration file to prevent the attack we will also be
-making new releases of Samba within the next 24 hours to properly fix
-the problem. Please see http://www.samba.org/ for the new releases.
-
-Please report any attacks to the appropriate authority.
-
-        The Samba Team
-        security@samba.org
-
----------------------------------------------------------------------------
-
-The release notes for 2.2.0 follow :
-
-This is the official Samba 2.2.0 release. This version of Samba provides
-the following new features and enhancements.
-
-Integration between Windows oplocks and NFS file opens (IRIX and Linux
-2.4 kernel only). This gives complete data and locking integrity between
-Windows and UNIX file access to the same data files.
-
-Ability to act as an authentication source for Windows 2000 clients as
-well as for NT4.x clients.
-
-Integration with the winbind daemon that provides a single
-sign on facility for UNIX servers in Windows 2000/NT4 networks
-driven by a Windows 2000/NT4 PDC. winbind is not included in
-this release, it currently must be obtained separately. We are
-committed to including winbind in a future Samba 2.2.x release.
-
-Support for native Windows 2000/NT4 printing RPCs. This includes
-support for automatic printer driver download.
-
-Support for server supported Access Control Lists (ACLs).
-This release contains support for the following filesystems: 
-
-    Solaris 2.6+ 
-    SGI Irix 
-    Linux Kernel with ACL patch from http://acl.bestbits.at
-	Linux Kernel with XFS ACL support.
-	Caldera/SCO UnixWare
-	IBM AIX
-	FreeBSD (with external patch)
-
-Other platforms will be supported as resources are
-available to test and implement the necessary modules. If
-you are interested in writing the support for a particular
-ACL filesystem, please join the samba-technical mailing
-list and coordinate your efforts. 
- 
-On PAM (Pluggable Authentication Module) based systems - better debugging
-messages and encrypted password users now have access control verified via
-PAM - Note: Authentication still uses the encrypted password database.
- 
-Rewritten internal locking semantics for more robustness.
-This release supports full 64 bit locking semantics on all
-(even 32 bit) platforms. SMB locks are mapped onto POSIX
-locks (32 bit or 64 bit) as the underlying system allows.
-
-Conversion of various internal flat data structures to use
-database records for increased performance and
-flexibility.
-
-Support for acting as a MS-DFS (Distributed File System) server.
-
-Support for manipulating Samba shares using Windows client tools
-(server manager). Per share security can be set using these tools
-and Samba will obey the access restrictions applied.
-
-Samba profiling support (see below).
-
-Compile time option for enabling a (Virtual file system) VFS layer 
-to allow non-disk resources to be exported as Windows filesystems
-(such as databases etc.).
-
-The documentation in this release has been updated and converted
-from Yodl to DocBook 4.1. There are many new parameters since 2.0.7
-and some defaults have changed.
-
-Profiling support.
-------------------
-Support for collection of profile information. A shared 
-memory area has been created which contains counters for
-the number of calls to and the amount of time spent in
-various system calls, smb transactions and nmbd activity. See 
-the file profile.h for a complete listing of the information 
-collected. Sample code for a samba pmda (collection agent
-for Performance Co-Pilot) has been included in the pcp
-directory. 
-
-To enable the profile data collection code in samba, you must 
-compile samba with profile data support (run configure with 
-the --with-profiling-data option). On startup, collection of 
-data is disabled. To begin collecting data use the smbcontrol
-program to turn on profiling (see the smbcontrol man page).
-Profile information collection can be enabled for nmbd, all smbd
-processes or one or more selected processes. The profiling
-data collected is the aggregate for all processes that have
-profiling enabled.
-
-With samba compiled for profile data collection, you may see
-a very slight degradation in performance even with profiling
-collection turned off. On initial tests with NetBench on an
-SGI Origin 200 server, this degradation was not measurable 
-with profile collection off compared to no profile collection
-compiled into samba.
-
-With count profile collection enabled on all clients, the 
-degradation was less than 2%. With full profile collection 
-enabled on all clients, the degradation was about 8.5%. 
-
-=====================================================================
-
-If you think you have found a bug please email a report to :
-
-        samba@samba.org
-
-As always, all bugs are our responsibility.
-
-                                  --Enjoy
-                                  The Samba Team
-
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-2.2.7.html b/whatsnew/samba-2.2.7.html
deleted file mode 100755
index 25b8cf2..0000000
--- a/whatsnew/samba-2.2.7.html
+++ /dev/null
@@ -1,1212 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team are pleased to announce Samba 2.2.7</H2>
-
-<p>
-<pre>
-The Samba Team is proud to announce the release of Samba 2.2.7.
-
-A security hole has been discovered in versions 2.2.2 through 2.2.6
-of Samba that could potentially allow an attacker to gain root access
-on the target machine.  The word "potentially" is used because there
-is no known exploit of this bug, and the Samba Team has not been able to
-craft one ourselves. However, the seriousness of the problem warrants
-this immediate 2.2.7 release.
-
-In addition to addressing this security issue, Samba 2.2.7 also includes
-thirteen unrelated improvements. These improvements result from our
-process of continuous quality assurance and code review, and are part of
-the Samba team's commitment to excellence.
-
-The source code can be downloaded from :
-
-    <a href="/samba/ftp">http://download.samba.org/samba/ftp/</a>
-
-All current source releases have been signed as well using the 
-<a href="/samba/ftp/samba-pubkey.asc">Samba Distribution Key</a>
-
-Binary packages for major platforms can be found at
-
-    <a href="/samba/ftp/Binary_Packages">http://download.samba.org/samba/ftp/Binary_Packages/</a>
-
-The release notes follow.
-
-As always, all bugs are our responsibility.
-
-                                  --Enjoy
-                                  The Samba Team
-
-
-            WHAT'S NEW IN Samba 2.2.7 - 20th November 2002
-            ==============================================
-
-This is the latest stable release of Samba. This is the version
-that all production Samba servers should be running for all current
-bug-fixes.
-
-IMPORTANT: Security bugfix for Samba
-------------------------------------
-
-Summary
--------
-
-A security hole has been discovered in versions 2.2.2 through 2.2.6
-of Samba that could potentially allow an attacker to gain root access
-on the target machine.  The word "potentially" is used because there
-is no known exploit of this bug, and the Samba Team has not been able to
-craft one ourselves. However, the seriousness of the problem warrants
-this immediate 2.2.7 release.
-
-In addition to addressing this security issue, Samba 2.2.7 also includes
-thirteen unrelated improvements. These improvements result from our
-process of continuous quality assurance and code review, and are part of
-the Samba team's commitment to excellence.
-
-Details
--------
-
-There was a bug in the length checking for encrypted password change
-requests from clients. A client could potentially send an encrypted
-password, which, when decrypted with the old hashed password could be
-used as a buffer overrun attack on the stack of smbd. The attach would
-have to be crafted such that converting a DOS codepage string to little
-endian UCS2 unicode would translate into an executable block of code.
-
-All versions of Samba between 2.2.2 to 2.2.6 inclusive are vulnerable
-to this problem. This version of Samba 2.2.7 contains a fix for this
-problem.
-
-Earlier versions of Samba are not vulnerable.
-
-There is no known exploit or exploit code for this vulnerability,
-it was discovered by a code audit by Debian Samba maintainers.
-
-Credit
-------
-
-Thanks to Steve Langasek <vorlon@debian.org> and Eloy Paris
-<peloy@debian.org> for bringing this vulnerability to our notice.
-
-Patch for Samba versions 2.2.2 to 2.2.6
----------------------------------------
-
-The following patch applies cleanly to the above Samba versions
-and will fix the vulnerability for sites that do not wish to upgrade
-to 2.2.7 at this time.
-
--------------------------------cut here---------------------------------
---- libsmb/smbencrypt.c.orig    Tue Nov 19 17:21:57 2002
-+++ libsmb/smbencrypt.c Tue Nov 19 17:22:12 2002
-@@ -63,7 +63,7 @@
-        if(len > 128)
-                len = 128;
-        /* Password must be converted to NT unicode - null terminated. */
--       dos_struni2((char *)wpwd, (const char *)passwd, 256);
-+       dos_struni2((char *)wpwd, (const char *)passwd, len);
-        /* Calculate length in bytes */
-        len = strlen_w((const smb_ucs2_t *)wpwd) * sizeof(int16);
--------------------------------cut here---------------------------------
-
-
-
-Changes since 2.2.6
---------------------
-
-See the cvs log for SAMBA_2_2 for more details
-
-1)  ensure we send the notify message in the same way it is expected
-    to be received by srv_spoolss_receive_message().
-2)  attribute matching on truncate only matters when opening truncate
-    with current SYSTEM|HIDDEN -> NONE. It's fine to truncate on open
-    with current NONE -> SYSTEM | HIDDEN.
-3)  Fix bug in rpcclient's deldriver command
-4)  Don't set global_machine_password_needs_changing if
-    lp_machine_password_timeout() is set to zero
-5)  don't parse the BUFFER5 if the buffer length is zero
-6)  fix core dump if pdbedit is run as non-root or smbpasswd file does
-    not exist
-7)  Ensure can_delete() returns correct error code
-8)  correctly return NT_STATUS_DELETE_PENDING from open code
-9)  fix bug that assumed dos_unistr2 length was in ucs2 units, not bytes
-10) check the long_archi name is not null when deleting a printer driver.
-    fixes core dump in smbd when using rpcclient's deldriver
-11) fix fd leak with kernel change notify on Linux 2.4 kernels
-12) must add one to the extra_data size to transfer the 0 string
-    terminator.  This was causing "wbinfo --sequence" to access past the
-    end of malloced memory
-13) fix for large systems allowing more than 65536 files open in
-    NTcreate&X
-14) Fix bug in %U expansion
-
-
-              =========================================
-
-Older releases notes for 2.2.x distributions follow
-
------------------------------------------------------------------------------
-The release notes for 2.2.6 follow :
-
-There have been several fixes and internal enhancements which include:
-
- * Fixes for MS-RPC printing issues affecting Windows 2000 clients
- * New support for smb.conf generation in SWAT
- * Inclusion of several performance enhancements (See --with-sendfile
-   & and the modified smb.conf(5) parameters in these Release Notes)
- * Fixes for several file locking bugs and returned status codes
-
-
-New Parameters
---------------
-
-Refer to the smb.conf(5) man page for complete descriptions of new parameters.
-
-  * profile acls (S)		workaround for issue with WinXP SP1
-				and roaming user profiles
-
-Removed Parameters
-------------------
-
-  * max packet (G)
-  * packet size (G)
-
-Modified Parameters
--------------------
-
-  * max xmit (G) 		new default value
-  * large readwrite (G)		new default value
-
-New ./configure Options
------------------------
-
-  --with-sendfile		Enable experimental sendfile support
-  --with-winbind-ldap-hack	Enable winbindd_ldap_hack() functionality
-				for Windows 2000 native mode domains
-
-
-Changes since 2.2.5
---------------------
-
-See the cvs log for SAMBA_2_2 for more details
-
-1)  Fixed several compiler warnings caused by the use of const parameters
-2)  Fixed a hang in the main smbd process caused by an EINTR in the
-    wrong place
-3)  Fixed string substitutions to accept a length for sanity checks
-4)  Fixed 17-bit length field in nmb header
-5)  Removed non-portable inline declaration for functions
-6)  Performance fix for including files with an smb.conf variable in the
-    path name
-7)  Fix for parsing LPRng lpq output
-8)  Parsing fix for PRINTER_INFO_2 structure which was causing viewing
-    printer properties to fail
-9)  Fix for printer change notification and Windows NT clients which caused
-    the client to go into an infinite loop of refreshing the local printers
-    folder
-10) Allow trans2 and nttrans messages to be processed in oplock break state
-    which fixes a problem with oplock break requests and Win2k clients
-11) Don't crash on setfileinfo on printer fsp
-12) Memory fixes caught by Valgrind
-13) Updates to stop spurious error message in tdb
-14) Fix silly logic bug in 'make smbd processes' and 'status = no' check
-15) Fix compilation of pam_smbpass and --with-ldap
-16) Fix compilation of smbwrapper on Solaris hosts
-17) fix logic error in a check for enabling the winbind_pam_auth_crap() code
-    & fix formatting typo in --with-winbind-auth-challenge
-18) Correcting check for ldap_start_tls()
-19) Fixed a problem with getgroups() where it could include our current
-    effective gid
-20) fix incorrect semantics in the DeletePrinterDriver() spoolss rpc
-    to only attempt to delete the architecture specified by the client
-21) Don't allow TEMP attribute on directory open
-22) Restore VxFS quotas to the 2.2 branch
-23) Added basic "Wizard" functionality to SWAT
-24) Fix initial "allocation size" in NTcreate&X call
-25) Fix for open fid, "nametoolong"
-26) Exit server on receipt of a non-SMB packet.  Ensure we have
-    at least smb_size bytes before processing a packet
-27) Replace inet_aton with inet_addr() to correct compile problems on Solaris
-28) Include the "account" objectclass when adding a new account to --with-ldapsam
-    in order to comply with the data model implemented by OpenLDAP 2.1.x
-29) Various fixes for POSIX compliance
-30) Correct alignment & offset bug in EnumPrinterDataEx()
-31) Fix access checks when modifying forms using a print server handle
-    (not just a printer handle)
-32) Account for case data_len == 0 in EnumPrinterDataEx()
-33) Fix logic error in blocking lock code
-34) Fixed various incorrect return codes to clients
-35) Add RESOLVE_DFSPATH to mkdir operations
-36) Fix longstanding bug in Win2k clients by clearing the shortname
-    buffer before returning ASCII short name
-37) added -t option to smbpasswd for explicitly changing a trust
-    account password when operating in security = domain
-38) installed -x option to testparm to eXclude printing all parameter
-    values that are at default settings.
-39) Fix shares/printers view in SWAT so that only Basic options are exposed
-    upon initial entry.
-40) Added 1125 & KOI8-U to codepage list in Makefile.in
-41) Include separate configure checks for *openbsd* & *freebsd* when
-    determining flags used to compile shared libraries.
-42) Merge in free list unlock on error fix
-43) Correctly fail opens with mismatching SYSTEM or HIDDEN attributes
-    if we are mapping system or hidden
-44) Fix bug with stat mode open being done on read-only open with truncate
-45) Fix crash bug discovered where cli struct was being deallocated in a
-    called function
-46) Ensure we open UNIX fifo's non-blocking
-47) Fix DeletePrinterDriver() (hopefully for the last time...yeah right....)
-48) only lowercase global_myname in the %L substitution, not the whole string
-49) Merged Steve French's fix for OS/2 EA return error being removed
-50) Patch from Steve French to fix difference in responses to smbclient
-    //server/share ls / on Samba and Windows 2000
-51) Print error and exit if smb.conf doesn't have security=domain and
-    encrypt passwords=yes when joining domain
-52) Added final Steve French patch for "required" attributes with old dir
-    listings
-53) Initialize user_rid value in WINBIND_USERINFO structure returned by
-    the rpc version of query_user()
-54) Ensure we've failed a lock with a lock denied message before automatically
-    pushing it onto the	blocking queue
-55) Add experimental --with-sendfile code
-56) alignment fix in printing code merged from HEAD
-57) Merge fix for other sids in token from HEAD
-58) Merge winbindd with current (more advanced) state of play in APPLIANCE_HEAD
-59) fix smbclient / Win98 off by one bug
-60) Never, *ever* hold a mutex lock in the message database where there may be
-    traversals being attempted
-61) Add LDAP hack for retrieving the SAM sequence number when a member of a
-    Windows 2000 native mode domain
-62) Fix race condition when changing a machine account password as we were
-    no longer locking the secrets entry
-63) Allow '@' as a valid character in domain names
-64) remove jobs from the spool directory when using cups
-65) removed -lresolv for --enable-ldapsam
-66) Memory leak fix and correct use of negative caching in winbindd
-67) Updated spoolss parsing code with known good state of APPLIANCE_HEAD
-68) Delete printer security check was reversed
-69) Windows allows delete printer on a handle opened by an admin user, then
-    used on a pipe handle created by an anonymous user...We do to now...
-70) Make explicit the difference between a tdb key with no data attached, and
-    a non existent entry
-71) Ensure we register the 1c name on the unicast subnet.
-72) Fix inheritance problem when recursively setting ACLs on directories
-73) prevent ACL set on read-only share
-74) Ensure we never have more than MAX_PRINT_JOBS in a queue
-75) Added timeout to tdb_lock_bystring()
-76) Ensure we set FIRST+LAST flags on a bind request
-77) Add version strings to the usage message for smbcacls and smbpasswd
-78) Fix bug in the write cache code
-79) make the default printed values for boolean the same for all parameters
-80) Default all LDAP connections to v3 with compiling with --with-ldapsam
-81) Fix memory leak in smbspool
-82) Fix bug in mangling code that resulted in Win9x clients not being
-    able to execute batch files in deep, non 8.3  directory paths
-83) Fix infinite looping bug in winbindd_getgrent()
-84) Fix crash bug on 64-bit systems (merge from HEAD)
-85) Fix extended character bug when setting LanMan/NT password
-86) Negotiate same SMB read size as a Windows 2000 file server
-    to fix performance bug with NT4 clients
-
-
-              =========================================
-
-Older releases notes for 2.2.x distributions follow
-
------------------------------------------------------------------------------
-The release notes for 2.2.5 follow :
-
-There have been several fixes and internal enhancements which include:
-
-* Several compile fixes for Solaris and HP-UX
-* More printing fixes for Windows NT/2k/XP clients
-* New options for the VFS recycle bin library
-* New internal signal handling semantics relating to directory change
-  notification and oplocks
-
-New/Changed parameters in 2.2.5
---------------------------------
-
-For more information on these parameters, see the man pages for
-smb.conf(5).
-
-Added/changed parameters
-------------------------
-
-* block size = <INTEGER>
-* force unknown acl user = <boolean>
-* mangling method = [hash|hash2]
-
-
-Deprecated Parameters
----------------------
-
-The following parameters have been marked as deprecated and will be removed
-in Samba 3.0
-
-* strip dot
-* status
-
-
-Removed Parameters
-------------------
-
-  none
-
-
-Changes in 2.2.5
-----------------
-
-See the cvs log for SAMBA_2_2 for more details
-
-1)  Removal of several compiler warnings, incorrect Makefile dependencies,
-    and wrong autoconf tests on various platforms--Solaris & HP-UX 10.20
-    being the predominantly reported platforms
-2)  Fixed winbindd crash bug on the IBM s390 running Linux
-3)  Inclusion of enhanced Linux quota support
-4)  Correctly link against Sun LDAP libraries on Solaris 8 (even through
-    there is no apparent SSL support there)
-5)  POSIX conformance patches
-6)  Include new configure --enable-cups option (can also be disabled even
-    if CUPS libraries are installed on the system)
-7)  Set reasonable default for the "passwd program" parameter using an
-    autoconf test
-8)  Added --with-winbind-auth for enabling winbindd_pam_auth_crap() code
-9)  fixed bug to prevent root account from being deleted by the
-    "delete user script"
-10) Inclusion of autoconf script for building VFS modules
-11) Add new run time options to the VFS recycle bin library (see
-    examples/VFS/recycle/README for details)
-12) Include findsmb perl script as part of the "make install" process
-13) Return correct error code for EnumPrinters(PRINTER_ENUM_REMOTE, InfoLevel1)
-    to fix a bug where printers appear at the workgroup level in the Windows
-    NT/2k APW browse list
-14) Added support to nmblookup to return NMB flags (See nmblookup(8) for
-    details)
-15) Fix length bug that caused password changes from Windows NT/2k clients to
-    occasionally fail
-16) Correct false password expiration when using --with-ldapsam caused by
-    missing attributes in the directory
-17) added -S option to smbpasswd for storing the SID of a domain controller
-    as the local machine SID in secrets.tdb.  See the smbpasswd(8) man page
-    for details.
-18) Various fixes for UNIX CIFS extensions commands
-19) Fixed CIDR notation in "hosts allow/deny"
-20) Change semantics of an idle connection to mean "no open files and no
-    open handles".  We cannot idle a connection if there are open named
-    pipe handles.  This fixes scalability problem on Samba print servers
-    and NT/2k clients introduced in 2.2.4
-21) Fix germam umlaut problem when returning ACL entries
-22) Return NT_STATUS_OBJECT_NAME_NOT_FOUND for ENOENT.  This fixes the bug
-    of running the Microsoft Access executable (msaccess.exe) and database
-    files from a Samba share documented in the 2.2.4 release
-23) Corrected signal handling relating to directory change notification and
-    kernel oplocks
-24) Fix bug in unix_to_nt_time() that appeared on files dated close to Daylight
-    Savings Time
-25) Corrected alignment bug in spoolss parsing code which caused Win2k/XP
-    clients not to be able to view printer properties from a Samba host
-26) Fixed spoolss parsing bug causing printing from ACT! 2000 running on
-    Windows 2k/XP clients to fail
-27) Fixed incorrect error check in mod_share_entry()
-28) Allow %S variable in MS-DFS root paths
-29) Correct a bug regarding the use of 'wbinfo -A'
-30) Fixed libnss_wins.so to correctly work on RedHat 7.3 systems
-31) Store the key for a name-to-sid cache entry in upper case rather than
-    whatever case the request was made in.  This gets rid of duplicate
-    cache entries.
-32) Fix bug causing the pid stored in winbindd's pid file to be the wrong id
-33) Enhanced error reporting messages of wbinfo
-34) Parameterize block size on disk size return
-35) Added new parameter to allow incoming ACLs to have owner and group forced
-    to the currently logged in user. This fixes the XCOPY /O problem
-36) Fixed bug in local_change_password() caused by reusing a struct
-    passwd* pointer
-37) Change default value for "ldap port" to 389 if "ldap ssl = no"
-38) Updated HOWTO's, manpages, and general documentation....
-39) Allow root as well as domain admins to open an LDAP connection
-40) Fixed veto files bug with ".*"
-41) Fixed uninitialized variable bug in smbpasswd that was causing a random
-    IP address to be used in the connection when joining a domain
-42) Fix for joining a domain with a netbios name of 15 characters and
-    pre-creating the account on the DC
-43) Added links to new documentation on SWAT welcome page
-
-
-
------------------------------------------------------------------------------
-The release notes for 2.2.4 follow :
-
-There have been several fixes and internal enhancements which include:
-
- * More/better SPOOLSS printing functionality for Windows
-   NT/2k/XP clients.
- * Several fixes relating to serving PC database files such
-   as (Access and FoxPro) from a Samba file share.
- * Several improves in Samba's VFS layer which can be seen
-   in the inclusion of a "Recycle Bin" vfs module.  See
-   examples/VFS/README for more details on this.
- * Addition of a tool (tdbbackup) for backup/restore of Samba's
-   tdb's
- * Continued improvements to winbind for greater scalability
-   and stability
- * Several fixes related to Samba's MS-DFS support
- * Rpcclient's various printer commands now work (again)
-
-
-New/Changed parameters in 2.2.4
---------------------------------
-
-For more information on these parameters, see the man pages for
-smb.conf(5).
-
-Added/changed parameters
-------------------------
-
-* csc policy
-* inherit acls
-* nt status support
-* lock spin count
-* lock spin time
-* pid directory
-* winbind use default domain
-
-
-Deprecated parameters
----------------------
-
-The following parameters have been marked as deprecated
-and will be removed in Samba 3.0
-
-* postscript
-* printer driver
-* printer driver file
-* printer driver location
-
-
-Removed Parameters
-------------------
-
-  none
-
-
-Changes in 2.2.4
-----------------
-
-See the cvs log for SAMBA_2_2 for more details
-
-1)  added -c option to smbpasswd
-2)  reworked smbpasswd internal command line option parsing
-3)  small various bug fixes to experimental pdb_tdb.c
-4)  Enforce spoolss RPCs based on the access granted at PrinterOpen()
-5)  Added missing access checks to [add/delete/set]form
-6)  Compile fixes for pam_smbpass
-7)  fix smbd crash when netbios session request fails from
-    spoolss_connect_to_client().
-8)  fixed logic bug that prevent SetPrinter() from storing devmode
-9)  Removed extra get_printer_snum() calls from set_printer_hnd_name()
-10) fix joining domain on big endian machine when using -U to smbpasswd
-11) allow command line arg to override smb.conf log level
-12) continue to retry to register 1b name with wins server if there is an old IP there
-13) fix smbclient print crash bug
-14) 9x pnp fix when the config file and driver file are different
-15) force testparm to print the correct value for log level
-16) fix swat to show full log level info
-17) fix server GetPrinterData() fields to be more sensible
-18) fix logic error in SetPrinterDataEx()
-19) Only set smb_read_error if not already set
-20) Fix string returns that require unicode
-21) Merge of printing performance fixes from appliance
-22) lpq parsing fixes
-23) Back port tridge's xcopy /o fix from HEAD
-24) Fix the printer change notify code (unfinished)
-25) Patch for Domain users not showing up
-26) Fixed SetPrinterData(magic key) to support zero length DEVMODE
-27) Ensure that all methods of looking up and connecting to DC's work
-    using identical logic.
-28) Merge in the mutex code to stop multiple domain logon failure
-29) Ignore 0/0 lock
-30) Fix winbindd to respect command line debuglevel as nmbd/smbd
-31) Update with tdbbackup from HEAD
-32) Fix for typo on solaris nss
-33) Merge in the locking changes from HEAD
-34) Added POSIX ACL layer into the vfs
-35) Fix the returning of domain enum
-36) Fix the generation of the MACHINE.SID file into the secrets.tdb.
-37) Enable test for -rdynamic when building binaries
-38) Remove the "stat open" code - make it inline
-39) Fix the mp3 rename bug
-40) Fix for Explorer DFS problems on older Windows 9X machines
-41) implement OpenPrinter() opnum == 0x01
-42) Matched W2K *insane* open semantics....
-43) small fix that will prevent the "failed to marshall
-    R_NET_SAMLOGON" message in the logs
-42) don't do checking of local passdb in smbpasswd if using -r option
-43) fix "smbpasswd -j DOMAIN -r * -U Admin%XXXX" so that it doesn't
-    try to connect to a server named '*'
-44) merge rpcclient code from HEAD
-45) Ensure MACHINE.SID update done before child spawns
-46) Fix the bad path errors for mkdir so mkdir \a\b\c\d works
-47) Removed --with-vfs - always built if available
-48) Fixed psec for 2.2
-49) Fixed the handle leak in the connection management code
-50) fix disable spoolss after the switch to nt status codes
-51) Added Shirish's client side caching policy change
-52) Honor the specversion when parsing the the DEVICEMODE
-53) fix parsing bug when DEVICEMODE's private data does not end
-    on a 4 byte boundary
-54) do not idle an smbd when there is an open pipe
-55) when a new driver is added to a Samba server, cycle through
-    all printers and bump the change_id for each one bound to the driver
-56) allow smbclient to work with a FIFO as well (needed for KDE
-    ioslave)
-57) various updates to pdb_nisplus.c
-58) many small documentation updates
-59) removed many compiler warnings
-
-
------------------------------------------------------------------------------
-The release notes for 2.2.3a follow :
-
-This is a minor bugfix release for the 2.2.3 release. The 2.2.3
-release had a problem that was visible to Windows 2000 Explorer
-users in that copying files into a share that already existed
-failed with "Access Denied" rather than asking the user if an
-overwrite was required. This was due to an incorrect error mapping
-between the UNIX EXIST error code and the NT status error.
-
-As Windows Explorer is a highly visible end user application a quick
-bugfix release was required, hence 2.2.3a.
-
-Compilation on HPUX versions earlier than HPUX 11 has also been
-corrected.
-
-The cvs.log file is no longer included with this release, as it adds
-13Mb to the size of the release, and is easily available on the Web.
-
------------------------------------------------------------------------------
-The release notes for 2.2.3 follow :
-
-There are several important scaling bugs that have been fixed in this release
-for large server systems so an upgrade is recommended.
-
-LDAP update
------------
-
-Much work has been done on the LDAP backend code. The configure
-option --with-ldapsam is now considered to be stable. The schema
-used has changed, see the file examples/LDAP/samba.schema for the
-new schema.
-
-New documentation explaining how to set up a Samba only PDC/BDC
-setup has been added in the files Samba-LDAP-HOWTO and Samba-BDC-HOWTO
-in the documentation tree.
-
-winbindd daemon extended
-------------------------
-
-Samba 2.2.2 was the first release to include the winbind daemon.
-This code allows UNIX systems that implement the name service
-switch (nss) to be entered into a Windows NT/2000 domain and
-use the Domain controller for all user and group enumeration.
-
-Samba 2.2.3 fixes the known memory leaks in winbindd and has
-been extended to work with SGI IRIX and HPUX (11.x) in addition
-to the earlier targets of Linux and Solaris.
-
-For more information on using winbind, see the man pages for
-winbindd and wbinfo.
-
-Note that winbindd is not installed by default.
-
-New/Changed parameters in 2.2.3
---------------------------------
-
-For more information on these parameters, see the man pages for
-smb.conf.
-
-Added/changed parameters.
--------------------------
-
-unix extensions
-
-Enables the experimental UNIX CIFS extensions in smbd. See the manpage
-for more details.
-
-default devmode
-
-Some printer drivers will crash the Windows NT/2000 spooler service
-if they are given a default devmode, some require it. This parameter
-allows the administrator a choice of whether smbd returns such a
-default devmode for a driver.
-
-share modes
-
-This parameter has been restored to allow people who wish smbd to ignore
-client share modes. This is *very dangerous* and should not be set without
-full knowledge of what this is designed for.
-
-Changes in 2.2.3
------------------
-
-1). Fixed shared library compile for Solaris with native compiler.
-2). UNIX CIFS extensions code added (donated by HP).
-3). Changed to using NT status codes on the wire if the client can support
-this.
-4). altname command to show 8.3 name added to smbclient.
-5). const-safe endian macros now used.
-6). client code now uses UNICODE on the wire.
-7). Correctly return fault PDU's on bad handle.
-8). Improved NT error code mapping table.
-9). Many new point and print RPC calls added.
-10). Win9x clients can now see full user list.
-11). field added to identify simultaneous open files (no longer
-use dev/inode/time as unique value).
-12). HPUX ACL code added (donated by HP).
-13). vfs interfaces updated (again !).
-14). MSDOS Code Page 866 -> 1251 mapping added.
-15). winbindd now processes quit/hup signals correctly.
-16). No tdb traversal done on startup/shutdown - ensures scalability.
-17). Fix bug with paths for homes share.
-18). Fixed copyfile for OS/2.
-19). Fix group membership when groups are on more than one line.
-20). Fixed core dumps in posix ACL mapping code.
-21). Tidyup of UNICODE functions (put/get).
-22). Move rpcclient to the new libsmb code.
-23). Add missing Windows 2000 passthough trans2 calls.
-24). Return check all tdb calls.
-25). Make local name lookup work even if wins server is down.
-26). pam session code added to winbind.
-27). Added winbindd cache to all lookups.
-28). Fix allocate bugs that caused file sizes to be incorrect.
-29). Fixed write cache code - now safe to use.
-30). Fixed winbindd memory leaks.
-31). winbindd will now do name lookups (to allow non Open Source
-systems to do the nsswitch WINS lookup). Fixed by SGI.
-32). passdb memory leaks fixed.
-33). LDAP code updates and now properly maintained.
-34). Finally figured out how changeid is meant to work.
-35). Downlevel printing now looks as NT does in print monitor window.
-36). Many fixups in spoolss printing RPC parsing.
-37). Speed up password enumeration as a PDC.
-38). Fix printer changed notify messages (work from HP).
-39). Fix modify timestamp on close code.
-40). Fix long standing mangled names bug.
-41). Fix delete on close semantics.
-42). Stop opening all files with O_NONBLOCK !
-43). Use O_NOFOLLOW for systems that have it and don't want symlinks.
-44). Ensure NT supplementary groups get added to user token.
-45). Try and mitigate effects of DNS timeout (do less lookups).
-46). Added current user connection context stack.
-47). Fixes to utmp code.
-48). smbw code tidyups.
-49). Added tdb open log code. Several tdb fixes.
-
------------------------------------------------------------------------------
-The release notes for 2.2.2 follow :
-
-New daemon included - winbindd
-------------------------------
- 
-Samba 2.2.2 is the first release to include the winbind daemon.
-This code allows UNIX systems that implement the name service
-switch (nss) to be entered into a Windows NT/2000 domain and
-use the Domain controller for all user and group enumeration.
- 
-This allows a Samba server added to a Windows domain to serve
-file and print services with *NO* local users needed in /etc/passwd
-and /etc/group - all users and groups are read directly from the
-Windows domain controller. In addition with pam_winbind which allows
-a PAM enabled UNIX system to use a Windows domain for authentication
-service this allows single sign on and account control across
-UNIX and Windows systems.
- 
-The current version of winbindd shipped in 2.2.2 does have some
-memory leaks, which will be addressed for the next Samba release,
-so it is advisable to monitor the winbind process. This code is
-being used in production by several vendors, so the leaks are
-manageable. In addition, this version of winbind does not work
-correctly against a Samba PDC, due to some missing calls on the
-PDC side. These problems are being addressed for the next Samba
-release, but it was thought better to release the code now rather
-than delay the main Samba code to match the winbind release schedule.
- 
-For more information on using winbind, see the man pages for
-winbindd and wbinfo.
- 
-Note that winbindd is not installed by default.
-
-New/Changed parameters in 2.2.2
--------------------------------
-
-For more information on these parameters, see the man pages for
-smb.conf.
-
-Added/changed parameters.
--------------------------
-
-strict allocate
-
-Causes Samba not to create UNIX 'sparse' files, but to follow the
-Windows behavior of always allocating on-disk space.
-
-use mmap
-
-Set to 'on' by default, only set to 'off' on HPUX 11.x or below or other
-UNIX systems that don't have coherent mmap/read-write internal caches.
-You should not need to set this parameter.
-
-nt acl support
-
-This parameter has been changed to a per-share option, and is very
-useful in enabling Windows 2000 SP2 to load/save profiles from a 
-Samba share.
-
-New printing parameters.
-------------------------
-
-disable spoolss
-
-Setting this parameter causes Samba to go back to the old 2.0.x
-LANMAN printing behavior, for people who wish to disable the
-new SPOOLSS pipe.
-
-use client driver
-
-Causes Windows NT/2000 clients to need have a local printer driver
-installed and to treat the printer as local.
-
-New LDAP parameters.
---------------------
-
-Samba 2.2.2 contains new code to maintain a Samba SAM database
-on a remote LDAP server. These parameters have been added as
-part of this code. These parameters are only available when Samba
-has been compiled with the --with-ldapsam option.
-
-ldap admin dn
-ldap ssl
-
-New SSL parameters.
--------------------
-
-The SSL support in Samba has been fixed. These new parameters
-are part of the changes added. These parameters are only available
-when Samba has been compiled with the --with-ssl option. 
-Please see the smb.conf man page for details.
-
-ssl egd socket
-ssl entropy file
-ssl entropy bytes
-
-New winbindd parameters.
-------------------------
-
-These parameters are used by winbindd. See the man page for
-winbindd for details.
-
-winbind separator
-winbind uid
-winbind gid
-winbind cache time
-winbind enum users
-winbind enum groups
-template homedir
-template shell
-
-Removed parameters.
--------------------
-
-share modes
-ldap root
-ldap root passwd
-
-New Documentation.
-------------------
-
-Some new README's have been added in the docs/ directory. These cover
-using roving profiles with Windows 2000 SP2 (docs/README.Win2kSP2),
-and how to use Samba to help prevent Windows virus spread
-(docs/README.Win32-Viruses).
-
-Quota problems on a Linux 2.4 kernel.
--------------------------------------
-
-Currently the quota interfaces have diverged between the Linus
-2.4.x kernels and the Alan Cox 2.4.x kernels (the Alan Cox variants
-are shipped with RedHat). Running quota-enabled Samba compiled on
-an Alan Cox kernel works correctly on an Alan Cox kernel (the one
-shipped by default with RedHat 7.x) but fails on a Linus kernel.
-
-This is a mess, and hopefully Alan and Linus will sort it out soon.
-In the meantime we need to ship.....
-
-Changes in 2.2.2
------------------
-
-1). mmap tdb code disabled on HPUX. This should prevent the reports of
-tdb corruption on HUPX.
-2). Large file support set to off in Solaris 5.5 and below.
-3). Better CUPS detection.
-4). New SAM (password database) backends - smbpasswd (traditional),
-LDAP, NIS+ and Samba TDB.
-5). Quota fixups on Linux.
-6). libsmbclient stand-alone code added. Can be built as a shared library
-under Linux.
-7). Tru64 ACL support added.
-8). winbindd option added.
-9). Realloc fail tidyup fixes all over the code.
-10). Large improvement in hash table code efficiency - would be found with
-large stat caches.
-11). Error code consistency improved (still needs more work).
-12). Profile shared memory support added to nmbd.
-13). New Windows 2000/NT passthrough info levels added.
-14). readraw/writeraw code rewritten - many bugs fixed.
-15). UNIX password sync (non pam) code fixed, use correct wildcard matcher.
-16). Reverse DNS lookup avoided on socket open.
-17). Bug preventing nmbd re-registering names on WINS server timeout fixed.
-18). Zero length byte range lock code added. Much closer to Windows semantics.
-19). Alignment fault fixes for Linux/Alpha.
-20). Error checking on tdb returns vastly improved.
-21). Handling of delete on close fixed. No longer possible to leave 'dead'
-file entries.
-22). Handling of oplock break failure cleanups improved. Should not be
-able to leave 'dead' entries.
-23). Fix handling of errors trying to set 64 bit locks on 32 bit NFS mounts.
-24). Misc. MS-DFS code fixes.
-25). Ignore logon packets if not a PDC (needed for PDC/BDC failover).
-26). winbind pam module added.
-27). Order N^^2 enumeration of printers problem fixed.
-28). Password backend database code re-ordered to allow different password
-backends (at compile time currently).
-29). Improved print driver version detection for Windows 2000.
-30). Driver DEVMODE initialization fixes.
-31). Improved SYSV print parse code.
-32). Fixed enumeration of large numbers of users/groups from Windows clients.
-Code still too slow.
-33). Fix for buggy NetApp RPC pipe clients.
-34). Fix for NT sending multiple SetPrinterDataEx calls.
-35). Fix for logic bug where smbd could delay oplock break request messages
-from other smbd daemons whilst client kept us busy.
-36). Fix deadlock problem with connections tdb on enumeration.
-37). Fixes for setting/getting NT ACLs - improved POSIX mapping both ways.
-38). Removed unused readbmpx/writebmpx code.
-39). Attempt to fix Linux 2.4.x quota mess.
-40). Improved ctemp code for Windows 2000 compatibility.
-41). Finally understood difference between set EOF and set allocation requests.
-Added strict allocate parameter to help.
-42). Correctly return name types on name to SID lookups.
-43). tdb spinlock code update.
-44). Use pread/pwrite on systems that have it to fix race condition in tdb code.
-
------------------------------------------------------------------------------
-The release notes for 2.2.1a follow :
-
-This is a minor bugfix release for 2.2.1, *NOT* security related.
-
-1). 2.2.1 had a bug where using smbpasswd -m to add a Windows NT or
-Windows2000 machine into a Samba hosted PDC would fail due to our
-stricter user name checking. We were disallowing user names
-containing '$', which is needed when using smbpasswd to add a
-machine into a domain. Automatically adding machines (using the
-native Windows tools) into a Samba domain worked correctly.
-
-2.2.1a fixes this single problem.
-
------------------------------------------------------------------------------
-The release notes for 2.2.1 follow :
-
-New/Changed parameters in 2.2.1
--------------------------------
-
-Added parameters.
------------------
-
-obey pam restrictions
-
-When Samba is configured to use PAM, turns on or off Samba checking
-the PAM account restrictions. Defaults to off.
-
-pam password change
-
-When Samba is configured to use PAM, turns on or off Samba passing
-the password changes to PAM. Defaults to off.
-
-large readwrite
-
-New option to allow new Windows 2000 large file (64k) streaming
-read/write options. Needs a 64 bit underlying operating system
-(for Linux use kernel 2.4 with glibc 2.2 or above). Can improve performance
-by 10% with Windows 2000 clients. Defaults to off. Not as tested
-as some other Samba code paths.
-
-hide unreadable
-
-Prevents clients from seeing the existence of files that cannot
-be read. Off by default.
-
-enhanced browsing
-
-Turn on/off the enhanced Samba browsing functionality (*1B names).
-Default is "on". Can prevent eternal machines in workgroups when
-WINS servers are not synchronized.
-
-Removed parameters.
--------------------
-
-domain groups
-domain admin users
-domain guest users
-
-Changes in 2.2.1
------------------
-
-1). "find" command removed for smbclient. Internal code now used.
-2). smbspool updates to retry connections from Michael Sweet.
-3). Fix for mapping 8859-15 characters to UNICODE.
-4). Changed "security=server" to try with invalid username to prevent
-    account lockouts.
-5). Fixes to allow Windows 2000 SP2 clients to join a Samba PDC.
-6). Support for Windows 9x Nexus tools to allow security changes from Win9x.
-7). Two locking fixes added. Samba 2.2.1 now passes the Clarion network
-    lock tester tool for distributed databases.
-8). Preliminary support added for Windows 2000 large file read/write SMBs.
-9). Changed random number generator in Samba to prevent guess attacks.
-10). Fixes for tdb corruption in connections.tdb and file locking brlock.tdb.
-     smbd's clean the tdb files on startup and shutdown.
-11). Fixes for default ACLs on Solaris.
-12). Tidyup of password entry caching code.
-13). Correct shutdowns added for send fails. Helps tdb cleanup code.
-14). Prevent invalid '/' characters in workgroup names.
-15). Removed more static arrays in SAMR code.
-16). Client code is now UNICODE on the wire.
-17). Fix 2 second timestamp resolution everywhere if dos timestamp set to yes.
-18). All tdb opens now going through logging function.
-19). Add pam password changing and pam restrictions code.
-20). Printer driver management improvements (delete driver).
-21). Fix difference between NULL security descriptors and empty
-     security descriptors.
-22). Fix SID returns for server roles.
-23). Allow Windows 2000 mmc to view and set Samba share security descriptors.
-24). Allow smbcontrol to forcibly disconnect a share.
-25). tdb fixes for HPUX, OpenBSD and other OS's that don't have a coherent
-     mmap/file read/write cache.
-26). Fix race condition in returning create disposition for file create/open.
-27). Fix NT rewriting of security descriptors to their canonical form for
-     ACLs.
-28). Fix for Samba running on top of Linux VFAT ftruncate bug.
-29). Swat fixes for being run with xinetd that doesn't set the umask.
-30). Fix for slow writes with Win9x Explorer clients. Emulates Microsoft
-     TCP stack early ack specification error.
-31). Changed lock & persistent tdb directory to /var/cache/samba by default on
-     RedHat and Mandrake as they clear the /var/lock/samba directory on reboot.
-
------------------------------------------------------------------------------
-The release notes for 2.2.0a follow :
-
-SECURITY FIX
-============
-
-This is a security bugfix release for Samba 2.2.0. This release provides the
-following two changes *ONLY* from the 2.2.0 release.
-
-1). Fix for the security hole discovered by Michal Zalewski (lcamtuf@bos.bindview.com)
-    and described in the security advisory below.
-2). Fix for the hosts allow/hosts deny parameters not being honoured.
-
-No other changes are being made for this release to ensure a security fix only.
-For new functionality (including these security fixes) download Samba 2.2.1
-when it is available.
-
-The security advisory follows :
-
-
-                IMPORTANT: Security bugfix for Samba
-                ------------------------------------
-
-June 23rd 2001
-
-
-Summary
--------
-
-A serious security hole has been discovered in all versions of Samba
-that allows an attacker to gain root access on the target machine for
-certain types of common Samba configuration.
-
-The immediate fix is to edit your smb.conf configuration file and
-remove all occurances of the macro "%m". Replacing occurances of %m
-with %I is probably the best solution for most sites.
-
-Details
--------
-
-A remote attacker can use a netbios name containing unix path
-characters which will then be substituted into the %m macro wherever
-it occurs in smb.conf. This can be used to cause Samba to create a log
-file on top of an important system file, which in turn can be used to
-compromise security on the server.
-
-The most commonly used configuration option that can be vulnerable to
-this attack is the "log file" option. The default value for this
-option is VARDIR/log.smbd. If the default is used then Samba is not
-vulnerable to this attack.
-
-The security hole occurs when a log file option like the following is
-used:
-
-  log file = /var/log/samba/%m.log
-
-In that case the attacker can use a locally created symbolic link to
-overwrite any file on the system. This requires local access to the
-server.
-
-If your Samba configuration has something like the following:
-
-  log file = /var/log/samba/%m
-
-Then the attacker could successfully compromise your server remotely
-as no symbolic link is required. This type of configuration is very
-rare.
-
-The most commonly used log file configuration containing %m is the
-distributed in the sample configuration file that comes with Samba:
-
-  log file = /var/log/samba/log.%m
-
-in that case your machine is not vulnerable to this attack unless you
-happen to have a subdirectory in /var/log/samba/ which starts with the
-prefix "log."
-
-Credit
-------
-
-Thanks to Michal Zalewski (lcamtuf@bos.bindview.com) for finding this
-vulnerability.
-
-
-New Release
------------
-
-While we recommend that vulnerable sites immediately change their
-smb.conf configuration file to prevent the attack we will also be
-making new releases of Samba within the next 24 hours to properly fix
-the problem. Please see http://www.samba.org/ for the new releases.
-
-Please report any attacks to the appropriate authority.
-
-        The Samba Team
-        security@samba.org
-
----------------------------------------------------------------------------
-
-The release notes for 2.2.0 follow :
-
-This is the official Samba 2.2.0 release. This version of Samba provides
-the following new features and enhancements.
-
-Integration between Windows oplocks and NFS file opens (IRIX and Linux
-2.4 kernel only). This gives complete data and locking integrity between
-Windows and UNIX file access to the same data files.
-
-Ability to act as an authentication source for Windows 2000 clients as
-well as for NT4.x clients.
-
-Integration with the winbind daemon that provides a single
-sign on facility for UNIX servers in Windows 2000/NT4 networks
-driven by a Windows 2000/NT4 PDC. winbind is not included in
-this release, it currently must be obtained separately. We are
-committed to including winbind in a future Samba 2.2.x release.
-
-Support for native Windows 2000/NT4 printing RPCs. This includes
-support for automatic printer driver download.
-
-Support for server supported Access Control Lists (ACLs).
-This release contains support for the following filesystems: 
-
-    Solaris 2.6+ 
-    SGI Irix 
-    Linux Kernel with ACL patch from http://acl.bestbits.at
-	Linux Kernel with XFS ACL support.
-	Caldera/SCO UnixWare
-	IBM AIX
-	FreeBSD (with external patch)
-
-Other platforms will be supported as resources are
-available to test and implement the necessary modules. If
-you are interested in writing the support for a particular
-ACL filesystem, please join the samba-technical mailing
-list and coordinate your efforts. 
- 
-On PAM (Pluggable Authentication Module) based systems - better debugging
-messages and encrypted password users now have access control verified via
-PAM - Note: Authentication still uses the encrypted password database.
- 
-Rewritten internal locking semantics for more robustness.
-This release supports full 64 bit locking semantics on all
-(even 32 bit) platforms. SMB locks are mapped onto POSIX
-locks (32 bit or 64 bit) as the underlying system allows.
-
-Conversion of various internal flat data structures to use
-database records for increased performance and
-flexibility.
-
-Support for acting as a MS-DFS (Distributed File System) server.
-
-Support for manipulating Samba shares using Windows client tools
-(server manager). Per share security can be set using these tools
-and Samba will obey the access restrictions applied.
-
-Samba profiling support (see below).
-
-Compile time option for enabling a (Virtual file system) VFS layer 
-to allow non-disk resources to be exported as Windows filesystems
-(such as databases etc.).
-
-The documentation in this release has been updated and converted
-from Yodl to DocBook 4.1. There are many new parameters since 2.0.7
-and some defaults have changed.
-
-Profiling support.
-------------------
-Support for collection of profile information. A shared 
-memory area has been created which contains counters for
-the number of calls to and the amount of time spent in
-various system calls, smb transactions and nmbd activity. See 
-the file profile.h for a complete listing of the information 
-collected. Sample code for a samba pmda (collection agent
-for Performance Co-Pilot) has been included in the pcp
-directory. 
-
-To enable the profile data collection code in samba, you must 
-compile samba with profile data support (run configure with 
-the --with-profiling-data option). On startup, collection of 
-data is disabled. To begin collecting data use the smbcontrol
-program to turn on profiling (see the smbcontrol man page).
-Profile information collection can be enabled for nmbd, all smbd
-processes or one or more selected processes. The profiling
-data collected is the aggregate for all processes that have
-profiling enabled.
-
-With samba compiled for profile data collection, you may see
-a very slight degradation in performance even with profiling
-collection turned off. On initial tests with NetBench on an
-SGI Origin 200 server, this degradation was not measurable 
-with profile collection off compared to no profile collection
-compiled into samba.
-
-With count profile collection enabled on all clients, the 
-degradation was less than 2%. With full profile collection 
-enabled on all clients, the degradation was about 8.5%. 
-
-=====================================================================
-
-If you think you have found a bug please email a report to :
-
-        samba@samba.org
-
-As always, all bugs are our responsibility.
-
-                                  --Enjoy
-                                  The Samba Team
-
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-2.2.7a.html b/whatsnew/samba-2.2.7a.html
deleted file mode 100755
index 24a1dc2..0000000
--- a/whatsnew/samba-2.2.7a.html
+++ /dev/null
@@ -1,1227 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team are pleased to announce Samba 2.2.7a</H2>
-
-<p>
-<pre>
-The Samba Team is proud to announce the release of Samba 2.2.7a.
-
-This is the latest stable release of Samba and the version that all 
-production Samba servers should be running for all current bug-fixes.
-
-The source code can be downloaded from :
-
-    <a href="/samba/ftp">http://download.samba.org/samba/ftp/</a>
-
-in the file samba-2.2.7a.tar.gz or samba-2.2.7a.tar.bz2.
-Both archives have been signed as well using the
-<a href="/samba/ftp/samba-pubkey.asc">Samba Distribution Key</a>
-
-Binary packages will be released shortly for major platforms and
-can be found at
-
-    <a href="/samba/ftp/Binary_Packages">http://download.samba.org/samba/ftp/Binary_Packages/</a>
-
-The release notes follow.
-
-As always, all bugs are our responsibility.
-
-                                  --Enjoy
-                                  The Samba Team
-
-
-            WHAT'S NEW IN Samba 2.2.7a - 10th December 2002
-            ===============================================
-
-This is the latest stable release of Samba. This is the version
-that all production Samba servers should be running for all current
-bug-fixes.  The primary reason for this release is to correct problems
-with large file (>2Gb) support.   Please see the "Changes..." section
-for more details.
-
-
-
-Changes since 2.2.7
---------------------
-
-See the cvs log for SAMBA_2_2 for more details
-
-1)  Fix for smbclient reporting negative file sizes on dir command
-    and negative statistics being reported when using put or get
-    on large files.
-2)  Fix bug in determination of allocation size
-3)  Fix 64bit size problems which prevented copying of files larger
-    than 2 GBytes.
-4)  Fix for xcopy /s problem with old DOS clients not sending correct
-    attributes on subsequent SMBsearch calls.
-5)  Fix bug in call to standard_sub_advanced giving a 0 length. This
-    fixes the string overflow in string_sub errors.
-6)  Correctly handle querygroup rpcclient command
-7)  fix broken incremental tar in smbtar command
-
-
-              =========================================
-
-Older releases notes for 2.2.x distributions follow
-
------------------------------------------------------------------------------
-The release notes for 2.2.7 follow :
-
-IMPORTANT: Security bugfix for Samba
-------------------------------------
-
-Summary
--------
-
-A security hole has been discovered in versions 2.2.2 through 2.2.6
-of Samba that could potentially allow an attacker to gain root access
-on the target machine.  The word "potentially" is used because there
-is no known exploit of this bug, and the Samba Team has not been able to
-craft one ourselves. However, the seriousness of the problem warrants
-this immediate 2.2.7 release.
-
-In addition to addressing this security issue, Samba 2.2.7 also includes
-thirteen unrelated improvements. These improvements result from our
-process of continuous quality assurance and code review, and are part of
-the Samba team's commitment to excellence.
-
-Details
--------
-
-There was a bug in the length checking for encrypted password change
-requests from clients. A client could potentially send an encrypted
-password, which, when decrypted with the old hashed password could be
-used as a buffer overrun attack on the stack of smbd. The attach would
-have to be crafted such that converting a DOS codepage string to little
-endian UCS2 unicode would translate into an executable block of code.
-
-All versions of Samba between 2.2.2 to 2.2.6 inclusive are vulnerable
-to this problem. This version of Samba 2.2.7 contains a fix for this
-problem.
-
-Earlier versions of Samba are not vulnerable.
-
-There is no known exploit or exploit code for this vulnerability,
-it was discovered by a code audit by Debian Samba maintainers.
-
-Credit
-------
-
-Thanks to Steve Langasek <vorlon@debian.org> and Eloy Paris
-<peloy@debian.org> for bringing this vulnerability to our notice.
-
-Patch for Samba versions 2.2.2 to 2.2.6
----------------------------------------
-
-The following patch applies cleanly to the above Samba versions
-and will fix the vulnerability for sites that do not wish to upgrade
-to 2.2.7 at this time.
-
--------------------------------cut here---------------------------------
---- libsmb/smbencrypt.c.orig    Tue Nov 19 17:21:57 2002
-+++ libsmb/smbencrypt.c Tue Nov 19 17:22:12 2002
-@@ -63,7 +63,7 @@
-        if(len > 128)
-                len = 128;
-        /* Password must be converted to NT unicode - null terminated. */
--       dos_struni2((char *)wpwd, (const char *)passwd, 256);
-+       dos_struni2((char *)wpwd, (const char *)passwd, len);
-        /* Calculate length in bytes */
-        len = strlen_w((const smb_ucs2_t *)wpwd) * sizeof(int16);
--------------------------------cut here---------------------------------
-
-
-
-Changes since 2.2.6
---------------------
-
-See the cvs log for SAMBA_2_2 for more details
-
-1)  ensure we send the notify message in the same way it is expected
-    to be received by srv_spoolss_receive_message().
-2)  attribute matching on truncate only matters when opening truncate
-    with current SYSTEM|HIDDEN -> NONE. It's fine to truncate on open
-    with current NONE -> SYSTEM | HIDDEN.
-3)  Fix bug in rpcclient's deldriver command
-4)  Don't set global_machine_password_needs_changing if
-    lp_machine_password_timeout() is set to zero
-5)  don't parse the BUFFER5 if the buffer length is zero
-6)  fix core dump if pdbedit is run as non-root or smbpasswd file does
-    not exist
-7)  Ensure can_delete() returns correct error code
-8)  correctly return NT_STATUS_DELETE_PENDING from open code
-9)  fix bug that assumed dos_unistr2 length was in ucs2 units, not bytes
-10) check the long_archi name is not null when deleting a printer driver.
-    fixes core dump in smbd when using rpcclient's deldriver
-11) fix fd leak with kernel change notify on Linux 2.4 kernels
-12) must add one to the extra_data size to transfer the 0 string
-    terminator.  This was causing "wbinfo --sequence" to access past the
-    end of malloced memory
-13) fix for large systems allowing more than 65536 files open in
-    NTcreate&X
-14) Fix bug in %U expansion
-
-
------------------------------------------------------------------------------
-The release notes for 2.2.6 follow :
-
-There have been several fixes and internal enhancements which include:
-
- * Fixes for MS-RPC printing issues affecting Windows 2000 clients
- * New support for smb.conf generation in SWAT
- * Inclusion of several performance enhancements (See --with-sendfile
-   & and the modified smb.conf(5) parameters in these Release Notes)
- * Fixes for several file locking bugs and returned status codes
-
-
-New Parameters
---------------
-
-Refer to the smb.conf(5) man page for complete descriptions of new parameters.
-
-  * profile acls (S)		workaround for issue with WinXP SP1
-				and roaming user profiles
-
-Removed Parameters
-------------------
-
-  * max packet (G)
-  * packet size (G)
-
-Modified Parameters
--------------------
-
-  * max xmit (G) 		new default value
-  * large readwrite (G)		new default value
-
-New ./configure Options
------------------------
-
-  --with-sendfile		Enable experimental sendfile support
-  --with-winbind-ldap-hack	Enable winbindd_ldap_hack() functionality
-				for Windows 2000 native mode domains
-
-
-Changes since 2.2.5
---------------------
-
-See the cvs log for SAMBA_2_2 for more details
-
-1)  Fixed several compiler warnings caused by the use of const parameters
-2)  Fixed a hang in the main smbd process caused by an EINTR in the
-    wrong place
-3)  Fixed string substitutions to accept a length for sanity checks
-4)  Fixed 17-bit length field in nmb header
-5)  Removed non-portable inline declaration for functions
-6)  Performance fix for including files with an smb.conf variable in the
-    path name
-7)  Fix for parsing LPRng lpq output
-8)  Parsing fix for PRINTER_INFO_2 structure which was causing viewing
-    printer properties to fail
-9)  Fix for printer change notification and Windows NT clients which caused
-    the client to go into an infinite loop of refreshing the local printers
-    folder
-10) Allow trans2 and nttrans messages to be processed in oplock break state
-    which fixes a problem with oplock break requests and Win2k clients
-11) Don't crash on setfileinfo on printer fsp
-12) Memory fixes caught by Valgrind
-13) Updates to stop spurious error message in tdb
-14) Fix silly logic bug in 'make smbd processes' and 'status = no' check
-15) Fix compilation of pam_smbpass and --with-ldap
-16) Fix compilation of smbwrapper on Solaris hosts
-17) fix logic error in a check for enabling the winbind_pam_auth_crap() code
-    & fix formatting typo in --with-winbind-auth-challenge
-18) Correcting check for ldap_start_tls()
-19) Fixed a problem with getgroups() where it could include our current
-    effective gid
-20) fix incorrect semantics in the DeletePrinterDriver() spoolss rpc
-    to only attempt to delete the architecture specified by the client
-21) Don't allow TEMP attribute on directory open
-22) Restore VxFS quotas to the 2.2 branch
-23) Added basic "Wizard" functionality to SWAT
-24) Fix initial "allocation size" in NTcreate&X call
-25) Fix for open fid, "nametoolong"
-26) Exit server on receipt of a non-SMB packet.  Ensure we have
-    at least smb_size bytes before processing a packet
-27) Replace inet_aton with inet_addr() to correct compile problems on Solaris
-28) Include the "account" objectclass when adding a new account to --with-ldapsam
-    in order to comply with the data model implemented by OpenLDAP 2.1.x
-29) Various fixes for POSIX compliance
-30) Correct alignment & offset bug in EnumPrinterDataEx()
-31) Fix access checks when modifying forms using a print server handle
-    (not just a printer handle)
-32) Account for case data_len == 0 in EnumPrinterDataEx()
-33) Fix logic error in blocking lock code
-34) Fixed various incorrect return codes to clients
-35) Add RESOLVE_DFSPATH to mkdir operations
-36) Fix longstanding bug in Win2k clients by clearing the shortname
-    buffer before returning ASCII short name
-37) added -t option to smbpasswd for explicitly changing a trust
-    account password when operating in security = domain
-38) installed -x option to testparm to eXclude printing all parameter
-    values that are at default settings.
-39) Fix shares/printers view in SWAT so that only Basic options are exposed
-    upon initial entry.
-40) Added 1125 & KOI8-U to codepage list in Makefile.in
-41) Include separate configure checks for *openbsd* & *freebsd* when
-    determining flags used to compile shared libraries.
-42) Merge in free list unlock on error fix
-43) Correctly fail opens with mismatching SYSTEM or HIDDEN attributes
-    if we are mapping system or hidden
-44) Fix bug with stat mode open being done on read-only open with truncate
-45) Fix crash bug discovered where cli struct was being deallocated in a
-    called function
-46) Ensure we open UNIX fifo's non-blocking
-47) Fix DeletePrinterDriver() (hopefully for the last time...yeah right....)
-48) only lowercase global_myname in the %L substitution, not the whole string
-49) Merged Steve French's fix for OS/2 EA return error being removed
-50) Patch from Steve French to fix difference in responses to smbclient
-    //server/share ls / on Samba and Windows 2000
-51) Print error and exit if smb.conf doesn't have security=domain and
-    encrypt passwords=yes when joining domain
-52) Added final Steve French patch for "required" attributes with old dir
-    listings
-53) Initialize user_rid value in WINBIND_USERINFO structure returned by
-    the rpc version of query_user()
-54) Ensure we've failed a lock with a lock denied message before automatically
-    pushing it onto the	blocking queue
-55) Add experimental --with-sendfile code
-56) alignment fix in printing code merged from HEAD
-57) Merge fix for other sids in token from HEAD
-58) Merge winbindd with current (more advanced) state of play in APPLIANCE_HEAD
-59) fix smbclient / Win98 off by one bug
-60) Never, *ever* hold a mutex lock in the message database where there may be
-    traversals being attempted
-61) Add LDAP hack for retrieving the SAM sequence number when a member of a
-    Windows 2000 native mode domain
-62) Fix race condition when changing a machine account password as we were
-    no longer locking the secrets entry
-63) Allow '@' as a valid character in domain names
-64) remove jobs from the spool directory when using cups
-65) removed -lresolv for --enable-ldapsam
-66) Memory leak fix and correct use of negative caching in winbindd
-67) Updated spoolss parsing code with known good state of APPLIANCE_HEAD
-68) Delete printer security check was reversed
-69) Windows allows delete printer on a handle opened by an admin user, then
-    used on a pipe handle created by an anonymous user...We do to now...
-70) Make explicit the difference between a tdb key with no data attached, and
-    a non existent entry
-71) Ensure we register the 1c name on the unicast subnet.
-72) Fix inheritance problem when recursively setting ACLs on directories
-73) prevent ACL set on read-only share
-74) Ensure we never have more than MAX_PRINT_JOBS in a queue
-75) Added timeout to tdb_lock_bystring()
-76) Ensure we set FIRST+LAST flags on a bind request
-77) Add version strings to the usage message for smbcacls and smbpasswd
-78) Fix bug in the write cache code
-79) make the default printed values for boolean the same for all parameters
-80) Default all LDAP connections to v3 with compiling with --with-ldapsam
-81) Fix memory leak in smbspool
-82) Fix bug in mangling code that resulted in Win9x clients not being
-    able to execute batch files in deep, non 8.3  directory paths
-83) Fix infinite looping bug in winbindd_getgrent()
-84) Fix crash bug on 64-bit systems (merge from HEAD)
-85) Fix extended character bug when setting LanMan/NT password
-86) Negotiate same SMB read size as a Windows 2000 file server
-    to fix performance bug with NT4 clients
-
-
------------------------------------------------------------------------------
-The release notes for 2.2.5 follow :
-
-There have been several fixes and internal enhancements which include:
-
-* Several compile fixes for Solaris and HP-UX
-* More printing fixes for Windows NT/2k/XP clients
-* New options for the VFS recycle bin library
-* New internal signal handling semantics relating to directory change
-  notification and oplocks
-
-New/Changed parameters in 2.2.5
---------------------------------
-
-For more information on these parameters, see the man pages for
-smb.conf(5).
-
-Added/changed parameters
-------------------------
-
-* block size = <INTEGER>
-* force unknown acl user = <boolean>
-* mangling method = [hash|hash2]
-
-
-Deprecated Parameters
----------------------
-
-The following parameters have been marked as deprecated and will be removed
-in Samba 3.0
-
-* strip dot
-* status
-
-
-Removed Parameters
-------------------
-
-  none
-
-
-Changes in 2.2.5
-----------------
-
-See the cvs log for SAMBA_2_2 for more details
-
-1)  Removal of several compiler warnings, incorrect Makefile dependencies,
-    and wrong autoconf tests on various platforms--Solaris & HP-UX 10.20
-    being the predominantly reported platforms
-2)  Fixed winbindd crash bug on the IBM s390 running Linux
-3)  Inclusion of enhanced Linux quota support
-4)  Correctly link against Sun LDAP libraries on Solaris 8 (even through
-    there is no apparent SSL support there)
-5)  POSIX conformance patches
-6)  Include new configure --enable-cups option (can also be disabled even
-    if CUPS libraries are installed on the system)
-7)  Set reasonable default for the "passwd program" parameter using an
-    autoconf test
-8)  Added --with-winbind-auth for enabling winbindd_pam_auth_crap() code
-9)  fixed bug to prevent root account from being deleted by the
-    "delete user script"
-10) Inclusion of autoconf script for building VFS modules
-11) Add new run time options to the VFS recycle bin library (see
-    examples/VFS/recycle/README for details)
-12) Include findsmb perl script as part of the "make install" process
-13) Return correct error code for EnumPrinters(PRINTER_ENUM_REMOTE, InfoLevel1)
-    to fix a bug where printers appear at the workgroup level in the Windows
-    NT/2k APW browse list
-14) Added support to nmblookup to return NMB flags (See nmblookup(8) for
-    details)
-15) Fix length bug that caused password changes from Windows NT/2k clients to
-    occasionally fail
-16) Correct false password expiration when using --with-ldapsam caused by
-    missing attributes in the directory
-17) added -S option to smbpasswd for storing the SID of a domain controller
-    as the local machine SID in secrets.tdb.  See the smbpasswd(8) man page
-    for details.
-18) Various fixes for UNIX CIFS extensions commands
-19) Fixed CIDR notation in "hosts allow/deny"
-20) Change semantics of an idle connection to mean "no open files and no
-    open handles".  We cannot idle a connection if there are open named
-    pipe handles.  This fixes scalability problem on Samba print servers
-    and NT/2k clients introduced in 2.2.4
-21) Fix germam umlaut problem when returning ACL entries
-22) Return NT_STATUS_OBJECT_NAME_NOT_FOUND for ENOENT.  This fixes the bug
-    of running the Microsoft Access executable (msaccess.exe) and database
-    files from a Samba share documented in the 2.2.4 release
-23) Corrected signal handling relating to directory change notification and
-    kernel oplocks
-24) Fix bug in unix_to_nt_time() that appeared on files dated close to Daylight
-    Savings Time
-25) Corrected alignment bug in spoolss parsing code which caused Win2k/XP
-    clients not to be able to view printer properties from a Samba host
-26) Fixed spoolss parsing bug causing printing from ACT! 2000 running on
-    Windows 2k/XP clients to fail
-27) Fixed incorrect error check in mod_share_entry()
-28) Allow %S variable in MS-DFS root paths
-29) Correct a bug regarding the use of 'wbinfo -A'
-30) Fixed libnss_wins.so to correctly work on RedHat 7.3 systems
-31) Store the key for a name-to-sid cache entry in upper case rather than
-    whatever case the request was made in.  This gets rid of duplicate
-    cache entries.
-32) Fix bug causing the pid stored in winbindd's pid file to be the wrong id
-33) Enhanced error reporting messages of wbinfo
-34) Parameterize block size on disk size return
-35) Added new parameter to allow incoming ACLs to have owner and group forced
-    to the currently logged in user. This fixes the XCOPY /O problem
-36) Fixed bug in local_change_password() caused by reusing a struct
-    passwd* pointer
-37) Change default value for "ldap port" to 389 if "ldap ssl = no"
-38) Updated HOWTO's, manpages, and general documentation....
-39) Allow root as well as domain admins to open an LDAP connection
-40) Fixed veto files bug with ".*"
-41) Fixed uninitialized variable bug in smbpasswd that was causing a random
-    IP address to be used in the connection when joining a domain
-42) Fix for joining a domain with a netbios name of 15 characters and
-    pre-creating the account on the DC
-43) Added links to new documentation on SWAT welcome page
-
-
-
------------------------------------------------------------------------------
-The release notes for 2.2.4 follow :
-
-There have been several fixes and internal enhancements which include:
-
- * More/better SPOOLSS printing functionality for Windows
-   NT/2k/XP clients.
- * Several fixes relating to serving PC database files such
-   as (Access and FoxPro) from a Samba file share.
- * Several improves in Samba's VFS layer which can be seen
-   in the inclusion of a "Recycle Bin" vfs module.  See
-   examples/VFS/README for more details on this.
- * Addition of a tool (tdbbackup) for backup/restore of Samba's
-   tdb's
- * Continued improvements to winbind for greater scalability
-   and stability
- * Several fixes related to Samba's MS-DFS support
- * Rpcclient's various printer commands now work (again)
-
-
-New/Changed parameters in 2.2.4
---------------------------------
-
-For more information on these parameters, see the man pages for
-smb.conf(5).
-
-Added/changed parameters
-------------------------
-
-* csc policy
-* inherit acls
-* nt status support
-* lock spin count
-* lock spin time
-* pid directory
-* winbind use default domain
-
-
-Deprecated parameters
----------------------
-
-The following parameters have been marked as deprecated
-and will be removed in Samba 3.0
-
-* postscript
-* printer driver
-* printer driver file
-* printer driver location
-
-
-Removed Parameters
-------------------
-
-  none
-
-
-Changes in 2.2.4
-----------------
-
-See the cvs log for SAMBA_2_2 for more details
-
-1)  added -c option to smbpasswd
-2)  reworked smbpasswd internal command line option parsing
-3)  small various bug fixes to experimental pdb_tdb.c
-4)  Enforce spoolss RPCs based on the access granted at PrinterOpen()
-5)  Added missing access checks to [add/delete/set]form
-6)  Compile fixes for pam_smbpass
-7)  fix smbd crash when netbios session request fails from
-    spoolss_connect_to_client().
-8)  fixed logic bug that prevent SetPrinter() from storing devmode
-9)  Removed extra get_printer_snum() calls from set_printer_hnd_name()
-10) fix joining domain on big endian machine when using -U to smbpasswd
-11) allow command line arg to override smb.conf log level
-12) continue to retry to register 1b name with wins server if there is an old IP there
-13) fix smbclient print crash bug
-14) 9x pnp fix when the config file and driver file are different
-15) force testparm to print the correct value for log level
-16) fix swat to show full log level info
-17) fix server GetPrinterData() fields to be more sensible
-18) fix logic error in SetPrinterDataEx()
-19) Only set smb_read_error if not already set
-20) Fix string returns that require unicode
-21) Merge of printing performance fixes from appliance
-22) lpq parsing fixes
-23) Back port tridge's xcopy /o fix from HEAD
-24) Fix the printer change notify code (unfinished)
-25) Patch for Domain users not showing up
-26) Fixed SetPrinterData(magic key) to support zero length DEVMODE
-27) Ensure that all methods of looking up and connecting to DC's work
-    using identical logic.
-28) Merge in the mutex code to stop multiple domain logon failure
-29) Ignore 0/0 lock
-30) Fix winbindd to respect command line debuglevel as nmbd/smbd
-31) Update with tdbbackup from HEAD
-32) Fix for typo on solaris nss
-33) Merge in the locking changes from HEAD
-34) Added POSIX ACL layer into the vfs
-35) Fix the returning of domain enum
-36) Fix the generation of the MACHINE.SID file into the secrets.tdb.
-37) Enable test for -rdynamic when building binaries
-38) Remove the "stat open" code - make it inline
-39) Fix the mp3 rename bug
-40) Fix for Explorer DFS problems on older Windows 9X machines
-41) implement OpenPrinter() opnum == 0x01
-42) Matched W2K *insane* open semantics....
-43) small fix that will prevent the "failed to marshall
-    R_NET_SAMLOGON" message in the logs
-42) don't do checking of local passdb in smbpasswd if using -r option
-43) fix "smbpasswd -j DOMAIN -r * -U Admin%XXXX" so that it doesn't
-    try to connect to a server named '*'
-44) merge rpcclient code from HEAD
-45) Ensure MACHINE.SID update done before child spawns
-46) Fix the bad path errors for mkdir so mkdir \a\b\c\d works
-47) Removed --with-vfs - always built if available
-48) Fixed psec for 2.2
-49) Fixed the handle leak in the connection management code
-50) fix disable spoolss after the switch to nt status codes
-51) Added Shirish's client side caching policy change
-52) Honor the specversion when parsing the the DEVICEMODE
-53) fix parsing bug when DEVICEMODE's private data does not end
-    on a 4 byte boundary
-54) do not idle an smbd when there is an open pipe
-55) when a new driver is added to a Samba server, cycle through
-    all printers and bump the change_id for each one bound to the driver
-56) allow smbclient to work with a FIFO as well (needed for KDE
-    ioslave)
-57) various updates to pdb_nisplus.c
-58) many small documentation updates
-59) removed many compiler warnings
-
-
------------------------------------------------------------------------------
-The release notes for 2.2.3a follow :
-
-This is a minor bugfix release for the 2.2.3 release. The 2.2.3
-release had a problem that was visible to Windows 2000 Explorer
-users in that copying files into a share that already existed
-failed with "Access Denied" rather than asking the user if an
-overwrite was required. This was due to an incorrect error mapping
-between the UNIX EXIST error code and the NT status error.
-
-As Windows Explorer is a highly visible end user application a quick
-bugfix release was required, hence 2.2.3a.
-
-Compilation on HPUX versions earlier than HPUX 11 has also been
-corrected.
-
-The cvs.log file is no longer included with this release, as it adds
-13Mb to the size of the release, and is easily available on the Web.
-
------------------------------------------------------------------------------
-The release notes for 2.2.3 follow :
-
-There are several important scaling bugs that have been fixed in this release
-for large server systems so an upgrade is recommended.
-
-LDAP update
------------
-
-Much work has been done on the LDAP backend code. The configure
-option --with-ldapsam is now considered to be stable. The schema
-used has changed, see the file examples/LDAP/samba.schema for the
-new schema.
-
-New documentation explaining how to set up a Samba only PDC/BDC
-setup has been added in the files Samba-LDAP-HOWTO and Samba-BDC-HOWTO
-in the documentation tree.
-
-winbindd daemon extended
-------------------------
-
-Samba 2.2.2 was the first release to include the winbind daemon.
-This code allows UNIX systems that implement the name service
-switch (nss) to be entered into a Windows NT/2000 domain and
-use the Domain controller for all user and group enumeration.
-
-Samba 2.2.3 fixes the known memory leaks in winbindd and has
-been extended to work with SGI IRIX and HPUX (11.x) in addition
-to the earlier targets of Linux and Solaris.
-
-For more information on using winbind, see the man pages for
-winbindd and wbinfo.
-
-Note that winbindd is not installed by default.
-
-New/Changed parameters in 2.2.3
---------------------------------
-
-For more information on these parameters, see the man pages for
-smb.conf.
-
-Added/changed parameters.
--------------------------
-
-unix extensions
-
-Enables the experimental UNIX CIFS extensions in smbd. See the manpage
-for more details.
-
-default devmode
-
-Some printer drivers will crash the Windows NT/2000 spooler service
-if they are given a default devmode, some require it. This parameter
-allows the administrator a choice of whether smbd returns such a
-default devmode for a driver.
-
-share modes
-
-This parameter has been restored to allow people who wish smbd to ignore
-client share modes. This is *very dangerous* and should not be set without
-full knowledge of what this is designed for.
-
-Changes in 2.2.3
------------------
-
-1). Fixed shared library compile for Solaris with native compiler.
-2). UNIX CIFS extensions code added (donated by HP).
-3). Changed to using NT status codes on the wire if the client can support
-this.
-4). altname command to show 8.3 name added to smbclient.
-5). const-safe endian macros now used.
-6). client code now uses UNICODE on the wire.
-7). Correctly return fault PDU's on bad handle.
-8). Improved NT error code mapping table.
-9). Many new point and print RPC calls added.
-10). Win9x clients can now see full user list.
-11). field added to identify simultaneous open files (no longer
-use dev/inode/time as unique value).
-12). HPUX ACL code added (donated by HP).
-13). vfs interfaces updated (again !).
-14). MSDOS Code Page 866 -> 1251 mapping added.
-15). winbindd now processes quit/hup signals correctly.
-16). No tdb traversal done on startup/shutdown - ensures scalability.
-17). Fix bug with paths for homes share.
-18). Fixed copyfile for OS/2.
-19). Fix group membership when groups are on more than one line.
-20). Fixed core dumps in posix ACL mapping code.
-21). Tidyup of UNICODE functions (put/get).
-22). Move rpcclient to the new libsmb code.
-23). Add missing Windows 2000 passthough trans2 calls.
-24). Return check all tdb calls.
-25). Make local name lookup work even if wins server is down.
-26). pam session code added to winbind.
-27). Added winbindd cache to all lookups.
-28). Fix allocate bugs that caused file sizes to be incorrect.
-29). Fixed write cache code - now safe to use.
-30). Fixed winbindd memory leaks.
-31). winbindd will now do name lookups (to allow non Open Source
-systems to do the nsswitch WINS lookup). Fixed by SGI.
-32). passdb memory leaks fixed.
-33). LDAP code updates and now properly maintained.
-34). Finally figured out how changeid is meant to work.
-35). Downlevel printing now looks as NT does in print monitor window.
-36). Many fixups in spoolss printing RPC parsing.
-37). Speed up password enumeration as a PDC.
-38). Fix printer changed notify messages (work from HP).
-39). Fix modify timestamp on close code.
-40). Fix long standing mangled names bug.
-41). Fix delete on close semantics.
-42). Stop opening all files with O_NONBLOCK !
-43). Use O_NOFOLLOW for systems that have it and don't want symlinks.
-44). Ensure NT supplementary groups get added to user token.
-45). Try and mitigate effects of DNS timeout (do less lookups).
-46). Added current user connection context stack.
-47). Fixes to utmp code.
-48). smbw code tidyups.
-49). Added tdb open log code. Several tdb fixes.
-
------------------------------------------------------------------------------
-The release notes for 2.2.2 follow :
-
-New daemon included - winbindd
-------------------------------
- 
-Samba 2.2.2 is the first release to include the winbind daemon.
-This code allows UNIX systems that implement the name service
-switch (nss) to be entered into a Windows NT/2000 domain and
-use the Domain controller for all user and group enumeration.
- 
-This allows a Samba server added to a Windows domain to serve
-file and print services with *NO* local users needed in /etc/passwd
-and /etc/group - all users and groups are read directly from the
-Windows domain controller. In addition with pam_winbind which allows
-a PAM enabled UNIX system to use a Windows domain for authentication
-service this allows single sign on and account control across
-UNIX and Windows systems.
- 
-The current version of winbindd shipped in 2.2.2 does have some
-memory leaks, which will be addressed for the next Samba release,
-so it is advisable to monitor the winbind process. This code is
-being used in production by several vendors, so the leaks are
-manageable. In addition, this version of winbind does not work
-correctly against a Samba PDC, due to some missing calls on the
-PDC side. These problems are being addressed for the next Samba
-release, but it was thought better to release the code now rather
-than delay the main Samba code to match the winbind release schedule.
- 
-For more information on using winbind, see the man pages for
-winbindd and wbinfo.
- 
-Note that winbindd is not installed by default.
-
-New/Changed parameters in 2.2.2
--------------------------------
-
-For more information on these parameters, see the man pages for
-smb.conf.
-
-Added/changed parameters.
--------------------------
-
-strict allocate
-
-Causes Samba not to create UNIX 'sparse' files, but to follow the
-Windows behavior of always allocating on-disk space.
-
-use mmap
-
-Set to 'on' by default, only set to 'off' on HPUX 11.x or below or other
-UNIX systems that don't have coherent mmap/read-write internal caches.
-You should not need to set this parameter.
-
-nt acl support
-
-This parameter has been changed to a per-share option, and is very
-useful in enabling Windows 2000 SP2 to load/save profiles from a 
-Samba share.
-
-New printing parameters.
-------------------------
-
-disable spoolss
-
-Setting this parameter causes Samba to go back to the old 2.0.x
-LANMAN printing behavior, for people who wish to disable the
-new SPOOLSS pipe.
-
-use client driver
-
-Causes Windows NT/2000 clients to need have a local printer driver
-installed and to treat the printer as local.
-
-New LDAP parameters.
---------------------
-
-Samba 2.2.2 contains new code to maintain a Samba SAM database
-on a remote LDAP server. These parameters have been added as
-part of this code. These parameters are only available when Samba
-has been compiled with the --with-ldapsam option.
-
-ldap admin dn
-ldap ssl
-
-New SSL parameters.
--------------------
-
-The SSL support in Samba has been fixed. These new parameters
-are part of the changes added. These parameters are only available
-when Samba has been compiled with the --with-ssl option. 
-Please see the smb.conf man page for details.
-
-ssl egd socket
-ssl entropy file
-ssl entropy bytes
-
-New winbindd parameters.
-------------------------
-
-These parameters are used by winbindd. See the man page for
-winbindd for details.
-
-winbind separator
-winbind uid
-winbind gid
-winbind cache time
-winbind enum users
-winbind enum groups
-template homedir
-template shell
-
-Removed parameters.
--------------------
-
-share modes
-ldap root
-ldap root passwd
-
-New Documentation.
-------------------
-
-Some new README's have been added in the docs/ directory. These cover
-using roving profiles with Windows 2000 SP2 (docs/README.Win2kSP2),
-and how to use Samba to help prevent Windows virus spread
-(docs/README.Win32-Viruses).
-
-Quota problems on a Linux 2.4 kernel.
--------------------------------------
-
-Currently the quota interfaces have diverged between the Linus
-2.4.x kernels and the Alan Cox 2.4.x kernels (the Alan Cox variants
-are shipped with RedHat). Running quota-enabled Samba compiled on
-an Alan Cox kernel works correctly on an Alan Cox kernel (the one
-shipped by default with RedHat 7.x) but fails on a Linus kernel.
-
-This is a mess, and hopefully Alan and Linus will sort it out soon.
-In the meantime we need to ship.....
-
-Changes in 2.2.2
------------------
-
-1). mmap tdb code disabled on HPUX. This should prevent the reports of
-tdb corruption on HUPX.
-2). Large file support set to off in Solaris 5.5 and below.
-3). Better CUPS detection.
-4). New SAM (password database) backends - smbpasswd (traditional),
-LDAP, NIS+ and Samba TDB.
-5). Quota fixups on Linux.
-6). libsmbclient stand-alone code added. Can be built as a shared library
-under Linux.
-7). Tru64 ACL support added.
-8). winbindd option added.
-9). Realloc fail tidyup fixes all over the code.
-10). Large improvement in hash table code efficiency - would be found with
-large stat caches.
-11). Error code consistency improved (still needs more work).
-12). Profile shared memory support added to nmbd.
-13). New Windows 2000/NT passthrough info levels added.
-14). readraw/writeraw code rewritten - many bugs fixed.
-15). UNIX password sync (non pam) code fixed, use correct wildcard matcher.
-16). Reverse DNS lookup avoided on socket open.
-17). Bug preventing nmbd re-registering names on WINS server timeout fixed.
-18). Zero length byte range lock code added. Much closer to Windows semantics.
-19). Alignment fault fixes for Linux/Alpha.
-20). Error checking on tdb returns vastly improved.
-21). Handling of delete on close fixed. No longer possible to leave 'dead'
-file entries.
-22). Handling of oplock break failure cleanups improved. Should not be
-able to leave 'dead' entries.
-23). Fix handling of errors trying to set 64 bit locks on 32 bit NFS mounts.
-24). Misc. MS-DFS code fixes.
-25). Ignore logon packets if not a PDC (needed for PDC/BDC failover).
-26). winbind pam module added.
-27). Order N^^2 enumeration of printers problem fixed.
-28). Password backend database code re-ordered to allow different password
-backends (at compile time currently).
-29). Improved print driver version detection for Windows 2000.
-30). Driver DEVMODE initialization fixes.
-31). Improved SYSV print parse code.
-32). Fixed enumeration of large numbers of users/groups from Windows clients.
-Code still too slow.
-33). Fix for buggy NetApp RPC pipe clients.
-34). Fix for NT sending multiple SetPrinterDataEx calls.
-35). Fix for logic bug where smbd could delay oplock break request messages
-from other smbd daemons whilst client kept us busy.
-36). Fix deadlock problem with connections tdb on enumeration.
-37). Fixes for setting/getting NT ACLs - improved POSIX mapping both ways.
-38). Removed unused readbmpx/writebmpx code.
-39). Attempt to fix Linux 2.4.x quota mess.
-40). Improved ctemp code for Windows 2000 compatibility.
-41). Finally understood difference between set EOF and set allocation requests.
-Added strict allocate parameter to help.
-42). Correctly return name types on name to SID lookups.
-43). tdb spinlock code update.
-44). Use pread/pwrite on systems that have it to fix race condition in tdb code.
-
------------------------------------------------------------------------------
-The release notes for 2.2.1a follow :
-
-This is a minor bugfix release for 2.2.1, *NOT* security related.
-
-1). 2.2.1 had a bug where using smbpasswd -m to add a Windows NT or
-Windows2000 machine into a Samba hosted PDC would fail due to our
-stricter user name checking. We were disallowing user names
-containing '$', which is needed when using smbpasswd to add a
-machine into a domain. Automatically adding machines (using the
-native Windows tools) into a Samba domain worked correctly.
-
-2.2.1a fixes this single problem.
-
------------------------------------------------------------------------------
-The release notes for 2.2.1 follow :
-
-New/Changed parameters in 2.2.1
--------------------------------
-
-Added parameters.
------------------
-
-obey pam restrictions
-
-When Samba is configured to use PAM, turns on or off Samba checking
-the PAM account restrictions. Defaults to off.
-
-pam password change
-
-When Samba is configured to use PAM, turns on or off Samba passing
-the password changes to PAM. Defaults to off.
-
-large readwrite
-
-New option to allow new Windows 2000 large file (64k) streaming
-read/write options. Needs a 64 bit underlying operating system
-(for Linux use kernel 2.4 with glibc 2.2 or above). Can improve performance
-by 10% with Windows 2000 clients. Defaults to off. Not as tested
-as some other Samba code paths.
-
-hide unreadable
-
-Prevents clients from seeing the existence of files that cannot
-be read. Off by default.
-
-enhanced browsing
-
-Turn on/off the enhanced Samba browsing functionality (*1B names).
-Default is "on". Can prevent eternal machines in workgroups when
-WINS servers are not synchronized.
-
-Removed parameters.
--------------------
-
-domain groups
-domain admin users
-domain guest users
-
-Changes in 2.2.1
------------------
-
-1). "find" command removed for smbclient. Internal code now used.
-2). smbspool updates to retry connections from Michael Sweet.
-3). Fix for mapping 8859-15 characters to UNICODE.
-4). Changed "security=server" to try with invalid username to prevent
-    account lockouts.
-5). Fixes to allow Windows 2000 SP2 clients to join a Samba PDC.
-6). Support for Windows 9x Nexus tools to allow security changes from Win9x.
-7). Two locking fixes added. Samba 2.2.1 now passes the Clarion network
-    lock tester tool for distributed databases.
-8). Preliminary support added for Windows 2000 large file read/write SMBs.
-9). Changed random number generator in Samba to prevent guess attacks.
-10). Fixes for tdb corruption in connections.tdb and file locking brlock.tdb.
-     smbd's clean the tdb files on startup and shutdown.
-11). Fixes for default ACLs on Solaris.
-12). Tidyup of password entry caching code.
-13). Correct shutdowns added for send fails. Helps tdb cleanup code.
-14). Prevent invalid '/' characters in workgroup names.
-15). Removed more static arrays in SAMR code.
-16). Client code is now UNICODE on the wire.
-17). Fix 2 second timestamp resolution everywhere if dos timestamp set to yes.
-18). All tdb opens now going through logging function.
-19). Add pam password changing and pam restrictions code.
-20). Printer driver management improvements (delete driver).
-21). Fix difference between NULL security descriptors and empty
-     security descriptors.
-22). Fix SID returns for server roles.
-23). Allow Windows 2000 mmc to view and set Samba share security descriptors.
-24). Allow smbcontrol to forcibly disconnect a share.
-25). tdb fixes for HPUX, OpenBSD and other OS's that don't have a coherent
-     mmap/file read/write cache.
-26). Fix race condition in returning create disposition for file create/open.
-27). Fix NT rewriting of security descriptors to their canonical form for
-     ACLs.
-28). Fix for Samba running on top of Linux VFAT ftruncate bug.
-29). Swat fixes for being run with xinetd that doesn't set the umask.
-30). Fix for slow writes with Win9x Explorer clients. Emulates Microsoft
-     TCP stack early ack specification error.
-31). Changed lock & persistent tdb directory to /var/cache/samba by default on
-     RedHat and Mandrake as they clear the /var/lock/samba directory on reboot.
-
------------------------------------------------------------------------------
-The release notes for 2.2.0a follow :
-
-SECURITY FIX
-============
-
-This is a security bugfix release for Samba 2.2.0. This release provides the
-following two changes *ONLY* from the 2.2.0 release.
-
-1). Fix for the security hole discovered by Michal Zalewski (lcamtuf@bos.bindview.com)
-    and described in the security advisory below.
-2). Fix for the hosts allow/hosts deny parameters not being honoured.
-
-No other changes are being made for this release to ensure a security fix only.
-For new functionality (including these security fixes) download Samba 2.2.1
-when it is available.
-
-The security advisory follows :
-
-
-                IMPORTANT: Security bugfix for Samba
-                ------------------------------------
-
-June 23rd 2001
-
-
-Summary
--------
-
-A serious security hole has been discovered in all versions of Samba
-that allows an attacker to gain root access on the target machine for
-certain types of common Samba configuration.
-
-The immediate fix is to edit your smb.conf configuration file and
-remove all occurances of the macro "%m". Replacing occurances of %m
-with %I is probably the best solution for most sites.
-
-Details
--------
-
-A remote attacker can use a netbios name containing unix path
-characters which will then be substituted into the %m macro wherever
-it occurs in smb.conf. This can be used to cause Samba to create a log
-file on top of an important system file, which in turn can be used to
-compromise security on the server.
-
-The most commonly used configuration option that can be vulnerable to
-this attack is the "log file" option. The default value for this
-option is VARDIR/log.smbd. If the default is used then Samba is not
-vulnerable to this attack.
-
-The security hole occurs when a log file option like the following is
-used:
-
-  log file = /var/log/samba/%m.log
-
-In that case the attacker can use a locally created symbolic link to
-overwrite any file on the system. This requires local access to the
-server.
-
-If your Samba configuration has something like the following:
-
-  log file = /var/log/samba/%m
-
-Then the attacker could successfully compromise your server remotely
-as no symbolic link is required. This type of configuration is very
-rare.
-
-The most commonly used log file configuration containing %m is the
-distributed in the sample configuration file that comes with Samba:
-
-  log file = /var/log/samba/log.%m
-
-in that case your machine is not vulnerable to this attack unless you
-happen to have a subdirectory in /var/log/samba/ which starts with the
-prefix "log."
-
-Credit
-------
-
-Thanks to Michal Zalewski (lcamtuf@bos.bindview.com) for finding this
-vulnerability.
-
-
-New Release
------------
-
-While we recommend that vulnerable sites immediately change their
-smb.conf configuration file to prevent the attack we will also be
-making new releases of Samba within the next 24 hours to properly fix
-the problem. Please see http://www.samba.org/ for the new releases.
-
-Please report any attacks to the appropriate authority.
-
-        The Samba Team
-        security@samba.org
-
----------------------------------------------------------------------------
-
-The release notes for 2.2.0 follow :
-
-This is the official Samba 2.2.0 release. This version of Samba provides
-the following new features and enhancements.
-
-Integration between Windows oplocks and NFS file opens (IRIX and Linux
-2.4 kernel only). This gives complete data and locking integrity between
-Windows and UNIX file access to the same data files.
-
-Ability to act as an authentication source for Windows 2000 clients as
-well as for NT4.x clients.
-
-Integration with the winbind daemon that provides a single
-sign on facility for UNIX servers in Windows 2000/NT4 networks
-driven by a Windows 2000/NT4 PDC. winbind is not included in
-this release, it currently must be obtained separately. We are
-committed to including winbind in a future Samba 2.2.x release.
-
-Support for native Windows 2000/NT4 printing RPCs. This includes
-support for automatic printer driver download.
-
-Support for server supported Access Control Lists (ACLs).
-This release contains support for the following filesystems: 
-
-    Solaris 2.6+ 
-    SGI Irix 
-    Linux Kernel with ACL patch from http://acl.bestbits.at
-	Linux Kernel with XFS ACL support.
-	Caldera/SCO UnixWare
-	IBM AIX
-	FreeBSD (with external patch)
-
-Other platforms will be supported as resources are
-available to test and implement the necessary modules. If
-you are interested in writing the support for a particular
-ACL filesystem, please join the samba-technical mailing
-list and coordinate your efforts. 
- 
-On PAM (Pluggable Authentication Module) based systems - better debugging
-messages and encrypted password users now have access control verified via
-PAM - Note: Authentication still uses the encrypted password database.
- 
-Rewritten internal locking semantics for more robustness.
-This release supports full 64 bit locking semantics on all
-(even 32 bit) platforms. SMB locks are mapped onto POSIX
-locks (32 bit or 64 bit) as the underlying system allows.
-
-Conversion of various internal flat data structures to use
-database records for increased performance and
-flexibility.
-
-Support for acting as a MS-DFS (Distributed File System) server.
-
-Support for manipulating Samba shares using Windows client tools
-(server manager). Per share security can be set using these tools
-and Samba will obey the access restrictions applied.
-
-Samba profiling support (see below).
-
-Compile time option for enabling a (Virtual file system) VFS layer 
-to allow non-disk resources to be exported as Windows filesystems
-(such as databases etc.).
-
-The documentation in this release has been updated and converted
-from Yodl to DocBook 4.1. There are many new parameters since 2.0.7
-and some defaults have changed.
-
-Profiling support.
-------------------
-Support for collection of profile information. A shared 
-memory area has been created which contains counters for
-the number of calls to and the amount of time spent in
-various system calls, smb transactions and nmbd activity. See 
-the file profile.h for a complete listing of the information 
-collected. Sample code for a samba pmda (collection agent
-for Performance Co-Pilot) has been included in the pcp
-directory. 
-
-To enable the profile data collection code in samba, you must 
-compile samba with profile data support (run configure with 
-the --with-profiling-data option). On startup, collection of 
-data is disabled. To begin collecting data use the smbcontrol
-program to turn on profiling (see the smbcontrol man page).
-Profile information collection can be enabled for nmbd, all smbd
-processes or one or more selected processes. The profiling
-data collected is the aggregate for all processes that have
-profiling enabled.
-
-With samba compiled for profile data collection, you may see
-a very slight degradation in performance even with profiling
-collection turned off. On initial tests with NetBench on an
-SGI Origin 200 server, this degradation was not measurable 
-with profile collection off compared to no profile collection
-compiled into samba.
-
-With count profile collection enabled on all clients, the 
-degradation was less than 2%. With full profile collection 
-enabled on all clients, the degradation was about 8.5%. 
-
-=====================================================================
-
-If you think you have found a bug please email a report to :
-
-        samba@samba.org
-
-As always, all bugs are our responsibility.
-
-                                  --Enjoy
-                                  The Samba Team
-
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-2.2.8.html b/whatsnew/samba-2.2.8.html
deleted file mode 100755
index ddec3e3..0000000
--- a/whatsnew/samba-2.2.8.html
+++ /dev/null
@@ -1,341 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team announces Samba 2.2.8</H2>
-
-<p>
-<pre>
-               ****************************************
-               * IMPORTANT: Security bugfix for Samba *
-               ****************************************
-
-This release provides an important security fix outlined in the
-release notes that follow. This is the latest stable release of
-Samba and the version that all production Samba servers should be
-running for all current bug-fixes.
-
-The source code can be downloaded from :
-
-    <a href="/samba/ftp">http://download.samba.org/samba/ftp/</a>
-
-in the file samba-2.2.8.tar.gz or samba-2.2.8.tar.bz2.
-Both archives have been signed using the Samba Distribution Key.
-
-Binary packages will be released shortly for major platforms and
-can be found at
-
-    <a href="/samba/ftp/Binary_Packages">http://download.samba.org/samba/ftp/Binary_Packages/</a>
-
-As always, all bugs are our responsibility.
-
-                           --Sincerely
-                           The Samba Team
-
-
-Summary
--------
-
-The SuSE security audit team, in particular <a href="mailto:krahmer@suse.de">Sebastian 
-Krahmer</a>, has found a flaw in the Samba main smbd code which
-could allow an external attacker to remotely and anonymously gain
-Super User (root) privileges on a server running a Samba server.
-
-This flaw exists in previous versions of Samba from 2.0.x to 2.2.7a
-inclusive.  This is a serious problem and all sites should either
-upgrade to Samba 2.2.8 immediately or prohibit access to TCP ports 139
-and 445. Advice created by Andrew Tridgell, the leader of the Samba Team,
-on how to protect an unpatched Samba server is given at the end of this
-section.
-
-The SMB/CIFS protocol implemented by Samba is vulnerable to many
-attacks, even without specific security holes.  The TCP ports 139 and
-the new port 445 (used by Win2k and the Samba 3.0 alpha code in
-particular) should never be exposed to untrusted networks.
-
-Description
------------
-
-A buffer overrun condition exists in the SMB/CIFS packet fragment
-re-assembly code in smbd which would allow an attacker to cause smbd
-to overwrite arbitrary areas of memory in its own process address
-space. This could allow a skilled attacker to inject binary specific
-exploit code into smbd.
-
-This version of Samba adds explicit overrun and overflow checks on
-fragment re-assembly of SMB/CIFS packets to ensure that only valid
-re-assembly is performed by smbd.
-
-In addition, the same checks have been added to the re-assembly
-functions in the client code, making it safe for use in other
-services.
-
-Credit
-------
-
-This security flaw was discovered and reported to the Samba Team by
-Sebastian Krahmer <krahmer@suse.de> of the SuSE Security Audit Team.
-The fix was prepared by Jeremy Allison and reviewed by engineers from
-the Samba Team, SuSE, HP, SGI, Apple, and the Linux vendor engineers
-on the Linux Vendor security mailing list.
-
-The Samba Team would like to thank SuSE and Sebastian Krahmer for
-their excellent auditing work and for drawing attention to this flaw.
-
-Patch Availability
------------------
-
-As this is a security issue, patches for this flaw specific to earlier
-versions of Samba will be posted on the samba-technical@samba.org
-mailing list as requested.
-
-
-************************************
-Protecting an unpatched Samba server
-************************************
-
-  Samba Team, March 2003
-
-  This is a note on how to provide your Samba server some
-  protection against the recently discovered remote security
-  hole if you are unable to upgrade to the fixed version
-  immediately. Even if you do upgrade you might like to think
-  about the suggestions in this note to provide you with
-  additional levels of protection.
-
-
-  Using host based protection
-  ---------------------------
-
-  In many installations of Samba the greatest threat comes for
-  outside your immediate network. By default Samba will accept
-  connections from any host, which means that if you run an
-  insecure version of Samba on a host that is directly
-  connected to the Internet you can be especially vulnerable.
-
-  One of the simplest fixes in this case is to use the 'hosts
-  allow' and 'hosts deny' options in the Samba smb.conf
-  configuration file to only allow access to your server from a
-  specific range of hosts. An example might be:
-
-
-    hosts allow = 127.0.0.1 192.168.2.0/24 192.168.3.0/24
-    hosts deny = 0.0.0.0/0
-
-  The above will only allow SMB connections from 'localhost'
-  (your own computer) and from the two private networks
-  192.168.2 and 192.168.3. All other connections will be
-  refused connections as soon as the client sends its first
-  packet. The refusal will be marked as a 'not listening on
-  called name' error.
-
-
-  Using interface protection
-  --------------------------
-
-  By default Samba will accept connections on any network
-  interface that it finds on your system. That means if you
-  have a ISDN line or a PPP connection to the Internet then
-  Samba will accept connections on those links. This may not be
-  what you want.
-
-  You can change this behavior using options like the
-  following:
-
-    interfaces = eth* lo
-    bind interfaces only = yes
-
-  that tells Samba to only listen for connections on interfaces
-  with a name starting with 'eth' such as eth0, eth1, plus on
-  the loopback interface called 'lo'. The name you will need to
-  use depends on what OS you are using. In the above I used the
-  common name for ethernet adapters on Linux.
-
-  If you use the above and someone tries to make a SMB
-  connection to your host over a PPP interface called 'ppp0',
-  they will get a TCP connection refused reply. In that
-  case no Samba code is run at all as the operating system has
-  been told not to pass connections from that interface to any
-  process.
-
-
-  Using a firewall
-  ----------------
-
-  Many people use a firewall to deny access to services that
-  they don't want exposed outside their network. This can be a
-  very good idea, although I would recommend using it in
-  conjunction with the above methods so that you are protected
-  even if your firewall is not active for some reason.
-
-  If you are setting up a firewall then you need to know what
-  TCP and UDP ports to allow and block. Samba uses the
-  following:
-
-    UDP/137    - used by nmbd
-    UDP/138    - used by nmbd
-    TCP/139    - used by smbd
-    TCP/445    - used by smbd
-
-  The last one is important as many older firewall setups may
-  not be aware of it, given that this port was only added to
-  the protocol in recent years.
-
-
-  Using a IPC$ share deny
-  -----------------------
-
-  If the above methods are not suitable, then you could also
-  place a more specific deny on the IPC$ share that is used in
-  the recently discovered security hole. This allows you to
-  offer access to other shares while denying access to IPC$
-  from potentially untrustworthy hosts.
-
-  To do that you could use:
-
-    [ipc$]
-        hosts allow = 192.168.115.0/24 127.0.0.1
-        hosts deny = 0.0.0.0/0
-
-  this would tell Samba that IPC$ connections are not allowed
-  from anywhere but the two listed places (localhost and a
-  local subnet). Connections to other shares would still be
-  allowed. As the IPC$ share is the only share that is always
-  accessible anonymously this provides some level of protection
-  against attackers that do not know a username/password for
-  your host.
-
-
-  If you use this method then clients will be given a 'access
-  denied' reply when they try to access the IPC$ share. That
-  means that those clients will not be able to browse shares,
-  and may also be unable to access some other resources.
-
-  I don't recommend this method unless you cannot use one of
-  the other methods listed above for some reason.
-
-
-  Upgrading Samba
-  ---------------
-
-  Of course the best solution is to upgrade Samba to a version
-  where the bug has been fixed. If you wish to also use one of
-  the additional measures above then that would certainly be a
-  good idea.
-
-  Please check regularly on http://www.samba.org/ for updates
-  and important announcements.
-
-
-            ****************************************
-            ****************************************
-
------------------------------------------------------------------
-
-Changes since 2.2.7a
---------------------
-
-New Parameters
-
-    * acl compatibility
-
-Additional Changes:
-    See the cvs log for SAMBA_2_2 for more details
-
-1)  smbumount lazy patch from Mandrake
-2)  Check for too many processes *before* the fork.
-3)  make sure we don't run over the end of 'name' in unix_convert()
-4)  set umask to 0 before creating socket directory.
-5)  Fix the LARGE_SMB_OFF_T problems and allow smbd to do the right
-    thing in interactive mode when a log file dir is also specified.
-6)  Fix delete on close semantics to match W2K.
-7)  Correctly return access denied on share mode deny when we can't
-    open the file.
-8)  Always use safe_strcpy not pstrcpy for malloc()'d strings
-9)  Fixes for HP-UX only having limited POSIX lock range
-10) Added uid/gid caching code. Reduces load on winbindd.
-11) Removed extra copy of server name in the printername field (it was
-    mangling the the name to be \\server\\\server\printer
-12) Fix dumb perror used without errno being set.
-13) Do retries correctly if the connection to the DC has failed.
-14) Correctly check for inet_addr fail.
-15) Ensure we use getgrnam() unless BROKEN_GETGRNAM is defined.
-16) Fix for missing if (setting_acls) on default perms.
-17) Fix to cache the sidtype
-18) fix printer settings on Solaris (big-endian) print servers.
-    ASCII -> UNICODE conversion bug.
-19) Small fix check correct error return.
-20) Ensure space_avail is unsigned.
-21) patch to check for a valid [f]chmod_acl function pointer
-    before calling it.  Fixes seg fault in audit VFS module
-22) When checking is_locked() new WRITE locks conflict with existing
-    READ locks even if the context is the same.
-23) Merge off-by-one crash fixes from HEAD
-24) Move off-by-one buggy malloc()/safe_strcpy() combination to
-    strdup() instead.
-25) Merge from HEAD. Use pstrcpy not safe_strcpy.
-26) Fix to allow blocking lock notification to be done rapidly (no wait
-    for smb -> smb lock release). Adds new PENDING_LOCK type to lockdb
-    (does not interfere with existing locks).
-27) Doxygen cleanups for code documentation
-28) limit the unix domain sockets used by winbindd  by adding a
-    "last_access" field to winbindd connections, and will close
-    the oldest idle connection once the number of open connections goes
-    over WINBINDD_MAX_SIMULTANEOUS_CLIENTS (defined in local.h as 200
-    currently)
-29) Fix a couple of string handling errors in smbd/dir.c that would
-    cause smbd to crash
-30) Fix seg fault in smbpasswd when specifying the new password
-    as a command line argument
-31) Correct 64-but file sizes issues with smbtar and smbclient
-32) Add batch mode option to pdbedit
-33) Add protection in nmbd against malformed reply packets
-34) Fix bug with sendfile profiling support in smbstatus output
-35) Correct bug in "hide unreadable" smb.conf parameter that
-    resulted in incorrect directory listings
-36) Fix bug in group enumeration in winbindd
-37) Correct build issues with libsmbclient on Solaris
-38) Fix memory leak and bad pointer dereference in password
-    changing code in smbd
-39) Fix for changing attributes on a file truncate
-40) Ensure smbd process count never gets to -1 if limiting number
-    of processes
-41) Ensure we return disk full by default on short writes
-42) Don't delete jobs submitted after the lpq time
-43) Fix reference count bug where smbds would not terminate
-    with no open resources
-44) Performance fix when using quota support on HP-UX
-45) Fixes for --with-ldapsam
-    * Default to port 389 when "ldap ssl != on"
-    * add support for rebinding to the master directory server
-      for password changes when "ldap server" points to a read-only
-      slave
-46) Add -W and -X command line flags to smbpasswd for extracting and
-    setting the machine/domain SID in secrets.tdb.  See the
-    smbpasswd(8) man page for details.
-47) Added (c) Luke Howard to winbind_nss_solaris.c for coded
-    obtained from PADL's nss_ldap library.
-48) Fix bug in samr_dispinfo query in winbindd
-49) Fix segfault in NTLMSSP password changing code for
-    guest connections
-50) Correct pstring/fstring mismatches
-51) Send level II oplock break requests synchronously to prevent
-    condition where one smbd would continually lock a share entry
-    in locking.tdb
-52) Miscellaneous cleanups for tdb error conditions and appending
-    data in a record
-53) Implement correct open file truncate semantics with DOS
-    attributes
-54) Enforce wide links = no on files as well as directories
-55) Include shared library checks for Stratus VOS
-56) Include support for CUPS printer classes and logging the remote
-    client name
-57) Include  "WinXP" (Windows XP) and "Win2K3" (Windows .NET) values
-    for %a
-58) Increase the max PDU size to deal with some troublesome printer
-    drivers and Windows NT 4.0 clients
-59) increment the process counter immediately after the fork
-    (not just when we receive the first smb packet)
-60) Ensure rename sets errno correctly
-61) Unify ACL code (back-port from 3.0)
-62) Fix some further issues around off_t and large offsets
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-2.2.8a.html b/whatsnew/samba-2.2.8a.html
deleted file mode 100755
index e6dcc69..0000000
--- a/whatsnew/samba-2.2.8a.html
+++ /dev/null
@@ -1,386 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team announces Samba 2.2.8a</H2>
-
-<p>
-<pre>
-               ****************************************
-               * IMPORTANT: Security bugfix for Samba *
-               ****************************************
-
-This release provides an important security fix outlined in the
-release notes that follow. This is the latest stable release of
-Samba and the version that all production Samba servers should be
-running for all current bug-fixes.
-
-The source code can be downloaded from :
-
-    <a href="/samba/ftp">http://download.samba.org/samba/ftp/</a>
-
-in the file samba-2.2.8a.tar.gz or samba-2.2.8a.tar.bz2.
-Both archives have been signed using the Samba Distribution Key.
-
-Binary packages will be released shortly for major platforms and
-can be found at
-
-    <a href="/samba/ftp/Binary_Packages">http://download.samba.org/samba/ftp/Binary_Packages/</a>
-
-As always, all bugs are our responsibility.
-
-                           --Sincerely
-                           The Samba Team
-
-Summary
--------
-
-Digital Defense, Inc. has alerted the Samba Team to a serious
-vulnerability in all stable versions of Samba currently shipping.
-The Common Vulnerabilities and Exposures (CVE) project has assigned
-the ID CAN-2003-0201 to this defect.
-
-This vulnerability, if exploited correctly, leads to an anonymous
-user gaining root access on a Samba serving system. All versions
-of Samba up to and including Samba 2.2.8 are vulnerable. An active
-exploit of the bug has been reported in the wild. Alpha versions of
-Samba 3.0 and above are *NOT* vulnerable.
-
-
-Credit
-------
-
-The Samba Team would like to thank Erik Parker and the team at
-Digital Defense, Inc. for their efforts spent in the responsible
-and timely reporting of this bug.
-
-
-Patch Availability
-------------------
-
-The Samba 2.2.8a release contains only updates to address this
-security issue. A roll-up patch for release 2.2.7a and 2.0.10
-addressing both CAN-2003-0201 and CAN-2003-0085 can be obtained
-from http://www.samba.org/samba/ftp/patches/security/.
-
-
-            ========================================
-
-
-Older releases notes for 2.2.x distributions follow
-
------------------------------------------------------------------
-
-The release notes for 2.2.8 follow:
-
-            ****************************************
-            * IMPORTANT: Security bugfix for Samba *
-            ****************************************
-
-
-Summary
--------
-
-The SuSE security audit team, in particular <a href="mailto:krahmer@suse.de">Sebastian 
-Krahmer</a>, has found a flaw in the Samba main smbd code which
-could allow an external attacker to remotely and anonymously gain
-Super User (root) privileges on a server running a Samba server.
-
-This flaw exists in previous versions of Samba from 2.0.x to 2.2.7a
-inclusive.  This is a serious problem and all sites should either
-upgrade to Samba 2.2.8 immediately or prohibit access to TCP ports 139
-and 445. Advice created by Andrew Tridgell, the leader of the Samba Team,
-on how to protect an unpatched Samba server is given at the end of this
-section.
-
-The SMB/CIFS protocol implemented by Samba is vulnerable to many
-attacks, even without specific security holes.  The TCP ports 139 and
-the new port 445 (used by Win2k and the Samba 3.0 alpha code in
-particular) should never be exposed to untrusted networks.
-
-Description
------------
-
-A buffer overrun condition exists in the SMB/CIFS packet fragment
-re-assembly code in smbd which would allow an attacker to cause smbd
-to overwrite arbitrary areas of memory in its own process address
-space. This could allow a skilled attacker to inject binary specific
-exploit code into smbd.
-
-This version of Samba adds explicit overrun and overflow checks on
-fragment re-assembly of SMB/CIFS packets to ensure that only valid
-re-assembly is performed by smbd.
-
-In addition, the same checks have been added to the re-assembly
-functions in the client code, making it safe for use in other
-services.
-
-Credit
-------
-
-This security flaw was discovered and reported to the Samba Team by
-Sebastian Krahmer <krahmer@suse.de> of the SuSE Security Audit Team.
-The fix was prepared by Jeremy Allison and reviewed by engineers from
-the Samba Team, SuSE, HP, SGI, Apple, and the Linux vendor engineers
-on the Linux Vendor security mailing list.
-
-The Samba Team would like to thank SuSE and Sebastian Krahmer for
-their excellent auditing work and for drawing attention to this flaw.
-
-Patch Availability
------------------
-
-As this is a security issue, patches for this flaw specific to earlier
-versions of Samba will be posted on the samba-technical@samba.org
-mailing list as requested.
-
-
-************************************
-Protecting an unpatched Samba server
-************************************
-
-  Samba Team, March 2003
-
-  This is a note on how to provide your Samba server some
-  protection against the recently discovered remote security
-  hole if you are unable to upgrade to the fixed version
-  immediately. Even if you do upgrade you might like to think
-  about the suggestions in this note to provide you with
-  additional levels of protection.
-
-
-  Using host based protection
-  ---------------------------
-
-  In many installations of Samba the greatest threat comes for
-  outside your immediate network. By default Samba will accept
-  connections from any host, which means that if you run an
-  insecure version of Samba on a host that is directly
-  connected to the Internet you can be especially vulnerable.
-
-  One of the simplest fixes in this case is to use the 'hosts
-  allow' and 'hosts deny' options in the Samba smb.conf
-  configuration file to only allow access to your server from a
-  specific range of hosts. An example might be:
-
-
-    hosts allow = 127.0.0.1 192.168.2.0/24 192.168.3.0/24
-    hosts deny = 0.0.0.0/0
-
-  The above will only allow SMB connections from 'localhost'
-  (your own computer) and from the two private networks
-  192.168.2 and 192.168.3. All other connections will be
-  refused connections as soon as the client sends its first
-  packet. The refusal will be marked as a 'not listening on
-  called name' error.
-
-
-  Using interface protection
-  --------------------------
-
-  By default Samba will accept connections on any network
-  interface that it finds on your system. That means if you
-  have a ISDN line or a PPP connection to the Internet then
-  Samba will accept connections on those links. This may not be
-  what you want.
-
-  You can change this behavior using options like the
-  following:
-
-    interfaces = eth* lo
-    bind interfaces only = yes
-
-  that tells Samba to only listen for connections on interfaces
-  with a name starting with 'eth' such as eth0, eth1, plus on
-  the loopback interface called 'lo'. The name you will need to
-  use depends on what OS you are using. In the above I used the
-  common name for ethernet adapters on Linux.
-
-  If you use the above and someone tries to make a SMB
-  connection to your host over a PPP interface called 'ppp0',
-  they will get a TCP connection refused reply. In that
-  case no Samba code is run at all as the operating system has
-  been told not to pass connections from that interface to any
-  process.
-
-
-  Using a firewall
-  ----------------
-
-  Many people use a firewall to deny access to services that
-  they don't want exposed outside their network. This can be a
-  very good idea, although I would recommend using it in
-  conjunction with the above methods so that you are protected
-  even if your firewall is not active for some reason.
-
-  If you are setting up a firewall then you need to know what
-  TCP and UDP ports to allow and block. Samba uses the
-  following:
-
-    UDP/137    - used by nmbd
-    UDP/138    - used by nmbd
-    TCP/139    - used by smbd
-    TCP/445    - used by smbd
-
-  The last one is important as many older firewall setups may
-  not be aware of it, given that this port was only added to
-  the protocol in recent years.
-
-
-  Using a IPC$ share deny
-  -----------------------
-
-  If the above methods are not suitable, then you could also
-  place a more specific deny on the IPC$ share that is used in
-  the recently discovered security hole. This allows you to
-  offer access to other shares while denying access to IPC$
-  from potentially untrustworthy hosts.
-
-  To do that you could use:
-
-    [ipc$]
-        hosts allow = 192.168.115.0/24 127.0.0.1
-        hosts deny = 0.0.0.0/0
-
-  this would tell Samba that IPC$ connections are not allowed
-  from anywhere but the two listed places (localhost and a
-  local subnet). Connections to other shares would still be
-  allowed. As the IPC$ share is the only share that is always
-  accessible anonymously this provides some level of protection
-  against attackers that do not know a username/password for
-  your host.
-
-
-  If you use this method then clients will be given a 'access
-  denied' reply when they try to access the IPC$ share. That
-  means that those clients will not be able to browse shares,
-  and may also be unable to access some other resources.
-
-  I don't recommend this method unless you cannot use one of
-  the other methods listed above for some reason.
-
-
-  Upgrading Samba
-  ---------------
-
-  Of course the best solution is to upgrade Samba to a version
-  where the bug has been fixed. If you wish to also use one of
-  the additional measures above then that would certainly be a
-  good idea.
-
-  Please check regularly on http://www.samba.org/ for updates
-  and important announcements.
-
-
-            ****************************************
-            ****************************************
-
------------------------------------------------------------------
-
-Changes since 2.2.7a
---------------------
-
-New Parameters
-
-    * acl compatibility
-
-Additional Changes:
-    See the cvs log for SAMBA_2_2 for more details
-
-1)  smbumount lazy patch from Mandrake
-2)  Check for too many processes *before* the fork.
-3)  make sure we don't run over the end of 'name' in unix_convert()
-4)  set umask to 0 before creating socket directory.
-5)  Fix the LARGE_SMB_OFF_T problems and allow smbd to do the right
-    thing in interactive mode when a log file dir is also specified.
-6)  Fix delete on close semantics to match W2K.
-7)  Correctly return access denied on share mode deny when we can't
-    open the file.
-8)  Always use safe_strcpy not pstrcpy for malloc()'d strings
-9)  Fixes for HP-UX only having limited POSIX lock range
-10) Added uid/gid caching code. Reduces load on winbindd.
-11) Removed extra copy of server name in the printername field (it was
-    mangling the the name to be \\server\\\server\printer
-12) Fix dumb perror used without errno being set.
-13) Do retries correctly if the connection to the DC has failed.
-14) Correctly check for inet_addr fail.
-15) Ensure we use getgrnam() unless BROKEN_GETGRNAM is defined.
-16) Fix for missing if (setting_acls) on default perms.
-17) Fix to cache the sidtype
-18) fix printer settings on Solaris (big-endian) print servers.
-    ASCII -> UNICODE conversion bug.
-19) Small fix check correct error return.
-20) Ensure space_avail is unsigned.
-21) patch to check for a valid [f]chmod_acl function pointer
-    before calling it.  Fixes seg fault in audit VFS module
-22) When checking is_locked() new WRITE locks conflict with existing
-    READ locks even if the context is the same.
-23) Merge off-by-one crash fixes from HEAD
-24) Move off-by-one buggy malloc()/safe_strcpy() combination to
-    strdup() instead.
-25) Merge from HEAD. Use pstrcpy not safe_strcpy.
-26) Fix to allow blocking lock notification to be done rapidly (no wait
-    for smb -> smb lock release). Adds new PENDING_LOCK type to lockdb
-    (does not interfere with existing locks).
-27) Doxygen cleanups for code documentation
-28) limit the unix domain sockets used by winbindd  by adding a
-    "last_access" field to winbindd connections, and will close
-    the oldest idle connection once the number of open connections goes
-    over WINBINDD_MAX_SIMULTANEOUS_CLIENTS (defined in local.h as 200
-    currently)
-29) Fix a couple of string handling errors in smbd/dir.c that would
-    cause smbd to crash
-30) Fix seg fault in smbpasswd when specifying the new password
-    as a command line argument
-31) Correct 64-but file sizes issues with smbtar and smbclient
-32) Add batch mode option to pdbedit
-33) Add protection in nmbd against malformed reply packets
-34) Fix bug with sendfile profiling support in smbstatus output
-35) Correct bug in "hide unreadable" smb.conf parameter that
-    resulted in incorrect directory listings
-36) Fix bug in group enumeration in winbindd
-37) Correct build issues with libsmbclient on Solaris
-38) Fix memory leak and bad pointer dereference in password
-    changing code in smbd
-39) Fix for changing attributes on a file truncate
-40) Ensure smbd process count never gets to -1 if limiting number
-    of processes
-41) Ensure we return disk full by default on short writes
-42) Don't delete jobs submitted after the lpq time
-43) Fix reference count bug where smbds would not terminate
-    with no open resources
-44) Performance fix when using quota support on HP-UX
-45) Fixes for --with-ldapsam
-    * Default to port 389 when "ldap ssl != on"
-    * add support for rebinding to the master directory server
-      for password changes when "ldap server" points to a read-only
-      slave
-46) Add -W and -X command line flags to smbpasswd for extracting and
-    setting the machine/domain SID in secrets.tdb.  See the
-    smbpasswd(8) man page for details.
-47) Added (c) Luke Howard to winbind_nss_solaris.c for coded
-    obtained from PADL's nss_ldap library.
-48) Fix bug in samr_dispinfo query in winbindd
-49) Fix segfault in NTLMSSP password changing code for
-    guest connections
-50) Correct pstring/fstring mismatches
-51) Send level II oplock break requests synchronously to prevent
-    condition where one smbd would continually lock a share entry
-    in locking.tdb
-52) Miscellaneous cleanups for tdb error conditions and appending
-    data in a record
-53) Implement correct open file truncate semantics with DOS
-    attributes
-54) Enforce wide links = no on files as well as directories
-55) Include shared library checks for Stratus VOS
-56) Include support for CUPS printer classes and logging the remote
-    client name
-57) Include  "WinXP" (Windows XP) and "Win2K3" (Windows .NET) values
-    for %a
-58) Increase the max PDU size to deal with some troublesome printer
-    drivers and Windows NT 4.0 clients
-59) increment the process counter immediately after the fork
-    (not just when we receive the first smb packet)
-60) Ensure rename sets errno correctly
-61) Unify ACL code (back-port from 3.0)
-62) Fix some further issues around off_t and large offsets
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-2.2.9.html b/whatsnew/samba-2.2.9.html
deleted file mode 100755
index 00f119c..0000000
--- a/whatsnew/samba-2.2.9.html
+++ /dev/null
@@ -1,395 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team announces Samba 2.2.9</H2>
-
-<p>
-<pre>
-
-                 =============================
-                 Release Notes for Samba 2.2.9
-                          May 8, 2004
-                 =============================
-
-This is the latest stable release of the Samba 2.2 code base.
-This is a maintenance release of Samba 2.2.8a to address the
-problem with user password changes after applying the Microsoft
-hotfix described in KB828741 to Windows NT 4.0/200x/XP clients.
-No other changes have been applied since Samba 2.2.8a.
-
-There are no further Samba 2.2.x releases planned at this time.
-
-
-The source code can be downloaded from :
-
-    <a href="/samba/ftp">http://download.samba.org/samba/ftp/</a>
-
-in the file samba-2.2.9.tar.gz.  The uncompressed archive has 
-been signed using the Samba Distribution Key.
-
-As always, all bugs are our responsibility.
-
-                           --Sincerely
-                           The Samba Team
-
-Older releases notes for 2.2.x distributions follow
-
-       ------------------------------------------------------
-
-            ===========================================
-            What's new in Samba 2.2.8a - 7th April 2003
-            ===========================================
-
-             ****************************************
-             * IMPORTANT: Security bugfix for Samba *
-             ****************************************
-
-Summary
--------
-
-Digital Defense, Inc. has alerted the Samba Team to a serious
-vulnerability in all stable versions of Samba currently shipping.
-The Common Vulnerabilities and Exposures (CVE) project has assigned
-the ID CAN-2003-0201 to this defect.
-
-This vulnerability, if exploited correctly, leads to an anonymous
-user gaining root access on a Samba serving system. All versions
-of Samba up to and including Samba 2.2.8 are vulnerable. An active
-exploit of the bug has been reported in the wild. Alpha versions of
-Samba 3.0 and above are *NOT* vulnerable.
-
-
-Credit
-------
-
-The Samba Team would like to thank Erik Parker and the team at
-Digital Defense, Inc. for their efforts spent in the responsible
-and timely reporting of this bug.
-
-
-Patch Availability
-------------------
-
-The Samba 2.2.8a release contains only updates to address this
-security issue. A roll-up patch for release 2.2.7a and 2.0.10
-addressing both CAN-2003-0201 and CAN-2003-0085 can be obtained
-from http://www.samba.org/samba/ftp/patches/security/.
-
-
-            ========================================
-
-
-The release notes for 2.2.8 follow:
-
-            ****************************************
-            * IMPORTANT: Security bugfix for Samba *
-            ****************************************
-
-
-Summary
--------
-
-The SuSE security audit team, in particular <a href="mailto:krahmer@suse.de">Sebastian 
-Krahmer</a>, has found a flaw in the Samba main smbd code which
-could allow an external attacker to remotely and anonymously gain
-Super User (root) privileges on a server running a Samba server.
-
-This flaw exists in previous versions of Samba from 2.0.x to 2.2.7a
-inclusive.  This is a serious problem and all sites should either
-upgrade to Samba 2.2.8 immediately or prohibit access to TCP ports 139
-and 445. Advice created by Andrew Tridgell, the leader of the Samba Team,
-on how to protect an unpatched Samba server is given at the end of this
-section.
-
-The SMB/CIFS protocol implemented by Samba is vulnerable to many
-attacks, even without specific security holes.  The TCP ports 139 and
-the new port 445 (used by Win2k and the Samba 3.0 alpha code in
-particular) should never be exposed to untrusted networks.
-
-Description
------------
-
-A buffer overrun condition exists in the SMB/CIFS packet fragment
-re-assembly code in smbd which would allow an attacker to cause smbd
-to overwrite arbitrary areas of memory in its own process address
-space. This could allow a skilled attacker to inject binary specific
-exploit code into smbd.
-
-This version of Samba adds explicit overrun and overflow checks on
-fragment re-assembly of SMB/CIFS packets to ensure that only valid
-re-assembly is performed by smbd.
-
-In addition, the same checks have been added to the re-assembly
-functions in the client code, making it safe for use in other
-services.
-
-Credit
-------
-
-This security flaw was discovered and reported to the Samba Team by
-Sebastian Krahmer <krahmer@suse.de> of the SuSE Security Audit Team.
-The fix was prepared by Jeremy Allison and reviewed by engineers from
-the Samba Team, SuSE, HP, SGI, Apple, and the Linux vendor engineers
-on the Linux Vendor security mailing list.
-
-The Samba Team would like to thank SuSE and Sebastian Krahmer for
-their excellent auditing work and for drawing attention to this flaw.
-
-Patch Availability
------------------
-
-As this is a security issue, patches for this flaw specific to earlier
-versions of Samba will be posted on the samba-technical@samba.org
-mailing list as requested.
-
-
-************************************
-Protecting an unpatched Samba server
-************************************
-
-  Samba Team, March 2003
-
-  This is a note on how to provide your Samba server some
-  protection against the recently discovered remote security
-  hole if you are unable to upgrade to the fixed version
-  immediately. Even if you do upgrade you might like to think
-  about the suggestions in this note to provide you with
-  additional levels of protection.
-
-
-  Using host based protection
-  ---------------------------
-
-  In many installations of Samba the greatest threat comes for
-  outside your immediate network. By default Samba will accept
-  connections from any host, which means that if you run an
-  insecure version of Samba on a host that is directly
-  connected to the Internet you can be especially vulnerable.
-
-  One of the simplest fixes in this case is to use the 'hosts
-  allow' and 'hosts deny' options in the Samba smb.conf
-  configuration file to only allow access to your server from a
-  specific range of hosts. An example might be:
-
-
-    hosts allow = 127.0.0.1 192.168.2.0/24 192.168.3.0/24
-    hosts deny = 0.0.0.0/0
-
-  The above will only allow SMB connections from 'localhost'
-  (your own computer) and from the two private networks
-  192.168.2 and 192.168.3. All other connections will be
-  refused connections as soon as the client sends its first
-  packet. The refusal will be marked as a 'not listening on
-  called name' error.
-
-
-  Using interface protection
-  --------------------------
-
-  By default Samba will accept connections on any network
-  interface that it finds on your system. That means if you
-  have a ISDN line or a PPP connection to the Internet then
-  Samba will accept connections on those links. This may not be
-  what you want.
-
-  You can change this behavior using options like the
-  following:
-
-    interfaces = eth* lo
-    bind interfaces only = yes
-
-  that tells Samba to only listen for connections on interfaces
-  with a name starting with 'eth' such as eth0, eth1, plus on
-  the loopback interface called 'lo'. The name you will need to
-  use depends on what OS you are using. In the above I used the
-  common name for ethernet adapters on Linux.
-
-  If you use the above and someone tries to make a SMB
-  connection to your host over a PPP interface called 'ppp0',
-  they will get a TCP connection refused reply. In that
-  case no Samba code is run at all as the operating system has
-  been told not to pass connections from that interface to any
-  process.
-
-
-  Using a firewall
-  ----------------
-
-  Many people use a firewall to deny access to services that
-  they don't want exposed outside their network. This can be a
-  very good idea, although I would recommend using it in
-  conjunction with the above methods so that you are protected
-  even if your firewall is not active for some reason.
-
-  If you are setting up a firewall then you need to know what
-  TCP and UDP ports to allow and block. Samba uses the
-  following:
-
-    UDP/137    - used by nmbd
-    UDP/138    - used by nmbd
-    TCP/139    - used by smbd
-    TCP/445    - used by smbd
-
-  The last one is important as many older firewall setups may
-  not be aware of it, given that this port was only added to
-  the protocol in recent years.
-
-
-  Using a IPC$ share deny
-  -----------------------
-
-  If the above methods are not suitable, then you could also
-  place a more specific deny on the IPC$ share that is used in
-  the recently discovered security hole. This allows you to
-  offer access to other shares while denying access to IPC$
-  from potentially untrustworthy hosts.
-
-  To do that you could use:
-
-    [ipc$]
-        hosts allow = 192.168.115.0/24 127.0.0.1
-        hosts deny = 0.0.0.0/0
-
-  this would tell Samba that IPC$ connections are not allowed
-  from anywhere but the two listed places (localhost and a
-  local subnet). Connections to other shares would still be
-  allowed. As the IPC$ share is the only share that is always
-  accessible anonymously this provides some level of protection
-  against attackers that do not know a username/password for
-  your host.
-
-
-  If you use this method then clients will be given a 'access
-  denied' reply when they try to access the IPC$ share. That
-  means that those clients will not be able to browse shares,
-  and may also be unable to access some other resources.
-
-  I don't recommend this method unless you cannot use one of
-  the other methods listed above for some reason.
-
-
-  Upgrading Samba
-  ---------------
-
-  Of course the best solution is to upgrade Samba to a version
-  where the bug has been fixed. If you wish to also use one of
-  the additional measures above then that would certainly be a
-  good idea.
-
-  Please check regularly on http://www.samba.org/ for updates
-  and important announcements.
-
-
-            ****************************************
-            ****************************************
-
------------------------------------------------------------------
-
-Changes since 2.2.7a
---------------------
-
-New Parameters
-
-    * acl compatibility
-
-Additional Changes:
-    See the cvs log for SAMBA_2_2 for more details
-
-1)  smbumount lazy patch from Mandrake
-2)  Check for too many processes *before* the fork.
-3)  make sure we don't run over the end of 'name' in unix_convert()
-4)  set umask to 0 before creating socket directory.
-5)  Fix the LARGE_SMB_OFF_T problems and allow smbd to do the right
-    thing in interactive mode when a log file dir is also specified.
-6)  Fix delete on close semantics to match W2K.
-7)  Correctly return access denied on share mode deny when we can't
-    open the file.
-8)  Always use safe_strcpy not pstrcpy for malloc()'d strings
-9)  Fixes for HP-UX only having limited POSIX lock range
-10) Added uid/gid caching code. Reduces load on winbindd.
-11) Removed extra copy of server name in the printername field (it was
-    mangling the the name to be \\server\\\server\printer
-12) Fix dumb perror used without errno being set.
-13) Do retries correctly if the connection to the DC has failed.
-14) Correctly check for inet_addr fail.
-15) Ensure we use getgrnam() unless BROKEN_GETGRNAM is defined.
-16) Fix for missing if (setting_acls) on default perms.
-17) Fix to cache the sidtype
-18) fix printer settings on Solaris (big-endian) print servers.
-    ASCII -> UNICODE conversion bug.
-19) Small fix check correct error return.
-20) Ensure space_avail is unsigned.
-21) patch to check for a valid [f]chmod_acl function pointer
-    before calling it.  Fixes seg fault in audit VFS module
-22) When checking is_locked() new WRITE locks conflict with existing
-    READ locks even if the context is the same.
-23) Merge off-by-one crash fixes from HEAD
-24) Move off-by-one buggy malloc()/safe_strcpy() combination to
-    strdup() instead.
-25) Merge from HEAD. Use pstrcpy not safe_strcpy.
-26) Fix to allow blocking lock notification to be done rapidly (no wait
-    for smb -> smb lock release). Adds new PENDING_LOCK type to lockdb
-    (does not interfere with existing locks).
-27) Doxygen cleanups for code documentation
-28) limit the unix domain sockets used by winbindd  by adding a
-    "last_access" field to winbindd connections, and will close
-    the oldest idle connection once the number of open connections goes
-    over WINBINDD_MAX_SIMULTANEOUS_CLIENTS (defined in local.h as 200
-    currently)
-29) Fix a couple of string handling errors in smbd/dir.c that would
-    cause smbd to crash
-30) Fix seg fault in smbpasswd when specifying the new password
-    as a command line argument
-31) Correct 64-but file sizes issues with smbtar and smbclient
-32) Add batch mode option to pdbedit
-33) Add protection in nmbd against malformed reply packets
-34) Fix bug with sendfile profiling support in smbstatus output
-35) Correct bug in "hide unreadable" smb.conf parameter that
-    resulted in incorrect directory listings
-36) Fix bug in group enumeration in winbindd
-37) Correct build issues with libsmbclient on Solaris
-38) Fix memory leak and bad pointer dereference in password
-    changing code in smbd
-39) Fix for changing attributes on a file truncate
-40) Ensure smbd process count never gets to -1 if limiting number
-    of processes
-41) Ensure we return disk full by default on short writes
-42) Don't delete jobs submitted after the lpq time
-43) Fix reference count bug where smbds would not terminate
-    with no open resources
-44) Performance fix when using quota support on HP-UX
-45) Fixes for --with-ldapsam
-    * Default to port 389 when "ldap ssl != on"
-    * add support for rebinding to the master directory server
-      for password changes when "ldap server" points to a read-only
-      slave
-46) Add -W and -X command line flags to smbpasswd for extracting and
-    setting the machine/domain SID in secrets.tdb.  See the
-    smbpasswd(8) man page for details.
-47) Added (c) Luke Howard to winbind_nss_solaris.c for coded
-    obtained from PADL's nss_ldap library.
-48) Fix bug in samr_dispinfo query in winbindd
-49) Fix segfault in NTLMSSP password changing code for
-    guest connections
-50) Correct pstring/fstring mismatches
-51) Send level II oplock break requests synchronously to prevent
-    condition where one smbd would continually lock a share entry
-    in locking.tdb
-52) Miscellaneous cleanups for tdb error conditions and appending
-    data in a record
-53) Implement correct open file truncate semantics with DOS
-    attributes
-54) Enforce wide links = no on files as well as directories
-55) Include shared library checks for Stratus VOS
-56) Include support for CUPS printer classes and logging the remote
-    client name
-57) Include  "WinXP" (Windows XP) and "Win2K3" (Windows .NET) values
-    for %a
-58) Increase the max PDU size to deal with some troublesome printer
-    drivers and Windows NT 4.0 clients
-59) increment the process counter immediately after the fork
-    (not just when we receive the first smb packet)
-60) Ensure rename sets errno correctly
-61) Unify ACL code (back-port from 3.0)
-62) Fix some further issues around off_t and large offsets
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-3.0.0-pressrelease.html b/whatsnew/samba-3.0.0-pressrelease.html
deleted file mode 100644
index 097b9b1..0000000
--- a/whatsnew/samba-3.0.0-pressrelease.html
+++ /dev/null
@@ -1,115 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-<P ALIGN=CENTER"><FONT FACE="Times New Roman"><U><B><FONT SIZE=4 STYLE="font-size: 16pt">Samba
-Team Releases Samba 3.0</FONT></B></U></FONT></P>
-<BR>
-<P> September 24th 2003.</P>
-<BR>
-<P><FONT SIZE=4><U>Windows Domain Migration Release</U></FONT></P>
-<P>The Samba Team is proud
-to announce the release of Samba 3.0, a major new release of the
-award-winning Open Source/Free Software file and print server suite
-for Microsoft Windows &reg; clients.</P>
-<P><FONT SIZE=4><U>Replacement of Windows
-NT4 &reg; Domains</U></FONT></P>
-<P>Samba 3.0 contains the first Open
-Source/Free Software implementation of Windows NT Primary and Backup
-Domain Controller functionality. Customers can transparently migrate
-their existing Windows NT domains to Samba 3.0 whilst keeping their
-existing user and group account databases. This enables significant
-cost of ownership savings over a Windows NT4 domain as a Samba 3.0
-Domain Controller does not require client access licenses. Existing
-Windows tools can be used to manage a Samba PDC, allowing customer
-Windows expertise to be leveraged in a domain migration. A choice of
-LDAP back-ends allows integration with an existing customer directory
-service.</P>
-<P><FONT SIZE=4><U>Single Sign-on with
-Active Directory &reg; Integration</U></FONT></P>
-<P>Samba 3.0 seamlessly integrates into a
-Microsoft Active Directory domain in both native and mixed mode.
-Samba 3.0 provides single sign-on for UNIX &reg; / Linux &reg;
-clients in an Active Directory environment, allowing both servers and
-clients to transparently use Active Directory as an authentication
-and account source. Domain trust relationships are fully supported,
-allowing Samba 3.0 Controlled Domains to integrate easily into any
-Active Directory environment.</P>
-<P><FONT SIZE=4><U>Complete Integration
-with Windows Security</U></FONT></P>
-<P>Samba 3.0 fully implements Kerberos 5
-authentication, SMB signing for tamper-proof file serving sessions,
-and SCHANNEL security for secure remote procedure calls. Samba 3.0
-works &quot;out of the box&quot; with the improved security settings
-of Windows 2003 Domain Controllers.</P>
-<P><FONT SIZE=4><U>A Global File and Print
-Server</U></FONT></P>
-<P>As Samba is a global project,
-internationalization support is an important feature. Samba 3.0 now
-implements UNICODE character sets on the wire, allowing clients using
-any character set to connect to a single file server and store names
-in their native character sets.</P>
-<P>David de Leeuw. Head, Medical Computing
-Unit</P>
-<P>Ben Gurion University of the Negev,
-Israel wrote :</P>
-<P><I>&quot;With the release of Samba 3 we
-are able for the first time to store our files on the computer
-servers in any language we want. Filenames in English, Hebrew,
-Arabic, Russian, and scores of other languages, used by our staff and
-students, mix without problems thanks to the great new UNICODE
-support of Samba.&quot;</I></P>
-<P><FONT SIZE=4><U>Scalable Printing</U></FONT></P>
-<P>Samba 3.0 has been tested in production
-supporting thousands of print queues with tens of thousands of
-simultaneous print jobs, providing the most scalable Windows printing
-solution on the market. Samba 3.0 fully supports the Windows
-&quot;point-and-print&quot; driver download feature, allowing Samba
-3.0 to provide a transparent Windows printing experience.</P>
-<P><FONT SIZE=4><U>Comprehensive
-Documentation</U></FONT></P>
-<P>Samba 3.0 ships with the second edition
-of &quot;Using Samba&quot; by Jay Ts, Robert Eckstein, and David
-Collier-Brown (O'Reilly &amp; Associates &reg;). Many thanks to the
-authors and publisher for making &quot;Using Samba&quot; available
-under the GNU Free Documentation License.</P>
-<P>In addition, the Samba HOWTO
-documentation collection has been updated and improved by John H.
-Terpstra, Jelmer R. Vernooij and others. As well being freely
-available in the Samba 3.0 release it will be released in a
-forthcoming book, &quot;The Official Samba-3 HOWTO and Reference
-Guide&quot;, to be published by Prentice Hall &reg;.</P>
-<P><FONT SIZE=4><U>Award Winning
-Linux/UNIX and Windows Integration</U></FONT></P>
-<P>Samba has won many awards for providing
-Windows and Linux/UNIX connectivity. Last year, Samba was awarded the
-Innovation in Infrastructure prize in the &quot;Enterprise Software&quot;
-category by eWeek and PC Magazine, beating out such competitors as
-the Java 2 Platform.</P>
-<P>David A. Licosati, Vice President,
-InoStor Corporation said :</P>
-<P><I>&quot;Samba 3.0 goes beyond
-expectations.  The team's work allows us to penetrate markets and
-open up new areas of deployments heretofore unobtainable.&quot;</I></P>
-<P><FONT SIZE=4><U>Samba is the leading
-choice for Windows connectivity</U></FONT></P>
-<P>Samba 3.0 is fully portable, POSIX
-compliant software that runs on a variety of UNIX and UNIX-like
-systems including AIX &reg;, DG/UX &reg;, FreeBSD, HPUX&reg;, IRIX &reg;,
-Linux &reg;, Mac OS X &reg; and Solaris &reg;. Samba is shipped as
-standard on all versions of Linux, and most of the major vendors
-versions of UNIX as a fully supported part of the operating system.</P>
-<P><FONT SIZE=4><U>Getting Samba 3.0</U></FONT></P>
-<P>Samba 3.0 is available now from the
-Samba Web site and all worldwide mirrors.</P>
-<P>www.samba.org</P>
-<P><FONT SIZE=4><U>About the Samba Team</U></FONT></P>
-<P>The Samba Team is a worldwide group of
-computer professionals working together via the Internet to produce
-the highest quality Open Source/Free Software Windows (SMB/CIFS)
-server software.</P>
-<BR>
-<BR>
-<P><FONT SIZE=4 STYLE="font-size: 16pt">Samba
-- <I>&quot;Opening Windows to a Wider World&quot;</I></FONT></P>
-
-<!--#include virtual="/samba/footer.html" -->
-
diff --git a/whatsnew/samba-3.0.0.html b/whatsnew/samba-3.0.0.html
deleted file mode 100755
index 0faf419..0000000
--- a/whatsnew/samba-3.0.0.html
+++ /dev/null
@@ -1,1110 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team announces the first official release of Samba 3.0</H2>
-
-<p>
-<pre>
-The Samba Team is proud to announce the availability of the
-first official, stable release of the Samba 3.0.0 code base. 
-
-The source code can be downloaded from :
-
-    <a href="http://download.samba.org/samba/ftp/">http://download.samba.org/samba/ftp/</a>
-
-The uncompressed tarball and patch file have been signed
-using GnuPG.  The Samba public key is available at
-
-    <a href="http://download.samba.org/samba/ftp/samba-pubkey.asc">http://download.samba.org/samba/ftp/samba-pubkey.asc</a>
-
-Binary packages are available at
-
-    <a href="http://download.samba.org/samba/ftp/Binary_Packages/">http://download.samba.org/samba/ftp/Binary_Packages/</a>
-
-A simplified version of the CVS log of updates since 3.0.0rc4
-can be found in the the download directory under the name
-ChangeLog-3.0.0rc4-3.0.0.
-
-Please file any bugs you find in this release at
-
-    <a href="https://bugzilla.samba.org/">https://bugzilla.samba.org/</a>
-
-As always, all bugs are our responsibility.
-
-                                  --Enjoy
-                                  The Samba Team
-
-
-#######################################################################
-                    WHATS NEW IN Samba 3.0.0
-                        September 24, 2003
-                  ==============================
-
-This is the first official release of Samba 3.0.0 code base.  Work
-on the SAMBA_3_0 CVS branch continues.  Please refer to the section 
-on "Known Issues" for more details.
-
-
-Major new features:
--------------------
-
-1)  Active Directory support.  Samba 3.0 is now able to  
-    join a ADS realm as a member server and authenticate 
-    users using LDAP/Kerberos.
-
-2)  Unicode support. Samba will now negotiate UNICODE on the wire 
-    and internally there is now a much better infrastructure for 
-    multi-byte and UNICODE character sets.
-
-3)  New authentication system. The internal authentication system 
-    has been almost completely rewritten. Most of the changes are 
-    internal, but the new auth system is also very configurable.
-
-4)  New default filename mangling system.
-
-5)  A new "net" command has been added. It is somewhat similar to 
-    the "net" command in windows. Eventually we plan to replace 
-    numerous other utilities (such as smbpasswd) with subcommands 
-    in "net".
-
-6)  Samba now negotiates NT-style status32 codes on the wire. This
-    improves error handling a lot.
-
-7)  Better Windows 2000/XP/2003 printing support including publishing
-    printer attributes in active directory.
-
-8)  New loadable module support for passdb backends and character 
-    sets.
-
-9)  New default dual-daemon winbindd support for better performance.
-
-10) Support for migrating from a Windows NT 4.0 domain to a Samba 
-    domain and maintaining user, group and domain SIDs.
-
-11) Support for establishing trust relationships with Windows NT 4.0
-    domain controllers.
-  
-12) Initial support for a distributed Winbind architecture using
-    an LDAP directory for storing SID to uid/gid mappings.
-  
-13) Major updates to the Samba documentation tree.
-
-14) Full support for client and server SMB signing to ensure
-    compatibility with default Windows 2003 security settings.
-
-15) Improvement of ACL mapping features based on code donated by
-    Andreas Grünbacher.
-
-
-Plus lots of other improvements!
-
-
-Additional Documentation
-------------------------
-
-Please refer to Samba documentation tree (included in the docs/ 
-subdirectory) for extensive explanations of installing, configuring
-and maintaining Samba 3.0 servers and clients.  It is advised to 
-begin with the Samba-HOWTO-Collection for overviews and specific 
-tasks (the current book is up to approximately 400 pages) and to 
-refer to the various man pages for information on individual options.
-
-We are very glad to be able to include the second edition of
-"Using Samba" by Jay Ts, Robert Eckstein, and David Collier-Brown
-(O'Reilly & Associates) in this release.  The book is available
-on-line at http://samba.org/samba/docs/ and is included with 
-the Samba Web Administration Tool (SWAT).  Thanks to the authors and
-publisher for making "Using Samba" under the GNU Free Documentation 
-License.
-
-
-######################################################################
-Changes since 3.0rc4
-####################
-
-Please refer to the CVS log for the SAMBA_3_0 branch for complete 
-details:
-
-1)  Fix bug that prevented filenames of length >100 characters
-    from being restored using smbclient's tar functionality.
-2)  Fix bug that prevented fast path code in strchr_m()
-    from being used.
-3)  Make sure we store the desired access flag on incoming 
-    SAMR rpc calls.
-4)  Fix smbd crash when dealing with mangled file names.
-5)  Ensure that the group comment field is not overwritten
-    if it already exists.
-6)  Fix bug that prevented 'net rpc join' from working
-    with mixed mode AD domains (bug 442).
-7)  Fix crash in smbd when a Samba PDC is not able to 
-    enumerate trusted domains (bug 450).
-8)  Fix crash bug found by the Samba4 testsuite.
-9)  Fix bug that prevented smbd from returning an ACL list
-    if one of the SIDs could not be resolved (bug 470).
-10) Remove -P option from smbclient printing scripts since it
-    has a different meaning in Samba 3.0 (bug 473).
-11) Sync smbldap-tools with latest version from idealx cvs tree.
-12) Cleanup some warnings produced by the Sun C compiler.
-13) Several fixes for SWAT relating to international character 
-    sets.
-
-
-Changes since 3.0rc3
-####################
-
-1)  Fix incorrect error message in testparm.c regarding 'map system'.
-2)  Protect against core dump if ioctl for print job sends invalid 
-    fid.
-3)  Fix bug in generic hash cacluation.
-4)  Remove references to unused 'strip dot' parameter
-5)  Fix CPU burn bug in multi-byte character conversion.
-6)  Use opt_target_workgroup instead of lp_workgroup() in vampire 
-    code so we can override the value in smb.conf with the -w option.
-7)  Display an error if we can't create a posix account for the 
-    user when running 'net rpc vampire' (bug 323).
-8)  Fix UTF8 conversion bugs in LDAP passdb and idmap code (bug 296).
-9)  Fix smbd crash when changing the machine trust account password 
-    (bug 273).
-10) Remove getpwnam() calls from init_sam_from_xxx().  This means 
-    that %u & %g will no longer expand in the "login ..." set of 
-    smb.conf options, but %U and %G still do. The payback is that 
-    winbindd local accounts for users work with 'wbinfo -u' 
-    when winbind is running on a Samba PDC.
-11) Fix unitiailized timestamp where merging print_jobs and 
-    lpq listing.
-12) Fix bug in debian packaging files affecting non-i386 platforms.
-
-
-Changes since 3.0rc2
-####################
-
-1)  Remove Perl module dependencies in generated RedHat 8/9 RPMS.
-2)  Update mount helper to take synonyms for file_mode and 
-    dir_mode (fmask and dmask).
-3)  Fix portability bug with log2pcaphex.
-4)  Use different algorithm to generate codepages source code which 
-    allows to take gaps into account thus making unnecessary 
-    extended [index] = value, syntax in to_ucs2 array (bug 380).
-5)  Fix comment strings to 43 bytes as per spec.
-6)  Fix pam_winbind compile bug on FreeBSD (bug 261).
-7)  Support for in-memory keytabs, which are needed to make heimdal 
-    work properly.  MIT does not support them, so this check will be 
-    used to decide whether to use them.  (partial fix for bug 372).
-8)  Disable RC4-HMAC on broken heimdal setups.  (remainder of bug 
-    372).
-9)  Correct bug in smbclient that resulted in errors when untarring
-    long filenames (bug 308).
-10) Improve autoconf checks for PAM header files and libs.
-11) Added fast path to convert_string() when dealing with 
-    ASCII->ASCII, UCS2-LE->ASCII, and ASCII->UCS2-LE with 
-    values <= 0x7F. 
-12) Quiet debug messages when we don't find a module and it is not
-    a critical error (bug 375).
-13) Fix UNIX passwd sync properly.
-14) Fix more transitive trust issues in winbindd (bug 305).
-15) Ensure that winbindd functions with 'disable netbios = yes'
-16) Store the real short domain name in secrets.tdb as soon as we
-    know it.  Also display an error message when joining an AD
-    domain and the 'workgroup' parameter has not been specified.
-17) Return 0 DFS links instead of -1 when dfs support is not enabled.
-18) Update LDAP schema for Netscape DS 4.x and Novell eDirectory 8.7
-19) Ensure that name types can be specified using name#type notation
-    in the 'net' command (bug 73).
-20) Add retry looks to ADS sequence number and domain SID lookups 
-    (bug 364).
-21) use a variant of alloc_sub_basic() for string lists such as 
-    'valid users', 'write list', and 'read list' (bug 397).
-22) Fix seg fault when winbindd receives an error from the AD server
-    in response to an LDAP search (bug 282).
-23) Update findsmb to use the new syntax for smbclient and nmblookup.
-24) Fix bug that prevented variables from being used in explicitly 
-    defined path in [homes].
-25) Only set SIDs when they're returned by the MySQL query 
-    (pdb_mysql.so).
-26) Include support for NTLMv2 key exchange.
-27) Revert default for 'client ntlmv2 auth' to off (bug 359).
-28) Fix crash in winbindd when the trust account password gets 
-    changed underneath us via 'net rpc changetrustpw' (bug 382).
-29) Use djb-algorithm string hash - faster than the tdb one we 
-    used to use.  Does not change on disk format or hashing location.
-30) Implements some kind of improved AFS support for Samba on
-    Linux with OpenAFS 1.2.10. './configure --with-fake-kaserver'
-    assumes that you have OpenAFS on your machine.
-31) When enumerating dfs shares loop from 0 to lp_numservices() instead 
-    of relying on lp_servicename(n) to return an empty string for 
-    invalid service numbers (bug 403).
-32) Fix crash bug in 'net rpc samdump' (bug 334).
-33) Fix crash bug in WINS NSS module (bug 299).
-34) Fix a few minor compile errors on HP-UX.
-
-
-
-Changes since 3.0rc1
-####################
-
-1)  Add levels 261 and 262 to search. Found using Samba4 tester.
-2)  Correct bad error return code in session setup reply
-3)  Fix bug where smbd returned DOS error codes from SMBsearch
-    even when NT1 protocol was negotiated.
-4)  Implement SMBexit properly.
-5)  Return group lists from a Samba PDC to a Windows 9x/ME box
-    in implementing user level access control (bug 314).
-6)  Prevent SWAT from crashing when adding shares (bug 254)
-7)  Fix various documentation issues (bugs 304 & 214)
-8)  Fix wins server listing in SWAT (bug 197)
-9)  Fix problem in rpcclient that caused enumerating printer 
-    drivers to report failure (bug 294).
-10) Use kerberos 5 authentication in our client code whenever possible
-11) Fix schannel bug that caused Active Directory DC's to downgrade our
-    machine account to an NT member.
-12) Implement missing SAMR_REMOVE_USER_FOREIGN_DOMAIN call (bug 252).
-13) Implement automatic generation of include/version.h
-14) Include initial version of smbldap-tool scripts for the Samba 
-    3.0 schema.
-15) Implement numerous fixes for multi-byte character strings.
-16) Enable 'unix extensions' parameter by default.
-17) Make sure we set the SID type when falling back to the rid 
-    algorithm (bug 245).
-18) Correct linking problems with pam_smbpass (bug 327).
-19) Add SYSV defines for Irix and Solaris to ensure the 'printing'
-    parameter default to the correct value (bug 230)
-20) Fix recursion bug in alloc_string_sub() (bug 289, et. al.)
-21) Ensure that 'make install' includes the static and shared 
-    versions of the libsmbclient libraries.
-22) Add CP850 and CP437 internal character set support (bug 150).
-23) Add support to examples/LDAP/convertSambaAccount for generating
-    LDIF modify files instead of just add (303).
-24) Fix support for -W option in smbclient (bug 39)
-25) Remove 'ldap trust ids' parameter since it could not be supported
-    by the current architecture.
-26) Don't crash when no argument is given to -T in smbclient (bug 345).
-27) Ensure smbadduser contains the same paths for the smbpasswd file 
-    as the other Samba tools (bug 290).
-28) Port of 'available = no' fix for [homes] from SAMBA_2_2 cvs tree.
-29) Add sanity checks to DeletePrinterData[Ex]() and ensure that the
-    modified printer is written to disk.
-30) Force winbindd to periodically update the trusted domain cache.
-31) Remove outdated import/export script to convert an smbpasswd file
-    to and from and LDAP directory.  Use the pdbedit tool instead.
-32) Ensure that %U substitution is restored on next valid packet
-    if a logon fails.
-
-
-Changes since 3.0beta3
-######################
-
-1)  Various memory leak fixes.
-2)  Provide full support for SMB signing (server and client)
-3)  Check for broken getgrouplist() in glibc.
-4)  Don't get stuck in an infinite loop listing directories 
-    recursively if the server returns an empty directory name
-    (bug 222).
-5)  Idle LDAP connections after 150 seconds.
-6)  Patched make uninstallmodules (bug 236).
-7)  Fix bug that caused smbd to return incomplete directory listings
-    when UNIX files contained MS wildcard characters.
-8)  Quiet default debug messages in command line tools.
-9)  Fixes to avoid panics on invalid multi-byte strings.
-10) Fix error messages when creating a new smbpasswd file (bug 198).
-11) Implemented better detection routines in autoconf scripts for 
-    locating ads support on the host OS.
-12) Fix bug that caused libraries in /usr/local/lib to be ignored 
-    (bug 174).
-13) Ensure winbindd_ads uses the correct realm or domain name when 
-    connecting to trusted DC.
-14) Ensure a correct prototype is created for snprintf() (bug 187)
-15) Stop files being created on read-only shares in some circumstances.
-16) Fix wbinfo -p (bug 251)
-17) Support schannel on any tcp/ip connection if necessary
-18) Correct bug in user_in_list() so that it works with winbind groups 
-    again.
-19) Ensure the schannel bind credentials default to the domain 
-    of the destination host.
-20) Default password expiration time in account_pol.tdb to never 
-    expire.  Remove any existing account_pol.tdb file to reset
-    the new default policy (bug 184). 
-21) Add buttons to SWAT to change the view of smb.conf (bug 212)
-22) Fix incorrect checks that determine whether or not the 'add user 
-    script' has been set.
-23) More cleanup for internal character set conversions.
-24) Fixes for multi-byte strings in stat cache code.
-25) Ensure that the net command honors the 'workgroup' parameter 
-    in smb.conf when not overridden from the command line.
-26) Add gss-spnego support to the ntlm_auth tool.
-27) Add vfs_default_quota VFS module.
-28) Added server support for NT quota interfaces.
-29) Prevent Krb5 replay attacks by adding a replay_cache.
-30) Fix problems with winbindd and transitive trusts in AD domains.
-31) Added -S to client tools for setting SMB signing options on the 
-    command line.
-32) Fix bug causing the 'passwd change program' to be called as the 
-    connected user and not root.
-33) Fixed data corruption bug in byte-range locking (e.g. affected MS Excel).
-34) Support winbindd on FreeBSD is possible.
-35) Look at only the first OID in the security blob sent in the session 
-    setup request to determine the token type.
-36) Only push locks onto a blocking lock queue if the posix lock failed with 
-    EACCES or EAGAIN (this means another lock conflicts). Else return an 
-    error and don't queue the request.
-37) Fix command line argument processing for smbtar.
-38) Correct issue that caused smbd to return generic unix_user.<uid> 
-    for lookupsid().
-39) Default to algorithmic mapping when generating a rid for a group
-    mapping.
-40) Expand %g and %G in logon script, profile path, etc... during
-    a domain logon (bug 208).
-41) Make sure smbclient obeys '-s <config>'
-42) Added win2k3 shadow copy operations to VFS interface.
-43) Allow connections to samba domain member as SERVER\user (don't
-    always default to DOMAIN\user).
-44) Remove checks in winbindd that caused it to attempt to use 
-    non-transitive trust relationships.
-45) Remove delays in winbindd caused by invalid DNS lookups.
-46) Fix supplementary group memberships on systems with slightly 
-    broken NSS implementations (bug 267).
-47) Correct issue that prevented smbclient from viewing shares on 
-    a win2k server when using a non-anonymous connection (bug 284).
-48) Add --domain=DOMAIN_NAME to wbinfo for limiting operations like 
-    'wbinfo -u' to a single domain.  The '.' character represents 
-    our domain.
-49) Fix group enumeration bug when using an LDAP directory for 
-    storing group mappings.
-50) Default to use NTLMv2 if available.  Fallback to not use LM/NTLM
-    when the extended security capability bit is not set.
-51) Fix crash in 'wbinfo -a' when using extended characters in the 
-    username (bug 269).
-52) Fix multi-byte strupper() panics (bug 205).
-53) Add vfs_readonly VFS module.
-54) Make sure to initialize the sambaNextUserRid and sambaNextGroupRid
-    attributes when using 'idmap backend = ldap' (bug 280).
-55) Make sure that users shared between a Samba PDC and member 
-    samba server are seen as domain users and not local users on the 
-    domain member.
-56) Fix Query FS Info level 2.
-57) Allow enumeration of users and groups by win9x "file server" (bug 
-    286).
-58) Create symlinks during install for modules that support mutliple
-    functions (bug 91).
-59) More iconv detection fixes.
-60) Fix path length error in vfs_recycle module (bug 291).
-61) Added server support for the LSA_DS UUID on the \lsarpc pipe.
-    (server DsRoleGetPrimaryDomainInfo() is currently disabled).
-62) Fix SMBseek and get/set position calls.
-62) Fix SetFileInfo level 1.
-63) Added tool to convert smbd log file to a pcap file (log2pcaphex).
-
-
-
-Changes since 3.0beta2
-######################
-
-1)  Added fix for Japanese case names in statcache code; 
-    these can change size on upper casing.
-2)  Correct issues with iconv detection in configure script
-    (support needed to find iconv libraries on FreeBSD).
-3)  Fix bug that caused a WINS server to be marked as dead
-    incorrectly (bug #190).
-4)  Removing additional deadlocks conditions that prevented 
-    winbindd from running on a Samba PDC (used for trust 
-    relationships).
-5)  Add support for searching for Active Directory for 
-    published printers (net ads printer search).
-6)  Separate UNIX username from DOMAIN\username in pipe 
-    credentials.
-7)  Auth modules now support returning NT_STATUS_NOT_IMPLEMENTED
-    for cases that they cannot handle.
-8)  Flush winbindd connection cache when the machine trust account
-    password is changed while a connection is open (bug #200).
-9)  Add support for 'OSVersion' server printer data string
-    (corrects problem with uploading printer drivers from 
-    WinXP clients).
-10) Numerous memory leak fixes.
-11) LDAP fixes ("passdb backend = ldapsam" & "idmap backend = ldap"):
-    - Store domain SID in LDAP directory.
-    - store idmap information in existing entries (use sambaSID=... 
-      if adding a new entry).
-12) Fix incorrect usage of primary group SID when looking up user 
-    groups (bug #109).
-13) Remove idmap_XX_to_XX calls from smbd.  Move back to the the
-    winbind_XXX and local_XXX calls used in 2.2.
-14) All uid/gid allocation must involve winbindd now (we do not 
-    attempt to map unknown SIDs to a UNIX identify).
-15) Add 'winbind trusted domains only' parameter to force a domain
-    member.  The server to use matching users names from /etc/passwd 
-    for its domain   (needed for domain member of a Samba domain).
-16) Rename 'idmap only' to 'enable rid algorithm' for better clarity 
-    (defaults to "yes").
-17) Add support for multi-byte statcache code (bug #185)
-18) Fix open mode race condition.
-19) Implement winbindd local account management functions.  Refer to
-    the "Winbind Changes" section for details.
-20) Move RID allocation functions into idmap backend.
-21) Fix parsing error that prevented publishing printers from a 
-    Samba server in an AD domain.
-22) Revive NTLMSSP support for named pipes.
-23) More SCHANNEL fixes.
-24) Correct SMB signing with NTLMSSP.
-25) Fix coherency bug in print handle/printer object caching code
-    that could cause XP clients to infinitely loop while updating 
-    their local printer cache.
-26) Make winbindd use its dual-daemon mode by default (use -Y to 
-    start as a single process).
-27) Add support to nmbd and winbindd for 'smbcontrol <pid> 
-    reload-config'.
-28) Correct problem with smbtar when dealing with files > 8Gb 
-    (bug #102).
-
-
-
-Changes since 3.0beta1
-######################
-
-1)  Rework our smb signing code again, this factors out some of 
-    the common MAC calculation code, and now supports multiple 
-    outstanding packets (bug #40).
-2)  Enforce 'client plaintext auth', 'client lanman auth' and 'client
-    ntlmv2 auth'.
-3)  Correct timestamp problem on 64-bit machines (bug #140).
-4)  Add extra debugging statements to winbindd for tracking down
-    failures.
-5)  Fix bug when aliased 'winbind uid/gid' parameters are used.
-    ('winbind uid/gid' are now replaced with 'idmap uid/gid').
-6)  Added an auth flag that indicates if we should be allowed 
-    to fall back to NTLMSSP for SASL if krb5 fails.
-7)  Fixed the bug that forced us not to use the winbindd cache when 
-    we have a primary ADS domain and a secondary (trusted) NT4 
-    domain. 
-8)  Use lp_realm() to find the default realm for 'net ads password'.
-9)  Removed editreg from standard build until it is portable..
-10) Fix domain membership for servers not running winbindd.
-11) Correct race condition in determining the high water mark
-    in the idmap backend (bug #181).
-12) Set the user's primary unix group from usrmgr.exe (partial 
-    fix for bug #45).
-13) Show comments when doing 'net group -l' (bug #3).
-14) Add trivial extension to 'net' to dump current local idmap
-    and restore mappings as well.
-15) Modify 'net rpc vampire' to add new and existing users to
-    both the idmap and the SAM.  This code needs further testing.
-16) Fix crash bug in ADS searches.
-17) Build libnss_wins.so as part of nsswitch target (bug #160).
-18) Make net rpc vampire return an error if the sam sync RPC 
-    returns an error.
-19) Fail to join an NT 4 domain as a BDC if a workstation account
-    using our name exists.
-20) Fix various memory leaks in server and client code
-21) Remove the short option to --set-auth-user for wbinfo (-A) to 
-    prevent confusion with the -a option (bug #158).
-22) Added new 'map acl inherit' parameter.
-23) Removed unused 'privileges' code from group mapping database.
-24) Don't segfault on empty passdb backend list (bug #136).
-25) Fixed acl sorting algorithm for Windows 2000 clients.
-26) Replace universal group cache with netsamlogon_cache 
-    from APPLIANCE_HEAD branch.
-27) Fix autoconf detection issues surrounding --with-ads=yes
-    but no Krb5 header files installed (bug #152).
-28) Add LDAP lookup for domain sequence number in case we are 
-    joined using NT4 protocols to a native mode AD domain.
-29) Fix backend method selection for trusted NT 4 (or 2k 
-    mixed mode) domains. 
-30) Fixed bug that caused us to enumerate domain local groups
-    from native mode AD domains other than our own.
-31) Correct group enumeration for viewing in the Windows 
-    security tab (bug #110).
-32) Consolidate the DC location code.
-33) Moved 'ads server' functionality into 'password server' for
-    backwards compatibility.
-34) Fix winbindd_idmap tdb upgrades from a 2.2 installation.
-    ( if you installed beta1, be sure to 
-      'mv idmap.tdb winbindd_idmap.tdb' ).
-35) Fix pdb_ldap segfaults, and wrong default values for 
-    ldapsam_compat.
-36) Enable negative connection cache for winbindd's ADS backend 
-    functions.
-37) Enable address caching for active directory DC's so we don't 
-    have to hit DNS so much.
-38) Fix bug in idmap code that caused mapping to randomly be 
-    redefined.
-39) Add tdb locking code to prevent race condition when adding a 
-    new mapping to idmap.
-40) Fix 'map to guest = bad user' when acting as a PDC supporting 
-    trust relationships.
-41) Prevent deadlock issues when running winbindd on a Samba PDC 
-    to handle allocating uids & gids for trusted users and groups
-42) added LOCALE patch from Steve Langasek (bug #122).
-43) Add the 'guest' passdb backend automatically to the end of 
-    the 'passdb backend' list if 'guest account' has a valid 
-    username.
-44) Remove samstrict_dc auth method.  Rework 'samstrict' to only 
-    handle our local names (or domain name if we are a PDC).  
-    Move existing permissive 'sam' method to 'sam_ignoredomain' 
-    and make 'samstrict' the new default 'sam' auth method.
-45) Match Windows NT4/2k behavior when authenticating a user with
-    and unknown domain (default to our domain if we are a DC or 
-    domain member; default to our local name if we are a 
-    standalone server).
-46) Fix Get_Pwnam() to always fall back to lookup 'user' if the 
-    'DOMAIN\user' lookup fails.  This matches 2.2. behavior.
-47) Fix the trustdom_cache code to update the list of trusted 
-    domains when operating as a domain member and not using 
-    winbindd.
-48) Remove 'nisplussam' passdb backend since it has suffered for 
-    too long without a maintainer.
-    
-
-
-
-######################################################################
-Upgrading from a previous Samba 3.0 beta
-########################################
-
-Beginning with Samba 3.0.0beta3, the RID allocation functions
-have been moved into winbindd.  Previously these were handled
-by each passdb backend.  This means that winbindd must be running
-to automatically allocate RIDs for users and/or groups.  Otherwise,
-smbd will use the 2.2 algorithm for generating new RIDs.
-
-If you are using 'passdb backend = tdbsam' with a previous Samba 
-3.0 beta release (or possibly alpha), it may be necessary to 
-move the RID_COUNTER entry from /usr/local/samba/private/passdb.tdb
-to winbindd_idmap.tdb.  To do this:
-
-1)  Ensure that winbindd_idmap.tdb exists (launch winbindd at least 
-    once)
-2)  build tdbtool by executing 'make tdbtool' in the source/tdb/ 
-    directory
-3)  run: (note that 'tdb>' is the tool's prompt for input)
-
-       root# ./tdbtool /usr/local/samba/private/passdb.tdb
-       tdb> show RID_COUNTER
-       key 12 bytes
-       RID_COUNTER
-       data 4 bytes
-       [000] 0A 52 00 00                                       .R.
-
-       tdb> move RID_COUNTER /usr/local/samba/var/locks/winbindd_idmap.tdb
-       ....
-       record moved
-
-If you are using 'passdb backend = ldapsam', it will be necessary to 
-store idmap entries in the LDAP directory as well (i.e. idmap backend 
-= ldap).  Refer to the 'net idmap' command for more information on 
-migrating SID<->UNIX id mappings from one backend to another.
-
-If the RID_COUNTER record does not exist, then these instructions are
-unneccessary and the new RID_COUNTER record will be correctly generated
-if needed.  
-
-
-
-########################
-Upgrading from Samba 2.2
-########################
-
-This section is provided to help administrators understand the details
-involved with upgrading a Samba 2.2 server to Samba 3.0.
-
-
-Building
---------
-
-Many of the options to the GNU autoconf script have been modified 
-in the 3.0 release.  The most noticeable are:
-
-  * removal of --with-tdbsam (is now included by default; see section
-    on passdb backends and authentication for more details)
-    
-  * --with-ldapsam is now on used to provided backward compatible
-    parameters for LDAP enabled Samba 2.2 servers.  Refer to the passdb 
-    backend and authentication section for more details
-  
-  * inclusion of non-standard passdb modules may be enabled using
-    --with-expsam.  This includes an XML backend and a mysql backend.
-      
-  * removal of --with-msdfs (is now enabled by default)
-  
-  * removal of --with-ssl (no longer supported)
-  
-  * --with-utmp now defaults to 'yes' on supported systems
-  
-  * --with-sendfile-support is now enabled by default on supported 
-    systems
-  
-    
-Parameters
-----------
-
-This section contains a brief listing of changes to smb.conf options
-in the 3.0.0 release.  Please refer to the smb.conf(5) man page for
-complete descriptions of new or modified parameters.
-
-Removed Parameters (order alphabetically):
-
-  * admin log
-  * alternate permissions
-  * character set
-  * client codepage
-  * code page directory
-  * coding system
-  * domain admin group
-  * domain guest group
-  * force unknown acl user
-  * nt smb support
-  * postscript
-  * printer driver
-  * printer driver file
-  * printer driver location
-  * status
-  * strip dot
-  * total print jobs
-  * use rhosts
-  * valid chars
-  * vfs options
-
-New Parameters (new parameters have been grouped by function):
-
-  Remote management
-  -----------------
-  * abort shutdown script
-  * shutdown script
-
-  User and Group Account Management
-  ---------------------------------
-  * add group script
-  * add machine script
-  * add user to group script
-  * algorithmic rid base
-  * delete group script
-  * delete user from group script
-  * passdb backend
-  * set primary group script
-
-  Authentication
-  --------------
-  * auth methods
-  * realm
-
-  Protocol Options
-  ----------------
-  * client lanman auth
-  * client NTLMv2 auth
-  * client schannel
-  * client signing
-  * client use spnego
-  * disable netbios
-  * ntlm auth
-  * paranoid server security
-  * server schannel
-  * server signing
-  * smb ports
-  * use spnego
-
-  File Service
-  ------------
-  * get quota command
-  * hide special files
-  * hide unwriteable files
-  * hostname lookups
-  * kernel change notify
-  * mangle prefix
-  * map acl inherit
-  * msdfs proxy
-  * set quota command
-  * use sendfile
-  * vfs objects
-  
-  Printing
-  --------
-  * max reported print jobs
-
-  UNICODE and Character Sets
-  --------------------------
-  * display charset
-  * dos charset
-  * unicode
-  * unix charset
-  
-  SID to uid/gid Mappings
-  -----------------------
-  * idmap backend
-  * idmap gid
-  * idmap uid
-  * winbind enable local accounts
-  * winbind trusted domains only
-  * template primary group
-  * enable rid algorithm
-
-  LDAP
-  ----
-  * ldap delete dn
-  * ldap group suffix
-  * ldap idmap suffix
-  * ldap machine suffix
-  * ldap passwd sync
-  * ldap user suffix
-  
-  General Configuration
-  ---------------------
-  * preload modules
-  * private dir
-
-Modified Parameters (changes in behavior):
-
-  * encrypt passwords (enabled by default)
-  * mangling method (set to 'hash2' by default)
-  * passwd chat
-  * passwd program
-  * restrict anonymous (integer value)
-  * security (new 'ads' value)
-  * strict locking (enabled by default)
-  * unix extensions (enabled by default)
-  * winbind cache time (increased to 5 minutes)
-  * winbind uid (deprecated in favor of 'idmap uid')
-  * winbind gid (deprecated in favor of 'idmap gid')
-
-
-Databases
----------
-
-This section contains brief descriptions of any new databases 
-introduced in Samba 3.0.  Please remember to backup your existing 
-${lock directory}/*tdb before upgrading to Samba 3.0.  Samba will 
-upgrade databases as they are opened (if necessary), but downgrading 
-from 3.0 to 2.2 is an unsupported path.
-
-Name                    Description                             Backup?
-----                    -----------                             -------
-account_policy          User policy settings                    yes
-gencache                Generic caching db                      no
-group_mapping           Mapping table from Windows              yes
-                        groups/SID to unix groups        
-winbindd_idmap          ID map table from SIDS to UNIX          yes
-                        uids/gids.
-namecache               Name resolution cache entries           no
-netsamlogon_cache       Cache of NET_USER_INFO_3 structure      no
-                        returned as part of a successful
-                        net_sam_logon request 
-printing/*.tdb          Cached output from 'lpq                 no
-                        command' created on a per print 
-                        service basis
-registry                Read-only samba registry skeleton       no
-                        that provides support for exporting
-                        various db tables via the winreg RPCs
-
-
-Changes in Behavior
--------------------
-
-The following issues are known changes in behavior between Samba 2.2 and 
-Samba 3.0 that may affect certain installations of Samba.
-
-  1)  When operating as a member of a Windows domain, Samba 2.2 would 
-      map any users authenticated by the remote DC to the 'guest account'
-      if a uid could not be obtained via the getpwnam() call.  Samba 3.0
-      rejects the connection as NT_STATUS_LOGON_FAILURE.  There is no 
-      current work around to re-establish the 2.2 behavior.
-      
-  2)  When adding machines to a Samba 2.2 controlled domain, the 
-      'add user script' was used to create the UNIX identity of the 
-      machine trust account.  Samba 3.0 introduces a new 'add machine 
-      script' that must be specified for this purpose.  Samba 3.0 will
-      not fall back to using the 'add user script' in the absence of 
-      an 'add machine script'
-  
-
-######################################################################
-Passdb Backends and Authentication
-##################################
-
-There have been a few new changes that Samba administrators should be
-aware of when moving to Samba 3.0.
-
-  1) encrypted passwords have been enabled by default in order to 
-     inter-operate better with out-of-the-box Windows client 
-     installations.  This does mean that either (a) a samba account
-     must be created for each user, or (b) 'encrypt passwords = no'
-     must be explicitly defined in smb.conf.
-    
-  2) Inclusion of new 'security = ads' option for integration 
-     with an Active Directory domain using the native Windows
-     Kerberos 5 and LDAP protocols.
-
-     MIT kerberos 1.3.1 supports the ARCFOUR-HMAC-MD5 encryption 
-     type which is neccessary for servers on which the 
-     administrator password has not been changed, or kerberos-enabled 
-     SMB connections to servers that require Kerberos SMB signing.
-     Besides this one difference, either MIT or Heimdal Kerberos
-     distributions are usable by Samba 3.0.
-     
-
-Samba 3.0 also includes the possibility of setting up chains
-of authentication methods (auth methods) and account storage 
-backends (passdb backend).  Please refer to the smb.conf(5) 
-man page for details.  While both parameters assume sane default 
-values, it is likely that you will need to understand what the 
-values actually mean in order to ensure Samba operates correctly.
-
-The recommended passdb backends at this time are
-
-  * smbpasswd - 2.2 compatible flat file format
-  * tdbsam - attribute rich database intended as an smbpasswd
-    replacement for stand alone servers
-  * ldapsam - attribute rich account storage and retrieval 
-    backend utilizing an LDAP directory.  
-  * ldapsam_compat - a 2.2 backward compatible LDAP account 
-    backend
-    
-Certain functions of the smbpasswd(8) tool have been split between the 
-new smbpasswd(8) utility, the net(8) tool, and the new pdbedit(8) 
-utility.  See the respective man pages for details.
-    
-     
-######################################################################
-LDAP
-####
-
-This section outlines the new features affecting Samba / LDAP 
-integration.
-
-New Schema
-----------
-  
-A new object class (sambaSamAccount) has been introduced to replace 
-the old sambaAccount.  This change aids us in the renaming of attributes 
-to prevent clashes with attributes from other vendors.  There is a 
-conversion script (examples/LDAP/convertSambaAccount) to modify and LDIF 
-file to the new schema.
-  
-Example:
-  
-	$ ldapsearch .... -b "ou=people,dc=..." > old.ldif
-	$ convertSambaAccount <DOM SID> old.ldif new.ldif
-	
-The <DOM SID> can be obtained by running 'net getlocalsid <DOMAINNAME>' 
-on the Samba PDC as root.
-    
-The old sambaAccount schema may still be used by specifying the 
-"ldapsam_compat" passdb backend.  However, the sambaAccount and
-associated attributes have been moved to the historical section of
-the schema file and must be uncommented before use if needed.
-The 2.2 object class declaration for a sambaAccount has not changed
-in the 3.0 samba.schema file. 
-  
-Other new object classes and their uses include:
-  
-  * sambaDomain - domain information used to allocate rids 
-    for users and groups as necessary.  The attributes are added
-    in 'ldap suffix' directory entry automatically if 
-    an idmap uid/gid range has been set and the 'ldapsam'
-    passdb backend has been selected.
-      
-  * sambaGroupMapping - an object representing the 
-    relationship between a posixGroup and a Windows
-    group/SID.  These entries are stored in the 'ldap 
-    group suffix' and managed by the 'net groupmap' command.
-    
-  * sambaUnixIdPool - created in the 'ldap idmap suffix' entry 
-    automatically and contains the next available 'idmap uid' and 
-    'idmap gid'
-    
-  * sambaIdmapEntry - object storing a mapping between a 
-    SID and a UNIX uid/gid.  These objects are created by the 
-    idmap_ldap module as needed.
-
-  * sambaSidEntry - object representing a SID alone, as a Structural
-    class on which to build the sambaIdmapEntry.
-
-    
-New Suffix for Searching
-------------------------
-  
-The following new smb.conf parameters have been added to aid in directing
-certain LDAP queries when 'passdb backend = ldapsam://...' has been
-specified.
-
-  * ldap suffix         - used to search for user and computer accounts
-  * ldap user suffix    - used to store user accounts
-  * ldap machine suffix - used to store machine trust accounts
-  * ldap group suffix   - location of posixGroup/sambaGroupMapping entries
-  * ldap idmap suffix   - location of sambaIdmapEntry objects
-
-If an 'ldap suffix' is defined, it will be appended to all of the 
-remaining sub-suffix parameters.  In this case, the order of the suffix
-listings in smb.conf is important.  Always place the 'ldap suffix' first
-in the list.  
-
-Due to a limitation in Samba's smb.conf parsing, you should not surround 
-the DN's with quotation marks.
-
-
-IdMap LDAP support
-------------------
-
-Samba 3.0 supports an ldap backend for the idmap subsystem.  The 
-following options would inform Samba that the idmap table should be
-stored on the directory server onterose in the "ou=idmap,dc=plainjoe,
-dc=org" partition.
-
- [global]
-    ...
-    idmap backend     = ldap:ldap://onterose/
-    ldap idmap suffix = ou=idmap,dc=plainjoe,dc=org
-    idmap uid         = 40000-50000
-    idmap gid         = 40000-50000
-
-This configuration allows winbind installations on multiple servers to
-share a uid/gid number space, thus avoiding the interoperability problems
-with NFS that were present in Samba 2.2.
-    
-
-
-######################################################################
-Trust Relationships and a Samba Domain
-######################################
-
-Samba 3.0.0beta2 is able to utilize winbindd as the means of 
-allocating uids and gids to trusted users and groups.  More
-information regarding Samba's support for establishing trust 
-relationships can be found in the Samba-HOWTO-Collection included
-in the docs/ directory of this release.
-
-First create your Samba PDC and ensure that everything is 
-working correctly before moving on the trusts.
-
-To establish Samba as the trusting domain (named SAMBA) from a Windows NT
-4.0 domain named WINDOWS:
-
-  1) create the trust account for SAMBA in "User Manager for Domains"
-  2) connect the trust from the Samba domain using
-     'net rpc trustdom establish GLASS'
-
-To create a trustlationship with SAMBA as the trusted domain:
-
-  1) create the initial trust account for GLASS using
-     'smbpasswd -a -i GLASS'.  You may need to create a UNIX
-     account for GLASS$ prior to this step (depending on your
-     local configuration).
-  2) connect the trust from a WINDOWS DC using "User Manager
-     for Domains"
-
-Now join winbindd on the Samba PDC to the SAMBA domain using
-the normal steps for adding a Samba server to an NT4 domain:
-(note that smbd & nmbd must be running at this point)
-
-   root# net rpc join -U root
-   Password: <enter root password from smbpasswd file here>
-
-Start winbindd and test the join with 'wbinfo -t'.
-
-Now test the trust relationship by connecting to the SAMBA DC
-(e.g. POGO) as a user from the WINDOWS domain:
-
-   $ smbclient //pogo/netlogon -U Administrator -W WINDOWS
-   Password:
-
-Now connect to the WINDOWS DC (e.g. CRYSTAL) as a Samba user:
-
-   $ smbclient //crystal/netlogon -U root -W WINDOWS
-   Password:
-
-######################################################################
-Changes in Winbind
-##################
-
-Beginning with Samba3.0.0beta3, winbindd has been given new account
-manage functionality equivalent to the 'add user script' family of
-smb.conf parameters.  The idmap design has also been changed to 
-centralize control of foreign SID lookups and matching to UNIX 
-uids and gids.
-
-
-Brief Description of Changes
-----------------------------
-
-1) The sid_to_uid() family of functions (smbd/uid.c) have been 
-   reverted to the 2.2.x design.  This means that when resolving a 
-   SID to a UID or similar mapping:
-
-        a) First consult winbindd
-        b) perform a local lookup only if winbindd fails to
-           return a successful answer
-
-   There are some variations to this, but these two rules generally
-   apply.
-
-2) All idmap lookups have been moved into winbindd.  This means that
-   a server must run winbindd (and support NSS) in order to achieve
-   any mappings of SID to dynamically allocated UNIX ids.  This was
-   a conscious design choice.
-
-3) New functions have been added to winbindd to emulate the 'add user 
-   script' family of smbd functions without requiring that external
-   scripts be defined.  This functionality is controlled by the 'winbind 
-   enable local accounts' smb.conf parameter (enabled by default).
-
-   However, this account management functionality is only supported 
-   in a local tdb (winbindd_idmap.tdb).  If these new UNIX accounts 
-   must be shared among multiple Samba servers (such as a PDC and BDCs), 
-   it will be necessary to define your own 'add user script', et. al.
-   programs that place the accounts/groups in some form of directory
-   such as NIS or LDAP.  This requirement was deemed beyond the scope
-   of winbind's account management functions.  Solutions for 
-   distributing UNIX system information have been deployed and tested 
-   for many years.  We saw no need to reinvent the wheel.
-
-4) A member of a Samba controlled domain running winbindd is now able 
-   to map domain users directly onto existing UNIX accounts while still
-   automatically creating accounts for trusted users and groups.  This
-   behavior is controlled by the 'winbind trusted domains only' smb.conf
-   parameter (disabled by default to provide 2.2.x winbind behavior).
-
-5) Group mapping support is wrapped in the local_XX_to_XX() functions
-   in smbd/uid.c.  The reason that group mappings are not included
-   in winbindd is because the purpose of Samba's group map is to
-   match any Windows SID with an existing UNIX group.  These UNIX
-   groups can be created by winbindd (see next section), but the
-   SID<->gid mapping is retreived by smbd, not winbindd.
-
-
-Examples
---------
-
-* security = server running winbindd to allocate accounts on demand
-
-* Samba PDC running winbindd to handle the automatic creation of UNIX
-  identities for machine trust accounts
-
-* Automtically creating UNIX user and groups when migrating a Windows NT
-  4.0 PDC to a Samba PDC.  Winbindd must be running when executing
-  'net rpc vampire' for this to work.
-
-   
-######################################################################
-Known Issues
-############
-
-* There are several bugs currently logged against the 3.0 codebase
-  that affect the use of NT 4.0 GUI domain management tools when run
-  against a Samba 3.0 PDC.  This bugs should be released in an early 
-  3.0.x release.
-
-Please refer to https://bugzilla.samba.org/ for a current list of bugs 
-filed against the Samba 3.0 codebase.
-
-
-######################################################################
-Reporting bugs & Development Discussion
-#######################################
-
-Please discuss this release on the samba-technical mailing list or by
-joining the #samba-technical IRC channel on irc.freenode.net.
-
-If you do report problems then please try to send high quality
-feedback. If you don't provide vital information to help us track down
-the problem then you will probably be ignored.  
-
-A new bugzilla installation has been established to help support the 
-Samba 3.0 community of users.  This server, located at 
-https://bugzilla.samba.org/, has replaced the older jitterbug server 
-previously located at http://bugs.samba.org/.
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-3.0.0beta1.html b/whatsnew/samba-3.0.0beta1.html
deleted file mode 100755
index 6d2159a..0000000
--- a/whatsnew/samba-3.0.0beta1.html
+++ /dev/null
@@ -1,510 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team announces Samba 3.0.0 beta1</H2>
-
-<p>
-<pre>
-The Samba Team is proud to announce the availability of the
-first beta release of the Samba 3.0.0 code base.  While
-we are significantly closer to the final release, I will
-remind you that this is a non-production release provided for
-testing only.
-
-The source code can be downloaded from :
-
-    <a href="http://download.samba.org/samba/ftp/beta/">http://download.samba.org/samba/ftp/beta/</a>
-
-The uncompressed tarball and patch file have been signed
-using GnuPG.  The Samba public key is available at
-
-    <a href="http://download.samba.org/samba/ftp/samba-pubkey.asc">http://download.samba.org/samba/ftp/samba-pubkey.asc</a>
-
-Binary packages for RedHat, also signed by the Samba public key,
-have been released and can be found at
-
-    <a href="http://download.samba.org/samba/ftp/Binary_Packages/">http://download.samba.org/samba/ftp/Binary_Packages/</a>
-
-Others will be available as they are submitted by volunteers.
-
-A simplified version of the CVS log of updates since 3.0alpha24
-can be found in the the download directory under the name
-ChangeLog-3.0alpha24-3.0.0beta1.  
-
-We are also taking this opportunity to beta test our new
-Bugzilla server.  The intent is to replace the old jitterbug
-installation (bugs.samba.org).  The new bug tracking system is
-located at
-
-    <a href="https://bugzilla.samba.org/">https://bugzilla.samba.org/</a>
-
-Please search for existing bugs before filing new reports.
-As always, all bugs are our responsibility.
-
-                                  --Enjoy
-                                  The Samba Team
-
-#######################################################################
-
-                  WHATS NEW IN Samba 3.0.0 beta1
-                           June 7 2003
-                  ==============================
-
-This is a beta release of Samba 3.0.0. This is a non-production release 
-intended for testing purposes.  Use at your own risk. 
-
-The purpose of this beta release is to get wider testing of the major
-new pieces of code in the current Samba 3.0 development tree. We have
-officially ceased development on the 2.2.x release of Samba and are
-concentrating on Samba 3.0. To reduce the time before the final 
-Samba 3.0 release we need as many people as possible to start testing 
-these beta releases, and to provide high quality feedback on what 
-needs fixing.
-
-Samba 3.0 is feature complete. However there is still some final 
-work to be done on certain pieces of functionality.  Please refer to 
-the section on "Known Issues" for more details.
-
-
-Major new features:
--------------------
-
-1)  Active Directory support. This release is able to join a ADS realm
-    as a member server and authenticate users using LDAP/kerberos.
-
-2)  Unicode support. Samba will now negotiate UNICODE on the wire and
-    internally there is now a much better infrastructure for multi-byte
-    and UNICODE character sets.
-
-3)  New authentication system. The internal authentication system has
-    been almost completely rewritten. Most of the changes are internal,
-    but the new auth system is also very configurable.
-
-4)  New filename mangling system. The filename mangling system has been
-    completely rewritten. An internal database now stores mangling maps
-    persistently. This needs lots of testing.
-
-5)  New "net" command. A new "net" command has been added. It is
-    somewhat similar to the "net" command in windows. Eventually we 
-    plan to replace a bunch of other utilities (such as smbpasswd) 
-    with subcommands in "net", at the moment only a few things are
-    implemented.
-
-6)  Samba now negotiates NT-style status32 codes on the wire. This
-    improves error handling a lot.
-
-7)  Better Windows 2000/XP/2003 printing support including publishing 
-    printer attributes in active directory
-
-8)  New loadable RPC modules
-
-9)  New dual-daemon winbindd support (-B) for better performance
-
-10) Support for migrating from a Windows NT 4.0 domain to a Samba 
-    domain and maintaining user, group and domain SIDs
-
-11) Support for establishing trust relationships with Windows NT 4.0
-    domain controllers
-  
-12) Initial support for a distributed Winbind architecture using
-    an LDAP directory for storing SID to uid/gid mappings
-  
-13) Major updates to the Samba documentation tree.
-
-Plus lots of other improvements!
-
-
-Additional Documentation
-------------------------
-
-Please refer to Samba documentation tree (including in the docs/ 
-subdirectory) for extensive explanations of installing, configuring
-and maintaining Samba 3.0 servers and clients.  It is advised to 
-begin with the Samba-HOWTO-Collection for overviews and specific 
-tasks (the current book is up to approximately 400 pages) and to 
-refer to the various man pages for information on individual options.
-
-
-######################################################################
-Upgrading from Samba 2.2
-########################
-
-This section is provided to help administrators understand the details
-involved with upgrading a Samba 2.2 server to Samba 3.0
-
-
-Building
---------
-
-Many of the options to the GNU autoconf script have been modified 
-in the 3.0 release.  The most noticeable are
-
-  * removal of --with-tdbsam (is now included by default; see section
-    on passdb backends and authentication for more details)
-    
-  * --with-ldapsam is now on used to provided backward compatible
-    parameters for LDAP enabled Samba 2.2 servers.  Refer to the passdb 
-    backend and authentication section for more details
-  
-  * inclusion of non-standard passdb modules may be enabled using
-    --with-expsam.  This includes an XML backend, a mysql backend,
-    and a NIS backend.
-      
-  * removal of --with-msdfs (is now enabled by default)
-  
-  * removal of --with-ssl (no longer supported)
-  
-  * --with-utmp now defaults to 'yes' on supported systems
-  
-  * --with-sendfile-support is now enabled by default on supported 
-    systems
-  
-    
-Parameters
-----------
-
-This section contains a brief listing of changes to smb.conf options
-in the 3.0.0 release.  Please refer to the smb.conf(5) man page for
-complete descriptions of new or modified parameters.
-
-Removed Parameters (order alphabetically):
-
-  * admin log
-  * alternate permissions
-  * character set
-  * client codepage
-  * code page directory
-  * coding system
-  * domain admin group
-  * domain guest group
-  * force unknown acl user
-  * nt smb support
-  * post script
-  * printer driver
-  * printer driver file
-  * printer driver location
-  * status
-  * total print jobs
-  * use rhosts
-  * valid chars
-  * vfs options
-
-New Parameters (new parameters have been grouped by function):
-
-  Remote management
-  -----------------
-  * abort shutdown script
-  * shutdown script
-
-  User and Group Account Management
-  ---------------------------------
-  * add group script
-  * add machine script
-  * add user to group script
-  * algorithmic rid base
-  * delete group script
-  * delete user from group script
-  * passdb backend
-  * set primary group script
-
-  Authentication
-  --------------
-  * auth methods
-  * ads server
-  * realm
-
-  Protocol Options
-  ----------------
-  * client lanman auth
-  * client NTLMv2 auth
-  * client schannel
-  * client signing
-  * client use spnego
-  * disable netbios
-  * ntlm auth
-  * paranoid server security
-  * server schannel
-  * smb ports
-  * use spnego
-
-  File Service
-  ------------
-  * get quota command
-  * hide special files
-  * hide unwriteable files
-  * hostname lookups
-  * kernel change notify
-  * mangle prefix
-  * msdfs proxy
-  * set quota command
-  * use sendfile
-  * vfs objects
-  
-  Printing
-  --------
-  * max reported print jobs
-
-  UNICODE and Character Sets
-  --------------------------
-  * display charset
-  * dos charset
-  * unicode
-  * unix charset
-  
-  SID to uid/gid Mappings
-  -----------------------
-  * idmap backend
-  * idmap gid
-  * idmap only
-  * idmap uid
-
-  LDAP
-  ----
-  * ldap delete dn
-  * ldap group suffix
-  * ldap idmap suffix
-  * ldap machine suffix
-  * ldap passwd sync
-  * ldap trust ids
-  * ldap user suffix
-  
-  General Configuration
-  ---------------------
-  * preload modules
-  * privatedir
-
-Modified Parameters (changes in behavior):
-
-  * encrypt passwords (enabled by default)
-  * mangling method (set to 'hash2' by default)
-  * passwd chat
-  * passwd program
-  * restrict anonymous (integer value)
-  * security (new 'ads' value)
-  * strict locking (enabled by default)
-  * winbind cache time (increased to 5 minutes)
-  * winbind uid (deprecated in favor of 'idmap uid')
-  * winbind gid (deprecated in favor of 'idmap gid')
-
-
-Databases
----------
-
-This section contains brief descriptions of any new databases 
-introduced in Samba 3.0.  Please remember to backup your existing 
-${lock directory}/*tdb before upgrading to Samba 3.0.  Samba will 
-upgrade databases as they are opened (if necessary), but downgrading 
-from 3.0 to 2.2 is an unsupported path.
-
-Name		Description				Backup?
-----		-----------				-------
-account_policy	User policy settings			yes
-gencache	Generic caching db			no
-group_mapping	Mapping table from Windows		yes
-		groups/SID to unix groups	
-idmap		new ID map table from SIDS		yes
-		to UNIX uids/gids.
-namecache	Name resolution cache entries		no
-netlogon_unigrp	Cache of universal group 		no
-		membership obtained when 
-		operating as a member of a 
-		Windows domain
-printing/*.tdb	Cached output from 'lpq 		no
-		command' created on a per print 
-		service basis
-registry	Read-only samba registry skeleton	no
-		that provides support for exporting
-		various db tables via the winreg RPCs
-
-
-Changes in Behavior
--------------------
-
-The following issues are known changes in behavior between Samba 2.2 and 
-Samba 3.0 that may affect certain installations of Samba.
-
-  1)  When operating as a member of a Windows domain, Samba 2.2 would 
-      map any users authenticated by the remote DC to the 'guest account'
-      if a uid could not be obtained via the getpwnam() call.  Samba 3.0
-      rejects the connection as NT_STATUS_LOGON_FAILURE.  There is no 
-      current work around to re-establish the 2.2 behavior.
-      
-  2)  When adding machines to a Samba 2.2 controlled domain, the 
-      'add user script' was used to create the UNIX identity of the 
-      machine trust account.  Samba 3.0 introduces a new 'add machine 
-      script' that must be specified for this purpose.  Samba 3.0 will
-      not fall back to using the 'add user script' in the absence of 
-      an 'add machine script'
-  
-
-######################################################################
-Passdb Backends and Authentication
-##################################
-
-There have been a few new changes that Samba administrators should be
-aware of when moving to Samba 3.0.
-
-  1) encrypted passwords have been enabled by default in order to 
-     inter-operate better with out-of-the-box Windows client 
-     installations.  This does mean that either (a) a samba account
-     must be created for each user, or (b) 'encrypt passwords = no'
-     must be explicitly defined in smb.conf.
-    
-  2) Inclusion of new 'security = ads' option for integration 
-     with an Active Directory domain using the native Windows
-     Kerberos 5 and LDAP protocols.
-
-Samba 3.0 also includes the possibility of setting up chains
-of authentication methods (auth methods) and account storage 
-backends (passdb backend).  Please refer to the smb.conf(5) 
-man page for details.  While both parameters assume sane default 
-values, it is likely that you will need to understand what the 
-values actually mean in order to ensure Samba operates correctly.
-
-The recommended passdb backends at this time are
-
-  * smbpasswd - 2.2 compatible flat file format
-  * tdbsam - attribute rich database intended as an smbpasswd
-    replacement for stand alone servers
-  * ldapsam - attribute rich account storage and retrieval 
-    backend utilizing an LDAP directory.  
-  * ldapsam_compat - a 2.2 backward compatible LDAP account 
-    backend
-    
-Certain functions of the smbpasswd(8) tool have been split between the 
-new smbpasswd(8) utility, the net(8) tool, and the new pdbedit(8) 
-utility.  See the respective man pages for details.
-    
-     
-######################################################################
-LDAP
-####
-
-This section outlines the new features affecting Samba / LDAP integration.
-
-New Schema
-----------
-  
-A new object class (sambaSamAccount) has been introduced to replace 
-the old sambaAccount.  This change aids us in the renaming of attributes 
-to prevent clashes with attributes from other vendors.  There is a 
-conversion script (examples/LDAP/convertSambaAccount) to modify and LDIF 
-file to the new schema.
-  
-Example:
-  
-	$ ldapsearch .... -b "ou=people,dc=..." > old.ldif
-	$ convertSambaAccount <DOM SID> old.ldif new.ldif
-	
-The <DOM SID> can be obtained by running 'net getlocalsid <DOMAINNAME>' 
-on the Samba PDC as root.
-    
-The old sambaAccount schema may still be used by specifying the 
-"ldapsam_compat" passdb backend.  However, the sambaAccount and
-associated attributes have been moved to the historical section of
-the schema file and must be uncommented before use if needed.
-The 2.2 object class declaration for a sambaAccount has not changed
-in the 3.0 samba.schema file. 
-  
-Other new object classes and their uses include:
-  
-  * sambaDomain - domain information used to allocate rids 
-    for users and groups as necessary.  The attributes are added
-    in 'ldap suffix' directory entry automatically if 
-    an idmap uid/gid range has been set and the 'ldapsam'
-    passdb backend has been selected.
-      
-  * sambaGroupMapping - an object representing the 
-    relationship between a posixGroup and a Windows
-    group/SID.  These entries are stored in the 'ldap 
-    group suffix' and managed by the 'net groupmap' command.
-    
-  * sambaUnixIdPool - created in the 'ldap idmap suffix' entry 
-    automatically and contains the next available 'idmap uid' and 
-    'idmap gid'
-    
-  * sambaIdmapEntry - object storing a mapping between a 
-    SID and a UNIX uid/gid.  These objects are created by the 
-    idmap_ldap module as needed.
-
-    
-New Suffix for Searching
-------------------------
-  
-The following new smb.conf parameters have been added to aid in directing
-certain LDAP queries when 'passdb backend = ldapsam://...' has been
-specified.
-
-  * ldap suffix         - used to search for user and computer accounts
-  * ldap user suffix    - used to store user accounts
-  * ldap machine suffix - used to store machine trust accounts
-  * ldap group suffix   - location of posixGroup/sambaGroupMapping entries
-  * ldap idmap suffix   - location of sambaIdmapEntry objects
-
-If an 'ldap suffix' is defined, it will be appended to all of the 
-remaining sub-suffix parameters.  In this case, the order of the suffix
-listings in smb.conf is important.  Always place the 'ldap suffix' first
-in the list.  
-
-Due to a limitation in Samba's smb.conf parsing, you should not surround 
-the DN's with quotation marks.
-
-
-IdMap LDAP support
-------------------
-
-Samba 3.0 supports an ldap backend for the idmap subsystem.  The 
-following options would inform Samba that the idmap table should be
-stored on the directory server onterose in the "ou=idmap,dc=plainjoe,
-dc=org" partition.
-
- [global]
-    ...
-    idmap backend     = ldap:ldap://onterose/
-    ldap idmap suffix = ou=idmap,dc=plainjoe,dc=org
-    idmap uid         = 40000-50000
-    idmap gid         = 40000-50000
-
-This configuration allows winbind installations on multiple servers to
-share a uid/gid number space, thus avoiding the interoperability problems
-with NFS that were present in Samba 2.2.
-    
-
-######################################################################
-Known Issues
-############
-
-* One such limitation that is worth mentioning (and will be corrected 
-  before the actual stable 3.0.0 release is the dead lock problem with
-  running winbindd on a Samba PDC in order to allocate uids and gids for 
-  users and groups in a trusted domain.  When the Samba domain is acting 
-  as the trusted domain to a Windows NT 4.0 domain, there are no known 
-  issues.
-
-* The smbldap perl scripts for managing user entries in an LDAP 
-  directory have not be updated to function with the Samba 3.0
-  schema changes.  This (or an equivalent solution) work is planned
-  to be completed prior to the stable 3.0.0 release.
-
-Please refer to https://bugzilla.samba.org/ for a current list of bugs 
-filed against the Samba 3.0 codebase.
-
-
-######################################################################
-Reporting bugs & Development Discussion
-#######################################
-
-Please discuss this release on the samba-technical mailing list or by
-joining the #samba-technical IRC channel on irc.freenode.net.
-
-If you do report problems then please try to send high quality
-feedback. If you don't provide vital information to help us track down
-the problem then you will probably be ignored.  
-
-A new bugzilla installation has been established to help support the 
-Samba 3.0 community of users.  This server, located at 
-https://bugzilla.samba.org/, will replace the existing jitterbug server 
-and the old http://bugs.samba.org now points to the new bugzilla server.
-
-
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-3.0.0beta2.html b/whatsnew/samba-3.0.0beta2.html
deleted file mode 100755
index bb5724c..0000000
--- a/whatsnew/samba-3.0.0beta2.html
+++ /dev/null
@@ -1,653 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team announces Samba 3.0.0 beta2</H2>
-
-<p>
-<pre>
-The Samba Team is proud to announce the availability of the
-second beta release of the Samba 3.0.0 code base.  While
-we are significantly closer to the final release, you should 
-be reminded that this is a non-production release provided for
-testing only.
-
-The source code can be downloaded from :
-
-    <a href="http://download.samba.org/samba/ftp/beta/">http://download.samba.org/samba/ftp/beta/</a>
-
-The uncompressed tarball and patch file have been signed
-using GnuPG.  The Samba public key is available at
-
-    <a href="http://download.samba.org/samba/ftp/samba-pubkey.asc">http://download.samba.org/samba/ftp/samba-pubkey.asc</a>
-
-Binary packages for RedHat, also signed by the Samba GnuPG key,
-have been released and can be found at
-
-    <a href="http://download.samba.org/samba/ftp/Binary_Packages/">http://download.samba.org/samba/ftp/Binary_Packages/</a>
-
-Others will be available as they are submitted by volunteers.
-
-A simplified version of the CVS log of updates since 3.0.0beta1
-can be found in the the download directory under the name
-ChangeLog-3.0.0beta1-3.0.0beta2.
-
-We are also taking this opportunity to beta test our new
-Bugzilla server.  The intent is to replace the old jitterbug
-installation (bugs.samba.org).  The new bug tracking system is
-located at
-
-    <a href="https://bugzilla.samba.org/">https://bugzilla.samba.org/</a>
-
-Please search for existing bugs before filing new reports.
-As always, all bugs are our responsibility.
-
-                                  --Enjoy
-                                  The Samba Team
-
-#######################################################################
-
-                  WHATS NEW IN Samba 3.0.0 beta2
-                           July 1 2003
-                  ==============================
-
-This is the second beta release of Samba 3.0.0. This is a 
-non-production release intended for testing purposes.  Use 
-at your own risk. 
-
-The purpose of this beta release is to get wider testing of the major
-new pieces of code in the current Samba 3.0 development tree. We have
-officially ceased development on the 2.2.x release of Samba and are
-concentrating on Samba 3.0. To reduce the time before the final
-Samba 3.0 release we need as many people as possible to start testing 
-these beta releases, and to provide high quality feedback on what 
-needs fixing.
-
-Samba 3.0 is feature complete. However there is still some final 
-work to be done on certain pieces of functionality.  Please refer to 
-the section on "Known Issues" for more details.
-
-
-Major new features:
--------------------
-
-1)  Active Directory support.  Samba 3.0 is now able to  
-    to join a ADS realm as a member server and authenticate 
-    users using LDAP/Kerberos.
-
-2)  Unicode support. Samba will now negotiate UNICODE on the wire and
-    internally there is now a much better infrastructure for multi-byte
-    and UNICODE character sets.
-
-3)  New authentication system. The internal authentication system has
-    been almost completely rewritten. Most of the changes are internal,
-    but the new auth system is also very configurable.
-
-4)  New filename mangling system. The filename mangling system has been
-    completely rewritten. An internal database now stores mangling maps
-    persistently. This needs lots of testing.
-
-5)  A new "net" command has been added. It is somewhat similar to 
-    the "net" command in windows. Eventually we plan to replace 
-    numerous other utilities (such as smbpasswd) with subcommands 
-    in "net".
-
-6)  Samba now negotiates NT-style status32 codes on the wire. This
-    improves error handling a lot.
-
-7)  Better Windows 2000/XP/2003 printing support including publishing 
-    printer attributes in active directory.
-
-8)  New loadable RPC modules.
-
-9)  New dual-daemon winbindd support (-B) for better performance.
-
-10) Support for migrating from a Windows NT 4.0 domain to a Samba 
-    domain and maintaining user, group and domain SIDs.
-
-11) Support for establishing trust relationships with Windows NT 4.0
-    domain controllers.
-  
-12) Initial support for a distributed Winbind architecture using
-    an LDAP directory for storing SID to uid/gid mappings.
-  
-13) Major updates to the Samba documentation tree.
-
-Plus lots of other improvements!
-
-
-Additional Documentation
-------------------------
-
-Please refer to Samba documentation tree (including in the docs/ 
-subdirectory) for extensive explanations of installing, configuring
-and maintaining Samba 3.0 servers and clients.  It is advised to 
-begin with the Samba-HOWTO-Collection for overviews and specific 
-tasks (the current book is up to approximately 400 pages) and to 
-refer to the various man pages for information on individual options.
-
-######################################################################
-Changes since 3.0beta1
-######################
-
-Please refer to the CVS log for the SAMBA_3_0 branch for complete 
-details
-
-1)  Rework our smb signing code again, this factors out some of 
-    the common MAC calculation code, and now supports multiple 
-    outstanding packets (bug #40).
-2)  Enforce 'client plaintext auth', 'client lanman auth' and 'client
-    ntlmv2 auth'.
-3)  Correct timestamp problem on 64-bit machines (bug #140).
-4)  Add extra debugging statements to winbindd for tracking down
-    failures.
-5)  Fix bug when aliased 'winbind uid/gid' parameters are used.
-    ('winbind uid/gid' are now replaced with 'idmap uid/gid').
-6)  Added an auth flag that indicates if we should be allowed 
-    to fall back to NTLMSSP for SASL if krb5 fails.
-7)  Fixed the bug that forced us not to use the winbindd cache when 
-    we have a primary ADS domain and a secondary (trusted) NT4 
-    domain. 
-8)  Use lp_realm() to find the default realm for 'net ads password'.
-9)  Removed editreg from standard build until it is portable..
-10) Fix domain membership for servers not running winbindd.
-11) Correct race condition in determining the high water mark
-    in the idmap backend (bug #181).
-12) Set the user's primary unix group from usrmgr.exe (partial 
-    fix for bug #45).
-13) Show comments when doing 'net group -l' (bug #3).
-14) Add trivial extension to 'net' to dump current local idmap
-    and restore mappings as well.
-15) Modify 'net rpc vampire' to add new and existing users to
-    both the idmap and the SAM.  This code needs further testing.
-16) Fix crash bug in ADS searches.
-17) Build libnss_wins.so as part of nsswitch target (bug #160).
-18) Make net rpc vampire return an error if the sam sync RPC 
-    returns an error.
-19) Fail to join an NT 4 domain as a BDC if a workstation account
-    using our name exists.
-20) Fix various memory leaks in server and client code
-21) Remove the short option to --set-auth-user for wbinfo (-A) to 
-    prevent confusion with the -a option (bug #158).
-22) Added new 'map acl inherit' parameter.
-23) Removed unused 'privileges' code from group mapping database.
-24) Don't segfault on empty passdb backend list (bug #136).
-25) Fixed acl sorting algorithm for Windows 2000 clients.
-26) Replace universal group cache with netsamlogon_cache 
-    from APPLIANCE_HEAD branch.
-27) Fix autoconf detection issues surrounding --with-ads=yes
-    but no Krb5 header files installed (bug #152).
-28) Add LDAP lookup for domain sequence number in case we are 
-    joined using NT4 protocols to a native mode AD domain.
-29) Fix backend method selection for trusted NT 4 (or 2k 
-    mixed mode) domains. 
-30) Fixed bug that caused us to enumerate domain local groups
-    from native mode AD domains other than our own.
-31) Correct group enumeration for viewing in the Windows 
-    security tab (bug #110).
-32) Consolidate the DC location code.
-33) Moved 'ads server' functionality into 'password server' for
-    backwards compatibility.
-34) Fix winbindd_idmap tdb upgrades from a 2.2 installation.
-    ( if you installed beta1, be sure to 
-      'mv idmap.tdb winbindd_idmap.tdb' ).
-35) Fix pdb_ldap segfaults, and wrong default values for 
-    ldapsam_compat.
-36) Enable negative connection cache for winbindd's ADS backend 
-    functions.
-37) Enable address caching for active directory DC's so we don't 
-    have to hit DNS so much.
-38) Fix bug in idmap code that caused mapping to randomly be 
-    redefined.
-39) Add tdb locking code to prevent race condition when adding a 
-    new mapping to idmap.
-40) Fix 'map to guest = bad user' when acting as a PDC supporting 
-    trust relationships.
-41) Prevent deadlock issues when running winbindd on a Samba PDC 
-    to handle allocating uids & gids for trusted users and groups
-42) added LOCALE patch from Steve Langasek (bug #122).
-43) Add the 'guest' passdb backend automatically to the end of 
-    the 'passdb backend' list if 'guest account' has a valid 
-    username.
-44) Remove samstrict_dc auth method.  Rework 'samstrict' to only 
-    handle our local names (or domain name if we are a PDC).  
-    Move existing permissive 'sam' method to 'sam_ignoredomain' 
-    and make 'samstrict' the new default 'sam' auth method.
-45) Match Windows NT4/2k behavior when authenticating a user with
-    and unknown domain (default to our domain if we are a DC or 
-    domain member; default to our local name if we are a 
-    standalone server).
-46) Fix Get_Pwnam() to always fall back to lookup 'user' if the 
-    'DOMAIN\user' lookup fails.  This matches 2.2. behavior.
-47) Fix the trustdom_cache code to update the list of trusted 
-    domains when operating as a domain member and not using 
-    winbindd.
-48) Remove 'nisplussam' passdb backend since it has suffered for 
-    too long without a maintainer.
-    
-
-
-
-######################################################################
-Upgrading from Samba 2.2
-########################
-
-This section is provided to help administrators understand the details
-involved with upgrading a Samba 2.2 server to Samba 3.0.
-
-
-Building
---------
-
-Many of the options to the GNU autoconf script have been modified 
-in the 3.0 release.  The most noticeable are:
-
-  * removal of --with-tdbsam (is now included by default; see section
-    on passdb backends and authentication for more details)
-    
-  * --with-ldapsam is now on used to provided backward compatible
-    parameters for LDAP enabled Samba 2.2 servers.  Refer to the passdb 
-    backend and authentication section for more details
-  
-  * inclusion of non-standard passdb modules may be enabled using
-    --with-expsam.  This includes an XML backend and a mysql backend.
-      
-  * removal of --with-msdfs (is now enabled by default)
-  
-  * removal of --with-ssl (no longer supported)
-  
-  * --with-utmp now defaults to 'yes' on supported systems
-  
-  * --with-sendfile-support is now enabled by default on supported 
-    systems
-  
-    
-Parameters
-----------
-
-This section contains a brief listing of changes to smb.conf options
-in the 3.0.0 release.  Please refer to the smb.conf(5) man page for
-complete descriptions of new or modified parameters.
-
-Removed Parameters (order alphabetically):
-
-  * admin log
-  * alternate permissions
-  * character set
-  * client codepage
-  * code page directory
-  * coding system
-  * domain admin group
-  * domain guest group
-  * force unknown acl user
-  * nt smb support
-  * post script
-  * printer driver
-  * printer driver file
-  * printer driver location
-  * status
-  * total print jobs
-  * use rhosts
-  * valid chars
-  * vfs options
-
-New Parameters (new parameters have been grouped by function):
-
-  Remote management
-  -----------------
-  * abort shutdown script
-  * shutdown script
-
-  User and Group Account Management
-  ---------------------------------
-  * add group script
-  * add machine script
-  * add user to group script
-  * algorithmic rid base
-  * delete group script
-  * delete user from group script
-  * passdb backend
-  * set primary group script
-
-  Authentication
-  --------------
-  * auth methods
-  * realm
-
-  Protocol Options
-  ----------------
-  * client lanman auth
-  * client NTLMv2 auth
-  * client schannel
-  * client signing
-  * client use spnego
-  * disable netbios
-  * ntlm auth
-  * paranoid server security
-  * server schannel
-  * smb ports
-  * use spnego
-
-  File Service
-  ------------
-  * get quota command
-  * hide special files
-  * hide unwriteable files
-  * hostname lookups
-  * kernel change notify
-  * mangle prefix
-  * map acl inherit
-  * msdfs proxy
-  * set quota command
-  * use sendfile
-  * vfs objects
-  
-  Printing
-  --------
-  * max reported print jobs
-
-  UNICODE and Character Sets
-  --------------------------
-  * display charset
-  * dos charset
-  * unicode
-  * unix charset
-  
-  SID to uid/gid Mappings
-  -----------------------
-  * idmap backend
-  * idmap gid
-  * idmap only
-  * idmap uid
-
-  LDAP
-  ----
-  * ldap delete dn
-  * ldap group suffix
-  * ldap idmap suffix
-  * ldap machine suffix
-  * ldap passwd sync
-  * ldap trust ids
-  * ldap user suffix
-  
-  General Configuration
-  ---------------------
-  * preload modules
-  * privatedir
-
-Modified Parameters (changes in behavior):
-
-  * encrypt passwords (enabled by default)
-  * mangling method (set to 'hash2' by default)
-  * passwd chat
-  * passwd program
-  * restrict anonymous (integer value)
-  * security (new 'ads' value)
-  * strict locking (enabled by default)
-  * winbind cache time (increased to 5 minutes)
-  * winbind uid (deprecated in favor of 'idmap uid')
-  * winbind gid (deprecated in favor of 'idmap gid')
-
-
-Databases
----------
-
-This section contains brief descriptions of any new databases 
-introduced in Samba 3.0.  Please remember to backup your existing 
-${lock directory}/*tdb before upgrading to Samba 3.0.  Samba will 
-upgrade databases as they are opened (if necessary), but downgrading 
-from 3.0 to 2.2 is an unsupported path.
-
-Name			Description				Backup?
-----			-----------				-------
-account_policy		User policy settings			yes
-gencache		Generic caching db			no
-group_mapping		Mapping table from Windows		yes
-			groups/SID to unix groups	
-idmap			new ID map table from SIDS		yes
-			to UNIX uids/gids.
-namecache		Name resolution cache entries		no
-netsamlogon_cache	Cache of NET_USER_INFO_3 structure	no
-			returned as part of a successful
-			net_sam_logon request 
-printing/*.tdb		Cached output from 'lpq 		no
-			command' created on a per print 
-			service basis
-registry		Read-only samba registry skeleton	no
-			that provides support for exporting
-			various db tables via the winreg RPCs
-
-
-Changes in Behavior
--------------------
-
-The following issues are known changes in behavior between Samba 2.2 and 
-Samba 3.0 that may affect certain installations of Samba.
-
-  1)  When operating as a member of a Windows domain, Samba 2.2 would 
-      map any users authenticated by the remote DC to the 'guest account'
-      if a uid could not be obtained via the getpwnam() call.  Samba 3.0
-      rejects the connection as NT_STATUS_LOGON_FAILURE.  There is no 
-      current work around to re-establish the 2.2 behavior.
-      
-  2)  When adding machines to a Samba 2.2 controlled domain, the 
-      'add user script' was used to create the UNIX identity of the
-      machine trust account.  Samba 3.0 introduces a new 'add machine 
-      script' that must be specified for this purpose.  Samba 3.0 will
-      not fall back to using the 'add user script' in the absence of 
-      an 'add machine script'
-  
-
-######################################################################
-Passdb Backends and Authentication
-##################################
-
-There have been a few new changes that Samba administrators should be
-aware of when moving to Samba 3.0.
-
-  1) encrypted passwords have been enabled by default in order to 
-     inter-operate better with out-of-the-box Windows client 
-     installations.  This does mean that either (a) a samba account
-     must be created for each user, or (b) 'encrypt passwords = no'
-     must be explicitly defined in smb.conf.
-    
-  2) Inclusion of new 'security = ads' option for integration 
-     with an Active Directory domain using the native Windows
-     Kerberos 5 and LDAP protocols.
-
-Samba 3.0 also includes the possibility of setting up chains
-of authentication methods (auth methods) and account storage 
-backends (passdb backend).  Please refer to the smb.conf(5) 
-man page for details.  While both parameters assume sane default 
-values, it is likely that you will need to understand what the 
-values actually mean in order to ensure Samba operates correctly.
-
-The recommended passdb backends at this time are
-
-  * smbpasswd - 2.2 compatible flat file format
-  * tdbsam - attribute rich database intended as an smbpasswd
-    replacement for stand alone servers
-  * ldapsam - attribute rich account storage and retrieval 
-    backend utilizing an LDAP directory.  
-  * ldapsam_compat - a 2.2 backward compatible LDAP account 
-    backend
-    
-Certain functions of the smbpasswd(8) tool have been split between the 
-new smbpasswd(8) utility, the net(8) tool, and the new pdbedit(8) 
-utility.  See the respective man pages for details.
-    
-     
-######################################################################
-LDAP
-####
-
-This section outlines the new features affecting Samba / LDAP 
-integration.
-
-New Schema
-----------
-
-A new object class (sambaSamAccount) has been introduced to replace 
-the old sambaAccount.  This change aids us in the renaming of attributes 
-to prevent clashes with attributes from other vendors.  There is a 
-conversion script (examples/LDAP/convertSambaAccount) to modify and LDIF 
-file to the new schema.
-  
-Example:
-  
-	$ ldapsearch .... -b "ou=people,dc=..." > old.ldif
-	$ convertSambaAccount <DOM SID> old.ldif new.ldif
-	
-The <DOM SID> can be obtained by running 'net getlocalsid <DOMAINNAME>'
-on the Samba PDC as root.
-    
-The old sambaAccount schema may still be used by specifying the 
-"ldapsam_compat" passdb backend.  However, the sambaAccount and
-associated attributes have been moved to the historical section of
-the schema file and must be uncommented before use if needed.
-The 2.2 object class declaration for a sambaAccount has not changed
-in the 3.0 samba.schema file. 
-  
-Other new object classes and their uses include:
-  
-  * sambaDomain - domain information used to allocate rids 
-    for users and groups as necessary.  The attributes are added
-    in 'ldap suffix' directory entry automatically if 
-    an idmap uid/gid range has been set and the 'ldapsam'
-    passdb backend has been selected.
-      
-  * sambaGroupMapping - an object representing the 
-    relationship between a posixGroup and a Windows
-    group/SID.  These entries are stored in the 'ldap 
-    group suffix' and managed by the 'net groupmap' command.
-    
-  * sambaUnixIdPool - created in the 'ldap idmap suffix' entry 
-    automatically and contains the next available 'idmap uid' and 
-    'idmap gid'
-    
-  * sambaIdmapEntry - object storing a mapping between a 
-    SID and a UNIX uid/gid.  These objects are created by the 
-    idmap_ldap module as needed.
-
-    
-New Suffix for Searching
-------------------------
-  
-The following new smb.conf parameters have been added to aid in directing
-certain LDAP queries when 'passdb backend = ldapsam://...' has been
-specified.
-
-  * ldap suffix         - used to search for user and computer accounts
-  * ldap user suffix    - used to store user accounts
-  * ldap machine suffix - used to store machine trust accounts
-  * ldap group suffix   - location of posixGroup/sambaGroupMapping entries
-  * ldap idmap suffix   - location of sambaIdmapEntry objects
-
-If an 'ldap suffix' is defined, it will be appended to all of the 
-remaining sub-suffix parameters.  In this case, the order of the suffix
-listings in smb.conf is important.  Always place the 'ldap suffix' first
-in the list.  
-
-Due to a limitation in Samba's smb.conf parsing, you should not surround 
-the DN's with quotation marks.
-
-
-IdMap LDAP support
-------------------
-
-Samba 3.0 supports an ldap backend for the idmap subsystem.  The 
-following options would inform Samba that the idmap table should be
-stored on the directory server onterose in the "ou=idmap,dc=plainjoe,
-dc=org" partition.
-
- [global]
-    ...
-    idmap backend     = ldap:ldap://onterose/
-    ldap idmap suffix = ou=idmap,dc=plainjoe,dc=org
-    idmap uid         = 40000-50000
-    idmap gid         = 40000-50000
-
-This configuration allows winbind installations on multiple servers to
-share a uid/gid number space, thus avoiding the interoperability problems
-with NFS that were present in Samba 2.2.
-    
-
-
-######################################################################
-Trust Relationships and a Samba Domain
-######################################
-
-Samba 3.0.0beta2 is able to utilize winbindd as the means of 
-allocating uids and gids to trusted users and groups.  More
-information regarding Samba's support for establishing trust 
-relationships can be found in the Samba-HOWTO-Collection included
-in the docs/ directory of this release.
-
-First create your Samba PDC and ensure that everything is 
-working correctly before moving on the trusts.
-
-To establish Samba as the trusting domain (named SAMBA) from a Windows NT
-4.0 domain named WINDOWS:
-
-  1) create the trust account for SAMBA in "User Manager for Domains"
-  2) connect the trust from the Samba domain using
-     'net rpc trustdom establish GLASS'
-
-To create a trustlationship with SAMBA as the trusted domain:
-
-  1) create the initial trust account for GLASS using
-     'smbpasswd -a -i GLASS'.  You may need to create a UNIX
-     account for GLASS$ prior to this step (depending on your
-     local configuration).
-  2) connect the trust from a WINDOWS DC using "User Manager
-     for Domains"
-
-Now join winbindd on the Samba PDC to the SAMBA domain using
-the normal steps for adding a Samba server to an NT4 domain:
-(note that smbd & nmbd must be running at this point)
-
-   root# net rpc join -U root
-   Password: <enter root password from smbpasswd file here>
-
-Start winbindd and test the join with 'wbinfo -t'.
-
-Now test the trust relationship by connecting to the SAMBA DC
-(e.g. POGO) as a user from the WINDOWS domain:
-
-   $ smbclient //pogo/netlogon -U Administrator -W WINDOWS
-   Password:
-
-Now connect to the WINDOWS DC (e.g. CRYSTAL) as a Samba user:
-
-   $ smbclient //crystal/netlogon -U root -W WINDOWS
-   Password:
-
-
-######################################################################
-Known Issues
-############
-
-* The smbldap perl scripts for managing user entries in an LDAP
-  directory have not be updated to function with the Samba 3.0
-  schema changes.  This (or an equivalent solution) work is planned
-  to be completed prior to the stable 3.0.0 release.
-
-Please refer to https://bugzilla.samba.org/ for a current list of bugs
-filed against the Samba 3.0 codebase.
-
-
-######################################################################
-Reporting bugs & Development Discussion
-#######################################
-
-Please discuss this release on the samba-technical mailing list or by
-joining the #samba-technical IRC channel on irc.freenode.net.
-
-If you do report problems then please try to send high quality
-feedback. If you don't provide vital information to help us track down
-the problem then you will probably be ignored.  
-
-A new bugzilla installation has been established to help support the 
-Samba 3.0 community of users.  This server, located at 
-https://bugzilla.samba.org/, will replace the existing jitterbug server 
-and the old http://bugs.samba.org now points to the new bugzilla server.
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-3.0.0beta3.html b/whatsnew/samba-3.0.0beta3.html
deleted file mode 100755
index 01df39c..0000000
--- a/whatsnew/samba-3.0.0beta3.html
+++ /dev/null
@@ -1,839 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team announces Samba 3.0.0 beta3</H2>
-
-<p>
-<pre>
-The Samba Team is proud to announce the availability of the
-third beta release of the Samba 3.0.0 code base.  While
-we are significantly closer to the final release, you should
-be reminded that this is a non-production release provided for
-testing only.
-
-There have been significant additions to winbindd's
-functionality in this release as well as changes to
-Samba's SID<->UNIX id mapping features.  Please refer
-to the Release Notes for details.
-
-The source code can be downloaded from :
-
-    <a href="http://download.samba.org/samba/ftp/beta/">http://download.samba.org/samba/ftp/beta/</a>
-
-The uncompressed tarball and patch file have been signed
-using GnuPG.  The Samba public key is available at
-
-    <a href="http://download.samba.org/samba/ftp/samba-pubkey.asc">http://download.samba.org/samba/ftp/samba-pubkey.asc</a>
-
-Binary packages for RedHat, also signed by the Samba GnuPG key,
-have been released and can be found at
-
-    <a href="http://download.samba.org/samba/ftp/Binary_Packages/">http://download.samba.org/samba/ftp/Binary_Packages/</a>
-
-Others will be available as they are submitted by volunteers.
-
-A simplified version of the CVS log of updates since 3.0.0beta2
-can be found in the the download directory under the name
-ChangeLog-3.0.0beta2-3.0.0beta3.
-
-We are also taking this opportunity to beta test our new
-Bugzilla server.  The intent is to replace the old jitterbug
-installation (bugs.samba.org).  The new bug tracking system is
-located at
-
-    <a href="https://bugzilla.samba.org/">https://bugzilla.samba.org/</a>
-
-Please search for existing bugs before filing new reports.
-As always, all bugs are our responsibility.
-
-                                  --Enjoy
-                                  The Samba Team
-
-#######################################################################
-
-                  WHATS NEW IN Samba 3.0.0 beta3
-                           July 16 2003
-                  ==============================
-
-This is the third beta release of Samba 3.0.0. This is a 
-non-production release intended for testing purposes.  Use 
-at your own risk. 
-
-The purpose of this beta release is to get wider testing of the major
-new pieces of code in the current Samba 3.0 development tree. We have
-officially ceased development on the 2.2.x release of Samba and are
-concentrating on Samba 3.0. To reduce the time before the final 
-Samba 3.0 release we need as many people as possible to start testing 
-these beta releases, and to provide high quality feedback on what 
-needs fixing.
-
-Samba 3.0 is feature complete. However there is still some final 
-work to be done on certain pieces of functionality.  Please refer to 
-the section on "Known Issues" for more details.
-
-
-Major new features:
--------------------
-
-1)  Active Directory support.  Samba 3.0 is now able to  
-    to join a ADS realm as a member server and authenticate 
-    users using LDAP/Kerberos.
-
-2)  Unicode support. Samba will now negotiate UNICODE on the wire and
-    internally there is now a much better infrastructure for multi-byte
-    and UNICODE character sets.
-
-3)  New authentication system. The internal authentication system has
-    been almost completely rewritten. Most of the changes are internal,
-    but the new auth system is also very configurable.
-
-4)  New filename mangling system. The filename mangling system has been
-    completely rewritten. An internal database now stores mangling maps
-    persistently. This needs lots of testing.
-
-5)  A new "net" command has been added. It is somewhat similar to 
-    the "net" command in windows. Eventually we plan to replace 
-    numerous other utilities (such as smbpasswd) with subcommands 
-    in "net".
-
-6)  Samba now negotiates NT-style status32 codes on the wire. This
-    improves error handling a lot.
-
-7)  Better Windows 2000/XP/2003 printing support including publishing 
-    printer attributes in active directory.
-
-8)  New loadable RPC modules.
-
-9)  New dual-daemon winbindd support for better performance.
-
-10) Support for migrating from a Windows NT 4.0 domain to a Samba 
-    domain and maintaining user, group and domain SIDs.
-
-11) Support for establishing trust relationships with Windows NT 4.0
-    domain controllers.
-  
-12) Initial support for a distributed Winbind architecture using
-    an LDAP directory for storing SID to uid/gid mappings.
-  
-13) Major updates to the Samba documentation tree.
-
-Plus lots of other improvements!
-
-
-Additional Documentation
-------------------------
-
-Please refer to Samba documentation tree (including in the docs/ 
-subdirectory) for extensive explanations of installing, configuring
-and maintaining Samba 3.0 servers and clients.  It is advised to 
-begin with the Samba-HOWTO-Collection for overviews and specific 
-tasks (the current book is up to approximately 400 pages) and to 
-refer to the various man pages for information on individual options.
-
-######################################################################
-Changes since 3.0beta2
-######################
-
-Please refer to the CVS log for the SAMBA_3_0 branch for complete 
-details
-
-1)  Added fix for Japanese case names in statcache code; 
-    these can change size on upper casing.
-2)  Correct issues with iconv detection in configure script
-    (support needed to find iconv libraries on FreeBSD).
-3)  Fix bug that caused a WINS server to be marked as dead
-    incorrectly (bug #190).
-4)  Removing additional deadlocks conditions that prevented 
-    winbindd from running on a Samba PDC (used for trust 
-    relationships).
-5)  Add support for searching for Active Directory for 
-    published printers (net ads printer search).
-6)  Separate UNIX username from DOMAIN\username in pipe 
-    credentials.
-7)  Auth modules now support returning NT_STATUS_NOT_IMPLEMENTED
-    for cases that they cannot handle.
-8)  Flush winbindd connection cache when the machine trust account
-    password is changed while a connection is open (bug #200).
-9)  Add support for 'OSVersion' server printer data string
-    (corrects problem with uploading printer drivers from 
-    WinXP clients).
-10) Numerous memory leak fixes.
-11) LDAP fixes ("passdb backend = ldapsam" & "idmap backend = ldap"):
-    - Store domain SID in LDAP directory.
-    - store idmap information in existing entries (use sambaSID=... 
-      if adding a new entry).
-12) Fix incorrect usage of primary group SID when looking up user 
-    groups (bug #109).
-13) Remove idmap_XX_to_XX calls from smbd.  Move back to the the
-    winbind_XXX and local_XXX calls used in 2.2.
-14) All uid/gid allocation must involve winbindd now
-    (we no attempt to map unknown SIDs to a UNIX identify).
-15) Add 'winbind trusted domains only' parameter to force a domain
-    member.  The server to use matching users names from /etc/passwd 
-    for its domain   (needed for domain member of a Samba domain).
-16) Rename 'idmap only' to 'enable rid algorithm' for better clarity 
-    (defaults to "yes").
-17) Add support for multi-byte statcache code (bug #185)
-18) Fix open mode race condition.
-19) Implement winbindd local account management functions.  Refer to
-    the "Winbind Changes" section for details.
-20) Move RID allocation functions into idmap backend.
-21) Fix parsing error that prevented publishing printers from a 
-    Samba server in an AD domain.
-22) Revive NTLMSSP support for named pipes.
-23) More SCHANNEL fixes.
-24) Correct SMB signing with NTLMSSP.
-25) Fix coherency bug in print handle/printer object caching code
-    that could cause XP clients to infinitely loop while updating 
-    their local printer cache.
-26) Make winbindd use its dual-daemon mode by default (use -Y to 
-    start as a single process).
-27) Add support to nmbd and winbindd for 'smbcontrol <pid> 
-    reload-config'.
-28) Correct problem with smbtar when dealing with files > 8Gb 
-    (bug #102).
-
-
-
-Changes since 3.0beta1
-######################
-
-1)  Rework our smb signing code again, this factors out some of 
-    the common MAC calculation code, and now supports multiple 
-    outstanding packets (bug #40).
-2)  Enforce 'client plaintext auth', 'client lanman auth' and 'client
-    ntlmv2 auth'.
-3)  Correct timestamp problem on 64-bit machines (bug #140).
-4)  Add extra debugging statements to winbindd for tracking down
-    failures.
-5)  Fix bug when aliased 'winbind uid/gid' parameters are used.
-    ('winbind uid/gid' are now replaced with 'idmap uid/gid').
-6)  Added an auth flag that indicates if we should be allowed 
-    to fall back to NTLMSSP for SASL if krb5 fails.
-7)  Fixed the bug that forced us not to use the winbindd cache when 
-    we have a primary ADS domain and a secondary (trusted) NT4 
-    domain. 
-8)  Use lp_realm() to find the default realm for 'net ads password'.
-9)  Removed editreg from standard build until it is portable..
-10) Fix domain membership for servers not running winbindd.
-11) Correct race condition in determining the high water mark
-    in the idmap backend (bug #181).
-12) Set the user's primary unix group from usrmgr.exe (partial 
-    fix for bug #45).
-13) Show comments when doing 'net group -l' (bug #3).
-14) Add trivial extension to 'net' to dump current local idmap
-    and restore mappings as well.
-15) Modify 'net rpc vampire' to add new and existing users to
-    both the idmap and the SAM.  This code needs further testing.
-16) Fix crash bug in ADS searches.
-17) Build libnss_wins.so as part of nsswitch target (bug #160).
-18) Make net rpc vampire return an error if the sam sync RPC 
-    returns an error.
-19) Fail to join an NT 4 domain as a BDC if a workstation account
-    using our name exists.
-20) Fix various memory leaks in server and client code
-21) Remove the short option to --set-auth-user for wbinfo (-A) to 
-    prevent confusion with the -a option (bug #158).
-22) Added new 'map acl inherit' parameter.
-23) Removed unused 'privileges' code from group mapping database.
-24) Don't segfault on empty passdb backend list (bug #136).
-25) Fixed acl sorting algorithm for Windows 2000 clients.
-26) Replace universal group cache with netsamlogon_cache 
-    from APPLIANCE_HEAD branch.
-27) Fix autoconf detection issues surrounding --with-ads=yes
-    but no Krb5 header files installed (bug #152).
-28) Add LDAP lookup for domain sequence number in case we are 
-    joined using NT4 protocols to a native mode AD domain.
-29) Fix backend method selection for trusted NT 4 (or 2k 
-    mixed mode) domains. 
-30) Fixed bug that caused us to enumerate domain local groups
-    from native mode AD domains other than our own.
-31) Correct group enumeration for viewing in the Windows 
-    security tab (bug #110).
-32) Consolidate the DC location code.
-33) Moved 'ads server' functionality into 'password server' for
-    backwards compatibility.
-34) Fix winbindd_idmap tdb upgrades from a 2.2 installation.
-    ( if you installed beta1, be sure to 
-      'mv idmap.tdb winbindd_idmap.tdb' ).
-35) Fix pdb_ldap segfaults, and wrong default values for 
-    ldapsam_compat.
-36) Enable negative connection cache for winbindd's ADS backend 
-    functions.
-37) Enable address caching for active directory DC's so we don't 
-    have to hit DNS so much.
-38) Fix bug in idmap code that caused mapping to randomly be 
-    redefined.
-39) Add tdb locking code to prevent race condition when adding a 
-    new mapping to idmap.
-40) Fix 'map to guest = bad user' when acting as a PDC supporting 
-    trust relationships.
-41) Prevent deadlock issues when running winbindd on a Samba PDC 
-    to handle allocating uids & gids for trusted users and groups
-42) added LOCALE patch from Steve Langasek (bug #122).
-43) Add the 'guest' passdb backend automatically to the end of 
-    the 'passdb backend' list if 'guest account' has a valid 
-    username.
-44) Remove samstrict_dc auth method.  Rework 'samstrict' to only 
-    handle our local names (or domain name if we are a PDC).  
-    Move existing permissive 'sam' method to 'sam_ignoredomain' 
-    and make 'samstrict' the new default 'sam' auth method.
-45) Match Windows NT4/2k behavior when authenticating a user with
-    and unknown domain (default to our domain if we are a DC or 
-    domain member; default to our local name if we are a 
-    standalone server).
-46) Fix Get_Pwnam() to always fall back to lookup 'user' if the 
-    'DOMAIN\user' lookup fails.  This matches 2.2. behavior.
-47) Fix the trustdom_cache code to update the list of trusted 
-    domains when operating as a domain member and not using 
-    winbindd.
-48) Remove 'nisplussam' passdb backend since it has suffered for 
-    too long without a maintainer.
-    
-
-
-
-######################################################################
-Upgrading from a previous Samba 3.0 beta
-########################################
-
-Beginning with Samba 3.0.0beta3, the RID allocation functions
-have been moved into winbindd.  Previously these were handled
-by each passdb backend.  This means that winbindd must be running
-to automatically allocate RIDs for users and/or groups.  Otherwise,
-smbd will use the 2.2 algorithm for generating new RIDs.
-
-If you are using 'passdb backend = tdbsam' with a previous Samba 
-3.0 beta release (or possibly alpha), it may be necessary to 
-move the RID_COUNTER entry from /usr/local/samba/private/passdb.tdb
-to winbindd_idmap.tdb.  To do this:
-
-1)  Ensure that winbindd_idmap.tdb exists (launch winbindd at least 
-    once)
-2)  build tdbtool by executing 'make tdbtool' in the source/tdb/ 
-    directory
-3)  run:
-
-       root# ./tdbtool /usr/local/samba/private/passdb.tdb
-       tdb > show RID_COUNTER
-       key 12 bytes
-       RID_COUNTER
-       data 4 bytes
-       [000] 0A 52 00 00                                       .R.
-
-       tdb > move RID_COUNTER /usr/local/samba/var/locks/winbindd_idmap.tdb
-       ....
-       record moved
-
-If the RID_COUNTER record does not exist, then these instructions are
-unneccessary and the new RID_COUNTER record will be correctly generated
-if needed.  
-
-If you are using 'passdb backend = ldapsam', it will be necessary to 
-store idmap entries in the LDAP directory as well (i.e. idmap backend 
-= ldap).  Refer to the 'net idmap' command for more information on 
-migrating SID<->UNIX id mappings from one backend to another.
-
-
-
-########################
-Upgrading from Samba 2.2
-########################
-
-This section is provided to help administrators understand the details
-involved with upgrading a Samba 2.2 server to Samba 3.0.
-
-
-Building
---------
-
-Many of the options to the GNU autoconf script have been modified 
-in the 3.0 release.  The most noticeable are:
-
-  * removal of --with-tdbsam (is now included by default; see section
-    on passdb backends and authentication for more details)
-    
-  * --with-ldapsam is now on used to provided backward compatible
-    parameters for LDAP enabled Samba 2.2 servers.  Refer to the passdb 
-    backend and authentication section for more details
-  
-  * inclusion of non-standard passdb modules may be enabled using
-    --with-expsam.  This includes an XML backend and a mysql backend.
-      
-  * removal of --with-msdfs (is now enabled by default)
-  
-  * removal of --with-ssl (no longer supported)
-  
-  * --with-utmp now defaults to 'yes' on supported systems
-  
-  * --with-sendfile-support is now enabled by default on supported 
-    systems
-  
-    
-Parameters
-----------
-
-This section contains a brief listing of changes to smb.conf options
-in the 3.0.0 release.  Please refer to the smb.conf(5) man page for
-complete descriptions of new or modified parameters.
-
-Removed Parameters (order alphabetically):
-
-  * admin log
-  * alternate permissions
-  * character set
-  * client codepage
-  * code page directory
-  * coding system
-  * domain admin group
-  * domain guest group
-  * force unknown acl user
-  * nt smb support
-  * post script
-  * printer driver
-  * printer driver file
-  * printer driver location
-  * status
-  * total print jobs
-  * use rhosts
-  * valid chars
-  * vfs options
-
-New Parameters (new parameters have been grouped by function):
-
-  Remote management
-  -----------------
-  * abort shutdown script
-  * shutdown script
-
-  User and Group Account Management
-  ---------------------------------
-  * add group script
-  * add machine script
-  * add user to group script
-  * algorithmic rid base
-  * delete group script
-  * delete user from group script
-  * passdb backend
-  * set primary group script
-
-  Authentication
-  --------------
-  * auth methods
-  * realm
-
-  Protocol Options
-  ----------------
-  * client lanman auth
-  * client NTLMv2 auth
-  * client schannel
-  * client signing
-  * client use spnego
-  * disable netbios
-  * ntlm auth
-  * paranoid server security
-  * server schannel
-  * smb ports
-  * use spnego
-
-  File Service
-  ------------
-  * get quota command
-  * hide special files
-  * hide unwriteable files
-  * hostname lookups
-  * kernel change notify
-  * mangle prefix
-  * map acl inherit
-  * msdfs proxy
-  * set quota command
-  * use sendfile
-  * vfs objects
-  
-  Printing
-  --------
-  * max reported print jobs
-
-  UNICODE and Character Sets
-  --------------------------
-  * display charset
-  * dos charset
-  * unicode
-  * unix charset
-  
-  SID to uid/gid Mappings
-  -----------------------
-  * idmap backend
-  * idmap gid
-  * idmap uid
-  * winbind enable local accounts
-  * winbind trusted domains only
-  * template primary group
-  * enable rid algorithm
-
-  LDAP
-  ----
-  * ldap delete dn
-  * ldap group suffix
-  * ldap idmap suffix
-  * ldap machine suffix
-  * ldap passwd sync
-  * ldap trust ids
-  * ldap user suffix
-  
-  General Configuration
-  ---------------------
-  * preload modules
-  * privatedir
-
-Modified Parameters (changes in behavior):
-
-  * encrypt passwords (enabled by default)
-  * mangling method (set to 'hash2' by default)
-  * passwd chat
-  * passwd program
-  * restrict anonymous (integer value)
-  * security (new 'ads' value)
-  * strict locking (enabled by default)
-  * winbind cache time (increased to 5 minutes)
-  * winbind uid (deprecated in favor of 'idmap uid')
-  * winbind gid (deprecated in favor of 'idmap gid')
-
-
-Databases
----------
-
-This section contains brief descriptions of any new databases 
-introduced in Samba 3.0.  Please remember to backup your existing 
-${lock directory}/*tdb before upgrading to Samba 3.0.  Samba will 
-upgrade databases as they are opened (if necessary), but downgrading
-from 3.0 to 2.2 is an unsupported path.
-
-Name			Description				Backup?
-----			-----------				-------
-account_policy		User policy settings			yes
-gencache		Generic caching db			no
-group_mapping		Mapping table from Windows		yes
-			groups/SID to unix groups	
-winbindd_idmap		ID map table from SIDS to UNIX		yes
-			uids/gids.
-namecache		Name resolution cache entries		no
-netsamlogon_cache	Cache of NET_USER_INFO_3 structure	no
-			returned as part of a successful
-			net_sam_logon request 
-printing/*.tdb		Cached output from 'lpq 		no
-			command' created on a per print 
-			service basis
-registry		Read-only samba registry skeleton	no
-			that provides support for exporting
-			various db tables via the winreg RPCs
-
-
-Changes in Behavior
--------------------
-
-The following issues are known changes in behavior between Samba 2.2 and 
-Samba 3.0 that may affect certain installations of Samba.
-
-  1)  When operating as a member of a Windows domain, Samba 2.2 would 
-      map any users authenticated by the remote DC to the 'guest account'
-      if a uid could not be obtained via the getpwnam() call.  Samba 3.0
-      rejects the connection as NT_STATUS_LOGON_FAILURE.  There is no 
-      current work around to re-establish the 2.2 behavior.
-      
-  2)  When adding machines to a Samba 2.2 controlled domain, the 
-      'add user script' was used to create the UNIX identity of the 
-      machine trust account.  Samba 3.0 introduces a new 'add machine 
-      script' that must be specified for this purpose.  Samba 3.0 will
-      not fall back to using the 'add user script' in the absence of 
-      an 'add machine script'
-  
-
-######################################################################
-Passdb Backends and Authentication
-##################################
-
-There have been a few new changes that Samba administrators should be
-aware of when moving to Samba 3.0.
-
-  1) encrypted passwords have been enabled by default in order to 
-     inter-operate better with out-of-the-box Windows client 
-     installations.  This does mean that either (a) a samba account
-     must be created for each user, or (b) 'encrypt passwords = no'
-     must be explicitly defined in smb.conf.
-
-  2) Inclusion of new 'security = ads' option for integration 
-     with an Active Directory domain using the native Windows
-     Kerberos 5 and LDAP protocols.
-
-Samba 3.0 also includes the possibility of setting up chains
-of authentication methods (auth methods) and account storage 
-backends (passdb backend).  Please refer to the smb.conf(5) 
-man page for details.  While both parameters assume sane default 
-values, it is likely that you will need to understand what the 
-values actually mean in order to ensure Samba operates correctly.
-
-The recommended passdb backends at this time are
-
-  * smbpasswd - 2.2 compatible flat file format
-  * tdbsam - attribute rich database intended as an smbpasswd
-    replacement for stand alone servers
-  * ldapsam - attribute rich account storage and retrieval 
-    backend utilizing an LDAP directory.  
-  * ldapsam_compat - a 2.2 backward compatible LDAP account 
-    backend
-    
-Certain functions of the smbpasswd(8) tool have been split between the 
-new smbpasswd(8) utility, the net(8) tool, and the new pdbedit(8) 
-utility.  See the respective man pages for details.
-    
-     
-######################################################################
-LDAP
-####
-
-This section outlines the new features affecting Samba / LDAP 
-integration.
-
-New Schema
-----------
-  
-A new object class (sambaSamAccount) has been introduced to replace 
-the old sambaAccount.  This change aids us in the renaming of attributes 
-to prevent clashes with attributes from other vendors.  There is a 
-conversion script (examples/LDAP/convertSambaAccount) to modify and LDIF 
-file to the new schema.
-  
-Example:
-  
-	$ ldapsearch .... -b "ou=people,dc=..." > old.ldif
-	$ convertSambaAccount <DOM SID> old.ldif new.ldif
-	
-The <DOM SID> can be obtained by running 'net getlocalsid <DOMAINNAME>' 
-on the Samba PDC as root.
-    
-The old sambaAccount schema may still be used by specifying the 
-"ldapsam_compat" passdb backend.  However, the sambaAccount and
-associated attributes have been moved to the historical section of
-the schema file and must be uncommented before use if needed.
-The 2.2 object class declaration for a sambaAccount has not changed
-in the 3.0 samba.schema file. 
-  
-Other new object classes and their uses include:
-  
-  * sambaDomain - domain information used to allocate rids 
-    for users and groups as necessary.  The attributes are added
-    in 'ldap suffix' directory entry automatically if 
-    an idmap uid/gid range has been set and the 'ldapsam'
-    passdb backend has been selected.
-      
-  * sambaGroupMapping - an object representing the 
-    relationship between a posixGroup and a Windows
-    group/SID.  These entries are stored in the 'ldap 
-    group suffix' and managed by the 'net groupmap' command.
-    
-  * sambaUnixIdPool - created in the 'ldap idmap suffix' entry 
-    automatically and contains the next available 'idmap uid' and 
-    'idmap gid'
-    
-  * sambaIdmapEntry - object storing a mapping between a 
-    SID and a UNIX uid/gid.  These objects are created by the 
-    idmap_ldap module as needed.
-
-  * sambaSidEntry - object representing a SID alone, as a Structural
-    class on which to build the sambaIdmapEntry.
-
-    
-New Suffix for Searching
-------------------------
-  
-The following new smb.conf parameters have been added to aid in directing
-certain LDAP queries when 'passdb backend = ldapsam://...' has been
-specified.
-
-  * ldap suffix         - used to search for user and computer accounts
-  * ldap user suffix    - used to store user accounts
-  * ldap machine suffix - used to store machine trust accounts
-  * ldap group suffix   - location of posixGroup/sambaGroupMapping entries
-  * ldap idmap suffix   - location of sambaIdmapEntry objects
-
-If an 'ldap suffix' is defined, it will be appended to all of the 
-remaining sub-suffix parameters.  In this case, the order of the suffix
-listings in smb.conf is important.  Always place the 'ldap suffix' first
-in the list.  
-
-Due to a limitation in Samba's smb.conf parsing, you should not surround 
-the DN's with quotation marks.
-
-
-IdMap LDAP support
-------------------
-
-Samba 3.0 supports an ldap backend for the idmap subsystem.  The 
-following options would inform Samba that the idmap table should be
-stored on the directory server onterose in the "ou=idmap,dc=plainjoe,
-dc=org" partition.
-
- [global]
-    ...
-    idmap backend     = ldap:ldap://onterose/
-    ldap idmap suffix = ou=idmap,dc=plainjoe,dc=org
-    idmap uid         = 40000-50000
-    idmap gid         = 40000-50000
-
-This configuration allows winbind installations on multiple servers to
-share a uid/gid number space, thus avoiding the interoperability problems
-with NFS that were present in Samba 2.2.
-    
-
-
-######################################################################
-Trust Relationships and a Samba Domain
-######################################
-
-Samba 3.0.0beta2 is able to utilize winbindd as the means of 
-allocating uids and gids to trusted users and groups.  More
-information regarding Samba's support for establishing trust 
-relationships can be found in the Samba-HOWTO-Collection included
-in the docs/ directory of this release.
-
-First create your Samba PDC and ensure that everything is 
-working correctly before moving on the trusts.
-
-To establish Samba as the trusting domain (named SAMBA) from a Windows NT
-4.0 domain named WINDOWS:
-
-  1) create the trust account for SAMBA in "User Manager for Domains"
-  2) connect the trust from the Samba domain using
-     'net rpc trustdom establish GLASS'
-
-To create a trustlationship with SAMBA as the trusted domain:
-
-  1) create the initial trust account for GLASS using
-     'smbpasswd -a -i GLASS'.  You may need to create a UNIX
-     account for GLASS$ prior to this step (depending on your
-     local configuration).
-  2) connect the trust from a WINDOWS DC using "User Manager
-     for Domains"
-
-Now join winbindd on the Samba PDC to the SAMBA domain using
-the normal steps for adding a Samba server to an NT4 domain:
-(note that smbd & nmbd must be running at this point)
-
-   root# net rpc join -U root
-   Password: <enter root password from smbpasswd file here>
-
-Start winbindd and test the join with 'wbinfo -t'.
-
-Now test the trust relationship by connecting to the SAMBA DC
-(e.g. POGO) as a user from the WINDOWS domain:
-
-   $ smbclient //pogo/netlogon -U Administrator -W WINDOWS
-   Password:
-
-Now connect to the WINDOWS DC (e.g. CRYSTAL) as a Samba user:
-
-   $ smbclient //crystal/netlogon -U root -W WINDOWS
-   Password:
-
-######################################################################
-Changes in Winbind
-##################
-
-Beginning with Samba3.0.0beta3, winbindd has been given new account
-manage functionality equivalent to the 'add user script' family of
-smb.conf parameters.  The idmap design has also been changed to 
-centralize control of foreign SID lookups and matching to UNIX 
-uids and gids.
-
-
-Brief Description of Changes
-----------------------------
-
-1) The sid_to_uid() family of functions (smbd/uid.c) have been 
-   reverted to the 2.2.x design.  This means that when resolving a 
-   SID to a UID or similar mapping:
-
-        a) First consult winbindd
-        b) perform a local lookup only if winbindd fails to
-           return a successful answer
-
-   There are some variations to this, but these two rules generally
-   apply.
-
-2) All idmap lookups have been moved into winbindd.  This means that
-   a server must run winbindd (and support NSS) in order to achieve
-   any mappings of SID to dynamically allocated UNIX ids.  This was
-   a conscious design choice.
-
-3) New functions have been added to winbindd to emulate the 'add user 
-   script' family of smbd functions without requiring that external
-   scripts be defined.  This functionality is controlled by the 'winbind 
-   enable local accounts' smb.conf parameter (enabled by default).
-
-   However, this account management functionality is only supported 
-   in a local tdb (winbindd_idmap.tdb).  If these new UNIX accounts 
-   must be shared among multiple Samba servers (such as a PDC and BDCs), 
-   it will be necessary to define your own 'add user script', et. al.
-   programs that place the accounts/groups in some form of directory
-   such as NIS or LDAP.  This requirement was deemed beyond the scope
-   of winbind's account management functions.  Solutions for 
-   distributing UNIX system information have been deployed and tested 
-   for many years.  We saw no need to reinvent the wheel.
-
-4) A member of a Samba controlled domain running winbindd is now able
-   to map domain users directly onto existing UNIX accounts while still
-   automatically creating accounts for trusted users and groups.  This
-   behavior is controlled by the 'winbind trusted domains only' smb.conf
-   parameter (disabled by default to provide 2.2.x winbind behavior).
-
-5) Group mapping support is wrapped in the local_XX_to_XX() functions
-   in smbd/uid.c.  The reason that group mappings are not included
-   in winbindd is because the purpose of Samba's group map is to
-   match any Windows SID with an existing UNIX group.  These UNIX
-   groups can be created by winbindd (see next section), but the
-   SID<->gid mapping is retreived by smbd, not winbindd.
-
-
-Examples
---------
-
-* security = server running winbindd to allocate accounts on demand
-
-* Samba PDC running winbindd to handle the automatic creation of UNIX
-  identities for machine trust accounts
-
-* Automtically creating UNIX user and groups when migrating a Windows NT
-  4.0 PDC to a Samba PDC.  Winbindd must be running when executing
-  'net rpc vampire' for this to work.
-
-   
-######################################################################
-Known Issues
-############
-
-* The smbldap perl scripts for managing user entries in an LDAP
-  directory have not be updated to function with the Samba 3.0
-  schema changes.  This (or an equivalent solution) work is planned
-  to be completed prior to the stable 3.0.0 release.
-
-Please refer to https://bugzilla.samba.org/ for a current list of bugs 
-filed against the Samba 3.0 codebase.
-
-
-######################################################################
-Reporting bugs & Development Discussion
-#######################################
-
-Please discuss this release on the samba-technical mailing list or by
-joining the #samba-technical IRC channel on irc.freenode.net.
-
-If you do report problems then please try to send high quality
-feedback. If you don't provide vital information to help us track down
-the problem then you will probably be ignored.  
-
-A new bugzilla installation has been established to help support the 
-Samba 3.0 community of users.  This server, located at 
-https://bugzilla.samba.org/, will replace the existing jitterbug server 
-and the old http://bugs.samba.org now points to the new bugzilla server.
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-3.0.0rc1.html b/whatsnew/samba-3.0.0rc1.html
deleted file mode 100755
index 5994331..0000000
--- a/whatsnew/samba-3.0.0rc1.html
+++ /dev/null
@@ -1,936 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team announces Samba 3.0.0 RC1</H2>
-
-<p>
-<pre>
-The Samba Team is proud to announce the availability of the
-first release candidate of the Samba 3.0.0 code base.  A release
-candidate implies that the code is very close to a final release,
-but remember that this is still a non-production snapshot intended
-for testing purposes. Use at your own risk.
-
-The source code can be downloaded from :
-
-    <a href="http://download.samba.org/samba/ftp/rc/">http://download.samba.org/samba/ftp/rc/</a>
-
-The uncompressed tarball and patch file have been signed
-using GnuPG.  The Samba public key is available at
-
-    <a href="http://download.samba.org/samba/ftp/samba-pubkey.asc">http://download.samba.org/samba/ftp/samba-pubkey.asc</a>
-
-Binary packages will be available soon at
-
-    <a href="http://download.samba.org/samba/ftp/Binary_Packages/">http://download.samba.org/samba/ftp/Binary_Packages/</a>
-
-A simplified version of the CVS log of updates since 3.0beta3
-can be found in the the download directory under the name
-ChangeLog-3.0.0beta3-3.0.0rc1.
-
-Please file any bugs you find in this release at
-
-    <a href="https://bugzilla.samba.org/">https://bugzilla.samba.org/</a>
-
-As always, all bugs are our responsibility.
-
-                                  --Enjoy
-                                  The Samba Team
-
-#######################################################################
-
-                   WHATS NEW IN Samba 3.0.0 RC1
-                          August 15 2003
-                  ==============================
-
-This is the first release candidate snapshot of Samba 3.0.0. A release 
-candidate implies that the code is very close to a final release, but remember 
-that this is still a non-production release intended for testing purposes.  
-Use at your own risk. 
-
-The purpose of this release candidate is to get wider testing of the major
-new pieces of code in the current Samba 3.0 development tree. 
-Please refer to the section on "Known Issues" for more details.
-
-
-Major new features:
--------------------
-
-1)  Active Directory support.  Samba 3.0 is now able to  
-    join a ADS realm as a member server and authenticate 
-    users using LDAP/Kerberos.
-
-2)  Unicode support. Samba will now negotiate UNICODE on the wire and
-    internally there is now a much better infrastructure for multi-byte
-    and UNICODE character sets.
-
-3)  New authentication system. The internal authentication system has
-    been almost completely rewritten. Most of the changes are internal,
-    but the new auth system is also very configurable.
-
-4)  New default filename mangling system.
-
-5)  A new "net" command has been added. It is somewhat similar to 
-    the "net" command in windows. Eventually we plan to replace 
-    numerous other utilities (such as smbpasswd) with subcommands 
-    in "net".
-
-6)  Samba now negotiates NT-style status32 codes on the wire. This
-    improves error handling a lot.
-
-7)  Better Windows 2000/XP/2003 printing support including publishing 
-    printer attributes in active directory.
-
-8)  New loadable RPC modules.
-
-9)  New default dual-daemon winbindd support for better performance.
-
-10) Support for migrating from a Windows NT 4.0 domain to a Samba 
-    domain and maintaining user, group and domain SIDs.
-
-11) Support for establishing trust relationships with Windows NT 4.0
-    domain controllers.
-  
-12) Initial support for a distributed Winbind architecture using
-    an LDAP directory for storing SID to uid/gid mappings.
-  
-13) Major updates to the Samba documentation tree.
-
-14) Full support for client and server SMB signing to ensure
-    compatibility with default Windows 2003 security settings.
-
-Plus lots of other improvements!
-
-
-Additional Documentation
-------------------------
-
-Please refer to Samba documentation tree (included in the docs/ 
-subdirectory) for extensive explanations of installing, configuring
-and maintaining Samba 3.0 servers and clients.  It is advised to 
-begin with the Samba-HOWTO-Collection for overviews and specific 
-tasks (the current book is up to approximately 400 pages) and to 
-refer to the various man pages for information on individual options.
-
-
-######################################################################
-Changes since 3.0beta3
-######################
-
-Please refer to the CVS log for the SAMBA_3_0 branch for complete 
-details
-
-1)  Various memory leak fixes.
-2)  Provide full support for SMB signing (server and client)
-3)  Check for broken getgrouplist() in glibc.
-4)  Don't get stuck in an infinite loop listing directories 
-    recursively if the server returns an empty directory name
-    (bug 222).
-5)  Idle LDAP connections after 150 seconds.
-6)  Patched make uninstallmodules (bug 236).
-7)  Fix bug that caused smbd to return incomplete directory listings
-    when UNIX files contained MS wildcard characters.
-8)  Quiet default debug messages in command line tools.
-9)  Fixes to avoid panics on invalid multi-byte strings.
-10) Fix error messages when creating a new smbpasswd file (bug 198).
-11) Implemented better detection routines in autoconf scripts for 
-    locating ads support on the host OS.
-12) Fix bug that caused libraries in /usr/local/lib to be ignored 
-    (bug 174).
-13) Ensure winbindd_ads uses the correct realm or domain name when 
-    connecting to trusted DC.
-14) Ensure a correct prototype is created for snprintf() (bug 187)
-15) Stop files being created on read-only shares in some circumstances.
-16) Fix wbinfo -p (bug 251)
-17) Support schannel on any tcp/ip connection if necessary
-18) Correct bug in user_in_list() so that it works with winbind groups 
-    again.
-19) Ensure the schannel bind credentials default to the domain 
-    of the destination host.
-20) Default password expiration time in account_pol.tdb to never 
-    expire.  Remove any existing account_pol.tdb file to reset
-    the new default policy (bug 184). 
-21) Add buttons to SWAT to change the view of smb.conf (bug 212)
-22) Fix incorrect checks that determine whether or not the 'add user 
-    script' has been set.
-23) More cleanup for internal character set conversions.
-24) Fixes for multi-byte strings in stat cache code.
-25) Ensure that the net command honors the 'workgroup' parameter 
-    in smb.conf when not overridden from the command line.
-26) Add gss-spnego support to the ntlm_auth tool.
-27) Add vfs_default_quota VFS module.
-28) Added server support for NT quota interfaces.
-29) Prevent Krb5 replay attacks by adding a replay_cache.
-30) Fix problems with winbindd and transitive trusts in AD domains.
-31) Added -S to client tools for setting SMB signing options on the 
-    command line.
-32) Fix bug causing the 'passwd change program' to be called as the 
-    connected user and not root.
-33) Fixed data corruption bug in byte-range locking (e.g. affected MS Excel).
-34) Support winbindd on FreeBSD is possible.
-35) Look at only the first OID in the security blob sent in the session 
-    setup request to determine the token type.
-36) Only push locks onto a blocking lock queue if the posix lock failed with 
-    EACCES or EAGAIN (this means another lock conflicts). Else return an 
-    error and don't queue the request.
-37) Fix command line argument processing for smbtar.
-38) Correct issue that caused smbd to return generic unix_user.<uid> 
-    for lookupsid().
-39) Default to algorithmic mapping when generating a rid for a group
-    mapping.
-40) Expand %g and %G in logon script, profile path, etc... during
-    a domain logon (bug 208).
-41) Make sure smbclient obeys '-s <config>'
-42) Added win2k3 shadow copy operations to VFS interface.
-43) Allow connections to samba domain member as SERVER\user (don't
-    always default to DOMAIN\user).
-44) Remove checks in winbindd that caused it to attempt to use 
-    non-transitive trust relationships.
-45) Remove delays in winbindd caused by invalid DNS lookups.
-46) Fix supplementary group memberships on systems with slightly 
-    broken NSS implementations (bug 267).
-47) Correct issue that prevented smbclient from viewing shares on 
-    a win2k server when using a non-anonymous connection (bug 284).
-48) Add --domain=DOMAIN_NAME to wbinfo for limiting operations like 
-    'wbinfo -u' to a single domain.  The '.' character represents 
-    our domain.
-49) Fix group enumeration bug when using an LDAP directory for 
-    storing group mappings.
-50) Default to use NTLMv2 if available.  Fallback to not use LM/NTLM
-    when the extended security capability bit is not set.
-51) Fix crash in 'wbinfo -a' when using extended characters in the 
-    username (bug 269).
-52) Fix multi-byte strupper() panics (bug 205).
-53) Add vfs_readonly VFS module.
-54) Make sure to initialize the sambaNextUserRid and sambaNextGroupRid
-    attributes when using 'idmap backend = ldap' (bug 280).
-55) Make sure that UNIX users shared between a Samba PDC and member 
-    samba server are seen as domain users and not local users on the 
-    domain member.
-56) Fix Query FS Info level 2.
-57) Allow enumeration of users and groups by win9x "file server" (bug 
-    286).
-58) Create symlinks during install for modules that support mutliple
-    functions (bug 91).
-59) More iconv detection fixes.
-60) Fix path length error in vfs_recycle module (bug 291).
-61) Added server support for the LSA_DS UUID on the \lsarpc pipe.
-    (server DsRoleGetPrimaryDomainInfo() is currently disabled).
-62) Fix SMBseek and get/set position calls.
-62) Fix SetFileInfo level 1.
-63) Added tool to convert smbd log file to a pcap file (log2pcaphex).
-
-
-
-Changes since 3.0beta2
-######################
-
-1)  Added fix for Japanese case names in statcache code; 
-    these can change size on upper casing.
-2)  Correct issues with iconv detection in configure script
-    (support needed to find iconv libraries on FreeBSD).
-3)  Fix bug that caused a WINS server to be marked as dead
-    incorrectly (bug #190).
-4)  Removing additional deadlocks conditions that prevented 
-    winbindd from running on a Samba PDC (used for trust 
-    relationships).
-5)  Add support for searching for Active Directory for 
-    published printers (net ads printer search).
-6)  Separate UNIX username from DOMAIN\username in pipe 
-    credentials.
-7)  Auth modules now support returning NT_STATUS_NOT_IMPLEMENTED
-    for cases that they cannot handle.
-8)  Flush winbindd connection cache when the machine trust account
-    password is changed while a connection is open (bug #200).
-9)  Add support for 'OSVersion' server printer data string
-    (corrects problem with uploading printer drivers from 
-    WinXP clients).
-10) Numerous memory leak fixes.
-11) LDAP fixes ("passdb backend = ldapsam" & "idmap backend = ldap"):
-    - Store domain SID in LDAP directory.
-    - store idmap information in existing entries (use sambaSID=... 
-      if adding a new entry).
-12) Fix incorrect usage of primary group SID when looking up user 
-    groups (bug #109).
-13) Remove idmap_XX_to_XX calls from smbd.  Move back to the the
-    winbind_XXX and local_XXX calls used in 2.2.
-14) All uid/gid allocation must involve winbindd now (we do not 
-    attempt to map unknown SIDs to a UNIX identify).
-15) Add 'winbind trusted domains only' parameter to force a domain
-    member.  The server to use matching users names from /etc/passwd 
-    for its domain   (needed for domain member of a Samba domain).
-16) Rename 'idmap only' to 'enable rid algorithm' for better clarity 
-    (defaults to "yes").
-17) Add support for multi-byte statcache code (bug #185)
-18) Fix open mode race condition.
-19) Implement winbindd local account management functions.  Refer to
-    the "Winbind Changes" section for details.
-20) Move RID allocation functions into idmap backend.
-21) Fix parsing error that prevented publishing printers from a 
-    Samba server in an AD domain.
-22) Revive NTLMSSP support for named pipes.
-23) More SCHANNEL fixes.
-24) Correct SMB signing with NTLMSSP.
-25) Fix coherency bug in print handle/printer object caching code
-    that could cause XP clients to infinitely loop while updating 
-    their local printer cache.
-26) Make winbindd use its dual-daemon mode by default (use -Y to 
-    start as a single process).
-27) Add support to nmbd and winbindd for 'smbcontrol <pid> 
-    reload-config'.
-28) Correct problem with smbtar when dealing with files > 8Gb 
-    (bug #102).
-
-
-
-Changes since 3.0beta1
-######################
-
-1)  Rework our smb signing code again, this factors out some of 
-    the common MAC calculation code, and now supports multiple 
-    outstanding packets (bug #40).
-2)  Enforce 'client plaintext auth', 'client lanman auth' and 'client
-    ntlmv2 auth'.
-3)  Correct timestamp problem on 64-bit machines (bug #140).
-4)  Add extra debugging statements to winbindd for tracking down
-    failures.
-5)  Fix bug when aliased 'winbind uid/gid' parameters are used.
-    ('winbind uid/gid' are now replaced with 'idmap uid/gid').
-6)  Added an auth flag that indicates if we should be allowed 
-    to fall back to NTLMSSP for SASL if krb5 fails.
-7)  Fixed the bug that forced us not to use the winbindd cache when 
-    we have a primary ADS domain and a secondary (trusted) NT4 
-    domain. 
-8)  Use lp_realm() to find the default realm for 'net ads password'.
-9)  Removed editreg from standard build until it is portable..
-10) Fix domain membership for servers not running winbindd.
-11) Correct race condition in determining the high water mark
-    in the idmap backend (bug #181).
-12) Set the user's primary unix group from usrmgr.exe (partial 
-    fix for bug #45).
-13) Show comments when doing 'net group -l' (bug #3).
-14) Add trivial extension to 'net' to dump current local idmap
-    and restore mappings as well.
-15) Modify 'net rpc vampire' to add new and existing users to
-    both the idmap and the SAM.  This code needs further testing.
-16) Fix crash bug in ADS searches.
-17) Build libnss_wins.so as part of nsswitch target (bug #160).
-18) Make net rpc vampire return an error if the sam sync RPC 
-    returns an error.
-19) Fail to join an NT 4 domain as a BDC if a workstation account
-    using our name exists.
-20) Fix various memory leaks in server and client code
-21) Remove the short option to --set-auth-user for wbinfo (-A) to 
-    prevent confusion with the -a option (bug #158).
-22) Added new 'map acl inherit' parameter.
-23) Removed unused 'privileges' code from group mapping database.
-24) Don't segfault on empty passdb backend list (bug #136).
-25) Fixed acl sorting algorithm for Windows 2000 clients.
-26) Replace universal group cache with netsamlogon_cache 
-    from APPLIANCE_HEAD branch.
-27) Fix autoconf detection issues surrounding --with-ads=yes
-    but no Krb5 header files installed (bug #152).
-28) Add LDAP lookup for domain sequence number in case we are 
-    joined using NT4 protocols to a native mode AD domain.
-29) Fix backend method selection for trusted NT 4 (or 2k 
-    mixed mode) domains. 
-30) Fixed bug that caused us to enumerate domain local groups
-    from native mode AD domains other than our own.
-31) Correct group enumeration for viewing in the Windows 
-    security tab (bug #110).
-32) Consolidate the DC location code.
-33) Moved 'ads server' functionality into 'password server' for
-    backwards compatibility.
-34) Fix winbindd_idmap tdb upgrades from a 2.2 installation.
-    ( if you installed beta1, be sure to 
-      'mv idmap.tdb winbindd_idmap.tdb' ).
-35) Fix pdb_ldap segfaults, and wrong default values for 
-    ldapsam_compat.
-36) Enable negative connection cache for winbindd's ADS backend 
-    functions.
-37) Enable address caching for active directory DC's so we don't 
-    have to hit DNS so much.
-38) Fix bug in idmap code that caused mapping to randomly be 
-    redefined.
-39) Add tdb locking code to prevent race condition when adding a 
-    new mapping to idmap.
-40) Fix 'map to guest = bad user' when acting as a PDC supporting 
-    trust relationships.
-41) Prevent deadlock issues when running winbindd on a Samba PDC 
-    to handle allocating uids & gids for trusted users and groups
-42) added LOCALE patch from Steve Langasek (bug #122).
-43) Add the 'guest' passdb backend automatically to the end of 
-    the 'passdb backend' list if 'guest account' has a valid 
-    username.
-44) Remove samstrict_dc auth method.  Rework 'samstrict' to only 
-    handle our local names (or domain name if we are a PDC).  
-    Move existing permissive 'sam' method to 'sam_ignoredomain' 
-    and make 'samstrict' the new default 'sam' auth method.
-45) Match Windows NT4/2k behavior when authenticating a user with
-    and unknown domain (default to our domain if we are a DC or 
-    domain member; default to our local name if we are a 
-    standalone server).
-46) Fix Get_Pwnam() to always fall back to lookup 'user' if the 
-    'DOMAIN\user' lookup fails.  This matches 2.2. behavior.
-47) Fix the trustdom_cache code to update the list of trusted 
-    domains when operating as a domain member and not using 
-    winbindd.
-48) Remove 'nisplussam' passdb backend since it has suffered for 
-    too long without a maintainer.
-    
-
-
-
-######################################################################
-Upgrading from a previous Samba 3.0 beta
-########################################
-
-Beginning with Samba 3.0.0beta3, the RID allocation functions
-have been moved into winbindd.  Previously these were handled
-by each passdb backend.  This means that winbindd must be running
-to automatically allocate RIDs for users and/or groups.  Otherwise,
-smbd will use the 2.2 algorithm for generating new RIDs.
-
-If you are using 'passdb backend = tdbsam' with a previous Samba 
-3.0 beta release (or possibly alpha), it may be necessary to 
-move the RID_COUNTER entry from /usr/local/samba/private/passdb.tdb
-to winbindd_idmap.tdb.  To do this:
-
-1)  Ensure that winbindd_idmap.tdb exists (launch winbindd at least 
-    once)
-2)  build tdbtool by executing 'make tdbtool' in the source/tdb/ 
-    directory
-3)  run: (note that 'tdb>' is the tool's prompt for input)
-
-       root# ./tdbtool /usr/local/samba/private/passdb.tdb
-       tdb> show RID_COUNTER
-       key 12 bytes
-       RID_COUNTER
-       data 4 bytes
-       [000] 0A 52 00 00                                       .R.
-
-       tdb> move RID_COUNTER /usr/local/samba/var/locks/winbindd_idmap.tdb
-       ....
-       record moved
-
-If you are using 'passdb backend = ldapsam', it will be necessary to 
-store idmap entries in the LDAP directory as well (i.e. idmap backend 
-= ldap).  Refer to the 'net idmap' command for more information on 
-migrating SID<->UNIX id mappings from one backend to another.
-
-If the RID_COUNTER record does not exist, then these instructions are
-unneccessary and the new RID_COUNTER record will be correctly generated
-if needed.  
-
-
-
-########################
-Upgrading from Samba 2.2
-########################
-
-This section is provided to help administrators understand the details
-involved with upgrading a Samba 2.2 server to Samba 3.0.
-
-
-Building
---------
-
-Many of the options to the GNU autoconf script have been modified 
-in the 3.0 release.  The most noticeable are:
-
-  * removal of --with-tdbsam (is now included by default; see section
-    on passdb backends and authentication for more details)
-    
-  * --with-ldapsam is now on used to provided backward compatible
-    parameters for LDAP enabled Samba 2.2 servers.  Refer to the passdb 
-    backend and authentication section for more details
-  
-  * inclusion of non-standard passdb modules may be enabled using
-    --with-expsam.  This includes an XML backend and a mysql backend.
-      
-  * removal of --with-msdfs (is now enabled by default)
-  
-  * removal of --with-ssl (no longer supported)
-  
-  * --with-utmp now defaults to 'yes' on supported systems
-  
-  * --with-sendfile-support is now enabled by default on supported 
-    systems
-  
-    
-Parameters
-----------
-
-This section contains a brief listing of changes to smb.conf options
-in the 3.0.0 release.  Please refer to the smb.conf(5) man page for
-complete descriptions of new or modified parameters.
-
-Removed Parameters (order alphabetically):
-
-  * admin log
-  * alternate permissions
-  * character set
-  * client codepage
-  * code page directory
-  * coding system
-  * domain admin group
-  * domain guest group
-  * force unknown acl user
-  * nt smb support
-  * post script
-  * printer driver
-  * printer driver file
-  * printer driver location
-  * status
-  * total print jobs
-  * use rhosts
-  * valid chars
-  * vfs options
-
-New Parameters (new parameters have been grouped by function):
-
-  Remote management
-  -----------------
-  * abort shutdown script
-  * shutdown script
-
-  User and Group Account Management
-  ---------------------------------
-  * add group script
-  * add machine script
-  * add user to group script
-  * algorithmic rid base
-  * delete group script
-  * delete user from group script
-  * passdb backend
-  * set primary group script
-
-  Authentication
-  --------------
-  * auth methods
-  * realm
-
-  Protocol Options
-  ----------------
-  * client lanman auth
-  * client NTLMv2 auth
-  * client schannel
-  * client signing
-  * client use spnego
-  * disable netbios
-  * ntlm auth
-  * paranoid server security
-  * server schannel
-  * server signing
-  * smb ports
-  * use spnego
-
-  File Service
-  ------------
-  * get quota command
-  * hide special files
-  * hide unwriteable files
-  * hostname lookups
-  * kernel change notify
-  * mangle prefix
-  * map acl inherit
-  * msdfs proxy
-  * set quota command
-  * use sendfile
-  * vfs objects
-  
-  Printing
-  --------
-  * max reported print jobs
-
-  UNICODE and Character Sets
-  --------------------------
-  * display charset
-  * dos charset
-  * unicode
-  * unix charset
-  
-  SID to uid/gid Mappings
-  -----------------------
-  * idmap backend
-  * idmap gid
-  * idmap uid
-  * winbind enable local accounts
-  * winbind trusted domains only
-  * template primary group
-  * enable rid algorithm
-
-  LDAP
-  ----
-  * ldap delete dn
-  * ldap group suffix
-  * ldap idmap suffix
-  * ldap machine suffix
-  * ldap passwd sync
-  * ldap trust ids
-  * ldap user suffix
-  
-  General Configuration
-  ---------------------
-  * preload modules
-  * privatedir
-
-Modified Parameters (changes in behavior):
-
-  * encrypt passwords (enabled by default)
-  * mangling method (set to 'hash2' by default)
-  * passwd chat
-  * passwd program
-  * restrict anonymous (integer value)
-  * security (new 'ads' value)
-  * strict locking (enabled by default)
-  * winbind cache time (increased to 5 minutes)
-  * winbind uid (deprecated in favor of 'idmap uid')
-  * winbind gid (deprecated in favor of 'idmap gid')
-
-
-Databases
----------
-
-This section contains brief descriptions of any new databases 
-introduced in Samba 3.0.  Please remember to backup your existing 
-${lock directory}/*tdb before upgrading to Samba 3.0.  Samba will 
-upgrade databases as they are opened (if necessary), but downgrading 
-from 3.0 to 2.2 is an unsupported path.
-
-Name			Description				Backup?
-----			-----------				-------
-account_policy		User policy settings			yes
-gencache		Generic caching db			no
-group_mapping		Mapping table from Windows		yes
-			groups/SID to unix groups	
-winbindd_idmap		ID map table from SIDS to UNIX		yes
-			uids/gids.
-namecache		Name resolution cache entries		no
-netsamlogon_cache	Cache of NET_USER_INFO_3 structure	no
-			returned as part of a successful
-			net_sam_logon request 
-printing/*.tdb		Cached output from 'lpq 		no
-			command' created on a per print 
-			service basis
-registry		Read-only samba registry skeleton	no
-			that provides support for exporting
-			various db tables via the winreg RPCs
-
-
-Changes in Behavior
--------------------
-
-The following issues are known changes in behavior between Samba 2.2 and 
-Samba 3.0 that may affect certain installations of Samba.
-
-  1)  When operating as a member of a Windows domain, Samba 2.2 would 
-      map any users authenticated by the remote DC to the 'guest account'
-      if a uid could not be obtained via the getpwnam() call.  Samba 3.0
-      rejects the connection as NT_STATUS_LOGON_FAILURE.  There is no 
-      current work around to re-establish the 2.2 behavior.
-      
-  2)  When adding machines to a Samba 2.2 controlled domain, the 
-      'add user script' was used to create the UNIX identity of the 
-      machine trust account.  Samba 3.0 introduces a new 'add machine 
-      script' that must be specified for this purpose.  Samba 3.0 will
-      not fall back to using the 'add user script' in the absence of 
-      an 'add machine script'
-  
-
-######################################################################
-Passdb Backends and Authentication
-##################################
-
-There have been a few new changes that Samba administrators should be
-aware of when moving to Samba 3.0.
-
-  1) encrypted passwords have been enabled by default in order to 
-     inter-operate better with out-of-the-box Windows client 
-     installations.  This does mean that either (a) a samba account
-     must be created for each user, or (b) 'encrypt passwords = no'
-     must be explicitly defined in smb.conf.
-    
-  2) Inclusion of new 'security = ads' option for integration 
-     with an Active Directory domain using the native Windows
-     Kerberos 5 and LDAP protocols.
-
-     MIT kerberos 1.3.1 supports the ARCFOUR-HMAC-MD5 encryption 
-     type which is neccessary for servers on which the 
-     administrator password has not been changed, or kerberos-enabled 
-     SMB connections to servers that require Kerberos SMB signing.
-     Besides this one difference, either MIT or Heimdal Kerberos
-     distributions are usable by Samba 3.0.
-     
-
-Samba 3.0 also includes the possibility of setting up chains
-of authentication methods (auth methods) and account storage 
-backends (passdb backend).  Please refer to the smb.conf(5) 
-man page for details.  While both parameters assume sane default 
-values, it is likely that you will need to understand what the 
-values actually mean in order to ensure Samba operates correctly.
-
-The recommended passdb backends at this time are
-
-  * smbpasswd - 2.2 compatible flat file format
-  * tdbsam - attribute rich database intended as an smbpasswd
-    replacement for stand alone servers
-  * ldapsam - attribute rich account storage and retrieval 
-    backend utilizing an LDAP directory.  
-  * ldapsam_compat - a 2.2 backward compatible LDAP account 
-    backend
-    
-Certain functions of the smbpasswd(8) tool have been split between the 
-new smbpasswd(8) utility, the net(8) tool, and the new pdbedit(8) 
-utility.  See the respective man pages for details.
-    
-     
-######################################################################
-LDAP
-####
-
-This section outlines the new features affecting Samba / LDAP 
-integration.
-
-New Schema
-----------
-  
-A new object class (sambaSamAccount) has been introduced to replace 
-the old sambaAccount.  This change aids us in the renaming of attributes 
-to prevent clashes with attributes from other vendors.  There is a 
-conversion script (examples/LDAP/convertSambaAccount) to modify and LDIF 
-file to the new schema.
-  
-Example:
-  
-	$ ldapsearch .... -b "ou=people,dc=..." > old.ldif
-	$ convertSambaAccount <DOM SID> old.ldif new.ldif
-	
-The <DOM SID> can be obtained by running 'net getlocalsid <DOMAINNAME>' 
-on the Samba PDC as root.
-    
-The old sambaAccount schema may still be used by specifying the 
-"ldapsam_compat" passdb backend.  However, the sambaAccount and
-associated attributes have been moved to the historical section of
-the schema file and must be uncommented before use if needed.
-The 2.2 object class declaration for a sambaAccount has not changed
-in the 3.0 samba.schema file. 
-  
-Other new object classes and their uses include:
-  
-  * sambaDomain - domain information used to allocate rids 
-    for users and groups as necessary.  The attributes are added
-    in 'ldap suffix' directory entry automatically if 
-    an idmap uid/gid range has been set and the 'ldapsam'
-    passdb backend has been selected.
-      
-  * sambaGroupMapping - an object representing the 
-    relationship between a posixGroup and a Windows
-    group/SID.  These entries are stored in the 'ldap 
-    group suffix' and managed by the 'net groupmap' command.
-    
-  * sambaUnixIdPool - created in the 'ldap idmap suffix' entry 
-    automatically and contains the next available 'idmap uid' and 
-    'idmap gid'
-    
-  * sambaIdmapEntry - object storing a mapping between a 
-    SID and a UNIX uid/gid.  These objects are created by the 
-    idmap_ldap module as needed.
-
-  * sambaSidEntry - object representing a SID alone, as a Structural
-    class on which to build the sambaIdmapEntry.
-
-    
-New Suffix for Searching
-------------------------
-  
-The following new smb.conf parameters have been added to aid in directing
-certain LDAP queries when 'passdb backend = ldapsam://...' has been
-specified.
-
-  * ldap suffix         - used to search for user and computer accounts
-  * ldap user suffix    - used to store user accounts
-  * ldap machine suffix - used to store machine trust accounts
-  * ldap group suffix   - location of posixGroup/sambaGroupMapping entries
-  * ldap idmap suffix   - location of sambaIdmapEntry objects
-
-If an 'ldap suffix' is defined, it will be appended to all of the 
-remaining sub-suffix parameters.  In this case, the order of the suffix
-listings in smb.conf is important.  Always place the 'ldap suffix' first
-in the list.  
-
-Due to a limitation in Samba's smb.conf parsing, you should not surround 
-the DN's with quotation marks.
-
-
-IdMap LDAP support
-------------------
-
-Samba 3.0 supports an ldap backend for the idmap subsystem.  The 
-following options would inform Samba that the idmap table should be
-stored on the directory server onterose in the "ou=idmap,dc=plainjoe,
-dc=org" partition.
-
- [global]
-    ...
-    idmap backend     = ldap:ldap://onterose/
-    ldap idmap suffix = ou=idmap,dc=plainjoe,dc=org
-    idmap uid         = 40000-50000
-    idmap gid         = 40000-50000
-
-This configuration allows winbind installations on multiple servers to
-share a uid/gid number space, thus avoiding the interoperability problems
-with NFS that were present in Samba 2.2.
-    
-
-
-######################################################################
-Trust Relationships and a Samba Domain
-######################################
-
-Samba 3.0.0beta2 is able to utilize winbindd as the means of 
-allocating uids and gids to trusted users and groups.  More
-information regarding Samba's support for establishing trust 
-relationships can be found in the Samba-HOWTO-Collection included
-in the docs/ directory of this release.
-
-First create your Samba PDC and ensure that everything is 
-working correctly before moving on the trusts.
-
-To establish Samba as the trusting domain (named SAMBA) from a Windows NT
-4.0 domain named WINDOWS:
-
-  1) create the trust account for SAMBA in "User Manager for Domains"
-  2) connect the trust from the Samba domain using
-     'net rpc trustdom establish GLASS'
-
-To create a trustlationship with SAMBA as the trusted domain:
-
-  1) create the initial trust account for GLASS using
-     'smbpasswd -a -i GLASS'.  You may need to create a UNIX
-     account for GLASS$ prior to this step (depending on your
-     local configuration).
-  2) connect the trust from a WINDOWS DC using "User Manager
-     for Domains"
-
-Now join winbindd on the Samba PDC to the SAMBA domain using
-the normal steps for adding a Samba server to an NT4 domain:
-(note that smbd & nmbd must be running at this point)
-
-   root# net rpc join -U root
-   Password: <enter root password from smbpasswd file here>
-
-Start winbindd and test the join with 'wbinfo -t'.
-
-Now test the trust relationship by connecting to the SAMBA DC
-(e.g. POGO) as a user from the WINDOWS domain:
-
-   $ smbclient //pogo/netlogon -U Administrator -W WINDOWS
-   Password:
-
-Now connect to the WINDOWS DC (e.g. CRYSTAL) as a Samba user:
-
-   $ smbclient //crystal/netlogon -U root -W WINDOWS
-   Password:
-
-######################################################################
-Changes in Winbind
-##################
-
-Beginning with Samba3.0.0beta3, winbindd has been given new account
-manage functionality equivalent to the 'add user script' family of
-smb.conf parameters.  The idmap design has also been changed to 
-centralize control of foreign SID lookups and matching to UNIX 
-uids and gids.
-
-
-Brief Description of Changes
-----------------------------
-
-1) The sid_to_uid() family of functions (smbd/uid.c) have been 
-   reverted to the 2.2.x design.  This means that when resolving a 
-   SID to a UID or similar mapping:
-
-        a) First consult winbindd
-        b) perform a local lookup only if winbindd fails to
-           return a successful answer
-
-   There are some variations to this, but these two rules generally
-   apply.
-
-2) All idmap lookups have been moved into winbindd.  This means that
-   a server must run winbindd (and support NSS) in order to achieve
-   any mappings of SID to dynamically allocated UNIX ids.  This was
-   a conscious design choice.
-
-3) New functions have been added to winbindd to emulate the 'add user 
-   script' family of smbd functions without requiring that external
-   scripts be defined.  This functionality is controlled by the 'winbind 
-   enable local accounts' smb.conf parameter (enabled by default).
-
-   However, this account management functionality is only supported 
-   in a local tdb (winbindd_idmap.tdb).  If these new UNIX accounts 
-   must be shared among multiple Samba servers (such as a PDC and BDCs), 
-   it will be necessary to define your own 'add user script', et. al.
-   programs that place the accounts/groups in some form of directory
-   such as NIS or LDAP.  This requirement was deemed beyond the scope
-   of winbind's account management functions.  Solutions for 
-   distributing UNIX system information have been deployed and tested 
-   for many years.  We saw no need to reinvent the wheel.
-
-4) A member of a Samba controlled domain running winbindd is now able 
-   to map domain users directly onto existing UNIX accounts while still
-   automatically creating accounts for trusted users and groups.  This
-   behavior is controlled by the 'winbind trusted domains only' smb.conf
-   parameter (disabled by default to provide 2.2.x winbind behavior).
-
-5) Group mapping support is wrapped in the local_XX_to_XX() functions
-   in smbd/uid.c.  The reason that group mappings are not included
-   in winbindd is because the purpose of Samba's group map is to
-   match any Windows SID with an existing UNIX group.  These UNIX
-   groups can be created by winbindd (see next section), but the
-   SID<->gid mapping is retreived by smbd, not winbindd.
-
-
-Examples
---------
-
-* security = server running winbindd to allocate accounts on demand
-
-* Samba PDC running winbindd to handle the automatic creation of UNIX
-  identities for machine trust accounts
-
-* Automtically creating UNIX user and groups when migrating a Windows NT
-  4.0 PDC to a Samba PDC.  Winbindd must be running when executing
-  'net rpc vampire' for this to work.
-
-   
-######################################################################
-Known Issues
-############
-
-* The smbldap perl scripts for managing user entries in an LDAP
-  directory have not be updated to function with the Samba 3.0
-  schema changes.  This (or an equivalent solution) work is planned
-  to be completed prior to the stable 3.0.0 release.
-
-Please refer to https://bugzilla.samba.org/ for a current list of bugs 
-filed against the Samba 3.0 codebase.
-
-
-######################################################################
-Reporting bugs & Development Discussion
-#######################################
-
-Please discuss this release on the samba-technical mailing list or by
-joining the #samba-technical IRC channel on irc.freenode.net.
-
-If you do report problems then please try to send high quality
-feedback. If you don't provide vital information to help us track down
-the problem then you will probably be ignored.  
-
-A new bugzilla installation has been established to help support the 
-Samba 3.0 community of users.  This server, located at 
-https://bugzilla.samba.org/, will replace the existing jitterbug server 
-and the old http://bugs.samba.org now points to the new bugzilla server.
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-3.0.0rc2.html b/whatsnew/samba-3.0.0rc2.html
deleted file mode 100755
index 2b57336..0000000
--- a/whatsnew/samba-3.0.0rc2.html
+++ /dev/null
@@ -1,995 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team announces Samba 3.0.0 RC2</H2>
-
-<p>
-<pre>
-The Samba Team is proud to announce the availability of the
-second release candidate of the Samba 3.0.0 code base.  A release
-candidate implies that the code is very close to a final release,
-but remember that this is still a non-production snapshot intended
-for testing purposes. Use at your own risk.
-
-The source code can be downloaded from :
-
-    <a href="http://download.samba.org/samba/ftp/rc/">http://download.samba.org/samba/ftp/rc/</a>
-
-The uncompressed tarball and patch file have been signed
-using GnuPG.  The Samba public key is available at
-
-    <a href="http://download.samba.org/samba/ftp/samba-pubkey.asc">http://download.samba.org/samba/ftp/samba-pubkey.asc</a>
-
-Binary packages will be available soon at
-
-    <a href="http://download.samba.org/samba/ftp/Binary_Packages/">http://download.samba.org/samba/ftp/Binary_Packages/</a>
-
-A simplified version of the CVS log of updates since 3.0.0rc1
-can be found in the the download directory under the name
-ChangeLog-3.0.0rc1-3.0.0rc2.
-
-Please file any bugs you find in this release at
-
-    <a href="https://bugzilla.samba.org/">https://bugzilla.samba.org/</a>
-
-As always, all bugs are our responsibility.
-
-                                  --Enjoy
-                                  The Samba Team
-
-#######################################################################
-                   WHATS NEW IN Samba 3.0.0 RC2
-                          August 28 2003
-                  ==============================
-
-This is the second release candidate snapshot of Samba 3.0.0. A release 
-candidate implies that the code is very close to a final release, remember 
-that this is still a non-production release intended for testing purposes.  
-Use at your own risk. 
-
-The purpose of this release candidate is to get wider testing of the major
-new pieces of code in the current Samba 3.0 development tree. 
-Please refer to the section on "Known Issues" for more details.
-
-
-Major new features:
--------------------
-
-1)  Active Directory support.  Samba 3.0 is now able to  
-    join a ADS realm as a member server and authenticate 
-    users using LDAP/Kerberos.
-
-2)  Unicode support. Samba will now negotiate UNICODE on the wire and
-    internally there is now a much better infrastructure for multi-byte
-    and UNICODE character sets.
-
-3)  New authentication system. The internal authentication system has
-    been almost completely rewritten. Most of the changes are internal,
-    but the new auth system is also very configurable.
-
-4)  New default filename mangling system.
-
-5)  A new "net" command has been added. It is somewhat similar to 
-    the "net" command in windows. Eventually we plan to replace 
-    numerous other utilities (such as smbpasswd) with subcommands 
-    in "net".
-
-6)  Samba now negotiates NT-style status32 codes on the wire. This
-    improves error handling a lot.
-
-7)  Better Windows 2000/XP/2003 printing support including publishing 
-    printer attributes in active directory.
-
-8)  New loadable module support for passdb backends and 
-    character sets.
-
-9)  New default dual-daemon winbindd support for better performance.
-
-10) Support for migrating from a Windows NT 4.0 domain to a Samba 
-    domain and maintaining user, group and domain SIDs.
-
-11) Support for establishing trust relationships with Windows NT 4.0
-    domain controllers.
-  
-12) Initial support for a distributed Winbind architecture using
-    an LDAP directory for storing SID to uid/gid mappings.
-  
-13) Major updates to the Samba documentation tree.
-
-14) Full support for client and server SMB signing to ensure
-    compatibility with default Windows 2003 security settings.
-
-Plus lots of other improvements!
-
-
-Additional Documentation
-------------------------
-
-Please refer to Samba documentation tree (included in the docs/ 
-subdirectory) for extensive explanations of installing, configuring
-and maintaining Samba 3.0 servers and clients.  It is advised to 
-begin with the Samba-HOWTO-Collection for overviews and specific 
-tasks (the current book is up to approximately 400 pages) and to 
-refer to the various man pages for information on individual options.
-
-We are very glad to be able to include the second edition of
-"Using Samba" by Jay Ts, Robert Eckstein, and David Collier-Brown
-(O'Reilly & Associates) in this release.  The book is available
-on-line at http://samba.org/samba/docs/ and is included with 
-the Samba Web Administration Tool (SWAT).  Thanks to the authors and
-publisher for making "Using Samba" under the GNU Free Documentation 
-License.
-
-
-######################################################################
-Changes since 3.0rc1
-####################
-
-Please refer to the CVS log for the SAMBA_3_0 branch for complete 
-details:
-
-1)  Add levels 261 and 262 to search. Found using Samba4 tester.
-2)  Correct bad error return code in session setup reply
-3)  Fix bug where smbd returned DOS error codes from SMBsearch
-    even when NT1 protocol was negotiated.
-4)  Implement SMBexit properly.
-5)  Return group lists from a Samba PDC to a Windows 9x/ME box
-    in implementing user level access control (bug 314).
-6)  Prevent SWAT from crashing when adding shares (bug 254)
-7)  Fix various documentation issues (bugs 304 & 214)
-8)  Fix wins server listing in SWAT (bug 197)
-9)  Fix problem in rpcclient that caused enumerating printer 
-    drivers to report failure (bug 294).
-10) Use kerberos 5 authentication in our client code whenever possible
-11) Fix schannel bug that caused Active Directory DC's to downgrade our
-    machine account to an NT member.
-12) Implement missing SAMR_REMOVE_USER_FOREIGN_DOMAIN call (bug 252).
-13) Implement automatic generation of include/version.h
-14) Include initial version of smbldap-tool scripts for the Samba 
-    3.0 schema.
-15) Implement numerous fixes for multi-byte character strings.
-16) Enable 'unix extensions' parameter by default.
-17) Make sure we set the SID type when falling back to the rid 
-    algorithm (bug 245).
-18) Correct linking problems with pam_smbpass (bug 327).
-19) Add SYSV defines for Irix and Solaris to ensure the 'printing'
-    parameter default to the correct value (bug 230)
-20) Fix recursion bug in alloc_string_sub() (bug 289, et. al.)
-21) Ensure that 'make install' includes the static and shared 
-    versions of the libsmbclient libraries.
-22) Add CP850 and CP437 internal character set support (bug 150).
-23) Add support to examples/LDAP/convertSambaAccount for generating
-    LDIF modify files instead of just add (303).
-24) Fix support for -W option in smbclient (bug 39)
-25) Remove 'ldap trust ids' parameter since it could not be supported
-    by the current architecture.
-26) Don't crash when no argument is given to -T in smbclient (bug 345).
-27) Ensure smbadduser contains the same paths for the smbpasswd file 
-    as the other Samba tools (bug 290).
-28) Port of 'available = no' fix for [homes] from SAMBA_2_2 cvs tree.
-29) Add sanity checks to DeletePrinterData[Ex]() and ensure that the
-    modified printer is written to disk.
-30) Force winbindd to periodically update the trusted domain cache.
-31) Remove outdated import/export script to convert an smbpasswd file
-    to and from and LDAP directory.  Use the pdbedit tool instead.
-32) Ensure that %U substitution is restored on next valid packet
-    if a logon fails.
-
-
-Changes since 3.0beta3
-######################
-
-1)  Various memory leak fixes.
-2)  Provide full support for SMB signing (server and client)
-3)  Check for broken getgrouplist() in glibc.
-4)  Don't get stuck in an infinite loop listing directories 
-    recursively if the server returns an empty directory name
-    (bug 222).
-5)  Idle LDAP connections after 150 seconds.
-6)  Patched make uninstallmodules (bug 236).
-7)  Fix bug that caused smbd to return incomplete directory listings
-    when UNIX files contained MS wildcard characters.
-8)  Quiet default debug messages in command line tools.
-9)  Fixes to avoid panics on invalid multi-byte strings.
-10) Fix error messages when creating a new smbpasswd file (bug 198).
-11) Implemented better detection routines in autoconf scripts for 
-    locating ads support on the host OS.
-12) Fix bug that caused libraries in /usr/local/lib to be ignored 
-    (bug 174).
-13) Ensure winbindd_ads uses the correct realm or domain name when 
-    connecting to trusted DC.
-14) Ensure a correct prototype is created for snprintf() (bug 187)
-15) Stop files being created on read-only shares in some circumstances.
-16) Fix wbinfo -p (bug 251)
-17) Support schannel on any tcp/ip connection if necessary
-18) Correct bug in user_in_list() so that it works with winbind groups 
-    again.
-19) Ensure the schannel bind credentials default to the domain 
-    of the destination host.
-20) Default password expiration time in account_pol.tdb to never 
-    expire.  Remove any existing account_pol.tdb file to reset
-    the new default policy (bug 184). 
-21) Add buttons to SWAT to change the view of smb.conf (bug 212)
-22) Fix incorrect checks that determine whether or not the 'add user 
-    script' has been set.
-23) More cleanup for internal character set conversions.
-24) Fixes for multi-byte strings in stat cache code.
-25) Ensure that the net command honors the 'workgroup' parameter 
-    in smb.conf when not overridden from the command line.
-26) Add gss-spnego support to the ntlm_auth tool.
-27) Add vfs_default_quota VFS module.
-28) Added server support for NT quota interfaces.
-29) Prevent Krb5 replay attacks by adding a replay_cache.
-30) Fix problems with winbindd and transitive trusts in AD domains.
-31) Added -S to client tools for setting SMB signing options on the 
-    command line.
-32) Fix bug causing the 'passwd change program' to be called as the 
-    connected user and not root.
-33) Fixed data corruption bug in byte-range locking (e.g. affected MS Excel).
-34) Support winbindd on FreeBSD is possible.
-35) Look at only the first OID in the security blob sent in the session 
-    setup request to determine the token type.
-36) Only push locks onto a blocking lock queue if the posix lock failed with 
-    EACCES or EAGAIN (this means another lock conflicts). Else return an 
-    error and don't queue the request.
-37) Fix command line argument processing for smbtar.
-38) Correct issue that caused smbd to return generic unix_user.<uid> 
-    for lookupsid().
-39) Default to algorithmic mapping when generating a rid for a group
-    mapping.
-40) Expand %g and %G in logon script, profile path, etc... during
-    a domain logon (bug 208).
-41) Make sure smbclient obeys '-s <config>'
-42) Added win2k3 shadow copy operations to VFS interface.
-43) Allow connections to samba domain member as SERVER\user (don't
-    always default to DOMAIN\user).
-44) Remove checks in winbindd that caused it to attempt to use 
-    non-transitive trust relationships.
-45) Remove delays in winbindd caused by invalid DNS lookups.
-46) Fix supplementary group memberships on systems with slightly 
-    broken NSS implementations (bug 267).
-47) Correct issue that prevented smbclient from viewing shares on 
-    a win2k server when using a non-anonymous connection (bug 284).
-48) Add --domain=DOMAIN_NAME to wbinfo for limiting operations like 
-    'wbinfo -u' to a single domain.  The '.' character represents 
-    our domain.
-49) Fix group enumeration bug when using an LDAP directory for 
-    storing group mappings.
-50) Default to use NTLMv2 if available.  Fallback to not use LM/NTLM
-    when the extended security capability bit is not set.
-51) Fix crash in 'wbinfo -a' when using extended characters in the 
-    username (bug 269).
-52) Fix multi-byte strupper() panics (bug 205).
-53) Add vfs_readonly VFS module.
-54) Make sure to initialize the sambaNextUserRid and sambaNextGroupRid
-    attributes when using 'idmap backend = ldap' (bug 280).
-55) Make sure that users shared between a Samba PDC and member 
-    samba server are seen as domain users and not local users on the 
-    domain member.
-56) Fix Query FS Info level 2.
-57) Allow enumeration of users and groups by win9x "file server" (bug 
-    286).
-58) Create symlinks during install for modules that support mutliple
-    functions (bug 91).
-59) More iconv detection fixes.
-60) Fix path length error in vfs_recycle module (bug 291).
-61) Added server support for the LSA_DS UUID on the \lsarpc pipe.
-    (server DsRoleGetPrimaryDomainInfo() is currently disabled).
-62) Fix SMBseek and get/set position calls.
-62) Fix SetFileInfo level 1.
-63) Added tool to convert smbd log file to a pcap file (log2pcaphex).
-
-
-
-Changes since 3.0beta2
-######################
-
-1)  Added fix for Japanese case names in statcache code; 
-    these can change size on upper casing.
-2)  Correct issues with iconv detection in configure script
-    (support needed to find iconv libraries on FreeBSD).
-3)  Fix bug that caused a WINS server to be marked as dead
-    incorrectly (bug #190).
-4)  Removing additional deadlocks conditions that prevented 
-    winbindd from running on a Samba PDC (used for trust 
-    relationships).
-5)  Add support for searching for Active Directory for 
-    published printers (net ads printer search).
-6)  Separate UNIX username from DOMAIN\username in pipe 
-    credentials.
-7)  Auth modules now support returning NT_STATUS_NOT_IMPLEMENTED
-    for cases that they cannot handle.
-8)  Flush winbindd connection cache when the machine trust account
-    password is changed while a connection is open (bug #200).
-9)  Add support for 'OSVersion' server printer data string
-    (corrects problem with uploading printer drivers from 
-    WinXP clients).
-10) Numerous memory leak fixes.
-11) LDAP fixes ("passdb backend = ldapsam" & "idmap backend = ldap"):
-    - Store domain SID in LDAP directory.
-    - store idmap information in existing entries (use sambaSID=... 
-      if adding a new entry).
-12) Fix incorrect usage of primary group SID when looking up user 
-    groups (bug #109).
-13) Remove idmap_XX_to_XX calls from smbd.  Move back to the the
-    winbind_XXX and local_XXX calls used in 2.2.
-14) All uid/gid allocation must involve winbindd now (we do not 
-    attempt to map unknown SIDs to a UNIX identify).
-15) Add 'winbind trusted domains only' parameter to force a domain
-    member.  The server to use matching users names from /etc/passwd 
-    for its domain   (needed for domain member of a Samba domain).
-16) Rename 'idmap only' to 'enable rid algorithm' for better clarity 
-    (defaults to "yes").
-17) Add support for multi-byte statcache code (bug #185)
-18) Fix open mode race condition.
-19) Implement winbindd local account management functions.  Refer to
-    the "Winbind Changes" section for details.
-20) Move RID allocation functions into idmap backend.
-21) Fix parsing error that prevented publishing printers from a 
-    Samba server in an AD domain.
-22) Revive NTLMSSP support for named pipes.
-23) More SCHANNEL fixes.
-24) Correct SMB signing with NTLMSSP.
-25) Fix coherency bug in print handle/printer object caching code
-    that could cause XP clients to infinitely loop while updating 
-    their local printer cache.
-26) Make winbindd use its dual-daemon mode by default (use -Y to 
-    start as a single process).
-27) Add support to nmbd and winbindd for 'smbcontrol <pid> 
-    reload-config'.
-28) Correct problem with smbtar when dealing with files > 8Gb 
-    (bug #102).
-
-
-
-Changes since 3.0beta1
-######################
-
-1)  Rework our smb signing code again, this factors out some of 
-    the common MAC calculation code, and now supports multiple 
-    outstanding packets (bug #40).
-2)  Enforce 'client plaintext auth', 'client lanman auth' and 'client
-    ntlmv2 auth'.
-3)  Correct timestamp problem on 64-bit machines (bug #140).
-4)  Add extra debugging statements to winbindd for tracking down
-    failures.
-5)  Fix bug when aliased 'winbind uid/gid' parameters are used.
-    ('winbind uid/gid' are now replaced with 'idmap uid/gid').
-6)  Added an auth flag that indicates if we should be allowed 
-    to fall back to NTLMSSP for SASL if krb5 fails.
-7)  Fixed the bug that forced us not to use the winbindd cache when 
-    we have a primary ADS domain and a secondary (trusted) NT4 
-    domain. 
-8)  Use lp_realm() to find the default realm for 'net ads password'.
-9)  Removed editreg from standard build until it is portable..
-10) Fix domain membership for servers not running winbindd.
-11) Correct race condition in determining the high water mark
-    in the idmap backend (bug #181).
-12) Set the user's primary unix group from usrmgr.exe (partial 
-    fix for bug #45).
-13) Show comments when doing 'net group -l' (bug #3).
-14) Add trivial extension to 'net' to dump current local idmap
-    and restore mappings as well.
-15) Modify 'net rpc vampire' to add new and existing users to
-    both the idmap and the SAM.  This code needs further testing.
-16) Fix crash bug in ADS searches.
-17) Build libnss_wins.so as part of nsswitch target (bug #160).
-18) Make net rpc vampire return an error if the sam sync RPC 
-    returns an error.
-19) Fail to join an NT 4 domain as a BDC if a workstation account
-    using our name exists.
-20) Fix various memory leaks in server and client code
-21) Remove the short option to --set-auth-user for wbinfo (-A) to 
-    prevent confusion with the -a option (bug #158).
-22) Added new 'map acl inherit' parameter.
-23) Removed unused 'privileges' code from group mapping database.
-24) Don't segfault on empty passdb backend list (bug #136).
-25) Fixed acl sorting algorithm for Windows 2000 clients.
-26) Replace universal group cache with netsamlogon_cache 
-    from APPLIANCE_HEAD branch.
-27) Fix autoconf detection issues surrounding --with-ads=yes
-    but no Krb5 header files installed (bug #152).
-28) Add LDAP lookup for domain sequence number in case we are 
-    joined using NT4 protocols to a native mode AD domain.
-29) Fix backend method selection for trusted NT 4 (or 2k 
-    mixed mode) domains. 
-30) Fixed bug that caused us to enumerate domain local groups
-    from native mode AD domains other than our own.
-31) Correct group enumeration for viewing in the Windows 
-    security tab (bug #110).
-32) Consolidate the DC location code.
-33) Moved 'ads server' functionality into 'password server' for
-    backwards compatibility.
-34) Fix winbindd_idmap tdb upgrades from a 2.2 installation.
-    ( if you installed beta1, be sure to 
-      'mv idmap.tdb winbindd_idmap.tdb' ).
-35) Fix pdb_ldap segfaults, and wrong default values for 
-    ldapsam_compat.
-36) Enable negative connection cache for winbindd's ADS backend 
-    functions.
-37) Enable address caching for active directory DC's so we don't 
-    have to hit DNS so much.
-38) Fix bug in idmap code that caused mapping to randomly be 
-    redefined.
-39) Add tdb locking code to prevent race condition when adding a 
-    new mapping to idmap.
-40) Fix 'map to guest = bad user' when acting as a PDC supporting 
-    trust relationships.
-41) Prevent deadlock issues when running winbindd on a Samba PDC 
-    to handle allocating uids & gids for trusted users and groups
-42) added LOCALE patch from Steve Langasek (bug #122).
-43) Add the 'guest' passdb backend automatically to the end of 
-    the 'passdb backend' list if 'guest account' has a valid 
-    username.
-44) Remove samstrict_dc auth method.  Rework 'samstrict' to only 
-    handle our local names (or domain name if we are a PDC).  
-    Move existing permissive 'sam' method to 'sam_ignoredomain' 
-    and make 'samstrict' the new default 'sam' auth method.
-45) Match Windows NT4/2k behavior when authenticating a user with
-    and unknown domain (default to our domain if we are a DC or 
-    domain member; default to our local name if we are a 
-    standalone server).
-46) Fix Get_Pwnam() to always fall back to lookup 'user' if the 
-    'DOMAIN\user' lookup fails.  This matches 2.2. behavior.
-47) Fix the trustdom_cache code to update the list of trusted 
-    domains when operating as a domain member and not using 
-    winbindd.
-48) Remove 'nisplussam' passdb backend since it has suffered for 
-    too long without a maintainer.
-    
-
-
-
-######################################################################
-Upgrading from a previous Samba 3.0 beta
-########################################
-
-Beginning with Samba 3.0.0beta3, the RID allocation functions
-have been moved into winbindd.  Previously these were handled
-by each passdb backend.  This means that winbindd must be running
-to automatically allocate RIDs for users and/or groups.  Otherwise,
-smbd will use the 2.2 algorithm for generating new RIDs.
-
-If you are using 'passdb backend = tdbsam' with a previous Samba 
-3.0 beta release (or possibly alpha), it may be necessary to 
-move the RID_COUNTER entry from /usr/local/samba/private/passdb.tdb
-to winbindd_idmap.tdb.  To do this:
-
-1)  Ensure that winbindd_idmap.tdb exists (launch winbindd at least 
-    once)
-2)  build tdbtool by executing 'make tdbtool' in the source/tdb/ 
-    directory
-3)  run: (note that 'tdb>' is the tool's prompt for input)
-
-       root# ./tdbtool /usr/local/samba/private/passdb.tdb
-       tdb> show RID_COUNTER
-       key 12 bytes
-       RID_COUNTER
-       data 4 bytes
-       [000] 0A 52 00 00                                       .R.
-
-       tdb> move RID_COUNTER /usr/local/samba/var/locks/winbindd_idmap.tdb
-       ....
-       record moved
-
-If you are using 'passdb backend = ldapsam', it will be necessary to 
-store idmap entries in the LDAP directory as well (i.e. idmap backend 
-= ldap).  Refer to the 'net idmap' command for more information on 
-migrating SID<->UNIX id mappings from one backend to another.
-
-If the RID_COUNTER record does not exist, then these instructions are
-unneccessary and the new RID_COUNTER record will be correctly generated
-if needed.  
-
-
-
-########################
-Upgrading from Samba 2.2
-########################
-
-This section is provided to help administrators understand the details
-involved with upgrading a Samba 2.2 server to Samba 3.0.
-
-
-Building
---------
-
-Many of the options to the GNU autoconf script have been modified 
-in the 3.0 release.  The most noticeable are:
-
-  * removal of --with-tdbsam (is now included by default; see section
-    on passdb backends and authentication for more details)
-    
-  * --with-ldapsam is now on used to provided backward compatible
-    parameters for LDAP enabled Samba 2.2 servers.  Refer to the passdb 
-    backend and authentication section for more details
-  
-  * inclusion of non-standard passdb modules may be enabled using
-    --with-expsam.  This includes an XML backend and a mysql backend.
-      
-  * removal of --with-msdfs (is now enabled by default)
-  
-  * removal of --with-ssl (no longer supported)
-  
-  * --with-utmp now defaults to 'yes' on supported systems
-  
-  * --with-sendfile-support is now enabled by default on supported 
-    systems
-  
-    
-Parameters
-----------
-
-This section contains a brief listing of changes to smb.conf options
-in the 3.0.0 release.  Please refer to the smb.conf(5) man page for
-complete descriptions of new or modified parameters.
-
-Removed Parameters (order alphabetically):
-
-  * admin log
-  * alternate permissions
-  * character set
-  * client codepage
-  * code page directory
-  * coding system
-  * domain admin group
-  * domain guest group
-  * force unknown acl user
-  * nt smb support
-  * post script
-  * printer driver
-  * printer driver file
-  * printer driver location
-  * status
-  * total print jobs
-  * use rhosts
-  * valid chars
-  * vfs options
-
-New Parameters (new parameters have been grouped by function):
-
-  Remote management
-  -----------------
-  * abort shutdown script
-  * shutdown script
-
-  User and Group Account Management
-  ---------------------------------
-  * add group script
-  * add machine script
-  * add user to group script
-  * algorithmic rid base
-  * delete group script
-  * delete user from group script
-  * passdb backend
-  * set primary group script
-
-  Authentication
-  --------------
-  * auth methods
-  * realm
-
-  Protocol Options
-  ----------------
-  * client lanman auth
-  * client NTLMv2 auth
-  * client schannel
-  * client signing
-  * client use spnego
-  * disable netbios
-  * ntlm auth
-  * paranoid server security
-  * server schannel
-  * server signing
-  * smb ports
-  * use spnego
-
-  File Service
-  ------------
-  * get quota command
-  * hide special files
-  * hide unwriteable files
-  * hostname lookups
-  * kernel change notify
-  * mangle prefix
-  * map acl inherit
-  * msdfs proxy
-  * set quota command
-  * use sendfile
-  * vfs objects
-  
-  Printing
-  --------
-  * max reported print jobs
-
-  UNICODE and Character Sets
-  --------------------------
-  * display charset
-  * dos charset
-  * unicode
-  * unix charset
-  
-  SID to uid/gid Mappings
-  -----------------------
-  * idmap backend
-  * idmap gid
-  * idmap uid
-  * winbind enable local accounts
-  * winbind trusted domains only
-  * template primary group
-  * enable rid algorithm
-
-  LDAP
-  ----
-  * ldap delete dn
-  * ldap group suffix
-  * ldap idmap suffix
-  * ldap machine suffix
-  * ldap passwd sync
-  * ldap user suffix
-  
-  General Configuration
-  ---------------------
-  * preload modules
-  * privatedir
-
-Modified Parameters (changes in behavior):
-
-  * encrypt passwords (enabled by default)
-  * mangling method (set to 'hash2' by default)
-  * passwd chat
-  * passwd program
-  * restrict anonymous (integer value)
-  * security (new 'ads' value)
-  * strict locking (enabled by default)
-  * unix extensions (enabled by default)
-  * winbind cache time (increased to 5 minutes)
-  * winbind uid (deprecated in favor of 'idmap uid')
-  * winbind gid (deprecated in favor of 'idmap gid')
-
-
-Databases
----------
-
-This section contains brief descriptions of any new databases 
-introduced in Samba 3.0.  Please remember to backup your existing 
-${lock directory}/*tdb before upgrading to Samba 3.0.  Samba will 
-upgrade databases as they are opened (if necessary), but downgrading 
-from 3.0 to 2.2 is an unsupported path.
-
-Name			Description				Backup?
-----			-----------				-------
-account_policy		User policy settings			yes
-gencache		Generic caching db			no
-group_mapping		Mapping table from Windows		yes
-			groups/SID to unix groups	
-winbindd_idmap		ID map table from SIDS to UNIX		yes
-			uids/gids.
-namecache		Name resolution cache entries		no
-netsamlogon_cache	Cache of NET_USER_INFO_3 structure	no
-			returned as part of a successful
-			net_sam_logon request 
-printing/*.tdb		Cached output from 'lpq 		no
-			command' created on a per print 
-			service basis
-registry		Read-only samba registry skeleton	no
-			that provides support for exporting
-			various db tables via the winreg RPCs
-
-
-Changes in Behavior
--------------------
-
-The following issues are known changes in behavior between Samba 2.2 and 
-Samba 3.0 that may affect certain installations of Samba.
-
-  1)  When operating as a member of a Windows domain, Samba 2.2 would 
-      map any users authenticated by the remote DC to the 'guest account'
-      if a uid could not be obtained via the getpwnam() call.  Samba 3.0
-      rejects the connection as NT_STATUS_LOGON_FAILURE.  There is no 
-      current work around to re-establish the 2.2 behavior.
-      
-  2)  When adding machines to a Samba 2.2 controlled domain, the 
-      'add user script' was used to create the UNIX identity of the 
-      machine trust account.  Samba 3.0 introduces a new 'add machine 
-      script' that must be specified for this purpose.  Samba 3.0 will
-      not fall back to using the 'add user script' in the absence of 
-      an 'add machine script'
-  
-
-######################################################################
-Passdb Backends and Authentication
-##################################
-
-There have been a few new changes that Samba administrators should be
-aware of when moving to Samba 3.0.
-
-  1) encrypted passwords have been enabled by default in order to 
-     inter-operate better with out-of-the-box Windows client 
-     installations.  This does mean that either (a) a samba account
-     must be created for each user, or (b) 'encrypt passwords = no'
-     must be explicitly defined in smb.conf.
-    
-  2) Inclusion of new 'security = ads' option for integration 
-     with an Active Directory domain using the native Windows
-     Kerberos 5 and LDAP protocols.
-
-     MIT kerberos 1.3.1 supports the ARCFOUR-HMAC-MD5 encryption 
-     type which is neccessary for servers on which the 
-     administrator password has not been changed, or kerberos-enabled 
-     SMB connections to servers that require Kerberos SMB signing.
-     Besides this one difference, either MIT or Heimdal Kerberos
-     distributions are usable by Samba 3.0.
-     
-
-Samba 3.0 also includes the possibility of setting up chains
-of authentication methods (auth methods) and account storage 
-backends (passdb backend).  Please refer to the smb.conf(5) 
-man page for details.  While both parameters assume sane default 
-values, it is likely that you will need to understand what the 
-values actually mean in order to ensure Samba operates correctly.
-
-The recommended passdb backends at this time are
-
-  * smbpasswd - 2.2 compatible flat file format
-  * tdbsam - attribute rich database intended as an smbpasswd
-    replacement for stand alone servers
-  * ldapsam - attribute rich account storage and retrieval 
-    backend utilizing an LDAP directory.  
-  * ldapsam_compat - a 2.2 backward compatible LDAP account 
-    backend
-    
-Certain functions of the smbpasswd(8) tool have been split between the 
-new smbpasswd(8) utility, the net(8) tool, and the new pdbedit(8) 
-utility.  See the respective man pages for details.
-    
-     
-######################################################################
-LDAP
-####
-
-This section outlines the new features affecting Samba / LDAP 
-integration.
-
-New Schema
-----------
-  
-A new object class (sambaSamAccount) has been introduced to replace 
-the old sambaAccount.  This change aids us in the renaming of attributes 
-to prevent clashes with attributes from other vendors.  There is a 
-conversion script (examples/LDAP/convertSambaAccount) to modify and LDIF 
-file to the new schema.
-  
-Example:
-  
-	$ ldapsearch .... -b "ou=people,dc=..." > old.ldif
-	$ convertSambaAccount <DOM SID> old.ldif new.ldif
-	
-The <DOM SID> can be obtained by running 'net getlocalsid <DOMAINNAME>' 
-on the Samba PDC as root.
-    
-The old sambaAccount schema may still be used by specifying the 
-"ldapsam_compat" passdb backend.  However, the sambaAccount and
-associated attributes have been moved to the historical section of
-the schema file and must be uncommented before use if needed.
-The 2.2 object class declaration for a sambaAccount has not changed
-in the 3.0 samba.schema file. 
-  
-Other new object classes and their uses include:
-  
-  * sambaDomain - domain information used to allocate rids 
-    for users and groups as necessary.  The attributes are added
-    in 'ldap suffix' directory entry automatically if 
-    an idmap uid/gid range has been set and the 'ldapsam'
-    passdb backend has been selected.
-      
-  * sambaGroupMapping - an object representing the 
-    relationship between a posixGroup and a Windows
-    group/SID.  These entries are stored in the 'ldap 
-    group suffix' and managed by the 'net groupmap' command.
-    
-  * sambaUnixIdPool - created in the 'ldap idmap suffix' entry 
-    automatically and contains the next available 'idmap uid' and 
-    'idmap gid'
-    
-  * sambaIdmapEntry - object storing a mapping between a 
-    SID and a UNIX uid/gid.  These objects are created by the 
-    idmap_ldap module as needed.
-
-  * sambaSidEntry - object representing a SID alone, as a Structural
-    class on which to build the sambaIdmapEntry.
-
-    
-New Suffix for Searching
-------------------------
-  
-The following new smb.conf parameters have been added to aid in directing
-certain LDAP queries when 'passdb backend = ldapsam://...' has been
-specified.
-
-  * ldap suffix         - used to search for user and computer accounts
-  * ldap user suffix    - used to store user accounts
-  * ldap machine suffix - used to store machine trust accounts
-  * ldap group suffix   - location of posixGroup/sambaGroupMapping entries
-  * ldap idmap suffix   - location of sambaIdmapEntry objects
-
-If an 'ldap suffix' is defined, it will be appended to all of the 
-remaining sub-suffix parameters.  In this case, the order of the suffix
-listings in smb.conf is important.  Always place the 'ldap suffix' first
-in the list.  
-
-Due to a limitation in Samba's smb.conf parsing, you should not surround 
-the DN's with quotation marks.
-
-
-IdMap LDAP support
-------------------
-
-Samba 3.0 supports an ldap backend for the idmap subsystem.  The 
-following options would inform Samba that the idmap table should be
-stored on the directory server onterose in the "ou=idmap,dc=plainjoe,
-dc=org" partition.
-
- [global]
-    ...
-    idmap backend     = ldap:ldap://onterose/
-    ldap idmap suffix = ou=idmap,dc=plainjoe,dc=org
-    idmap uid         = 40000-50000
-    idmap gid         = 40000-50000
-
-This configuration allows winbind installations on multiple servers to
-share a uid/gid number space, thus avoiding the interoperability problems
-with NFS that were present in Samba 2.2.
-    
-
-
-######################################################################
-Trust Relationships and a Samba Domain
-######################################
-
-Samba 3.0.0beta2 is able to utilize winbindd as the means of 
-allocating uids and gids to trusted users and groups.  More
-information regarding Samba's support for establishing trust 
-relationships can be found in the Samba-HOWTO-Collection included
-in the docs/ directory of this release.
-
-First create your Samba PDC and ensure that everything is 
-working correctly before moving on the trusts.
-
-To establish Samba as the trusting domain (named SAMBA) from a Windows NT
-4.0 domain named WINDOWS:
-
-  1) create the trust account for SAMBA in "User Manager for Domains"
-  2) connect the trust from the Samba domain using
-     'net rpc trustdom establish GLASS'
-
-To create a trustlationship with SAMBA as the trusted domain:
-
-  1) create the initial trust account for GLASS using
-     'smbpasswd -a -i GLASS'.  You may need to create a UNIX
-     account for GLASS$ prior to this step (depending on your
-     local configuration).
-  2) connect the trust from a WINDOWS DC using "User Manager
-     for Domains"
-
-Now join winbindd on the Samba PDC to the SAMBA domain using
-the normal steps for adding a Samba server to an NT4 domain:
-(note that smbd & nmbd must be running at this point)
-
-   root# net rpc join -U root
-   Password: <enter root password from smbpasswd file here>
-
-Start winbindd and test the join with 'wbinfo -t'.
-
-Now test the trust relationship by connecting to the SAMBA DC
-(e.g. POGO) as a user from the WINDOWS domain:
-
-   $ smbclient //pogo/netlogon -U Administrator -W WINDOWS
-   Password:
-
-Now connect to the WINDOWS DC (e.g. CRYSTAL) as a Samba user:
-
-   $ smbclient //crystal/netlogon -U root -W WINDOWS
-   Password:
-
-######################################################################
-Changes in Winbind
-##################
-
-Beginning with Samba3.0.0beta3, winbindd has been given new account
-manage functionality equivalent to the 'add user script' family of
-smb.conf parameters.  The idmap design has also been changed to 
-centralize control of foreign SID lookups and matching to UNIX 
-uids and gids.
-
-
-Brief Description of Changes
-----------------------------
-
-1) The sid_to_uid() family of functions (smbd/uid.c) have been 
-   reverted to the 2.2.x design.  This means that when resolving a 
-   SID to a UID or similar mapping:
-
-        a) First consult winbindd
-        b) perform a local lookup only if winbindd fails to
-           return a successful answer
-
-   There are some variations to this, but these two rules generally
-   apply.
-
-2) All idmap lookups have been moved into winbindd.  This means that
-   a server must run winbindd (and support NSS) in order to achieve
-   any mappings of SID to dynamically allocated UNIX ids.  This was
-   a conscious design choice.
-
-3) New functions have been added to winbindd to emulate the 'add user 
-   script' family of smbd functions without requiring that external
-   scripts be defined.  This functionality is controlled by the 'winbind 
-   enable local accounts' smb.conf parameter (enabled by default).
-
-   However, this account management functionality is only supported 
-   in a local tdb (winbindd_idmap.tdb).  If these new UNIX accounts 
-   must be shared among multiple Samba servers (such as a PDC and BDCs), 
-   it will be necessary to define your own 'add user script', et. al.
-   programs that place the accounts/groups in some form of directory
-   such as NIS or LDAP.  This requirement was deemed beyond the scope
-   of winbind's account management functions.  Solutions for 
-   distributing UNIX system information have been deployed and tested 
-   for many years.  We saw no need to reinvent the wheel.
-
-4) A member of a Samba controlled domain running winbindd is now able 
-   to map domain users directly onto existing UNIX accounts while still
-   automatically creating accounts for trusted users and groups.  This
-   behavior is controlled by the 'winbind trusted domains only' smb.conf
-   parameter (disabled by default to provide 2.2.x winbind behavior).
-
-5) Group mapping support is wrapped in the local_XX_to_XX() functions
-   in smbd/uid.c.  The reason that group mappings are not included
-   in winbindd is because the purpose of Samba's group map is to
-   match any Windows SID with an existing UNIX group.  These UNIX
-   groups can be created by winbindd (see next section), but the
-   SID<->gid mapping is retreived by smbd, not winbindd.
-
-
-Examples
---------
-
-* security = server running winbindd to allocate accounts on demand
-
-* Samba PDC running winbindd to handle the automatic creation of UNIX
-  identities for machine trust accounts
-
-* Automtically creating UNIX user and groups when migrating a Windows NT
-  4.0 PDC to a Samba PDC.  Winbindd must be running when executing
-  'net rpc vampire' for this to work.
-
-   
-######################################################################
-Known Issues
-############
-
-* The smbldap perl scripts for managing user entries in an LDAP
-  directory have not be updated to function with the Samba 3.0
-  schema changes.  This (or an equivalent solution) work is planned
-  to be completed prior to the stable 3.0.0 release.
-
-Please refer to https://bugzilla.samba.org/ for a current list of bugs 
-filed against the Samba 3.0 codebase.
-
-
-######################################################################
-Reporting bugs & Development Discussion
-#######################################
-
-Please discuss this release on the samba-technical mailing list or by
-joining the #samba-technical IRC channel on irc.freenode.net.
-
-If you do report problems then please try to send high quality
-feedback. If you don't provide vital information to help us track down
-the problem then you will probably be ignored.  
-
-A new bugzilla installation has been established to help support the 
-Samba 3.0 community of users.  This server, located at 
-https://bugzilla.samba.org/, will replace the existing jitterbug server 
-and the old http://bugs.samba.org now points to the new bugzilla server.
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-3.0.0rc3.html b/whatsnew/samba-3.0.0rc3.html
deleted file mode 100755
index 97b0424..0000000
--- a/whatsnew/samba-3.0.0rc3.html
+++ /dev/null
@@ -1,1068 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team announces Samba 3.0.0 RC3</H2>
-
-<p>
-<pre>
-The Samba Team is proud to announce the availability of the
-third release candidate of the Samba 3.0.0 code base.  A release
-candidate implies that the code is very close to a final release,
-but remember that this is still a non-production snapshot intended
-for testing purposes. Use at your own risk.
-
-The major issues addressed in this release candidate are
-
-  1) Compatibility and compile fixes with Heimdal Kerberos.
-  2) Disconnection issues in winbindd after prolonged idle
-     periods.
-  3) More fixes for transitive trusts when acting as a member
-     of an ADS domain.
-  4) Performance optimizations when using ASCII character sets.
-
-The source code can be downloaded from :
-
-    <a href="http://download.samba.org/samba/ftp/rc/">http://download.samba.org/samba/ftp/rc/</a>
-
-The uncompressed tarball and patch file have been signed
-using GnuPG.  The Samba public key is available at
-
-    <a href="http://download.samba.org/samba/ftp/samba-pubkey.asc">http://download.samba.org/samba/ftp/samba-pubkey.asc</a>
-
-Binary packages are available at
-
-    <a href="http://download.samba.org/samba/ftp/Binary_Packages/">http://download.samba.org/samba/ftp/Binary_Packages/</a>
-
-A simplified version of the CVS log of updates since 3.0.0rc2
-can be found in the the download directory under the name
-ChangeLog-3.0.0rc2-3.0.0rc3.
-
-Please file any bugs you find in this release at
-
-    <a href="https://bugzilla.samba.org/">https://bugzilla.samba.org/</a>
-
-As always, all bugs are our responsibility.
-
-                                  --Enjoy
-                                  The Samba Team
-
-#######################################################################
-                   WHATS NEW IN Samba 3.0.0 RC3
-                          September 8, 2003
-                  ==============================
-
-This is the third release candidate snapshot of Samba 3.0.0. A release 
-candidate implies that the code is very close to a final release, remember 
-that this is still a non-production release intended for testing purposes.  
-Use at your own risk. 
-
-The purpose of this release candidate is to get wider testing of the major
-new pieces of code in the current Samba 3.0 development tree. 
-Please refer to the section on "Known Issues" for more details.
-
-
-Major new features:
--------------------
-
-1)  Active Directory support.  Samba 3.0 is now able to  
-    join a ADS realm as a member server and authenticate 
-    users using LDAP/Kerberos.
-
-2)  Unicode support. Samba will now negotiate UNICODE on the wire and
-    internally there is now a much better infrastructure for multi-byte
-    and UNICODE character sets.
-
-3)  New authentication system. The internal authentication system has
-    been almost completely rewritten. Most of the changes are internal,
-    but the new auth system is also very configurable.
-
-4)  New default filename mangling system.
-
-5)  A new "net" command has been added. It is somewhat similar to 
-    the "net" command in windows. Eventually we plan to replace 
-    numerous other utilities (such as smbpasswd) with subcommands 
-    in "net".
-
-6)  Samba now negotiates NT-style status32 codes on the wire. This
-    improves error handling a lot.
-
-7)  Better Windows 2000/XP/2003 printing support including publishing 
-    printer attributes in active directory.
-
-8)  New loadable module support for passdb backends and 
-    character sets.
-
-9)  New default dual-daemon winbindd support for better performance.
-
-10) Support for migrating from a Windows NT 4.0 domain to a Samba 
-    domain and maintaining user, group and domain SIDs.
-
-11) Support for establishing trust relationships with Windows NT 4.0
-    domain controllers.
-  
-12) Initial support for a distributed Winbind architecture using
-    an LDAP directory for storing SID to uid/gid mappings.
-  
-13) Major updates to the Samba documentation tree.
-
-14) Full support for client and server SMB signing to ensure
-    compatibility with default Windows 2003 security settings.
-
-Plus lots of other improvements!
-
-
-Additional Documentation
-------------------------
-
-Please refer to Samba documentation tree (included in the docs/ 
-subdirectory) for extensive explanations of installing, configuring
-and maintaining Samba 3.0 servers and clients.  It is advised to 
-begin with the Samba-HOWTO-Collection for overviews and specific 
-tasks (the current book is up to approximately 400 pages) and to 
-refer to the various man pages for information on individual options.
-
-We are very glad to be able to include the second edition of
-"Using Samba" by Jay Ts, Robert Eckstein, and David Collier-Brown
-(O'Reilly & Associates) in this release.  The book is available
-on-line at http://samba.org/samba/docs/ and is included with 
-the Samba Web Administration Tool (SWAT).  Thanks to the authors and
-publisher for making "Using Samba" under the GNU Free Documentation 
-License.
-
-
-######################################################################
-Changes since 3.0rc2
-####################
-
-Please refer to the CVS log for the SAMBA_3_0 branch for complete 
-details:
-
-1)  Remove Perl module dependencies in generated RedHat 8/9 RPMS.
-2)  Update mount helper to take synonyms for file_mode and 
-    dir_mode (fmask and dmask).
-3)  Fix portability bug with log2pcaphex.
-4)  Use different algorithm to generate codepages source code which 
-    allows to take gaps into account thus making unnecessary 
-    extended [index] = value, syntax in to_ucs2 array (bug 380).
-5)  Fix comment strings to 43 bytes as per spec.
-6)  Fix pam_winbind compile bug on FreeBSD (bug 261).
-7)  Support for in-memory keytabs, which are needed to make heimdal 
-    work properly.  MIT does not support them, so this check will be 
-    used to decide whether to use them.  (partial fix for bug 372).
-8)  Disable RC4-HMAC on broken heimdal setups.  (remainder of bug 
-    372).
-9)  Correct bug in smbclient that resulted in errors when untarring
-    long filenames (bug 308).
-10) Improve autoconf checks for PAM header files and libs.
-11) Added fast path to convert_string() when dealing with 
-    ASCII->ASCII, UCS2-LE->ASCII, and ASCII->UCS2-LE with 
-    values <= 0x7F. 
-12) Quiet debug messages when we don't find a module and it is not
-    a critical error (bug 375).
-13) Fix UNIX passwd sync properly.
-14) Fix more transitive trust issues in winbindd (bug 305).
-15) Ensure that winbindd functions with 'disable netbios = yes'
-16) Store the real short domain name in secrets.tdb as soon as we
-    know it.  Also display an error message when joining an AD
-    domain and the 'workgroup' parameter has not been specified.
-17) Return 0 DFS links instead of -1 when dfs support is not enabled.
-18) Update LDAP schema for Netscape DS 4.x and Novell eDirectory 8.7
-19) Ensure that name types can be specified using name#type notation
-    in the 'net' command (bug 73).
-20) Add retry looks to ADS sequence number and domain SID lookups 
-    (bug 364).
-21) use a variant of alloc_sub_basic() for string lists such as 
-    'valid users', 'write list', and 'read list' (bug 397).
-22) Fix seg fault when winbindd receives an error from the AD server
-    in response to an LDAP search (bug 282).
-23) Update findsmb to use the new syntax for smbclient and nmblookup.
-24) Fix bug that prevented variables from being used in explicitly 
-    defined path in [homes].
-25) Only set SIDs when they're returned by the MySQL query 
-    (pdb_mysql.so).
-26) Include support for NTLMv2 key exchange.
-27) Revert default for 'client ntlmv2 auth' to off (bug 359).
-28) Fix crash in winbindd when the trust account password gets 
-    changed underneath us via 'net rpc changetrustpw' (bug 382).
-29) Use djb-algorithm string hash - faster than the tdb one we 
-    used to use.  Does not change on disk format or hashing location.
-30) Implements some kind of improved AFS support for Samba on
-    Linux with OpenAFS 1.2.10. './configure --with-fake-kaserver'
-    assumes that you have OpenAFS on your machine.
-31) When enumerating dfs shares loop from 0 to lp_numservices() instead 
-    of relying on lp_servicename(n) to return an empty string for 
-    invalid service numbers (bug 403).
-32) Fix crash bug in 'net rpc samdump' (bug 334).
-33) Fix crash bug in WINS NSS module (bug 299).
-34) Fix a few minor compile errors on HP-UX.
-
-
-
-Changes since 3.0rc1
-####################
-
-1)  Add levels 261 and 262 to search. Found using Samba4 tester.
-2)  Correct bad error return code in session setup reply
-3)  Fix bug where smbd returned DOS error codes from SMBsearch
-    even when NT1 protocol was negotiated.
-4)  Implement SMBexit properly.
-5)  Return group lists from a Samba PDC to a Windows 9x/ME box
-    in implementing user level access control (bug 314).
-6)  Prevent SWAT from crashing when adding shares (bug 254)
-7)  Fix various documentation issues (bugs 304 & 214)
-8)  Fix wins server listing in SWAT (bug 197)
-9)  Fix problem in rpcclient that caused enumerating printer 
-    drivers to report failure (bug 294).
-10) Use kerberos 5 authentication in our client code whenever possible
-11) Fix schannel bug that caused Active Directory DC's to downgrade our
-    machine account to an NT member.
-12) Implement missing SAMR_REMOVE_USER_FOREIGN_DOMAIN call (bug 252).
-13) Implement automatic generation of include/version.h
-14) Include initial version of smbldap-tool scripts for the Samba 
-    3.0 schema.
-15) Implement numerous fixes for multi-byte character strings.
-16) Enable 'unix extensions' parameter by default.
-17) Make sure we set the SID type when falling back to the rid 
-    algorithm (bug 245).
-18) Correct linking problems with pam_smbpass (bug 327).
-19) Add SYSV defines for Irix and Solaris to ensure the 'printing'
-    parameter default to the correct value (bug 230)
-20) Fix recursion bug in alloc_string_sub() (bug 289, et. al.)
-21) Ensure that 'make install' includes the static and shared 
-    versions of the libsmbclient libraries.
-22) Add CP850 and CP437 internal character set support (bug 150).
-23) Add support to examples/LDAP/convertSambaAccount for generating
-    LDIF modify files instead of just add (303).
-24) Fix support for -W option in smbclient (bug 39)
-25) Remove 'ldap trust ids' parameter since it could not be supported
-    by the current architecture.
-26) Don't crash when no argument is given to -T in smbclient (bug 345).
-27) Ensure smbadduser contains the same paths for the smbpasswd file 
-    as the other Samba tools (bug 290).
-28) Port of 'available = no' fix for [homes] from SAMBA_2_2 cvs tree.
-29) Add sanity checks to DeletePrinterData[Ex]() and ensure that the
-    modified printer is written to disk.
-30) Force winbindd to periodically update the trusted domain cache.
-31) Remove outdated import/export script to convert an smbpasswd file
-    to and from and LDAP directory.  Use the pdbedit tool instead.
-32) Ensure that %U substitution is restored on next valid packet
-    if a logon fails.
-
-
-Changes since 3.0beta3
-######################
-
-1)  Various memory leak fixes.
-2)  Provide full support for SMB signing (server and client)
-3)  Check for broken getgrouplist() in glibc.
-4)  Don't get stuck in an infinite loop listing directories 
-    recursively if the server returns an empty directory name
-    (bug 222).
-5)  Idle LDAP connections after 150 seconds.
-6)  Patched make uninstallmodules (bug 236).
-7)  Fix bug that caused smbd to return incomplete directory listings
-    when UNIX files contained MS wildcard characters.
-8)  Quiet default debug messages in command line tools.
-9)  Fixes to avoid panics on invalid multi-byte strings.
-10) Fix error messages when creating a new smbpasswd file (bug 198).
-11) Implemented better detection routines in autoconf scripts for 
-    locating ads support on the host OS.
-12) Fix bug that caused libraries in /usr/local/lib to be ignored 
-    (bug 174).
-13) Ensure winbindd_ads uses the correct realm or domain name when 
-    connecting to trusted DC.
-14) Ensure a correct prototype is created for snprintf() (bug 187)
-15) Stop files being created on read-only shares in some circumstances.
-16) Fix wbinfo -p (bug 251)
-17) Support schannel on any tcp/ip connection if necessary
-18) Correct bug in user_in_list() so that it works with winbind groups 
-    again.
-19) Ensure the schannel bind credentials default to the domain 
-    of the destination host.
-20) Default password expiration time in account_pol.tdb to never 
-    expire.  Remove any existing account_pol.tdb file to reset
-    the new default policy (bug 184). 
-21) Add buttons to SWAT to change the view of smb.conf (bug 212)
-22) Fix incorrect checks that determine whether or not the 'add user 
-    script' has been set.
-23) More cleanup for internal character set conversions.
-24) Fixes for multi-byte strings in stat cache code.
-25) Ensure that the net command honors the 'workgroup' parameter 
-    in smb.conf when not overridden from the command line.
-26) Add gss-spnego support to the ntlm_auth tool.
-27) Add vfs_default_quota VFS module.
-28) Added server support for NT quota interfaces.
-29) Prevent Krb5 replay attacks by adding a replay_cache.
-30) Fix problems with winbindd and transitive trusts in AD domains.
-31) Added -S to client tools for setting SMB signing options on the 
-    command line.
-32) Fix bug causing the 'passwd change program' to be called as the 
-    connected user and not root.
-33) Fixed data corruption bug in byte-range locking (e.g. affected MS Excel).
-34) Support winbindd on FreeBSD is possible.
-35) Look at only the first OID in the security blob sent in the session 
-    setup request to determine the token type.
-36) Only push locks onto a blocking lock queue if the posix lock failed with 
-    EACCES or EAGAIN (this means another lock conflicts). Else return an 
-    error and don't queue the request.
-37) Fix command line argument processing for smbtar.
-38) Correct issue that caused smbd to return generic unix_user.<uid> 
-    for lookupsid().
-39) Default to algorithmic mapping when generating a rid for a group
-    mapping.
-40) Expand %g and %G in logon script, profile path, etc... during
-    a domain logon (bug 208).
-41) Make sure smbclient obeys '-s <config>'
-42) Added win2k3 shadow copy operations to VFS interface.
-43) Allow connections to samba domain member as SERVER\user (don't
-    always default to DOMAIN\user).
-44) Remove checks in winbindd that caused it to attempt to use 
-    non-transitive trust relationships.
-45) Remove delays in winbindd caused by invalid DNS lookups.
-46) Fix supplementary group memberships on systems with slightly 
-    broken NSS implementations (bug 267).
-47) Correct issue that prevented smbclient from viewing shares on 
-    a win2k server when using a non-anonymous connection (bug 284).
-48) Add --domain=DOMAIN_NAME to wbinfo for limiting operations like 
-    'wbinfo -u' to a single domain.  The '.' character represents 
-    our domain.
-49) Fix group enumeration bug when using an LDAP directory for 
-    storing group mappings.
-50) Default to use NTLMv2 if available.  Fallback to not use LM/NTLM
-    when the extended security capability bit is not set.
-51) Fix crash in 'wbinfo -a' when using extended characters in the 
-    username (bug 269).
-52) Fix multi-byte strupper() panics (bug 205).
-53) Add vfs_readonly VFS module.
-54) Make sure to initialize the sambaNextUserRid and sambaNextGroupRid
-    attributes when using 'idmap backend = ldap' (bug 280).
-55) Make sure that users shared between a Samba PDC and member 
-    samba server are seen as domain users and not local users on the 
-    domain member.
-56) Fix Query FS Info level 2.
-57) Allow enumeration of users and groups by win9x "file server" (bug 
-    286).
-58) Create symlinks during install for modules that support mutliple
-    functions (bug 91).
-59) More iconv detection fixes.
-60) Fix path length error in vfs_recycle module (bug 291).
-61) Added server support for the LSA_DS UUID on the \lsarpc pipe.
-    (server DsRoleGetPrimaryDomainInfo() is currently disabled).
-62) Fix SMBseek and get/set position calls.
-62) Fix SetFileInfo level 1.
-63) Added tool to convert smbd log file to a pcap file (log2pcaphex).
-
-
-
-Changes since 3.0beta2
-######################
-
-1)  Added fix for Japanese case names in statcache code; 
-    these can change size on upper casing.
-2)  Correct issues with iconv detection in configure script
-    (support needed to find iconv libraries on FreeBSD).
-3)  Fix bug that caused a WINS server to be marked as dead
-    incorrectly (bug #190).
-4)  Removing additional deadlocks conditions that prevented 
-    winbindd from running on a Samba PDC (used for trust 
-    relationships).
-5)  Add support for searching for Active Directory for 
-    published printers (net ads printer search).
-6)  Separate UNIX username from DOMAIN\username in pipe 
-    credentials.
-7)  Auth modules now support returning NT_STATUS_NOT_IMPLEMENTED
-    for cases that they cannot handle.
-8)  Flush winbindd connection cache when the machine trust account
-    password is changed while a connection is open (bug #200).
-9)  Add support for 'OSVersion' server printer data string
-    (corrects problem with uploading printer drivers from 
-    WinXP clients).
-10) Numerous memory leak fixes.
-11) LDAP fixes ("passdb backend = ldapsam" & "idmap backend = ldap"):
-    - Store domain SID in LDAP directory.
-    - store idmap information in existing entries (use sambaSID=... 
-      if adding a new entry).
-12) Fix incorrect usage of primary group SID when looking up user 
-    groups (bug #109).
-13) Remove idmap_XX_to_XX calls from smbd.  Move back to the the
-    winbind_XXX and local_XXX calls used in 2.2.
-14) All uid/gid allocation must involve winbindd now (we do not 
-    attempt to map unknown SIDs to a UNIX identify).
-15) Add 'winbind trusted domains only' parameter to force a domain
-    member.  The server to use matching users names from /etc/passwd 
-    for its domain   (needed for domain member of a Samba domain).
-16) Rename 'idmap only' to 'enable rid algorithm' for better clarity 
-    (defaults to "yes").
-17) Add support for multi-byte statcache code (bug #185)
-18) Fix open mode race condition.
-19) Implement winbindd local account management functions.  Refer to
-    the "Winbind Changes" section for details.
-20) Move RID allocation functions into idmap backend.
-21) Fix parsing error that prevented publishing printers from a 
-    Samba server in an AD domain.
-22) Revive NTLMSSP support for named pipes.
-23) More SCHANNEL fixes.
-24) Correct SMB signing with NTLMSSP.
-25) Fix coherency bug in print handle/printer object caching code
-    that could cause XP clients to infinitely loop while updating 
-    their local printer cache.
-26) Make winbindd use its dual-daemon mode by default (use -Y to 
-    start as a single process).
-27) Add support to nmbd and winbindd for 'smbcontrol <pid> 
-    reload-config'.
-28) Correct problem with smbtar when dealing with files > 8Gb 
-    (bug #102).
-
-
-
-Changes since 3.0beta1
-######################
-
-1)  Rework our smb signing code again, this factors out some of 
-    the common MAC calculation code, and now supports multiple 
-    outstanding packets (bug #40).
-2)  Enforce 'client plaintext auth', 'client lanman auth' and 'client
-    ntlmv2 auth'.
-3)  Correct timestamp problem on 64-bit machines (bug #140).
-4)  Add extra debugging statements to winbindd for tracking down
-    failures.
-5)  Fix bug when aliased 'winbind uid/gid' parameters are used.
-    ('winbind uid/gid' are now replaced with 'idmap uid/gid').
-6)  Added an auth flag that indicates if we should be allowed 
-    to fall back to NTLMSSP for SASL if krb5 fails.
-7)  Fixed the bug that forced us not to use the winbindd cache when 
-    we have a primary ADS domain and a secondary (trusted) NT4 
-    domain. 
-8)  Use lp_realm() to find the default realm for 'net ads password'.
-9)  Removed editreg from standard build until it is portable..
-10) Fix domain membership for servers not running winbindd.
-11) Correct race condition in determining the high water mark
-    in the idmap backend (bug #181).
-12) Set the user's primary unix group from usrmgr.exe (partial 
-    fix for bug #45).
-13) Show comments when doing 'net group -l' (bug #3).
-14) Add trivial extension to 'net' to dump current local idmap
-    and restore mappings as well.
-15) Modify 'net rpc vampire' to add new and existing users to
-    both the idmap and the SAM.  This code needs further testing.
-16) Fix crash bug in ADS searches.
-17) Build libnss_wins.so as part of nsswitch target (bug #160).
-18) Make net rpc vampire return an error if the sam sync RPC 
-    returns an error.
-19) Fail to join an NT 4 domain as a BDC if a workstation account
-    using our name exists.
-20) Fix various memory leaks in server and client code
-21) Remove the short option to --set-auth-user for wbinfo (-A) to 
-    prevent confusion with the -a option (bug #158).
-22) Added new 'map acl inherit' parameter.
-23) Removed unused 'privileges' code from group mapping database.
-24) Don't segfault on empty passdb backend list (bug #136).
-25) Fixed acl sorting algorithm for Windows 2000 clients.
-26) Replace universal group cache with netsamlogon_cache 
-    from APPLIANCE_HEAD branch.
-27) Fix autoconf detection issues surrounding --with-ads=yes
-    but no Krb5 header files installed (bug #152).
-28) Add LDAP lookup for domain sequence number in case we are 
-    joined using NT4 protocols to a native mode AD domain.
-29) Fix backend method selection for trusted NT 4 (or 2k 
-    mixed mode) domains. 
-30) Fixed bug that caused us to enumerate domain local groups
-    from native mode AD domains other than our own.
-31) Correct group enumeration for viewing in the Windows 
-    security tab (bug #110).
-32) Consolidate the DC location code.
-33) Moved 'ads server' functionality into 'password server' for
-    backwards compatibility.
-34) Fix winbindd_idmap tdb upgrades from a 2.2 installation.
-    ( if you installed beta1, be sure to 
-      'mv idmap.tdb winbindd_idmap.tdb' ).
-35) Fix pdb_ldap segfaults, and wrong default values for 
-    ldapsam_compat.
-36) Enable negative connection cache for winbindd's ADS backend 
-    functions.
-37) Enable address caching for active directory DC's so we don't 
-    have to hit DNS so much.
-38) Fix bug in idmap code that caused mapping to randomly be 
-    redefined.
-39) Add tdb locking code to prevent race condition when adding a 
-    new mapping to idmap.
-40) Fix 'map to guest = bad user' when acting as a PDC supporting 
-    trust relationships.
-41) Prevent deadlock issues when running winbindd on a Samba PDC 
-    to handle allocating uids & gids for trusted users and groups
-42) added LOCALE patch from Steve Langasek (bug #122).
-43) Add the 'guest' passdb backend automatically to the end of 
-    the 'passdb backend' list if 'guest account' has a valid 
-    username.
-44) Remove samstrict_dc auth method.  Rework 'samstrict' to only 
-    handle our local names (or domain name if we are a PDC).  
-    Move existing permissive 'sam' method to 'sam_ignoredomain' 
-    and make 'samstrict' the new default 'sam' auth method.
-45) Match Windows NT4/2k behavior when authenticating a user with
-    and unknown domain (default to our domain if we are a DC or 
-    domain member; default to our local name if we are a 
-    standalone server).
-46) Fix Get_Pwnam() to always fall back to lookup 'user' if the 
-    'DOMAIN\user' lookup fails.  This matches 2.2. behavior.
-47) Fix the trustdom_cache code to update the list of trusted 
-    domains when operating as a domain member and not using 
-    winbindd.
-48) Remove 'nisplussam' passdb backend since it has suffered for 
-    too long without a maintainer.
-    
-
-
-
-######################################################################
-Upgrading from a previous Samba 3.0 beta
-########################################
-
-Beginning with Samba 3.0.0beta3, the RID allocation functions
-have been moved into winbindd.  Previously these were handled
-by each passdb backend.  This means that winbindd must be running
-to automatically allocate RIDs for users and/or groups.  Otherwise,
-smbd will use the 2.2 algorithm for generating new RIDs.
-
-If you are using 'passdb backend = tdbsam' with a previous Samba 
-3.0 beta release (or possibly alpha), it may be necessary to 
-move the RID_COUNTER entry from /usr/local/samba/private/passdb.tdb
-to winbindd_idmap.tdb.  To do this:
-
-1)  Ensure that winbindd_idmap.tdb exists (launch winbindd at least 
-    once)
-2)  build tdbtool by executing 'make tdbtool' in the source/tdb/ 
-    directory
-3)  run: (note that 'tdb>' is the tool's prompt for input)
-
-       root# ./tdbtool /usr/local/samba/private/passdb.tdb
-       tdb> show RID_COUNTER
-       key 12 bytes
-       RID_COUNTER
-       data 4 bytes
-       [000] 0A 52 00 00                                       .R.
-
-       tdb> move RID_COUNTER /usr/local/samba/var/locks/winbindd_idmap.tdb
-       ....
-       record moved
-
-If you are using 'passdb backend = ldapsam', it will be necessary to 
-store idmap entries in the LDAP directory as well (i.e. idmap backend 
-= ldap).  Refer to the 'net idmap' command for more information on 
-migrating SID<->UNIX id mappings from one backend to another.
-
-If the RID_COUNTER record does not exist, then these instructions are
-unneccessary and the new RID_COUNTER record will be correctly generated
-if needed.  
-
-
-
-########################
-Upgrading from Samba 2.2
-########################
-
-This section is provided to help administrators understand the details
-involved with upgrading a Samba 2.2 server to Samba 3.0.
-
-
-Building
---------
-
-Many of the options to the GNU autoconf script have been modified 
-in the 3.0 release.  The most noticeable are:
-
-  * removal of --with-tdbsam (is now included by default; see section
-    on passdb backends and authentication for more details)
-    
-  * --with-ldapsam is now on used to provided backward compatible
-    parameters for LDAP enabled Samba 2.2 servers.  Refer to the passdb 
-    backend and authentication section for more details
-  
-  * inclusion of non-standard passdb modules may be enabled using
-    --with-expsam.  This includes an XML backend and a mysql backend.
-      
-  * removal of --with-msdfs (is now enabled by default)
-  
-  * removal of --with-ssl (no longer supported)
-  
-  * --with-utmp now defaults to 'yes' on supported systems
-  
-  * --with-sendfile-support is now enabled by default on supported 
-    systems
-  
-    
-Parameters
-----------
-
-This section contains a brief listing of changes to smb.conf options
-in the 3.0.0 release.  Please refer to the smb.conf(5) man page for
-complete descriptions of new or modified parameters.
-
-Removed Parameters (order alphabetically):
-
-  * admin log
-  * alternate permissions
-  * character set
-  * client codepage
-  * code page directory
-  * coding system
-  * domain admin group
-  * domain guest group
-  * force unknown acl user
-  * nt smb support
-  * post script
-  * printer driver
-  * printer driver file
-  * printer driver location
-  * status
-  * total print jobs
-  * use rhosts
-  * valid chars
-  * vfs options
-
-New Parameters (new parameters have been grouped by function):
-
-  Remote management
-  -----------------
-  * abort shutdown script
-  * shutdown script
-
-  User and Group Account Management
-  ---------------------------------
-  * add group script
-  * add machine script
-  * add user to group script
-  * algorithmic rid base
-  * delete group script
-  * delete user from group script
-  * passdb backend
-  * set primary group script
-
-  Authentication
-  --------------
-  * auth methods
-  * realm
-
-  Protocol Options
-  ----------------
-  * client lanman auth
-  * client NTLMv2 auth
-  * client schannel
-  * client signing
-  * client use spnego
-  * disable netbios
-  * ntlm auth
-  * paranoid server security
-  * server schannel
-  * server signing
-  * smb ports
-  * use spnego
-
-  File Service
-  ------------
-  * get quota command
-  * hide special files
-  * hide unwriteable files
-  * hostname lookups
-  * kernel change notify
-  * mangle prefix
-  * map acl inherit
-  * msdfs proxy
-  * set quota command
-  * use sendfile
-  * vfs objects
-  
-  Printing
-  --------
-  * max reported print jobs
-
-  UNICODE and Character Sets
-  --------------------------
-  * display charset
-  * dos charset
-  * unicode
-  * unix charset
-  
-  SID to uid/gid Mappings
-  -----------------------
-  * idmap backend
-  * idmap gid
-  * idmap uid
-  * winbind enable local accounts
-  * winbind trusted domains only
-  * template primary group
-  * enable rid algorithm
-
-  LDAP
-  ----
-  * ldap delete dn
-  * ldap group suffix
-  * ldap idmap suffix
-  * ldap machine suffix
-  * ldap passwd sync
-  * ldap user suffix
-  
-  General Configuration
-  ---------------------
-  * preload modules
-  * privatedir
-
-Modified Parameters (changes in behavior):
-
-  * encrypt passwords (enabled by default)
-  * mangling method (set to 'hash2' by default)
-  * passwd chat
-  * passwd program
-  * restrict anonymous (integer value)
-  * security (new 'ads' value)
-  * strict locking (enabled by default)
-  * unix extensions (enabled by default)
-  * winbind cache time (increased to 5 minutes)
-  * winbind uid (deprecated in favor of 'idmap uid')
-  * winbind gid (deprecated in favor of 'idmap gid')
-
-
-Databases
----------
-
-This section contains brief descriptions of any new databases 
-introduced in Samba 3.0.  Please remember to backup your existing 
-${lock directory}/*tdb before upgrading to Samba 3.0.  Samba will 
-upgrade databases as they are opened (if necessary), but downgrading 
-from 3.0 to 2.2 is an unsupported path.
-
-Name			Description				Backup?
-----			-----------				-------
-account_policy		User policy settings			yes
-gencache		Generic caching db			no
-group_mapping		Mapping table from Windows		yes
-			groups/SID to unix groups	
-winbindd_idmap		ID map table from SIDS to UNIX		yes
-			uids/gids.
-namecache		Name resolution cache entries		no
-netsamlogon_cache	Cache of NET_USER_INFO_3 structure	no
-			returned as part of a successful
-			net_sam_logon request 
-printing/*.tdb		Cached output from 'lpq 		no
-			command' created on a per print 
-			service basis
-registry		Read-only samba registry skeleton	no
-			that provides support for exporting
-			various db tables via the winreg RPCs
-
-
-Changes in Behavior
--------------------
-
-The following issues are known changes in behavior between Samba 2.2 and 
-Samba 3.0 that may affect certain installations of Samba.
-
-  1)  When operating as a member of a Windows domain, Samba 2.2 would 
-      map any users authenticated by the remote DC to the 'guest account'
-      if a uid could not be obtained via the getpwnam() call.  Samba 3.0
-      rejects the connection as NT_STATUS_LOGON_FAILURE.  There is no 
-      current work around to re-establish the 2.2 behavior.
-      
-  2)  When adding machines to a Samba 2.2 controlled domain, the 
-      'add user script' was used to create the UNIX identity of the 
-      machine trust account.  Samba 3.0 introduces a new 'add machine 
-      script' that must be specified for this purpose.  Samba 3.0 will
-      not fall back to using the 'add user script' in the absence of 
-      an 'add machine script'
-  
-
-######################################################################
-Passdb Backends and Authentication
-##################################
-
-There have been a few new changes that Samba administrators should be
-aware of when moving to Samba 3.0.
-
-  1) encrypted passwords have been enabled by default in order to 
-     inter-operate better with out-of-the-box Windows client 
-     installations.  This does mean that either (a) a samba account
-     must be created for each user, or (b) 'encrypt passwords = no'
-     must be explicitly defined in smb.conf.
-    
-  2) Inclusion of new 'security = ads' option for integration 
-     with an Active Directory domain using the native Windows
-     Kerberos 5 and LDAP protocols.
-
-     MIT kerberos 1.3.1 supports the ARCFOUR-HMAC-MD5 encryption 
-     type which is neccessary for servers on which the 
-     administrator password has not been changed, or kerberos-enabled 
-     SMB connections to servers that require Kerberos SMB signing.
-     Besides this one difference, either MIT or Heimdal Kerberos
-     distributions are usable by Samba 3.0.
-     
-
-Samba 3.0 also includes the possibility of setting up chains
-of authentication methods (auth methods) and account storage 
-backends (passdb backend).  Please refer to the smb.conf(5) 
-man page for details.  While both parameters assume sane default 
-values, it is likely that you will need to understand what the 
-values actually mean in order to ensure Samba operates correctly.
-
-The recommended passdb backends at this time are
-
-  * smbpasswd - 2.2 compatible flat file format
-  * tdbsam - attribute rich database intended as an smbpasswd
-    replacement for stand alone servers
-  * ldapsam - attribute rich account storage and retrieval 
-    backend utilizing an LDAP directory.  
-  * ldapsam_compat - a 2.2 backward compatible LDAP account 
-    backend
-    
-Certain functions of the smbpasswd(8) tool have been split between the 
-new smbpasswd(8) utility, the net(8) tool, and the new pdbedit(8) 
-utility.  See the respective man pages for details.
-    
-     
-######################################################################
-LDAP
-####
-
-This section outlines the new features affecting Samba / LDAP 
-integration.
-
-New Schema
-----------
-  
-A new object class (sambaSamAccount) has been introduced to replace 
-the old sambaAccount.  This change aids us in the renaming of attributes 
-to prevent clashes with attributes from other vendors.  There is a 
-conversion script (examples/LDAP/convertSambaAccount) to modify and LDIF 
-file to the new schema.
-  
-Example:
-  
-	$ ldapsearch .... -b "ou=people,dc=..." > old.ldif
-	$ convertSambaAccount <DOM SID> old.ldif new.ldif
-	
-The <DOM SID> can be obtained by running 'net getlocalsid <DOMAINNAME>' 
-on the Samba PDC as root.
-    
-The old sambaAccount schema may still be used by specifying the 
-"ldapsam_compat" passdb backend.  However, the sambaAccount and
-associated attributes have been moved to the historical section of
-the schema file and must be uncommented before use if needed.
-The 2.2 object class declaration for a sambaAccount has not changed
-in the 3.0 samba.schema file. 
-  
-Other new object classes and their uses include:
-  
-  * sambaDomain - domain information used to allocate rids 
-    for users and groups as necessary.  The attributes are added
-    in 'ldap suffix' directory entry automatically if 
-    an idmap uid/gid range has been set and the 'ldapsam'
-    passdb backend has been selected.
-      
-  * sambaGroupMapping - an object representing the 
-    relationship between a posixGroup and a Windows
-    group/SID.  These entries are stored in the 'ldap 
-    group suffix' and managed by the 'net groupmap' command.
-    
-  * sambaUnixIdPool - created in the 'ldap idmap suffix' entry 
-    automatically and contains the next available 'idmap uid' and 
-    'idmap gid'
-    
-  * sambaIdmapEntry - object storing a mapping between a 
-    SID and a UNIX uid/gid.  These objects are created by the 
-    idmap_ldap module as needed.
-
-  * sambaSidEntry - object representing a SID alone, as a Structural
-    class on which to build the sambaIdmapEntry.
-
-    
-New Suffix for Searching
-------------------------
-  
-The following new smb.conf parameters have been added to aid in directing
-certain LDAP queries when 'passdb backend = ldapsam://...' has been
-specified.
-
-  * ldap suffix         - used to search for user and computer accounts
-  * ldap user suffix    - used to store user accounts
-  * ldap machine suffix - used to store machine trust accounts
-  * ldap group suffix   - location of posixGroup/sambaGroupMapping entries
-  * ldap idmap suffix   - location of sambaIdmapEntry objects
-
-If an 'ldap suffix' is defined, it will be appended to all of the 
-remaining sub-suffix parameters.  In this case, the order of the suffix
-listings in smb.conf is important.  Always place the 'ldap suffix' first
-in the list.  
-
-Due to a limitation in Samba's smb.conf parsing, you should not surround 
-the DN's with quotation marks.
-
-
-IdMap LDAP support
-------------------
-
-Samba 3.0 supports an ldap backend for the idmap subsystem.  The 
-following options would inform Samba that the idmap table should be
-stored on the directory server onterose in the "ou=idmap,dc=plainjoe,
-dc=org" partition.
-
- [global]
-    ...
-    idmap backend     = ldap:ldap://onterose/
-    ldap idmap suffix = ou=idmap,dc=plainjoe,dc=org
-    idmap uid         = 40000-50000
-    idmap gid         = 40000-50000
-
-This configuration allows winbind installations on multiple servers to
-share a uid/gid number space, thus avoiding the interoperability problems
-with NFS that were present in Samba 2.2.
-    
-
-
-######################################################################
-Trust Relationships and a Samba Domain
-######################################
-
-Samba 3.0.0beta2 is able to utilize winbindd as the means of 
-allocating uids and gids to trusted users and groups.  More
-information regarding Samba's support for establishing trust 
-relationships can be found in the Samba-HOWTO-Collection included
-in the docs/ directory of this release.
-
-First create your Samba PDC and ensure that everything is 
-working correctly before moving on the trusts.
-
-To establish Samba as the trusting domain (named SAMBA) from a Windows NT
-4.0 domain named WINDOWS:
-
-  1) create the trust account for SAMBA in "User Manager for Domains"
-  2) connect the trust from the Samba domain using
-     'net rpc trustdom establish GLASS'
-
-To create a trustlationship with SAMBA as the trusted domain:
-
-  1) create the initial trust account for GLASS using
-     'smbpasswd -a -i GLASS'.  You may need to create a UNIX
-     account for GLASS$ prior to this step (depending on your
-     local configuration).
-  2) connect the trust from a WINDOWS DC using "User Manager
-     for Domains"
-
-Now join winbindd on the Samba PDC to the SAMBA domain using
-the normal steps for adding a Samba server to an NT4 domain:
-(note that smbd & nmbd must be running at this point)
-
-   root# net rpc join -U root
-   Password: <enter root password from smbpasswd file here>
-
-Start winbindd and test the join with 'wbinfo -t'.
-
-Now test the trust relationship by connecting to the SAMBA DC
-(e.g. POGO) as a user from the WINDOWS domain:
-
-   $ smbclient //pogo/netlogon -U Administrator -W WINDOWS
-   Password:
-
-Now connect to the WINDOWS DC (e.g. CRYSTAL) as a Samba user:
-
-   $ smbclient //crystal/netlogon -U root -W WINDOWS
-   Password:
-
-######################################################################
-Changes in Winbind
-##################
-
-Beginning with Samba3.0.0beta3, winbindd has been given new account
-manage functionality equivalent to the 'add user script' family of
-smb.conf parameters.  The idmap design has also been changed to 
-centralize control of foreign SID lookups and matching to UNIX 
-uids and gids.
-
-
-Brief Description of Changes
-----------------------------
-
-1) The sid_to_uid() family of functions (smbd/uid.c) have been 
-   reverted to the 2.2.x design.  This means that when resolving a 
-   SID to a UID or similar mapping:
-
-        a) First consult winbindd
-        b) perform a local lookup only if winbindd fails to
-           return a successful answer
-
-   There are some variations to this, but these two rules generally
-   apply.
-
-2) All idmap lookups have been moved into winbindd.  This means that
-   a server must run winbindd (and support NSS) in order to achieve
-   any mappings of SID to dynamically allocated UNIX ids.  This was
-   a conscious design choice.
-
-3) New functions have been added to winbindd to emulate the 'add user 
-   script' family of smbd functions without requiring that external
-   scripts be defined.  This functionality is controlled by the 'winbind 
-   enable local accounts' smb.conf parameter (enabled by default).
-
-   However, this account management functionality is only supported 
-   in a local tdb (winbindd_idmap.tdb).  If these new UNIX accounts 
-   must be shared among multiple Samba servers (such as a PDC and BDCs), 
-   it will be necessary to define your own 'add user script', et. al.
-   programs that place the accounts/groups in some form of directory
-   such as NIS or LDAP.  This requirement was deemed beyond the scope
-   of winbind's account management functions.  Solutions for 
-   distributing UNIX system information have been deployed and tested 
-   for many years.  We saw no need to reinvent the wheel.
-
-4) A member of a Samba controlled domain running winbindd is now able 
-   to map domain users directly onto existing UNIX accounts while still
-   automatically creating accounts for trusted users and groups.  This
-   behavior is controlled by the 'winbind trusted domains only' smb.conf
-   parameter (disabled by default to provide 2.2.x winbind behavior).
-
-5) Group mapping support is wrapped in the local_XX_to_XX() functions
-   in smbd/uid.c.  The reason that group mappings are not included
-   in winbindd is because the purpose of Samba's group map is to
-   match any Windows SID with an existing UNIX group.  These UNIX
-   groups can be created by winbindd (see next section), but the
-   SID<->gid mapping is retreived by smbd, not winbindd.
-
-
-Examples
---------
-
-* security = server running winbindd to allocate accounts on demand
-
-* Samba PDC running winbindd to handle the automatic creation of UNIX
-  identities for machine trust accounts
-
-* Automtically creating UNIX user and groups when migrating a Windows NT
-  4.0 PDC to a Samba PDC.  Winbindd must be running when executing
-  'net rpc vampire' for this to work.
-
-   
-######################################################################
-Known Issues
-############
-
-* There are several bugs currently logged against the 3.0 codebase
-  that affect the use of NT 4.0 GUI domain management tools when run
-  against a Samba 3.0 PDC.  This bugs should be released in an early 
-  3.0.x release.
-
-Please refer to https://bugzilla.samba.org/ for a current list of bugs 
-filed against the Samba 3.0 codebase.
-
-
-######################################################################
-Reporting bugs & Development Discussion
-#######################################
-
-Please discuss this release on the samba-technical mailing list or by
-joining the #samba-technical IRC channel on irc.freenode.net.
-
-If you do report problems then please try to send high quality
-feedback. If you don't provide vital information to help us track down
-the problem then you will probably be ignored.  
-
-A new bugzilla installation has been established to help support the 
-Samba 3.0 community of users.  This server, located at 
-https://bugzilla.samba.org/, has replaced the older jitterbug server 
-previously located at http://bugs.samba.org/.
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-3.0.0rc4.html b/whatsnew/samba-3.0.0rc4.html
deleted file mode 100755
index 1b52810..0000000
--- a/whatsnew/samba-3.0.0rc4.html
+++ /dev/null
@@ -1,1086 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team announces Samba 3.0.0 RC4</H2>
-
-<p>
-<pre>
-The Samba Team is proud to announce the availability of the
-fourth release candidate of the Samba 3.0.0 code base.  A release
-candidate implies that the code is very close to a final release,
-but remember that this is still a non-production snapshot intended
-for testing purposes. Use at your own risk.
-
-The source code can be downloaded from :
-
-    <a href="http://download.samba.org/samba/ftp/rc/">http://download.samba.org/samba/ftp/rc/</a>
-
-The uncompressed tarball and patch file have been signed
-using GnuPG.  The Samba public key is available at
-
-    <a href="http://download.samba.org/samba/ftp/samba-pubkey.asc">http://download.samba.org/samba/ftp/samba-pubkey.asc</a>
-
-Binary packages are available at
-
-    <a href="http://download.samba.org/samba/ftp/Binary_Packages/">http://download.samba.org/samba/ftp/Binary_Packages/</a>
-
-A simplified version of the CVS log of updates since 3.0.0rc3
-can be found in the the download directory under the name
-ChangeLog-3.0.0rc3-3.0.0rc4.
-
-Please file any bugs you find in this release at
-
-    <a href="https://bugzilla.samba.org/">https://bugzilla.samba.org/</a>
-
-As always, all bugs are our responsibility.
-
-                                  --Enjoy
-                                  The Samba Team
-
-#######################################################################
-                    WHATS NEW IN Samba 3.0.0RC4 
-                        September 11, 2003
-                  ==============================
-
-This is the fourth release candidate snapshot of Samba 3.0.0. A release 
-candidate implies that the code is very close to a final release, remember 
-that this is still a non-production release intended for testing purposes.  
-Use at your own risk. 
-
-The purpose of this release candidate is to get wider testing of the major
-new pieces of code in the current Samba 3.0 development tree. 
-Please refer to the section on "Known Issues" for more details.
-
-
-Major new features:
--------------------
-
-1)  Active Directory support.  Samba 3.0 is now able to  
-    join a ADS realm as a member server and authenticate 
-    users using LDAP/Kerberos.
-
-2)  Unicode support. Samba will now negotiate UNICODE on the wire and
-    internally there is now a much better infrastructure for multi-byte
-    and UNICODE character sets.
-
-3)  New authentication system. The internal authentication system has
-    been almost completely rewritten. Most of the changes are internal,
-    but the new auth system is also very configurable.
-
-4)  New default filename mangling system.
-
-5)  A new "net" command has been added. It is somewhat similar to 
-    the "net" command in windows. Eventually we plan to replace 
-    numerous other utilities (such as smbpasswd) with subcommands 
-    in "net".
-
-6)  Samba now negotiates NT-style status32 codes on the wire. This
-    improves error handling a lot.
-
-7)  Better Windows 2000/XP/2003 printing support including publishing 
-    printer attributes in active directory.
-
-8)  New loadable module support for passdb backends and 
-    character sets.
-
-9)  New default dual-daemon winbindd support for better performance.
-
-10) Support for migrating from a Windows NT 4.0 domain to a Samba 
-    domain and maintaining user, group and domain SIDs.
-
-11) Support for establishing trust relationships with Windows NT 4.0
-    domain controllers.
-  
-12) Initial support for a distributed Winbind architecture using
-    an LDAP directory for storing SID to uid/gid mappings.
-  
-13) Major updates to the Samba documentation tree.
-
-14) Full support for client and server SMB signing to ensure
-    compatibility with default Windows 2003 security settings.
-
-Plus lots of other improvements!
-
-
-Additional Documentation
-------------------------
-
-Please refer to Samba documentation tree (included in the docs/ 
-subdirectory) for extensive explanations of installing, configuring
-and maintaining Samba 3.0 servers and clients.  It is advised to 
-begin with the Samba-HOWTO-Collection for overviews and specific 
-tasks (the current book is up to approximately 400 pages) and to 
-refer to the various man pages for information on individual options.
-
-We are very glad to be able to include the second edition of
-"Using Samba" by Jay Ts, Robert Eckstein, and David Collier-Brown
-(O'Reilly & Associates) in this release.  The book is available
-on-line at http://samba.org/samba/docs/ and is included with 
-the Samba Web Administration Tool (SWAT).  Thanks to the authors and
-publisher for making "Using Samba" under the GNU Free Documentation 
-License.
-
-
-######################################################################
-Changes since 3.0rc3
-####################
-
-Please refer to the CVS log for the SAMBA_3_0 branch for complete 
-details:
-
-1)  Fix incorrect error message in testparm.c regarding 'map system'.
-2)  Protect against core dump if ioctl for print job sends invalid 
-    fid.
-3)  Fix bug in generic hash cacluation.
-4)  Remove references to unused 'strip dot' parameter
-5)  Fix CPU burn bug in multi-byte character conversion.
-6)  Use opt_target_workgroup instead of lp_workgroup() in vampire 
-    code so we can override the value in smb.conf with the -w option.
-7)  Display an error if we can't create a posix account for the 
-    user when running 'net rpc vampire' (bug 323).
-8)  Fix UTF8 conversion bugs in LDAP passdb and idmap code (bug 296).
-9)  Fix smbd crash when changing the machine trust account password 
-    (bug 273).
-10) Remove getpwnam() calls from init_sam_from_xxx().  This means 
-    that %u & %g will no longer expand in the "login ..." set of 
-    smb.conf options, but %U and %G still do. The payback is that 
-    winbindd local accounts for users work with 'wbinfo -u' 
-    when winbind is running on a Samba PDC.
-11) Fix unitiailized timestamp where merging print_jobs and 
-    lpq listing.
-12) Fix bug in debian packaging files affecting non-i386 platforms.
-
-
-Changes since 3.0rc2
-####################
-
-1)  Remove Perl module dependencies in generated RedHat 8/9 RPMS.
-2)  Update mount helper to take synonyms for file_mode and 
-    dir_mode (fmask and dmask).
-3)  Fix portability bug with log2pcaphex.
-4)  Use different algorithm to generate codepages source code which 
-    allows to take gaps into account thus making unnecessary 
-    extended [index] = value, syntax in to_ucs2 array (bug 380).
-5)  Fix comment strings to 43 bytes as per spec.
-6)  Fix pam_winbind compile bug on FreeBSD (bug 261).
-7)  Support for in-memory keytabs, which are needed to make heimdal 
-    work properly.  MIT does not support them, so this check will be 
-    used to decide whether to use them.  (partial fix for bug 372).
-8)  Disable RC4-HMAC on broken heimdal setups.  (remainder of bug 
-    372).
-9)  Correct bug in smbclient that resulted in errors when untarring
-    long filenames (bug 308).
-10) Improve autoconf checks for PAM header files and libs.
-11) Added fast path to convert_string() when dealing with 
-    ASCII->ASCII, UCS2-LE->ASCII, and ASCII->UCS2-LE with 
-    values <= 0x7F. 
-12) Quiet debug messages when we don't find a module and it is not
-    a critical error (bug 375).
-13) Fix UNIX passwd sync properly.
-14) Fix more transitive trust issues in winbindd (bug 305).
-15) Ensure that winbindd functions with 'disable netbios = yes'
-16) Store the real short domain name in secrets.tdb as soon as we
-    know it.  Also display an error message when joining an AD
-    domain and the 'workgroup' parameter has not been specified.
-17) Return 0 DFS links instead of -1 when dfs support is not enabled.
-18) Update LDAP schema for Netscape DS 4.x and Novell eDirectory 8.7
-19) Ensure that name types can be specified using name#type notation
-    in the 'net' command (bug 73).
-20) Add retry looks to ADS sequence number and domain SID lookups 
-    (bug 364).
-21) use a variant of alloc_sub_basic() for string lists such as 
-    'valid users', 'write list', and 'read list' (bug 397).
-22) Fix seg fault when winbindd receives an error from the AD server
-    in response to an LDAP search (bug 282).
-23) Update findsmb to use the new syntax for smbclient and nmblookup.
-24) Fix bug that prevented variables from being used in explicitly 
-    defined path in [homes].
-25) Only set SIDs when they're returned by the MySQL query 
-    (pdb_mysql.so).
-26) Include support for NTLMv2 key exchange.
-27) Revert default for 'client ntlmv2 auth' to off (bug 359).
-28) Fix crash in winbindd when the trust account password gets 
-    changed underneath us via 'net rpc changetrustpw' (bug 382).
-29) Use djb-algorithm string hash - faster than the tdb one we 
-    used to use.  Does not change on disk format or hashing location.
-30) Implements some kind of improved AFS support for Samba on
-    Linux with OpenAFS 1.2.10. './configure --with-fake-kaserver'
-    assumes that you have OpenAFS on your machine.
-31) When enumerating dfs shares loop from 0 to lp_numservices() instead 
-    of relying on lp_servicename(n) to return an empty string for 
-    invalid service numbers (bug 403).
-32) Fix crash bug in 'net rpc samdump' (bug 334).
-33) Fix crash bug in WINS NSS module (bug 299).
-34) Fix a few minor compile errors on HP-UX.
-
-
-
-Changes since 3.0rc1
-####################
-
-1)  Add levels 261 and 262 to search. Found using Samba4 tester.
-2)  Correct bad error return code in session setup reply
-3)  Fix bug where smbd returned DOS error codes from SMBsearch
-    even when NT1 protocol was negotiated.
-4)  Implement SMBexit properly.
-5)  Return group lists from a Samba PDC to a Windows 9x/ME box
-    in implementing user level access control (bug 314).
-6)  Prevent SWAT from crashing when adding shares (bug 254)
-7)  Fix various documentation issues (bugs 304 & 214)
-8)  Fix wins server listing in SWAT (bug 197)
-9)  Fix problem in rpcclient that caused enumerating printer 
-    drivers to report failure (bug 294).
-10) Use kerberos 5 authentication in our client code whenever possible
-11) Fix schannel bug that caused Active Directory DC's to downgrade our
-    machine account to an NT member.
-12) Implement missing SAMR_REMOVE_USER_FOREIGN_DOMAIN call (bug 252).
-13) Implement automatic generation of include/version.h
-14) Include initial version of smbldap-tool scripts for the Samba 
-    3.0 schema.
-15) Implement numerous fixes for multi-byte character strings.
-16) Enable 'unix extensions' parameter by default.
-17) Make sure we set the SID type when falling back to the rid 
-    algorithm (bug 245).
-18) Correct linking problems with pam_smbpass (bug 327).
-19) Add SYSV defines for Irix and Solaris to ensure the 'printing'
-    parameter default to the correct value (bug 230)
-20) Fix recursion bug in alloc_string_sub() (bug 289, et. al.)
-21) Ensure that 'make install' includes the static and shared 
-    versions of the libsmbclient libraries.
-22) Add CP850 and CP437 internal character set support (bug 150).
-23) Add support to examples/LDAP/convertSambaAccount for generating
-    LDIF modify files instead of just add (303).
-24) Fix support for -W option in smbclient (bug 39)
-25) Remove 'ldap trust ids' parameter since it could not be supported
-    by the current architecture.
-26) Don't crash when no argument is given to -T in smbclient (bug 345).
-27) Ensure smbadduser contains the same paths for the smbpasswd file 
-    as the other Samba tools (bug 290).
-28) Port of 'available = no' fix for [homes] from SAMBA_2_2 cvs tree.
-29) Add sanity checks to DeletePrinterData[Ex]() and ensure that the
-    modified printer is written to disk.
-30) Force winbindd to periodically update the trusted domain cache.
-31) Remove outdated import/export script to convert an smbpasswd file
-    to and from and LDAP directory.  Use the pdbedit tool instead.
-32) Ensure that %U substitution is restored on next valid packet
-    if a logon fails.
-
-
-Changes since 3.0beta3
-######################
-
-1)  Various memory leak fixes.
-2)  Provide full support for SMB signing (server and client)
-3)  Check for broken getgrouplist() in glibc.
-4)  Don't get stuck in an infinite loop listing directories 
-    recursively if the server returns an empty directory name
-    (bug 222).
-5)  Idle LDAP connections after 150 seconds.
-6)  Patched make uninstallmodules (bug 236).
-7)  Fix bug that caused smbd to return incomplete directory listings
-    when UNIX files contained MS wildcard characters.
-8)  Quiet default debug messages in command line tools.
-9)  Fixes to avoid panics on invalid multi-byte strings.
-10) Fix error messages when creating a new smbpasswd file (bug 198).
-11) Implemented better detection routines in autoconf scripts for 
-    locating ads support on the host OS.
-12) Fix bug that caused libraries in /usr/local/lib to be ignored 
-    (bug 174).
-13) Ensure winbindd_ads uses the correct realm or domain name when 
-    connecting to trusted DC.
-14) Ensure a correct prototype is created for snprintf() (bug 187)
-15) Stop files being created on read-only shares in some circumstances.
-16) Fix wbinfo -p (bug 251)
-17) Support schannel on any tcp/ip connection if necessary
-18) Correct bug in user_in_list() so that it works with winbind groups 
-    again.
-19) Ensure the schannel bind credentials default to the domain 
-    of the destination host.
-20) Default password expiration time in account_pol.tdb to never 
-    expire.  Remove any existing account_pol.tdb file to reset
-    the new default policy (bug 184). 
-21) Add buttons to SWAT to change the view of smb.conf (bug 212)
-22) Fix incorrect checks that determine whether or not the 'add user 
-    script' has been set.
-23) More cleanup for internal character set conversions.
-24) Fixes for multi-byte strings in stat cache code.
-25) Ensure that the net command honors the 'workgroup' parameter 
-    in smb.conf when not overridden from the command line.
-26) Add gss-spnego support to the ntlm_auth tool.
-27) Add vfs_default_quota VFS module.
-28) Added server support for NT quota interfaces.
-29) Prevent Krb5 replay attacks by adding a replay_cache.
-30) Fix problems with winbindd and transitive trusts in AD domains.
-31) Added -S to client tools for setting SMB signing options on the 
-    command line.
-32) Fix bug causing the 'passwd change program' to be called as the 
-    connected user and not root.
-33) Fixed data corruption bug in byte-range locking (e.g. affected MS Excel).
-34) Support winbindd on FreeBSD is possible.
-35) Look at only the first OID in the security blob sent in the session 
-    setup request to determine the token type.
-36) Only push locks onto a blocking lock queue if the posix lock failed with 
-    EACCES or EAGAIN (this means another lock conflicts). Else return an 
-    error and don't queue the request.
-37) Fix command line argument processing for smbtar.
-38) Correct issue that caused smbd to return generic unix_user.<uid> 
-    for lookupsid().
-39) Default to algorithmic mapping when generating a rid for a group
-    mapping.
-40) Expand %g and %G in logon script, profile path, etc... during
-    a domain logon (bug 208).
-41) Make sure smbclient obeys '-s <config>'
-42) Added win2k3 shadow copy operations to VFS interface.
-43) Allow connections to samba domain member as SERVER\user (don't
-    always default to DOMAIN\user).
-44) Remove checks in winbindd that caused it to attempt to use 
-    non-transitive trust relationships.
-45) Remove delays in winbindd caused by invalid DNS lookups.
-46) Fix supplementary group memberships on systems with slightly 
-    broken NSS implementations (bug 267).
-47) Correct issue that prevented smbclient from viewing shares on 
-    a win2k server when using a non-anonymous connection (bug 284).
-48) Add --domain=DOMAIN_NAME to wbinfo for limiting operations like 
-    'wbinfo -u' to a single domain.  The '.' character represents 
-    our domain.
-49) Fix group enumeration bug when using an LDAP directory for 
-    storing group mappings.
-50) Default to use NTLMv2 if available.  Fallback to not use LM/NTLM
-    when the extended security capability bit is not set.
-51) Fix crash in 'wbinfo -a' when using extended characters in the 
-    username (bug 269).
-52) Fix multi-byte strupper() panics (bug 205).
-53) Add vfs_readonly VFS module.
-54) Make sure to initialize the sambaNextUserRid and sambaNextGroupRid
-    attributes when using 'idmap backend = ldap' (bug 280).
-55) Make sure that users shared between a Samba PDC and member 
-    samba server are seen as domain users and not local users on the 
-    domain member.
-56) Fix Query FS Info level 2.
-57) Allow enumeration of users and groups by win9x "file server" (bug 
-    286).
-58) Create symlinks during install for modules that support mutliple
-    functions (bug 91).
-59) More iconv detection fixes.
-60) Fix path length error in vfs_recycle module (bug 291).
-61) Added server support for the LSA_DS UUID on the \lsarpc pipe.
-    (server DsRoleGetPrimaryDomainInfo() is currently disabled).
-62) Fix SMBseek and get/set position calls.
-62) Fix SetFileInfo level 1.
-63) Added tool to convert smbd log file to a pcap file (log2pcaphex).
-
-
-
-Changes since 3.0beta2
-######################
-
-1)  Added fix for Japanese case names in statcache code; 
-    these can change size on upper casing.
-2)  Correct issues with iconv detection in configure script
-    (support needed to find iconv libraries on FreeBSD).
-3)  Fix bug that caused a WINS server to be marked as dead
-    incorrectly (bug #190).
-4)  Removing additional deadlocks conditions that prevented 
-    winbindd from running on a Samba PDC (used for trust 
-    relationships).
-5)  Add support for searching for Active Directory for 
-    published printers (net ads printer search).
-6)  Separate UNIX username from DOMAIN\username in pipe 
-    credentials.
-7)  Auth modules now support returning NT_STATUS_NOT_IMPLEMENTED
-    for cases that they cannot handle.
-8)  Flush winbindd connection cache when the machine trust account
-    password is changed while a connection is open (bug #200).
-9)  Add support for 'OSVersion' server printer data string
-    (corrects problem with uploading printer drivers from 
-    WinXP clients).
-10) Numerous memory leak fixes.
-11) LDAP fixes ("passdb backend = ldapsam" & "idmap backend = ldap"):
-    - Store domain SID in LDAP directory.
-    - store idmap information in existing entries (use sambaSID=... 
-      if adding a new entry).
-12) Fix incorrect usage of primary group SID when looking up user 
-    groups (bug #109).
-13) Remove idmap_XX_to_XX calls from smbd.  Move back to the the
-    winbind_XXX and local_XXX calls used in 2.2.
-14) All uid/gid allocation must involve winbindd now (we do not 
-    attempt to map unknown SIDs to a UNIX identify).
-15) Add 'winbind trusted domains only' parameter to force a domain
-    member.  The server to use matching users names from /etc/passwd 
-    for its domain   (needed for domain member of a Samba domain).
-16) Rename 'idmap only' to 'enable rid algorithm' for better clarity 
-    (defaults to "yes").
-17) Add support for multi-byte statcache code (bug #185)
-18) Fix open mode race condition.
-19) Implement winbindd local account management functions.  Refer to
-    the "Winbind Changes" section for details.
-20) Move RID allocation functions into idmap backend.
-21) Fix parsing error that prevented publishing printers from a 
-    Samba server in an AD domain.
-22) Revive NTLMSSP support for named pipes.
-23) More SCHANNEL fixes.
-24) Correct SMB signing with NTLMSSP.
-25) Fix coherency bug in print handle/printer object caching code
-    that could cause XP clients to infinitely loop while updating 
-    their local printer cache.
-26) Make winbindd use its dual-daemon mode by default (use -Y to 
-    start as a single process).
-27) Add support to nmbd and winbindd for 'smbcontrol <pid> 
-    reload-config'.
-28) Correct problem with smbtar when dealing with files > 8Gb 
-    (bug #102).
-
-
-
-Changes since 3.0beta1
-######################
-
-1)  Rework our smb signing code again, this factors out some of 
-    the common MAC calculation code, and now supports multiple 
-    outstanding packets (bug #40).
-2)  Enforce 'client plaintext auth', 'client lanman auth' and 'client
-    ntlmv2 auth'.
-3)  Correct timestamp problem on 64-bit machines (bug #140).
-4)  Add extra debugging statements to winbindd for tracking down
-    failures.
-5)  Fix bug when aliased 'winbind uid/gid' parameters are used.
-    ('winbind uid/gid' are now replaced with 'idmap uid/gid').
-6)  Added an auth flag that indicates if we should be allowed 
-    to fall back to NTLMSSP for SASL if krb5 fails.
-7)  Fixed the bug that forced us not to use the winbindd cache when 
-    we have a primary ADS domain and a secondary (trusted) NT4 
-    domain. 
-8)  Use lp_realm() to find the default realm for 'net ads password'.
-9)  Removed editreg from standard build until it is portable..
-10) Fix domain membership for servers not running winbindd.
-11) Correct race condition in determining the high water mark
-    in the idmap backend (bug #181).
-12) Set the user's primary unix group from usrmgr.exe (partial 
-    fix for bug #45).
-13) Show comments when doing 'net group -l' (bug #3).
-14) Add trivial extension to 'net' to dump current local idmap
-    and restore mappings as well.
-15) Modify 'net rpc vampire' to add new and existing users to
-    both the idmap and the SAM.  This code needs further testing.
-16) Fix crash bug in ADS searches.
-17) Build libnss_wins.so as part of nsswitch target (bug #160).
-18) Make net rpc vampire return an error if the sam sync RPC 
-    returns an error.
-19) Fail to join an NT 4 domain as a BDC if a workstation account
-    using our name exists.
-20) Fix various memory leaks in server and client code
-21) Remove the short option to --set-auth-user for wbinfo (-A) to 
-    prevent confusion with the -a option (bug #158).
-22) Added new 'map acl inherit' parameter.
-23) Removed unused 'privileges' code from group mapping database.
-24) Don't segfault on empty passdb backend list (bug #136).
-25) Fixed acl sorting algorithm for Windows 2000 clients.
-26) Replace universal group cache with netsamlogon_cache 
-    from APPLIANCE_HEAD branch.
-27) Fix autoconf detection issues surrounding --with-ads=yes
-    but no Krb5 header files installed (bug #152).
-28) Add LDAP lookup for domain sequence number in case we are 
-    joined using NT4 protocols to a native mode AD domain.
-29) Fix backend method selection for trusted NT 4 (or 2k 
-    mixed mode) domains. 
-30) Fixed bug that caused us to enumerate domain local groups
-    from native mode AD domains other than our own.
-31) Correct group enumeration for viewing in the Windows 
-    security tab (bug #110).
-32) Consolidate the DC location code.
-33) Moved 'ads server' functionality into 'password server' for
-    backwards compatibility.
-34) Fix winbindd_idmap tdb upgrades from a 2.2 installation.
-    ( if you installed beta1, be sure to 
-      'mv idmap.tdb winbindd_idmap.tdb' ).
-35) Fix pdb_ldap segfaults, and wrong default values for 
-    ldapsam_compat.
-36) Enable negative connection cache for winbindd's ADS backend 
-    functions.
-37) Enable address caching for active directory DC's so we don't 
-    have to hit DNS so much.
-38) Fix bug in idmap code that caused mapping to randomly be 
-    redefined.
-39) Add tdb locking code to prevent race condition when adding a 
-    new mapping to idmap.
-40) Fix 'map to guest = bad user' when acting as a PDC supporting 
-    trust relationships.
-41) Prevent deadlock issues when running winbindd on a Samba PDC 
-    to handle allocating uids & gids for trusted users and groups
-42) added LOCALE patch from Steve Langasek (bug #122).
-43) Add the 'guest' passdb backend automatically to the end of 
-    the 'passdb backend' list if 'guest account' has a valid 
-    username.
-44) Remove samstrict_dc auth method.  Rework 'samstrict' to only 
-    handle our local names (or domain name if we are a PDC).  
-    Move existing permissive 'sam' method to 'sam_ignoredomain' 
-    and make 'samstrict' the new default 'sam' auth method.
-45) Match Windows NT4/2k behavior when authenticating a user with
-    and unknown domain (default to our domain if we are a DC or 
-    domain member; default to our local name if we are a 
-    standalone server).
-46) Fix Get_Pwnam() to always fall back to lookup 'user' if the 
-    'DOMAIN\user' lookup fails.  This matches 2.2. behavior.
-47) Fix the trustdom_cache code to update the list of trusted 
-    domains when operating as a domain member and not using 
-    winbindd.
-48) Remove 'nisplussam' passdb backend since it has suffered for 
-    too long without a maintainer.
-    
-
-
-
-######################################################################
-Upgrading from a previous Samba 3.0 beta
-########################################
-
-Beginning with Samba 3.0.0beta3, the RID allocation functions
-have been moved into winbindd.  Previously these were handled
-by each passdb backend.  This means that winbindd must be running
-to automatically allocate RIDs for users and/or groups.  Otherwise,
-smbd will use the 2.2 algorithm for generating new RIDs.
-
-If you are using 'passdb backend = tdbsam' with a previous Samba 
-3.0 beta release (or possibly alpha), it may be necessary to 
-move the RID_COUNTER entry from /usr/local/samba/private/passdb.tdb
-to winbindd_idmap.tdb.  To do this:
-
-1)  Ensure that winbindd_idmap.tdb exists (launch winbindd at least 
-    once)
-2)  build tdbtool by executing 'make tdbtool' in the source/tdb/ 
-    directory
-3)  run: (note that 'tdb>' is the tool's prompt for input)
-
-       root# ./tdbtool /usr/local/samba/private/passdb.tdb
-       tdb> show RID_COUNTER
-       key 12 bytes
-       RID_COUNTER
-       data 4 bytes
-       [000] 0A 52 00 00                                       .R.
-
-       tdb> move RID_COUNTER /usr/local/samba/var/locks/winbindd_idmap.tdb
-       ....
-       record moved
-
-If you are using 'passdb backend = ldapsam', it will be necessary to 
-store idmap entries in the LDAP directory as well (i.e. idmap backend 
-= ldap).  Refer to the 'net idmap' command for more information on 
-migrating SID<->UNIX id mappings from one backend to another.
-
-If the RID_COUNTER record does not exist, then these instructions are
-unneccessary and the new RID_COUNTER record will be correctly generated
-if needed.  
-
-
-
-########################
-Upgrading from Samba 2.2
-########################
-
-This section is provided to help administrators understand the details
-involved with upgrading a Samba 2.2 server to Samba 3.0.
-
-
-Building
---------
-
-Many of the options to the GNU autoconf script have been modified 
-in the 3.0 release.  The most noticeable are:
-
-  * removal of --with-tdbsam (is now included by default; see section
-    on passdb backends and authentication for more details)
-    
-  * --with-ldapsam is now on used to provided backward compatible
-    parameters for LDAP enabled Samba 2.2 servers.  Refer to the passdb 
-    backend and authentication section for more details
-  
-  * inclusion of non-standard passdb modules may be enabled using
-    --with-expsam.  This includes an XML backend and a mysql backend.
-      
-  * removal of --with-msdfs (is now enabled by default)
-  
-  * removal of --with-ssl (no longer supported)
-  
-  * --with-utmp now defaults to 'yes' on supported systems
-  
-  * --with-sendfile-support is now enabled by default on supported 
-    systems
-  
-    
-Parameters
-----------
-
-This section contains a brief listing of changes to smb.conf options
-in the 3.0.0 release.  Please refer to the smb.conf(5) man page for
-complete descriptions of new or modified parameters.
-
-Removed Parameters (order alphabetically):
-
-  * admin log
-  * alternate permissions
-  * character set
-  * client codepage
-  * code page directory
-  * coding system
-  * domain admin group
-  * domain guest group
-  * force unknown acl user
-  * nt smb support
-  * postscript
-  * printer driver
-  * printer driver file
-  * printer driver location
-  * status
-  * strip dot
-  * total print jobs
-  * use rhosts
-  * valid chars
-  * vfs options
-
-New Parameters (new parameters have been grouped by function):
-
-  Remote management
-  -----------------
-  * abort shutdown script
-  * shutdown script
-
-  User and Group Account Management
-  ---------------------------------
-  * add group script
-  * add machine script
-  * add user to group script
-  * algorithmic rid base
-  * delete group script
-  * delete user from group script
-  * passdb backend
-  * set primary group script
-
-  Authentication
-  --------------
-  * auth methods
-  * realm
-
-  Protocol Options
-  ----------------
-  * client lanman auth
-  * client NTLMv2 auth
-  * client schannel
-  * client signing
-  * client use spnego
-  * disable netbios
-  * ntlm auth
-  * paranoid server security
-  * server schannel
-  * server signing
-  * smb ports
-  * use spnego
-
-  File Service
-  ------------
-  * get quota command
-  * hide special files
-  * hide unwriteable files
-  * hostname lookups
-  * kernel change notify
-  * mangle prefix
-  * map acl inherit
-  * msdfs proxy
-  * set quota command
-  * use sendfile
-  * vfs objects
-  
-  Printing
-  --------
-  * max reported print jobs
-
-  UNICODE and Character Sets
-  --------------------------
-  * display charset
-  * dos charset
-  * unicode
-  * unix charset
-  
-  SID to uid/gid Mappings
-  -----------------------
-  * idmap backend
-  * idmap gid
-  * idmap uid
-  * winbind enable local accounts
-  * winbind trusted domains only
-  * template primary group
-  * enable rid algorithm
-
-  LDAP
-  ----
-  * ldap delete dn
-  * ldap group suffix
-  * ldap idmap suffix
-  * ldap machine suffix
-  * ldap passwd sync
-  * ldap user suffix
-  
-  General Configuration
-  ---------------------
-  * preload modules
-  * private dir
-
-Modified Parameters (changes in behavior):
-
-  * encrypt passwords (enabled by default)
-  * mangling method (set to 'hash2' by default)
-  * passwd chat
-  * passwd program
-  * restrict anonymous (integer value)
-  * security (new 'ads' value)
-  * strict locking (enabled by default)
-  * unix extensions (enabled by default)
-  * winbind cache time (increased to 5 minutes)
-  * winbind uid (deprecated in favor of 'idmap uid')
-  * winbind gid (deprecated in favor of 'idmap gid')
-
-
-Databases
----------
-
-This section contains brief descriptions of any new databases 
-introduced in Samba 3.0.  Please remember to backup your existing 
-${lock directory}/*tdb before upgrading to Samba 3.0.  Samba will 
-upgrade databases as they are opened (if necessary), but downgrading 
-from 3.0 to 2.2 is an unsupported path.
-
-Name			Description				Backup?
-----			-----------				-------
-account_policy		User policy settings			yes
-gencache		Generic caching db			no
-group_mapping		Mapping table from Windows		yes
-			groups/SID to unix groups	
-winbindd_idmap		ID map table from SIDS to UNIX		yes
-			uids/gids.
-namecache		Name resolution cache entries		no
-netsamlogon_cache	Cache of NET_USER_INFO_3 structure	no
-			returned as part of a successful
-			net_sam_logon request 
-printing/*.tdb		Cached output from 'lpq 		no
-			command' created on a per print 
-			service basis
-registry		Read-only samba registry skeleton	no
-			that provides support for exporting
-			various db tables via the winreg RPCs
-
-
-Changes in Behavior
--------------------
-
-The following issues are known changes in behavior between Samba 2.2 and 
-Samba 3.0 that may affect certain installations of Samba.
-
-  1)  When operating as a member of a Windows domain, Samba 2.2 would 
-      map any users authenticated by the remote DC to the 'guest account'
-      if a uid could not be obtained via the getpwnam() call.  Samba 3.0
-      rejects the connection as NT_STATUS_LOGON_FAILURE.  There is no 
-      current work around to re-establish the 2.2 behavior.
-      
-  2)  When adding machines to a Samba 2.2 controlled domain, the 
-      'add user script' was used to create the UNIX identity of the 
-      machine trust account.  Samba 3.0 introduces a new 'add machine 
-      script' that must be specified for this purpose.  Samba 3.0 will
-      not fall back to using the 'add user script' in the absence of 
-      an 'add machine script'
-  
-
-######################################################################
-Passdb Backends and Authentication
-##################################
-
-There have been a few new changes that Samba administrators should be
-aware of when moving to Samba 3.0.
-
-  1) encrypted passwords have been enabled by default in order to 
-     inter-operate better with out-of-the-box Windows client 
-     installations.  This does mean that either (a) a samba account
-     must be created for each user, or (b) 'encrypt passwords = no'
-     must be explicitly defined in smb.conf.
-    
-  2) Inclusion of new 'security = ads' option for integration 
-     with an Active Directory domain using the native Windows
-     Kerberos 5 and LDAP protocols.
-
-     MIT kerberos 1.3.1 supports the ARCFOUR-HMAC-MD5 encryption 
-     type which is neccessary for servers on which the 
-     administrator password has not been changed, or kerberos-enabled 
-     SMB connections to servers that require Kerberos SMB signing.
-     Besides this one difference, either MIT or Heimdal Kerberos
-     distributions are usable by Samba 3.0.
-     
-
-Samba 3.0 also includes the possibility of setting up chains
-of authentication methods (auth methods) and account storage 
-backends (passdb backend).  Please refer to the smb.conf(5) 
-man page for details.  While both parameters assume sane default 
-values, it is likely that you will need to understand what the 
-values actually mean in order to ensure Samba operates correctly.
-
-The recommended passdb backends at this time are
-
-  * smbpasswd - 2.2 compatible flat file format
-  * tdbsam - attribute rich database intended as an smbpasswd
-    replacement for stand alone servers
-  * ldapsam - attribute rich account storage and retrieval 
-    backend utilizing an LDAP directory.  
-  * ldapsam_compat - a 2.2 backward compatible LDAP account 
-    backend
-    
-Certain functions of the smbpasswd(8) tool have been split between the 
-new smbpasswd(8) utility, the net(8) tool, and the new pdbedit(8) 
-utility.  See the respective man pages for details.
-    
-     
-######################################################################
-LDAP
-####
-
-This section outlines the new features affecting Samba / LDAP 
-integration.
-
-New Schema
-----------
-  
-A new object class (sambaSamAccount) has been introduced to replace 
-the old sambaAccount.  This change aids us in the renaming of attributes 
-to prevent clashes with attributes from other vendors.  There is a 
-conversion script (examples/LDAP/convertSambaAccount) to modify and LDIF 
-file to the new schema.
-  
-Example:
-  
-	$ ldapsearch .... -b "ou=people,dc=..." > old.ldif
-	$ convertSambaAccount <DOM SID> old.ldif new.ldif
-	
-The <DOM SID> can be obtained by running 'net getlocalsid <DOMAINNAME>' 
-on the Samba PDC as root.
-    
-The old sambaAccount schema may still be used by specifying the 
-"ldapsam_compat" passdb backend.  However, the sambaAccount and
-associated attributes have been moved to the historical section of
-the schema file and must be uncommented before use if needed.
-The 2.2 object class declaration for a sambaAccount has not changed
-in the 3.0 samba.schema file. 
-  
-Other new object classes and their uses include:
-  
-  * sambaDomain - domain information used to allocate rids 
-    for users and groups as necessary.  The attributes are added
-    in 'ldap suffix' directory entry automatically if 
-    an idmap uid/gid range has been set and the 'ldapsam'
-    passdb backend has been selected.
-      
-  * sambaGroupMapping - an object representing the 
-    relationship between a posixGroup and a Windows
-    group/SID.  These entries are stored in the 'ldap 
-    group suffix' and managed by the 'net groupmap' command.
-    
-  * sambaUnixIdPool - created in the 'ldap idmap suffix' entry 
-    automatically and contains the next available 'idmap uid' and 
-    'idmap gid'
-    
-  * sambaIdmapEntry - object storing a mapping between a 
-    SID and a UNIX uid/gid.  These objects are created by the 
-    idmap_ldap module as needed.
-
-  * sambaSidEntry - object representing a SID alone, as a Structural
-    class on which to build the sambaIdmapEntry.
-
-    
-New Suffix for Searching
-------------------------
-  
-The following new smb.conf parameters have been added to aid in directing
-certain LDAP queries when 'passdb backend = ldapsam://...' has been
-specified.
-
-  * ldap suffix         - used to search for user and computer accounts
-  * ldap user suffix    - used to store user accounts
-  * ldap machine suffix - used to store machine trust accounts
-  * ldap group suffix   - location of posixGroup/sambaGroupMapping entries
-  * ldap idmap suffix   - location of sambaIdmapEntry objects
-
-If an 'ldap suffix' is defined, it will be appended to all of the 
-remaining sub-suffix parameters.  In this case, the order of the suffix
-listings in smb.conf is important.  Always place the 'ldap suffix' first
-in the list.  
-
-Due to a limitation in Samba's smb.conf parsing, you should not surround 
-the DN's with quotation marks.
-
-
-IdMap LDAP support
-------------------
-
-Samba 3.0 supports an ldap backend for the idmap subsystem.  The 
-following options would inform Samba that the idmap table should be
-stored on the directory server onterose in the "ou=idmap,dc=plainjoe,
-dc=org" partition.
-
- [global]
-    ...
-    idmap backend     = ldap:ldap://onterose/
-    ldap idmap suffix = ou=idmap,dc=plainjoe,dc=org
-    idmap uid         = 40000-50000
-    idmap gid         = 40000-50000
-
-This configuration allows winbind installations on multiple servers to
-share a uid/gid number space, thus avoiding the interoperability problems
-with NFS that were present in Samba 2.2.
-    
-
-
-######################################################################
-Trust Relationships and a Samba Domain
-######################################
-
-Samba 3.0.0beta2 is able to utilize winbindd as the means of 
-allocating uids and gids to trusted users and groups.  More
-information regarding Samba's support for establishing trust 
-relationships can be found in the Samba-HOWTO-Collection included
-in the docs/ directory of this release.
-
-First create your Samba PDC and ensure that everything is 
-working correctly before moving on the trusts.
-
-To establish Samba as the trusting domain (named SAMBA) from a Windows NT
-4.0 domain named WINDOWS:
-
-  1) create the trust account for SAMBA in "User Manager for Domains"
-  2) connect the trust from the Samba domain using
-     'net rpc trustdom establish GLASS'
-
-To create a trustlationship with SAMBA as the trusted domain:
-
-  1) create the initial trust account for GLASS using
-     'smbpasswd -a -i GLASS'.  You may need to create a UNIX
-     account for GLASS$ prior to this step (depending on your
-     local configuration).
-  2) connect the trust from a WINDOWS DC using "User Manager
-     for Domains"
-
-Now join winbindd on the Samba PDC to the SAMBA domain using
-the normal steps for adding a Samba server to an NT4 domain:
-(note that smbd & nmbd must be running at this point)
-
-   root# net rpc join -U root
-   Password: <enter root password from smbpasswd file here>
-
-Start winbindd and test the join with 'wbinfo -t'.
-
-Now test the trust relationship by connecting to the SAMBA DC
-(e.g. POGO) as a user from the WINDOWS domain:
-
-   $ smbclient //pogo/netlogon -U Administrator -W WINDOWS
-   Password:
-
-Now connect to the WINDOWS DC (e.g. CRYSTAL) as a Samba user:
-
-   $ smbclient //crystal/netlogon -U root -W WINDOWS
-   Password:
-
-######################################################################
-Changes in Winbind
-##################
-
-Beginning with Samba3.0.0beta3, winbindd has been given new account
-manage functionality equivalent to the 'add user script' family of
-smb.conf parameters.  The idmap design has also been changed to 
-centralize control of foreign SID lookups and matching to UNIX 
-uids and gids.
-
-
-Brief Description of Changes
-----------------------------
-
-1) The sid_to_uid() family of functions (smbd/uid.c) have been 
-   reverted to the 2.2.x design.  This means that when resolving a 
-   SID to a UID or similar mapping:
-
-        a) First consult winbindd
-        b) perform a local lookup only if winbindd fails to
-           return a successful answer
-
-   There are some variations to this, but these two rules generally
-   apply.
-
-2) All idmap lookups have been moved into winbindd.  This means that
-   a server must run winbindd (and support NSS) in order to achieve
-   any mappings of SID to dynamically allocated UNIX ids.  This was
-   a conscious design choice.
-
-3) New functions have been added to winbindd to emulate the 'add user 
-   script' family of smbd functions without requiring that external
-   scripts be defined.  This functionality is controlled by the 'winbind 
-   enable local accounts' smb.conf parameter (enabled by default).
-
-   However, this account management functionality is only supported 
-   in a local tdb (winbindd_idmap.tdb).  If these new UNIX accounts 
-   must be shared among multiple Samba servers (such as a PDC and BDCs), 
-   it will be necessary to define your own 'add user script', et. al.
-   programs that place the accounts/groups in some form of directory
-   such as NIS or LDAP.  This requirement was deemed beyond the scope
-   of winbind's account management functions.  Solutions for 
-   distributing UNIX system information have been deployed and tested 
-   for many years.  We saw no need to reinvent the wheel.
-
-4) A member of a Samba controlled domain running winbindd is now able 
-   to map domain users directly onto existing UNIX accounts while still
-   automatically creating accounts for trusted users and groups.  This
-   behavior is controlled by the 'winbind trusted domains only' smb.conf
-   parameter (disabled by default to provide 2.2.x winbind behavior).
-
-5) Group mapping support is wrapped in the local_XX_to_XX() functions
-   in smbd/uid.c.  The reason that group mappings are not included
-   in winbindd is because the purpose of Samba's group map is to
-   match any Windows SID with an existing UNIX group.  These UNIX
-   groups can be created by winbindd (see next section), but the
-   SID<->gid mapping is retreived by smbd, not winbindd.
-
-
-Examples
---------
-
-* security = server running winbindd to allocate accounts on demand
-
-* Samba PDC running winbindd to handle the automatic creation of UNIX
-  identities for machine trust accounts
-
-* Automtically creating UNIX user and groups when migrating a Windows NT
-  4.0 PDC to a Samba PDC.  Winbindd must be running when executing
-  'net rpc vampire' for this to work.
-
-   
-######################################################################
-Known Issues
-############
-
-* There are several bugs currently logged against the 3.0 codebase
-  that affect the use of NT 4.0 GUI domain management tools when run
-  against a Samba 3.0 PDC.  This bugs should be released in an early 
-  3.0.x release.
-
-Please refer to https://bugzilla.samba.org/ for a current list of bugs 
-filed against the Samba 3.0 codebase.
-
-
-######################################################################
-Reporting bugs & Development Discussion
-#######################################
-
-Please discuss this release on the samba-technical mailing list or by
-joining the #samba-technical IRC channel on irc.freenode.net.
-
-If you do report problems then please try to send high quality
-feedback. If you don't provide vital information to help us track down
-the problem then you will probably be ignored.  
-
-A new bugzilla installation has been established to help support the 
-Samba 3.0 community of users.  This server, located at 
-https://bugzilla.samba.org/, has replaced the older jitterbug server 
-previously located at http://bugs.samba.org/.
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-3.0.1.html b/whatsnew/samba-3.0.1.html
deleted file mode 100755
index e91bfb3..0000000
--- a/whatsnew/samba-3.0.1.html
+++ /dev/null
@@ -1,1040 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>Samba 3.0.1 Available for Download</H2>
-
-<p>
-<pre>
-The Samba Team is proud to announce the availability 
-of the first patch release of the Samba 3.0 code base.
-This is the latest stable release of Samba and the  
-version that all production Samba servers should be running 
-for all current bug-fixes.  Some of the more common bugs in
-3.0.0 addressed in the release include:
-
-  * Substitution problems with smb.conf variables.
-  * Errors in return codes which caused some applications
-    to fail to open files.
-  * General Protection Faults on Windows 2000/XP clients
-    using Samba point-n-print features.
-  * Several miscellaneous crash bugs.
-  * Access problems when enumerating group mappings are 
-    stored in an LDAP Directory.
-  * Several common SWAT bugs when writing changes to 
-    smb.conf.
-  * Internal inconsistencies when 'winbind use default 
-    domain = yes'
-
-The source code can be downloaded from :
-
-    <a href="http://download.samba.org/samba/ftp/">http://download.samba.org/samba/ftp/</a>
-
-The uncompressed tarball and patch file have been signed
-using GnuPG.  The Samba public key is available at
-
-    <a href="http://download.samba.org/samba/ftp/samba-pubkey.asc">http://download.samba.org/samba/ftp/samba-pubkey.asc</a>
-
-Binary packages are available at
-
-    <a href="http://download.samba.org/samba/ftp/Binary_Packages/">http://download.samba.org/samba/ftp/Binary_Packages/</a>
-
-A simplified version of the CVS log of updates since 3.0.0 can
-be found in the the download directory under the name 
-<a href="/samba/ftp/ChangeLog-3.0.0-3.0.1">ChangeLog-3.0.0-3.0.1</a>.  
-The release notes are also available on-line at
-
-  <a href="http://www.samba.org/samba/whatsnew/samba-3.0.1.html">http://www.samba.org/samba/whatsnew/samba-3.0.1.html</a>
-
-Please file any bugs you find in this release at
-
-    <a href="https://bugzilla.samba.org/">https://bugzilla.samba.org/</a>
-
-As always, all bugs are our responsibility.
-
-                                  --Enjoy
-                                  The Samba Team
-
-
-#######################################################################
-                      WHATS NEW IN Samba 3.0.1
-                         December 15, 2003
-                  ===============================
-
-This is the latest stable release of Samba. This is the 
-version that all production Samba servers should be running 
-for all current bug-fixes.  Some of the more common bugs in
-3.0.0 addressed  in the release include:
-
-  * Substitution problems with smb.conf variables.
-  * Errors in return codes which caused some applications
-    to fail to open files.
-  * General Protection Faults on Windows 2000/XP clients
-    using Samba point-n-print features.
-  * Several miscellaneous crash bugs.
-  * Access problems when enumerating group mappings are 
-    stored in an LDAP Directory.
-  * Several common SWAT bugs when writing changes to 
-    smb.conf.
-  * Internal inconsistencies when 'winbind use default 
-    domain = yes'
-
-
-######################################################################
-Changes
-#######
-Changes since 3.0.1rc2
-----------------------
-
-Please refer to the CVS log for the SAMBA_3_0 branch for complete
-details:
-
-1)  Fix uninitialized variable in passdb.c.
-2)  Fix formal parameter type in get_static() in nsswitch/wins.c.
-3)  Fix problem mounting directories when mount.cifs is installed 
-    with the setuid bit on.
-4)  Fix bug that prevent --mandir from overriding the defaults
-    given in the --with-fhs macro.
-5)  Fix bug in in-memory Kerberos keytab detection routines 
-    in configure.in
-
-
-Changes since 3.0.1rc1
------------------------
-
-1)  Update version string in smbldap-tools Makefile to 0.8.2.
-2)  Correct a problem with "net rpc vampire" mis-parsing the 
-    alias member info reply.
-3)  Ensure the ${libdir} is created by the installclientlib script.
-4)  Fix detection of Windows 2003 client architecture in the smb.conf
-    %a variable.
-5)  Ensure that smbd calls the add user script for a missing UNIX 
-    user on kerberos auth call (bug 445).
-6)  Fix bugs in hosts allow/deny when using a mismatched 
-    network/netmask pair.
-7)  Protect alloc_sub_basic() from crashing when the source string 
-    is NULL (partial work on bug 687).
-8)  Fix spinlocks on IRIX.
-9)  Corrected some bad destination paths when running "configure 
-    --with-fhs".
-10) Add packaging files for Fedora Core 1.
-11) Correct bug in SWAT install script for non-english languages.
-12) Support character set ISO-8859-1 internally (bug 558).
-13) Fixed more LDAP access errors when looking up group mappings 
-    (bug 281).
-14) Fix UNISTR2 length bug in LsaQueryInfo(3) that caused SID 
-    resolution to fail on local files on on domain members 
-    (bug 875).
-
-
-Changes since 3.0.1pre3
------------------------
-
-Removed Parameters
-  * hide local users
-  
-Added Parameters
-  * passwd chat timeout
-
-1)  Fix for pdbedit error code returns (bug 763).
-2)  Make sure we only enumerate group mapping entries  (not 
-    /etc/group) even when doing local aliases.
-3)  Relax check on the pipe name in a dce/rpc bind response to work 
-    around issues with establishing trusts to a Windows 2003 domain.
-4)  Ensure we mangle names ending in '.' in hash2 mangling method.
-5)  Correct parsing issues with munged dial string.
-6)  Fix bugs in quota support for XFS.
-7)  Add a cleaner method for applications that need to provide name->SID
-    mappings to do this via NSS rather than having to know the
-    winbindd pipe protocol.
-8)  Adds a variant of the winbindd_getgroups() call called 
-    winbindd_getusersids() that provides direct SID->SIDs listing of a 
-    users supplementary groups. This is enough to allow non-Samba 
-    applications to do ACL checking.
-9)  Make sure we don't append the 'ldap suffix' when writing out the 
-    'ldap XXX suffix' values in SWAT (bug 328).
-10) Fix renames across file systems.
-11) Ensure that items in a list of strings containing whitespace are 
-    written out surrounded by single quotes.  This means that both 
-    double and single quotes are now used to surround strings in 
-    smb.conf (bug 481).
-12) Enable SWAT to correctly determine if winbindd is running (bug 
-    398).
-13) Include WWW-Authenticate field in 401 response for bad auth 
-    attempt (bug 629).
-14) Add support for NTLM2 (NTLMv2 session security).
-15) Add support for variable-length session keys.
-16) More privilege fixes for group enumeration in LDAP (bug 281).
-17) Use the dns name (or IP) as the originating client name when
-    using CUPS (bug 467).
-18) Fix various SMB signing bugs.
-19) Fix ACL propagation on a DFS root (bug 263).
-20) Disable NTLM2 for RPC pipes.
-21) Allow the client to specify the NTLM2 flags got NTLMSSP 
-    authentication.
-22) Change the name of the job passed off to cups from "Test Page" to 
-    "smbprn.00000033 Test Page" so that we can get the smb jobid back.  
-    This allow users to delete jobs with cups printing backend (partial 
-    work on bug 770).
-23) Fix build of winbindd with static pdb modules.
-24) Retrieve the correct ACL group bits if the file has an ACL 
-    (bug 802).
-25) Implement "net rpc group members": Get members of a domain group 
-    in human-readable format.
-26) Add MacOSX (Darwin) specific charset module code.
-27) Use samr_dispinfo(level == 1) for enumerating domain users so we 
-    can include the full name in gecos field (bug 587).
-28) Add support for winbind's NSS library on FeeeBSD 5.1 (bug 797).
-29) Implement 'net rpc group list [global|local|builtin]*' for a 
-    select listing of the respective user databases.
-30) Don't automatically set NT status code flag unless client tells 
-    us it can cope.
-31) Add 'net status [sessions|shares] [parseable]'.
-32) Don't mistake pre-existing UNIX jobs for smb jobs (remainder of  
-    bug 770).
-33) Add 'Replicator' and 'RAS Servers' to list of builtin SIDs 
-    (bug 608).
-34) Fix inverted logic in hosts allow/deny checks caused by s/strcmp/strequal/
-    (bug 846).
-35) Implement correct version SamrRemoveSidForeignDomain() (bug 252).
-36) Fix typo in 'hash' mangling algorithm.
-37) Support munged dial for ldapsam (bug 800).
-38) Fix process_incoming_data() to return the number of bytes handled this 
-    call whether we have a complete PDU or not; fixes bug with multiple 
-    PDU request rpc's broken over SMBwriteX calls each.
-39) Fix incorrect smb flags2 for connections to pre-NT servers (causes
-    smbclient to fail to OS2 for example) (bug 821).
-
-    
-
-Changes since 3.0.1pre2
------------------------
-
-Please refer to the CVS log for the SAMBA_3_0 branch for complete
-details:
-
-1)  Skip over the winbind separator when looking up a user.
-    This fixes the bug that prevented local users from
-    matching an AD user when not running winbindd (bug 698).
-2)  Fix a problem with configure on *BSD systems. Make sure
-    we add -liconv etc to LDFLAGS.
-3)  Fix core dump bug when "security = server" and the authentication
-    server goes away.
-4)  Correct crash bug due to an empty munged dial string.
-5)  Show files locked by a specific user (smbstatus -u 'user') 
-    (bug 590).
-6)  Fix bug preventing print jobs from display in the queue
-    monitor used by Windows NT and later clients (bug 660).
-7)  Fix several reported problems with point-n-print from
-    Windows 2000/XP clients due to a bug in the EnumPrinterDataEx()
-    reply (bug 338, 527 & 643).
-8)  Fix a handful of potential memory leaks in the LDAP code used
-    by ldapsam[_compat] and the LDAP idmap backend.
-
-
-Changes since 3.0.1pre1
------------------------
-
-1)  Match Samba 2.2 behavior; make ACB_NORMAL the default ACB value.
-2)  Updated Japanese welcome file in SWAT.
-3)  Fix to  nt-time <-> unix-time functions reversible.
-4)  Ensure that winbindd uses the the escaped DN when querying
-    an AD ldap server.
-5)  Fix portability issues when compiling (bug 505, 550)
-6)  Compile fix for tdbbackup when Samba needs to override 
-    non-C99 compliant implementations of snprintf().
-7)  Use @PICSUFFIX@ instead of .po in Makefile.in (bug 574).
-8)  Make sure we break out of samsync loop on error.
-9)  Ensure error code path doesn't free unmalloc()'d memory
-    (bug 628).
-10) Add configure test for krb5_keytab_entry keyblock vs key 
-    member (bug 636).
-11) Fixed spinlocks.
-12) Modified testparm so that all output so all debug output goes 
-    to stderr, and all file processing goes to stdout.
-13) Fix error return code for BUFFER_TOO_SMALL in smbcacls 
-    and smbcquotas.
-14) Fix "NULL dest in safe_strcpy()" log message by ensuring that 
-    we have a devmode before copying a string to the devicename.
-15) Support mapping REALM.COM\user to a local user account (without 
-    running winbindd)  for compatibility with 2.2.x release.
-16) Ensure we don't use mmap() on blacklisted systems.
-17) fixed a number of bugs and memory leaks in the AIX 
-    winbindd shim
-18) Call initgroups() in SWAT before becomming the user so that
-    secondary group permissions can be used when writing to 
-    smb.conf.
-19) Fix signing problems when reverse connecting back to a 
-    client for printer notify
-20) Fix signing problems caused by a miss-sequence bug.
-21) Missing map in errormap for ERROR_MORE_DATA -> ERRDOS, ERRmoredata.
-    Fixes NEXUS tools running on Win9x clients (bug 64).
-22) Don't leave the domain field uninitialized in cli_lsa.c if some 
-    SID could not be mapped.
-23) Fix segfault in mount.cifs helper when there is no options 
-    specified during mount.
-24) Change the \n after the password prompt to go to tty instead 
-    of stdout (bug 668).
-25) Stop net -P from prompting for machine account password (bug 451).
-26) Change in behavior to Not only change the effective uid but also
-    the real uid when becoming unprivileged.
-27) Cope with Exchange 5.5 cleartext pop password auth.
-28) New files for support of initshutdown pipe.  Win2k doesn't 
-    respond properly to all requests on the winreg pipe, so we need 
-    to handle this new pipe (bug 534).
-29) Added more va_copy() checks in configure.in.
-30) Include fixes for libsmbclient build problems.
-31) Missing UNIX -> DOS codepage conversion in lanman.c.
-32) Allow DFMS-S filenames can now have arbitrary case (bug 667).
-33) Parameterize the listen backlog in smbd and make it larger by
-    default. A backlog of 5 is way too small these days.
-34) Check for an invalid fid before dereferencing the fsp pointer
-    (bug 696).
-35) Remove invalid memory frees and return codes in pdb_ldap.c.
-36) Prompt for password when invoking --set-auth-user and no 
-    password is given.
-37) Bind the nmbd sending socket to the 'socket address'.
-38) Re-order link command for smbd, rpcclient and smbpasswd to ensure 
-    $LDFLAGS occurs before any library specification (bug 661).
-39) Fix large number of printf() calls for 64-bit size_t.
-40) Fix AC_CHECK_MEMBER so that SLES8 does correctly finds the 
-    keyblock in the krb5 structs.
-41) Remove #include <compat.h> in hopes to avoid problems with 
-    apache header files.
-42) Correct winbindd build problems on HP-UX 11.
-43) Lowercase netgroups lookups (bug 703).
-44) Use the actual size of the buffer in strftime instead of a made
-    up value which just happens to be less than sizeof(fstring).  
-    (bug 713).
-45) Add ldaplibs to pdbedit link line (bug 651).
-46) Fix crash bug in smbclient completion (bug 659).
-47) Fix packet length for browse list reply (bug 771).
-48) Fix coredump in cli_get_backup_list().
-49) Make sure that we expand %N (bug 612).
-50) Allow rpcclient adddriver command to specify printer driver 
-    version (bug 514).
-51) Compile tdbdump by default.
-52) Apply patches to fix iconv detection for FreeBSD.
-53) Do not allow the 'guest account' to be added to a passdb backend 
-    using smbpasswd or pdbedit (bug 624).
-54) Save LDFLAGS during iconv detection (bug 57).
-55) Run krb5 logins through the username map if the winbindd 
-    lookup fails (bug 698).
-56) Add const for lp_set_name_resolve_order() to avoid compiler 
-    warnings (bug 471).
-57) Add support for the %i macro in smb.conf to stand in for the for
-    the local IP address to which a client connected.
-58) Allow winbindd to match local accounts to domain SID when 
-    'winbind trusted domains only = yes' (bug 680).
-59) Remove code in idmap_ldap that searches the user suffix and group 
-    suffix.  It's not needed and provides inconsistent functionality 
-    from the tdb backend.
-60) Patch to handle munged dial string for Windows 200 TSE.
-61) Correct the "smbldap_open: cannot access when not root error"
-    messages when looking up group information (bug 281).
-
-
-    
-Changes since 3.0.0
--------------------
-
-Modified parameters
-  * mangled map (deprecated)
-  
-Removed Parameters
-  * mangled stack (unused)
-
-
-1)  Change the interface for init_unistr2 to not take a length 
-    but a flags field.  We were assuming that 
-    2*strlen(mb_string) == length of ucs2-le string.  (bug 480).
-2)  Allow d_printf() to handle strings with escaped quotation 
-    marks since the msg file includes the escape character (bug 489).
-3)  Fix bad html table row termination in SWAT wizard code (bug 413).
-4)  Fix to parse the level-2 strings.
-5)  Fix for "valid users = %S" in [homes].  Fix read/write 
-    list as well. 
-6)  Change AC_CHECK_LIB_EXT to prepend libraries instead of append.  
-    This is the same way AC_CHECK_LIB works (bug 508).
-7)  Testparm output fixes for clarity.
-8)  Fix broken wins hook functionality -- i18n bug (bug 528).
-9)  Take care of condition where DOS and NT error codes must differ.
-10) Default to using only built-in charsets when a working iconv 
-    implementation cannot be located.
-11) Wrap internals of sys_setgroups() so the sys_XX() call can 
-    be done unconditionally (bug 550).
-12) Remove duplicate smbspool link on SWAT's front page (bug 541).
-13) Save and restore CFLAGS before/after AC_PROG_CC.  Ensures that
-    --enable-debug=[yes|no] works correctly.
-14) Allow ^C to interrupt smbpasswd if using our getpass 
-    (e.g. smbpasswd command).
-15) Support signing only on RPC's (bug 167).
-16) Correct bug that prevented  Excel 2000 clients from opening 
-    files marked as read-only.
-17) Portability fix bugs 546 - 549).
-18) Explicitly initialize the value of AR for vendor makes that don't
-    do this (e.g. HPUX 11).  (bug 552).
-19) More i18n fixes for SWAT (bug 413).
-20) Change the cwd before the postexec script to ensure that a
-    umount will succeed.
-21) Correct double free that caused winbindd to crash when a DC 
-    is rebooted (bug 437).
-22) Fix incorrect mode sum (bug 562).
-23) Canonicalize SMB_INFO_ALLOCATION in the same was as
-    SMB_FS_FULL_SIZE_INFORMATION (bug 564).
-24) Add script to generate *msg files.
-25) Add Dutch SWAT translation file.
-26) Make sure to call get_user_groups() with the full winbindd 
-    name for a user if he/she has one (bug 406).
-27) Fix up error code returns from Samba4 tester. Ensure invalid 
-    paths are validated the same way.  
-28) Allow Samba3 to pass the Samba4 RAW-READ tests.
-29) Refuse to configure if --with-expsam=$BACKEND was used but no 
-    libraries were found for $BACKEND.
-30) Move sysquotas autoconf tests to a separate file.
-31) Match W2K w.r.t. writelock and writeclose.  Samba4 torture 
-    tester
-32) Make sure that the files that contain the static_init_$subsystem; 
-    macro get recompiled after configure by removing the object 
-    files.
-33) Ensure canceling a blocking lock returns the correct error 
-    message.
-
-
-
-######################################################################
-
-              =======================================
-              The original 3.0.0 release notes follow	       
-              =======================================
-
-
-Major new features:
--------------------
-
-1)  Active Directory support.  Samba 3.0 is now able to  
-    join a ADS realm as a member server and authenticate 
-    users using LDAP/Kerberos.
-
-2)  Unicode support. Samba will now negotiate UNICODE on the wire 
-    and internally there is now a much better infrastructure for 
-    multi-byte and UNICODE character sets.
-
-3)  New authentication system. The internal authentication system 
-    has been almost completely rewritten. Most of the changes are 
-    internal, but the new auth system is also very configurable.
-
-4)  New default filename mangling system.
-
-5)  A new "net" command has been added. It is somewhat similar to 
-    the "net" command in windows. Eventually we plan to replace 
-    numerous other utilities (such as smbpasswd) with subcommands 
-    in "net".
-
-6)  Samba now negotiates NT-style status32 codes on the wire. This
-    improves error handling a lot.
-
-7)  Better Windows 2000/XP/2003 printing support including publishing
-    printer attributes in active directory.
-
-8)  New loadable module support for passdb backends and character 
-    sets.
-
-9)  New default dual-daemon winbindd support for better performance.
-
-10) Support for migrating from a Windows NT 4.0 domain to a Samba 
-    domain and maintaining user, group and domain SIDs.
-
-11) Support for establishing trust relationships with Windows NT 4.0
-    domain controllers.
-  
-12) Initial support for a distributed Winbind architecture using
-    an LDAP directory for storing SID to uid/gid mappings.
-  
-13) Major updates to the Samba documentation tree.
-
-14) Full support for client and server SMB signing to ensure
-    compatibility with default Windows 2003 security settings.
-
-15) Improvement of ACL mapping features based on code donated by
-    Andreas Grünbacher.
-
-
-Plus lots of other improvements!
-
-
-Additional Documentation
-------------------------
-
-Please refer to Samba documentation tree (included in the docs/ 
-subdirectory) for extensive explanations of installing, configuring
-and maintaining Samba 3.0 servers and clients.  It is advised to 
-begin with the Samba-HOWTO-Collection for overviews and specific 
-tasks (the current book is up to approximately 400 pages) and to 
-refer to the various man pages for information on individual options.
-
-We are very glad to be able to include the second edition of
-"Using Samba" by Jay Ts, Robert Eckstein, and David Collier-Brown
-(O'Reilly & Associates) in this release.  The book is available
-on-line at http://samba.org/samba/docs/ and is included with 
-the Samba Web Administration Tool (SWAT).  Thanks to the authors and
-publisher for making "Using Samba" under the GNU Free Documentation 
-License.
-
-
-######################################################################
-Upgrading from a previous Samba 3.0 beta
-########################################
-
-Beginning with Samba 3.0.0beta3, the RID allocation functions
-have been moved into winbindd.  Previously these were handled
-by each passdb backend.  This means that winbindd must be running
-to automatically allocate RIDs for users and/or groups.  Otherwise,
-smbd will use the 2.2 algorithm for generating new RIDs.
-
-If you are using 'passdb backend = tdbsam' with a previous Samba 
-3.0 beta release (or possibly alpha), it may be necessary to 
-move the RID_COUNTER entry from /usr/local/samba/private/passdb.tdb
-to winbindd_idmap.tdb.  To do this:
-
-1)  Ensure that winbindd_idmap.tdb exists (launch winbindd at least 
-    once)
-2)  build tdbtool by executing 'make tdbtool' in the source/tdb/ 
-    directory
-3)  run: (note that 'tdb>' is the tool's prompt for input)
-
-       root# ./tdbtool /usr/local/samba/private/passdb.tdb
-       tdb> show RID_COUNTER
-       key 12 bytes
-       RID_COUNTER
-       data 4 bytes
-       [000] 0A 52 00 00                                       .R.
-
-       tdb> move RID_COUNTER /usr/local/samba/var/locks/winbindd_idmap.tdb
-       ....
-       record moved
-
-If you are using 'passdb backend = ldapsam', it will be necessary to 
-store idmap entries in the LDAP directory as well (i.e. idmap backend 
-= ldap).  Refer to the 'net idmap' command for more information on 
-migrating SID<->UNIX id mappings from one backend to another.
-
-If the RID_COUNTER record does not exist, then these instructions are
-unneccessary and the new RID_COUNTER record will be correctly generated
-if needed.  
-
-
-
-########################
-Upgrading from Samba 2.2
-########################
-
-This section is provided to help administrators understand the details
-involved with upgrading a Samba 2.2 server to Samba 3.0.
-
-
-Building
---------
-
-Many of the options to the GNU autoconf script have been modified 
-in the 3.0 release.  The most noticeable are:
-
-  * removal of --with-tdbsam (is now included by default; see section
-    on passdb backends and authentication for more details)
-    
-  * --with-ldapsam is now on used to provided backward compatible
-    parameters for LDAP enabled Samba 2.2 servers.  Refer to the passdb 
-    backend and authentication section for more details
-  
-  * inclusion of non-standard passdb modules may be enabled using
-    --with-expsam.  This includes an XML backend and a mysql backend.
-      
-  * removal of --with-msdfs (is now enabled by default)
-  
-  * removal of --with-ssl (no longer supported)
-  
-  * --with-utmp now defaults to 'yes' on supported systems
-  
-  * --with-sendfile-support is now enabled by default on supported 
-    systems
-  
-    
-Parameters
-----------
-
-This section contains a brief listing of changes to smb.conf options
-in the 3.0.0 release.  Please refer to the smb.conf(5) man page for
-complete descriptions of new or modified parameters.
-
-Removed Parameters (order alphabetically):
-
-  * admin log
-  * alternate permissions
-  * character set
-  * client codepage
-  * code page directory
-  * coding system
-  * domain admin group
-  * domain guest group
-  * force unknown acl user
-  * hide local users
-  * nt smb support
-  * postscript
-  * printer driver
-  * printer driver file
-  * printer driver location
-  * status
-  * strip dot
-  * total print jobs
-  * use rhosts
-  * valid chars
-  * vfs options
-
-New Parameters (new parameters have been grouped by function):
-
-  Remote management
-  -----------------
-  * abort shutdown script
-  * shutdown script
-
-  User and Group Account Management
-  ---------------------------------
-  * add group script
-  * add machine script
-  * add user to group script
-  * algorithmic rid base
-  * delete group script
-  * delete user from group script
-  * passdb backend
-  * set primary group script
-
-  Authentication
-  --------------
-  * auth methods
-  * realm
-  * passwd chat timeout
-
-  Protocol Options
-  ----------------
-  * client lanman auth
-  * client NTLMv2 auth
-  * client schannel
-  * client signing
-  * client use spnego
-  * disable netbios
-  * ntlm auth
-  * paranoid server security
-  * server schannel
-  * server signing
-  * smb ports
-  * use spnego
-
-  File Service
-  ------------
-  * get quota command
-  * hide special files
-  * hide unwriteable files
-  * hostname lookups
-  * kernel change notify
-  * mangle prefix
-  * map acl inherit
-  * msdfs proxy
-  * set quota command
-  * use sendfile
-  * vfs objects
-  
-  Printing
-  --------
-  * max reported print jobs
-
-  UNICODE and Character Sets
-  --------------------------
-  * display charset
-  * dos charset
-  * unicode
-  * unix charset
-  
-  SID to uid/gid Mappings
-  -----------------------
-  * idmap backend
-  * idmap gid
-  * idmap uid
-  * winbind enable local accounts
-  * winbind trusted domains only
-  * template primary group
-  * enable rid algorithm
-
-  LDAP
-  ----
-  * ldap delete dn
-  * ldap group suffix
-  * ldap idmap suffix
-  * ldap machine suffix
-  * ldap passwd sync
-  * ldap user suffix
-  
-  General Configuration
-  ---------------------
-  * preload modules
-  * private dir
-
-Modified Parameters (changes in behavior):
-
-  * encrypt passwords (enabled by default)
-  * mangling method (set to 'hash2' by default)
-  * passwd chat
-  * passwd program
-  * restrict anonymous (integer value)
-  * security (new 'ads' value)
-  * strict locking (enabled by default)
-  * unix extensions (enabled by default)
-  * winbind cache time (increased to 5 minutes)
-  * winbind uid (deprecated in favor of 'idmap uid')
-  * winbind gid (deprecated in favor of 'idmap gid')
-
-
-Databases
----------
-
-This section contains brief descriptions of any new databases 
-introduced in Samba 3.0.  Please remember to backup your existing 
-${lock directory}/*tdb before upgrading to Samba 3.0.  Samba will 
-upgrade databases as they are opened (if necessary), but downgrading 
-from 3.0 to 2.2 is an unsupported path.
-
-Name                    Description                             Backup?
-----                    -----------                             -------
-account_policy          User policy settings                    yes
-gencache                Generic caching db                      no
-group_mapping           Mapping table from Windows              yes
-                        groups/SID to unix groups        
-winbindd_idmap          ID map table from SIDS to UNIX          yes
-                        uids/gids.
-namecache               Name resolution cache entries           no
-netsamlogon_cache       Cache of NET_USER_INFO_3 structure      no
-                        returned as part of a successful
-                        net_sam_logon request 
-printing/*.tdb          Cached output from 'lpq                 no
-                        command' created on a per print 
-                        service basis
-registry                Read-only samba registry skeleton       no
-                        that provides support for exporting
-                        various db tables via the winreg RPCs
-
-
-Changes in Behavior
--------------------
-
-The following issues are known changes in behavior between Samba 2.2 and 
-Samba 3.0 that may affect certain installations of Samba.
-
-  1)  When operating as a member of a Windows domain, Samba 2.2 would 
-      map any users authenticated by the remote DC to the 'guest account'
-      if a uid could not be obtained via the getpwnam() call.  Samba 3.0
-      rejects the connection as NT_STATUS_LOGON_FAILURE.  There is no 
-      current work around to re-establish the 2.2 behavior.
-      
-  2)  When adding machines to a Samba 2.2 controlled domain, the 
-      'add user script' was used to create the UNIX identity of the 
-      machine trust account.  Samba 3.0 introduces a new 'add machine 
-      script' that must be specified for this purpose.  Samba 3.0 will
-      not fall back to using the 'add user script' in the absence of 
-      an 'add machine script'
-  
-
-######################################################################
-Passdb Backends and Authentication
-##################################
-
-There have been a few new changes that Samba administrators should be
-aware of when moving to Samba 3.0.
-
-  1) encrypted passwords have been enabled by default in order to 
-     inter-operate better with out-of-the-box Windows client 
-     installations.  This does mean that either (a) a samba account
-     must be created for each user, or (b) 'encrypt passwords = no'
-     must be explicitly defined in smb.conf.
-    
-  2) Inclusion of new 'security = ads' option for integration 
-     with an Active Directory domain using the native Windows
-     Kerberos 5 and LDAP protocols.
-
-     MIT kerberos 1.3.1 supports the ARCFOUR-HMAC-MD5 encryption 
-     type which is neccessary for servers on which the 
-     administrator password has not been changed, or kerberos-enabled 
-     SMB connections to servers that require Kerberos SMB signing.
-     Besides this one difference, either MIT or Heimdal Kerberos
-     distributions are usable by Samba 3.0.
-     
-
-Samba 3.0 also includes the possibility of setting up chains
-of authentication methods (auth methods) and account storage 
-backends (passdb backend).  Please refer to the smb.conf(5) 
-man page for details.  While both parameters assume sane default 
-values, it is likely that you will need to understand what the 
-values actually mean in order to ensure Samba operates correctly.
-
-The recommended passdb backends at this time are
-
-  * smbpasswd - 2.2 compatible flat file format
-  * tdbsam - attribute rich database intended as an smbpasswd
-    replacement for stand alone servers
-  * ldapsam - attribute rich account storage and retrieval 
-    backend utilizing an LDAP directory.  
-  * ldapsam_compat - a 2.2 backward compatible LDAP account 
-    backend
-    
-Certain functions of the smbpasswd(8) tool have been split between the 
-new smbpasswd(8) utility, the net(8) tool, and the new pdbedit(8) 
-utility.  See the respective man pages for details.
-    
-     
-######################################################################
-LDAP
-####
-
-This section outlines the new features affecting Samba / LDAP 
-integration.
-
-New Schema
-----------
-  
-A new object class (sambaSamAccount) has been introduced to replace 
-the old sambaAccount.  This change aids us in the renaming of attributes 
-to prevent clashes with attributes from other vendors.  There is a 
-conversion script (examples/LDAP/convertSambaAccount) to modify and LDIF 
-file to the new schema.
-  
-Example:
-  
-	$ ldapsearch .... -b "ou=people,dc=..." > old.ldif
-	$ convertSambaAccount <DOM SID> old.ldif new.ldif
-	
-The <DOM SID> can be obtained by running 'net getlocalsid <DOMAINNAME>' 
-on the Samba PDC as root.
-    
-The old sambaAccount schema may still be used by specifying the 
-"ldapsam_compat" passdb backend.  However, the sambaAccount and
-associated attributes have been moved to the historical section of
-the schema file and must be uncommented before use if needed.
-The 2.2 object class declaration for a sambaAccount has not changed
-in the 3.0 samba.schema file. 
-  
-Other new object classes and their uses include:
-  
-  * sambaDomain - domain information used to allocate rids 
-    for users and groups as necessary.  The attributes are added
-    in 'ldap suffix' directory entry automatically if 
-    an idmap uid/gid range has been set and the 'ldapsam'
-    passdb backend has been selected.
-      
-  * sambaGroupMapping - an object representing the 
-    relationship between a posixGroup and a Windows
-    group/SID.  These entries are stored in the 'ldap 
-    group suffix' and managed by the 'net groupmap' command.
-    
-  * sambaUnixIdPool - created in the 'ldap idmap suffix' entry 
-    automatically and contains the next available 'idmap uid' and 
-    'idmap gid'
-    
-  * sambaIdmapEntry - object storing a mapping between a 
-    SID and a UNIX uid/gid.  These objects are created by the 
-    idmap_ldap module as needed.
-
-  * sambaSidEntry - object representing a SID alone, as a Structural
-    class on which to build the sambaIdmapEntry.
-
-    
-New Suffix for Searching
-------------------------
-  
-The following new smb.conf parameters have been added to aid in directing
-certain LDAP queries when 'passdb backend = ldapsam://...' has been
-specified.
-
-  * ldap suffix         - used to search for user and computer accounts
-  * ldap user suffix    - used to store user accounts
-  * ldap machine suffix - used to store machine trust accounts
-  * ldap group suffix   - location of posixGroup/sambaGroupMapping entries
-  * ldap idmap suffix   - location of sambaIdmapEntry objects
-
-If an 'ldap suffix' is defined, it will be appended to all of the 
-remaining sub-suffix parameters.  In this case, the order of the suffix
-listings in smb.conf is important.  Always place the 'ldap suffix' first
-in the list.  
-
-Due to a limitation in Samba's smb.conf parsing, you should not surround 
-the DN's with quotation marks.
-
-
-IdMap LDAP support
-------------------
-
-Samba 3.0 supports an ldap backend for the idmap subsystem.  The 
-following options would inform Samba that the idmap table should be
-stored on the directory server onterose in the "ou=idmap,dc=plainjoe,
-dc=org" partition.
-
- [global]
-    ...
-    idmap backend     = ldap:ldap://onterose/
-    ldap idmap suffix = ou=idmap,dc=plainjoe,dc=org
-    idmap uid         = 40000-50000
-    idmap gid         = 40000-50000
-
-This configuration allows winbind installations on multiple servers to
-share a uid/gid number space, thus avoiding the interoperability problems
-with NFS that were present in Samba 2.2.
-    
-
-
-######################################################################
-Trust Relationships and a Samba Domain
-######################################
-
-Samba 3.0.0beta2 is able to utilize winbindd as the means of 
-allocating uids and gids to trusted users and groups.  More
-information regarding Samba's support for establishing trust 
-relationships can be found in the Samba-HOWTO-Collection included
-in the docs/ directory of this release.
-
-First create your Samba PDC and ensure that everything is 
-working correctly before moving on the trusts.
-
-To establish Samba as the trusting domain (named SAMBA) from a Windows NT
-4.0 domain named WINDOWS:
-
-  1) create the trust account for SAMBA in "User Manager for Domains"
-  2) connect the trust from the Samba domain using
-     'net rpc trustdom establish GLASS'
-
-To create a trustlationship with SAMBA as the trusted domain:
-
-  1) create the initial trust account for GLASS using
-     'smbpasswd -a -i GLASS'.  You may need to create a UNIX
-     account for GLASS$ prior to this step (depending on your
-     local configuration).
-  2) connect the trust from a WINDOWS DC using "User Manager
-     for Domains"
-
-Now join winbindd on the Samba PDC to the SAMBA domain using
-the normal steps for adding a Samba server to an NT4 domain:
-(note that smbd & nmbd must be running at this point)
-
-   root# net rpc join -U root
-   Password: <enter root password from smbpasswd file here>
-
-Start winbindd and test the join with 'wbinfo -t'.
-
-Now test the trust relationship by connecting to the SAMBA DC
-(e.g. POGO) as a user from the WINDOWS domain:
-
-   $ smbclient //pogo/netlogon -U Administrator -W WINDOWS
-   Password:
-
-Now connect to the WINDOWS DC (e.g. CRYSTAL) as a Samba user:
-
-   $ smbclient //crystal/netlogon -U root -W WINDOWS
-   Password:
-
-######################################################################
-Changes in Winbind
-##################
-
-Beginning with Samba3.0.0beta3, winbindd has been given new account
-manage functionality equivalent to the 'add user script' family of
-smb.conf parameters.  The idmap design has also been changed to 
-centralize control of foreign SID lookups and matching to UNIX 
-uids and gids.
-
-
-Brief Description of Changes
-----------------------------
-
-1) The sid_to_uid() family of functions (smbd/uid.c) have been 
-   reverted to the 2.2.x design.  This means that when resolving a 
-   SID to a UID or similar mapping:
-
-        a) First consult winbindd
-        b) perform a local lookup only if winbindd fails to
-           return a successful answer
-
-   There are some variations to this, but these two rules generally
-   apply.
-
-2) All idmap lookups have been moved into winbindd.  This means that
-   a server must run winbindd (and support NSS) in order to achieve
-   any mappings of SID to dynamically allocated UNIX ids.  This was
-   a conscious design choice.
-
-3) New functions have been added to winbindd to emulate the 'add user 
-   script' family of smbd functions without requiring that external
-   scripts be defined.  This functionality is controlled by the 'winbind 
-   enable local accounts' smb.conf parameter (enabled by default).
-
-   However, this account management functionality is only supported 
-   in a local tdb (winbindd_idmap.tdb).  If these new UNIX accounts 
-   must be shared among multiple Samba servers (such as a PDC and BDCs), 
-   it will be necessary to define your own 'add user script', et. al.
-   programs that place the accounts/groups in some form of directory
-   such as NIS or LDAP.  This requirement was deemed beyond the scope
-   of winbind's account management functions.  Solutions for 
-   distributing UNIX system information have been deployed and tested 
-   for many years.  We saw no need to reinvent the wheel.
-
-4) A member of a Samba controlled domain running winbindd is now able 
-   to map domain users directly onto existing UNIX accounts while still
-   automatically creating accounts for trusted users and groups.  This
-   behavior is controlled by the 'winbind trusted domains only' smb.conf
-   parameter (disabled by default to provide 2.2.x winbind behavior).
-
-5) Group mapping support is wrapped in the local_XX_to_XX() functions
-   in smbd/uid.c.  The reason that group mappings are not included
-   in winbindd is because the purpose of Samba's group map is to
-   match any Windows SID with an existing UNIX group.  These UNIX
-   groups can be created by winbindd (see next section), but the
-   SID<->gid mapping is retreived by smbd, not winbindd.
-
-
-Examples
---------
-
-* security = server running winbindd to allocate accounts on demand
-
-* Samba PDC running winbindd to handle the automatic creation of UNIX
-  identities for machine trust accounts
-
-* Automtically creating UNIX user and groups when migrating a Windows NT
-  4.0 PDC to a Samba PDC.  Winbindd must be running when executing
-  'net rpc vampire' for this to work.
-
-   
-######################################################################
-Known Issues
-############
-
-* There are several bugs currently logged against the 3.0 codebase
-  that affect the use of NT 4.0 GUI domain management tools when run
-  against a Samba 3.0 PDC.  This bugs should be released in an early 
-  3.0.x release.
-
-Please refer to https://bugzilla.samba.org/ for a current list of bugs 
-filed against the Samba 3.0 codebase.
-
-
-######################################################################
-Reporting bugs & Development Discussion
-#######################################
-
-Please discuss this release on the samba-technical mailing list or by
-joining the #samba-technical IRC channel on irc.freenode.net.
-
-If you do report problems then please try to send high quality
-feedback. If you don't provide vital information to help us track down
-the problem then you will probably be ignored.  
-
-A new bugzilla installation has been established to help support the 
-Samba 3.0 community of users.  This server, located at 
-https://bugzilla.samba.org/, has replaced the older jitterbug server 
-previously located at http://bugs.samba.org/.
-
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-3.0.2.html b/whatsnew/samba-3.0.2.html
deleted file mode 100755
index 29472e6..0000000
--- a/whatsnew/samba-3.0.2.html
+++ /dev/null
@@ -1,1307 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2 align="center">Samba 3.0.2 Available for Download</H2>
-
-<p>
-<pre>
-This is the latest stable release of Samba. This is the version
-that all production Samba servers should be running for all
-current bug-fixes.
-
-<em>Security Announcement:</em> It has been confirmed that 
-previous versions of Samba 3.0 are susceptible to a password 
-initialization bug that could grant an attacker unauthorized 
-access to a user account created by the mksmbpasswd.sh shell 
-script.
-
-The Common Vulnerabilities and Exposures project (cve.mitre.org)
-has assigned the name CAN-2004-0082 to this issue.
-
-Samba administrators not wishing to upgrade to the current
-version should download the 3.0.2 release, build the pdbedit
-tool, and run
-
-   root# pdbedit-3.0.2 --force-initialized-passwords
-
-This will disable all accounts not possessing a valid password
-(e.g. the password field has been set a string of X's).
-
-Samba servers running 3.0.2 are not vulnerable to this bug
-regardless of whether or not pdbedit has been used to sanitize
-the passdb backend.
-
-Additionally, some of the more visible bugs in 3.0.1 addressed
-in the 3.0.2 release include:
-
-  o Joining a Samba domain from Pre-SP2 Windows 2000 clients.
-  o Logging onto a Samba domain from Windows XP clients.
-  o Problems with the %U and %u smb.conf variables in relation
-    to Windows 9x/ME clients.
-  o Kerberos failures due to an invalid in memory keytab
-    detection test.
-  o Updates to the ntlm_auth tool.
-  o Fixes for various SMB signing errors.
-  o Better separation of WINS and DNS queries for domain
-    controllers.
-  o Issues with nss_winbind FreeBSD and Solaris.
-  o Several crash bugs in smbd and winbindd.
-  o Output formatting fixes for smbclient for better
-    compatibility with scripts based on the 2.2 version.
-
-The source code can be downloaded from :
-
-    <a href="http://download.samba.org/samba/ftp/">http://download.samba.org/samba/ftp/</a>
-
-The uncompressed tarball and patch file have been signed
-using GnuPG.  The Samba public key is available at
-
-    <a href="http://download.samba.org/samba/ftp/samba-pubkey.asc">http://download.samba.org/samba/ftp/samba-pubkey.asc</a>
-
-Binary packages are available at
-
-    <a href="http://download.samba.org/samba/ftp/Binary_Packages/">http://download.samba.org/samba/ftp/Binary_Packages/</a>
-
-A simplified version of the CVS log of updates since 3.0.1
-can be found in the the download directory under the name
-<a href="/samba/ftp/ChangeLog-3.0.1-3.0.2">ChangeLog-3.0.1-3.0.2</a>.  
-
-Please file any bugs you find in this release at
-
-    <a href="https://bugzilla.samba.org/">https://bugzilla.samba.org/</a>
-
-As always, all bugs are our responsibility.
-
-                                  --Enjoy
-                                  The Samba Team
-
-
-#######################################################################
-                  =============================
-                  Release Notes for Samba 3.0.2
-                        February 9, 2004
-                  =============================
-
-This is the latest stable release of Samba. This is the version 
-that all production Samba servers should be running for all current
-bug-fixes.  
-
-It has been confirmed that previous versions of Samba 3.0 are
-susceptible to a password initialization bug that could grant an 
-attacker unauthorized access to a user account created by the
-mksmbpasswd.sh shell script.
-
-The Common Vulnerabilities and Exposures project (cve.mitre.org) 
-has assigned the name CAN-2004-0082 to this issue.
-
-Samba administrators not wishing to upgrade to the current 
-version should download the 3.0.2 release, build the pdbedit 
-tool, and run 
-
-   root# pdbedit-3.0.2 --force-initialized-passwords
-      
-This will disable all accounts not possessing a valid password
-(e.g. the password field has been set a string of X's).
-
-Samba servers running 3.0.2 are not vulnerable to this bug 
-regardless of whether or not pdbedit has been used to sanitize
-the passdb backend.
-
-Some of the more visible bugs in 3.0.1 addressed in the 3.0.2
-release include:
-
-  o Joining a Samba domain from Pre-SP2 Windows 2000 clients.
-  o Logging onto a Samba domain from Windows XP clients.
-  o Problems with the %U and %u smb.conf variables in relation to 
-    Windows 9x/ME clients.
-  o Kerberos failures due to an invalid in memory keytab detection
-    test.
-  o Updates to the ntlm_auth tool.
-  o Fixes for various SMB signing errors.
-  o Better separation of WINS and DNS queries for domain controllers.
-  o Issues with nss_winbind FreeBSD and Solaris.
-  o Several crash bugs in smbd and winbindd.
-  o Output formatting fixes for smbclient for better compatibility
-    with scripts based on the 2.2 version.
-
-
-######################################################################
-Changes
-#######
-Changes since 3.0.1
--------------------
-
-smb.conf changes
-----------------
-
-    Parameter Name              Action
-    --------------              ------
-    ldap replication sleep      New
-    read size                   removed (unused)
-    source environment          removed (unused)
-
-
-commits
--------
-
-Please refer to the CVS log for the SAMBA_3_0 branch for complete
-details.  The list of changes per contributor are as follows:
-
-o   Jeremy Allison <jra@samba.org>
-    * Revert change that broke Exchange clear text samlogons.
-    * Fix gcc 3.4 warning in MS-DFS code.
-    * Tidy up of NTLMSSP code.
-    * Fixes for SMB signing errors
-    * BUG 815: Workaround NT4 bug to support plaintext
-      password logins and UNICODE.
-    * Fix SMB signing bug when copying large files.
-    * Correct error logic in mkdir_internals() (caused a panic
-      when combined with --enable-developer).
-
-      
-o   Petri Asikainen <paca@sci.fi>
-    * BUG 330, 387:Fix single valued attribute updates when 
-      working with Novell NDS.
-
-
-o   Andrew Bartlet <abartlet@samba.org>
-    * Correctly handle per-pipe NTLMSSP inside a NULL session.
-    * Fix segfault in gencache 
-    * Fix early free() of encrypted_session_key.
-    * Change DC lookup routines to more carefully separate
-      DNS names (realms) from NetBIOS domain names.
-    * Add new sid_to_dn() function for internal winbindd use.
-    * Refactor cli_ds_enum_domain_trusts().
-    * BUG 707: Implement range retrieval of ADS attributes (based 
-      on work from Volker <vl@samba.org> and Guenther Deschner 
-      <gd@suse.com>).
-    * Automatically initialize the signing engine if a session key
-      is available.
-    * BUG 916: Do not perform a + -> ' ' substitution for squid URL 
-      encoded strings, only form input in SWAT.
-    * Resets the NTLMSSP state for new negotiate packets.
-    * Add 2-byte alignments in net_samlogon() queries to parse 
-      odd-length plain text passwords.
-    * Allow Windows groups with no members in winbindd.
-    * Allow normal authentication in the absence of a server 
-      generated session key.
-    * More optimizations for looking up UNIX group lists.
-    * Clean up error codes and return values for pam_winbindd
-      and winbindd PAM interface.
-    * Fix string return values in ntlm_auth tool.
-    * Fix segfault when 'security = ads' but no realm is defined.
-    * BUG 722: Allow winbindd to map machine accounts to uids.
-    * More cleanups for winbindd's find_our_domain().
-    * More clearly detect whether a domain controller is an NT4
-      or mixed-mode AD DC (additional bug fixes by jerry & jmcd).
-    * Increase separation between DNS queries for hosts and queries
-      for AD domain controllers.
-    * Include additional NT_STATUS to PAM error mappings.
-
-    
-o   Justin Baugh <justin.baugh@request.com>
-    * BUG 948: Implement missing functions required for FreeBSD 
-      nss_winbind support. 
-
-
-o   Alexander Bokovoy <ab@samba.org>
-    * BUG 922: Make sure enable fast path for strlower_m() and 
-      strupper_m().
-
-
-o   Luca Bolcioni <Luca.Bolcioni@yacme.com>
-    * Fix crash when using 'security = server' and 'encrypt 
-      passwords = no' by always initializing the session key.
-
-      
-o   Dmitry Butskoj <buc@odusz.elektra.ru>
-    * Fix for special files being hidden from admins.
-
-
-o   Gerald (Jerry) Carter <jerry@samba.org>
-    * Fix bug in the lanman session key generation.  Caused 
-      "decode_pw: incorrect password length" error messages.
-    * Save the right case for the located user name in 
-      fill_sam_account().  Fixes %U/%u expansion for win9x clients.
-    * BUG 897: Add well known rid for pre win2k compatible access
-      group.
-    * BUG 887: Correct typo in delete user script example.
-    * Use short lived TALLOC_CTX* for allocating printer objects 
-      from the print handle cache.
-    * BUG 912: Fix check for HAVE_MEMORY_KEYTAB.
-    * Fix several warnings reported by the SUN Forte C compiler.
-    * Fully control DNS queries for AD DC's using 'name resolve order'.
-    * BUG 770: Send the SMBjobid for UNIX jobs back to the client.
-    * BUG 972: Fix segfault in cli_ds_getprimarydominfo().
-    * BUG 936: fix bind credentials for schannel binds in smbd.
-    * BUG 446: Fix output of smbclient for better compatibility 
-      with scripts based on the 2.2 version (including Amanda).
-    * BUG 891, 949: Fedora packaging fixes.
-    * Fix bug that caused rpcclient to incorrectly retrieve 
-      the SID for a server (this causing all calls that required 
-      this information to fail). 
-    * BUG 977: Don't create a homes share for a user if a static 
-      share already exists by the same name.
-    * Removed unused smb.conf options.
-    * Set the disable flag for template accounts created by
-      mksmbpasswd.sh.
-    * Disable any account has no passwords and does not have the
-      ACB_PWNOTREQ bit set.
-
-
-o   Guenther Deschner <gd@suse.com>
-    * Install smbwrapper.so should be put into the $(libdir) 
-      and not $(bindir).
-    * Add the capability to specify the new user password 
-      for "net ads password" on the command line.
-    * Correctly detect AFS headers on SuSE.
-	
-
-o   James Flemer <jflemer@uvm.edu>
-    * Fix AIX compile bug by linking HAVE_ATTR_LIST to 
-      HAVE_SYS_ATTRIBUTES_H.
-
-
-o   Luke Howard <lukeh@PADL.COM>
-    * Fix segfault in session setup reply caused by a early free().
-
-
-o   Stoian Ivanov <sdr@bultra.com>
-    * Implement grepable output for smbclient -L.
-
-
-o   LaMont Jones <lamont@debian.org>
-    * BUG 225328 (Debian): Correct false failure LFS test that resulted 
-      in  _GNU_SOURCE not being defined (thus resulting in strndup() 
-      not being defined).
-
-      
-o   Volker Lendecke <vl@samba.org>
-    * BUG 583: Ensure that user names always contain the short 
-      version of the domain name.
-    * Fix our parsing of the LDAP uri.
-    * Don't show the 'afs username map' in the SWAT basic view.
-    * Fix SMB signing issues in relation to failed NTLMSSP logins.
-    * BUG 924: Fix return codes in smbtorture harness.
-    * Always lower-case usernames before handing it to AFS code.
-    * Add a German translation for SWAT.
-    * Fix a segfaults in winbindd.
-    * Fix the user's domain passed to register_vuid() from 
-      reply_spnego_kerberos().
-    * Add NSS example code in nss_winbind to convert UNIX 
-      id's <-> Windows SIDs.
-    * Display more descriptive error messages for login via 'net'.
-    * Fix compiler warning in the net tool.
-    * Fix length bug when decoding base64 strings.
-    * Ensure we don't call getpwnam() inside a loop that is iterating 
-      over users with getpwent().  This broke on glibc 2.3.2.
-
-
-o   Herb Lewis <herb@samba.org>
-    * Fix bit rot in psec.
-
-
-o   Jianliang Lu <j.lu@tiesse.com>
-    * Ensure we delete the group mapping before calling the delete 
-      group script.
-    * Define well known RID for managing the  "Power Users" group.
-    * BUG 381: check builtin (not local) group SID when updating 
-      group membership.
-    * BUG 101: set the SV_TYPE_PRINTQ_SERVER flag in host announcement 
-      packet.
-
-
-o   John Klinger <john.klinger@lmco.com>
-    * Implement initgroups() call in nss_winbind on Solaris.
-
-
-o   Jim McDonough <jmcd@us.ibm.com>
-    * Fix regression in net rpc join caused by recent changes 
-      to cli_lsa_query_info_policy().
-    * BUG 964: Fix crash bug in 'net rpc join' using a preexisting
-      machine account.
-
-
-o   MORIYAMA Masayuki <moriyama@miraclelinux.com>
-    * BUG 570: Ensure that configure honors the LDFLAGS variable.
-
-
-o   Stefan Metzmacher <metze@samba.org>
-    * Implement LDAP rebind sleep patch.
-    * Revert to 2.2 quota code because of so many broken quota files 
-      out there.
-    * Fix XFS quotas: HAVE_XFS_QUOTA -> HAVE_XFS_QUOTAS
-                      XFS_USER_QUOTA -> USRQUOTA
-                      XFS_GROUP_QUOTA -> GRPQUOTA
-    * Fix disk_free calculation with group quotas.
-    * Add debug class 'quota' and a lot of DEBUG()'s 
-      to the quota code.
-    * Fix sys_chown() when no chown() is present.
-    * Add SIGABRT to fault handling in order to catch got a 
-      backtrace if an error occurs the OpenLDAP client libs.
-
-
-o   <ndb@theghet.to>
-    * Allow an existing LDAP machine account to be re-used when 
-      joining an AD domain.
-
-
-o   James Peach <jpeach@sgi.com>
-    * BUG 889: Change smbd to use pread/pwrite on platforms that 
-      support these calls. Can lead to a significant speed increase.
-
-
-o   Tim Potter <tpot@samba.org>
-    * BUG 905: Remove POBAD_CC to fix Solaris Forte compiles.
-    * BUG 924: Fix typo in RW2 torture test.
-    
-    
-o   Richard Sharpe <shape@samba.org>
-    * Small fixes to torture.c to cleanup the error handling 
-      and prevent crashes.
-
-
-o   J. Tournier <jerome.tournier@IDEALX.com>
-    * Small fixes for the smbldap-tool scripts.
-
-
-o   Jelmer Vernooij <jelmer@samba.org>
-    * Put functions for generating SQL queries in pdb_sql.c
-    * Add pgSQL backend (based on patch by Hamish Friedlander)
-    * BUG 908: Fix -s option to smbcontrol.    
-    * Add smbget utility - a wget-clone for the SMB/CIFS protocol.
-    * Fix for libnss_wins on IRIX platforms.
-    * Fix swatdir for --with-fhs.
-
-
-    
-Changes since 3.0.0
-----------------------
-
-    Parameter Name              Action
-    --------------              ------
-    hide local users            Removed
-    mangled map                 Deprecated
-    mangled stack               Removed
-    passwd chat timeout         New
-
-
-commits
--------
-
-o   Change the interface for init_unistr2 to not take a length 
-    but a flags field.  We were assuming that 
-    2*strlen(mb_string) == length of ucs2-le string.  (bug 480).
-o   Allow d_printf() to handle strings with escaped quotation 
-    marks since the msg file includes the escape character (bug 489).
-o   Fix bad html table row termination in SWAT wizard code (bug 413).
-o   Fix to parse the level-2 strings.
-o   Fix for "valid users = %S" in [homes].  Fix read/write 
-    list as well. 
-o   Change AC_CHECK_LIB_EXT to prepend libraries instead of append.  
-    This is the same way AC_CHECK_LIB works (bug 508).
-o   Testparm output fixes for clarity.
-o   Fix broken wins hook functionality -- i18n bug (bug 528).
-o   Take care of condition where DOS and NT error codes must differ.
-o   Default to using only built-in charsets when a working iconv 
-    implementation cannot be located.
-o   Wrap internals of sys_setgroups() so the sys_XX() call can 
-    be done unconditionally (bug 550).
-o   Remove duplicate smbspool link on SWAT's front page (bug 541).
-o   Save and restore CFLAGS before/after AC_PROG_CC.  Ensures that
-    --enable-debug=[yes|no] works correctly.
-o   Allow ^C to interrupt smbpasswd if using our getpass 
-    (e.g. smbpasswd command).
-o   Support signing only on RPC's (bug 167).
-o   Correct bug that prevented  Excel 2000 clients from opening 
-    files marked as read-only.
-o   Portability fix bugs 546 - 549).
-o   Explicitly initialize the value of AR for vendor makes that don't
-    do this (e.g. HPUX 11).  (bug 552).
-o   More i18n fixes for SWAT (bug 413).
-o   Change the cwd before the postexec script to ensure that a
-    umount will succeed.
-o   Correct double free that caused winbindd to crash when a DC 
-    is rebooted (bug 437).
-o   Fix incorrect mode sum (bug 562).
-o   Canonicalize SMB_INFO_ALLOCATION in the same was as
-    SMB_FS_FULL_SIZE_INFORMATION (bug 564).
-o   Add script to generate *msg files.
-o   Add Dutch SWAT translation file.
-o   Make sure to call get_user_groups() with the full winbindd 
-    name for a user if he/she has one (bug 406).
-o   Fix up error code returns from Samba4 tester. Ensure invalid 
-    paths are validated the same way.  
-o   Allow Samba3 to pass the Samba4 RAW-READ tests.
-o   Refuse to configure if --with-expsam=$BACKEND was used but no 
-    libraries were found for $BACKEND.
-o   Move sysquotas autoconf tests to a separate file.
-o   Match W2K w.r.t. writelock and writeclose.  Samba4 torture 
-    tester
-o   Make sure that the files that contain the static_init_$subsystem; 
-    macro get recompiled after configure by removing the object 
-    files.
-o   Ensure canceling a blocking lock returns the correct error 
-    message.
-o   Match Samba 2.2 behavior; make ACB_NORMAL the default ACB value.
-o   Updated Japanese welcome file in SWAT.
-o   Fix to  nt-time <-> unix-time functions reversible.
-o   Ensure that winbindd uses the the escaped DN when querying
-    an AD ldap server.
-o   Fix portability issues when compiling (bug 505, 550)
-o   Compile fix for tdbbackup when Samba needs to override 
-    non-C99 compliant implementations of snprintf().
-o   Use @PICSUFFIX@ instead of .po in Makefile.in (bug 574).
-o   Make sure we break out of samsync loop on error.
-o   Ensure error code path doesn't free unmalloc()'d memory
-    (bug 628).
-o   Add configure test for krb5_keytab_entry keyblock vs key 
-    member (bug 636).
-o   Fixed spinlocks.
-o   Modified testparm so that all output so all debug output goes 
-    to stderr, and all file processing goes to stdout.
-o   Fix error return code for BUFFER_TOO_SMALL in smbcacls 
-    and smbcquotas.
-o   Fix "NULL dest in safe_strcpy()" log message by ensuring that 
-    we have a devmode before copying a string to the devicename.
-o   Support mapping REALM.COM\user to a local user account (without 
-    running winbindd)  for compatibility with 2.2.x release.
-o   Ensure we don't use mmap() on blacklisted systems.
-o   fixed a number of bugs and memory leaks in the AIX 
-    winbindd shim
-o   Call initgroups() in SWAT before becomming the user so that
-    secondary group permissions can be used when writing to 
-    smb.conf.
-o   Fix signing problems when reverse connecting back to a 
-    client for printer notify
-o   Fix signing problems caused by a miss-sequence bug.
-o   Missing map in errormap for ERROR_MORE_DATA -> ERRDOS, ERRmoredata.
-    Fixes NEXUS tools running on Win9x clients (bug 64).
-o   Don't leave the domain field uninitialized in cli_lsa.c if some 
-    SID could not be mapped.
-o   Fix segfault in mount.cifs helper when there is no options 
-    specified during mount.
-o   Change the \n after the password prompt to go to tty instead 
-    of stdout (bug 668).
-o   Stop net -P from prompting for machine account password (bug 451).
-o   Change in behavior to Not only change the effective uid but also
-    the real uid when becoming unprivileged.
-o   Cope with Exchange 5.5 cleartext pop password auth.
-o   New files for support of initshutdown pipe.  Win2k doesn't 
-    respond properly to all requests on the winreg pipe, so we need 
-    to handle this new pipe (bug 534).
-o   Added more va_copy() checks in configure.in.
-o   Include fixes for libsmbclient build problems.
-o   Missing UNIX -> DOS codepage conversion in lanman.c.
-o   Allow DFMS-S filenames can now have arbitrary case (bug 667).
-o   Parameterize the listen backlog in smbd and make it larger by
-    default. A backlog of 5 is way too small these days.
-o   Check for an invalid fid before dereferencing the fsp pointer
-    (bug 696).
-o   Remove invalid memory frees and return codes in pdb_ldap.c.
-o   Prompt for password when invoking --set-auth-user and no 
-    password is given.
-o   Bind the nmbd sending socket to the 'socket address'.
-o   Re-order link command for smbd, rpcclient and smbpasswd to ensure 
-    $LDFLAGS occurs before any library specification (bug 661).
-o   Fix large number of printf() calls for 64-bit size_t.
-o   Fix AC_CHECK_MEMBER so that SLES8 does correctly finds the 
-    keyblock in the krb5 structs.
-o   Remove #include <compat.h> in hopes to avoid problems with 
-    apache header files.
-o   Correct winbindd build problems on HP-UX 11.
-o   Lowercase netgroups lookups (bug 703).
-o   Use the actual size of the buffer in strftime instead of a made
-    up value which just happens to be less than sizeof(fstring).  
-    (bug 713).
-o   Add ldaplibs to pdbedit link line (bug 651).
-o   Fix crash bug in smbclient completion (bug 659).
-o   Fix packet length for browse list reply (bug 771).
-o   Fix coredump in cli_get_backup_list().
-o   Make sure that we expand %N (bug 612).
-o   Allow rpcclient adddriver command to specify printer driver 
-    version (bug 514).
-o   Compile tdbdump by default.
-o   Apply patches to fix iconv detection for FreeBSD.
-o   Do not allow the 'guest account' to be added to a passdb backend 
-    using smbpasswd or pdbedit (bug 624).
-o   Save LDFLAGS during iconv detection (bug 57).
-o   Run krb5 logins through the username map if the winbindd 
-    lookup fails (bug 698).
-o   Add const for lp_set_name_resolve_order() to avoid compiler 
-    warnings (bug 471).
-o   Add support for the %i macro in smb.conf to stand in for the for
-    the local IP address to which a client connected.
-o   Allow winbindd to match local accounts to domain SID when 
-    'winbind trusted domains only = yes' (bug 680).
-o   Remove code in idmap_ldap that searches the user suffix and group 
-    suffix.  It's not needed and provides inconsistent functionality 
-    from the tdb backend.
-o   Patch to handle munged dial string for Windows 200 TSE.
-o   Correct the "smbldap_open: cannot access when not root error"
-    messages when looking up group information (bug 281).
-o   Skip over the winbind separator when looking up a user.
-    This fixes the bug that prevented local users from
-    matching an AD user when not running winbindd (bug 698).
-o   Fix a problem with configure on *BSD systems. Make sure
-    we add -liconv etc to LDFLAGS.
-o   Fix core dump bug when "security = server" and the authentication
-    server goes away.
-o   Correct crash bug due to an empty munged dial string.
-o   Show files locked by a specific user (smbstatus -u 'user') 
-    (bug 590).
-o   Fix bug preventing print jobs from display in the queue
-    monitor used by Windows NT and later clients (bug 660).
-o   Fix several reported problems with point-n-print from
-    Windows 2000/XP clients due to a bug in the EnumPrinterDataEx()
-    reply (bug 338, 527 & 643).
-o   Fix a handful of potential memory leaks in the LDAP code used
-    by ldapsam[_compat] and the LDAP idmap backend.
-o   Fix for pdbedit error code returns (bug 763).
-o   Make sure we only enumerate group mapping entries  (not 
-    /etc/group) even when doing local aliases.
-o   Relax check on the pipe name in a dce/rpc bind response to work 
-    around issues with establishing trusts to a Windows 2003 domain.
-o   Ensure we mangle names ending in '.' in hash2 mangling method.
-o   Correct parsing issues with munged dial string.
-o   Fix bugs in quota support for XFS.
-o   Add a cleaner method for applications that need to provide 
-    name->SID mappings to do this via NSS rather than having to 
-    know the winbindd pipe protocol.
-o   Adds a variant of the winbindd_getgroups() call called 
-    winbindd_getusersids() that provides direct SID->SIDs listing of 
-    a users supplementary groups. This is enough to allow non-Samba 
-    applications to do ACL checking.
-o   Make sure we don't append the 'ldap suffix' when writing out the 
-    'ldap XXX suffix' values in SWAT (bug 328).
-o   Fix renames across file systems.
-o   Ensure that items in a list of strings containing whitespace are 
-    written out surrounded by single quotes.  This means that both 
-    double and single quotes are now used to surround strings in 
-    smb.conf (bug 481).
-o   Enable SWAT to correctly determine if winbindd is running (bug 
-    398).
-o   Include WWW-Authenticate field in 401 response for bad auth 
-    attempt (bug 629).
-o   Add support for NTLM2 (NTLMv2 session security).
-o   Add support for variable-length session keys.
-o   More privilege fixes for group enumeration in LDAP (bug 281).
-o   Use the dns name (or IP) as the originating client name when
-    using CUPS (bug 467).
-o   Fix various SMB signing bugs.
-o   Fix ACL propagation on a DFS root (bug 263).
-o   Disable NTLM2 for RPC pipes.
-o   Allow the client to specify the NTLM2 flags got NTLMSSP 
-    authentication.
-o   Change the name of the job passed off to cups from "Test Page" 
-    to "smbprn.00000033 Test Page" so that we can get the smb 
-    jobid back. This allow users to delete jobs with cups printing 
-    backend (partial work on bug 770).
-o   Fix build of winbindd with static pdb modules.
-o   Retrieve the correct ACL group bits if the file has an ACL 
-    (bug 802).
-o   Implement "net rpc group members": Get members of a domain group 
-    in human-readable format.
-o   Add MacOSX (Darwin) specific charset module code.
-o   Use samr_dispinfo(level == 1) for enumerating domain users so we 
-    can include the full name in gecos field (bug 587).
-o   Add support for winbind's NSS library on FeeeBSD 5.1 (bug 797).
-o   Implement 'net rpc group list [global|local|builtin]*' for a 
-    select listing of the respective user databases.
-o   Don't automatically set NT status code flag unless client tells 
-    us it can cope.
-o   Add 'net status [sessions|shares] [parseable]'.
-o   Don't mistake pre-existing UNIX jobs for smb jobs (remainder of  
-    bug 770).
-o   Add 'Replicator' and 'RAS Servers' to list of builtin SIDs 
-   (bug 608).
-o   Fix inverted logic in hosts allow/deny checks caused by 
-    s/strcmp/strequal/ (bug 846).
-o   Implement correct version SamrRemoveSidForeignDomain() (bug 252).
-o   Fix typo in 'hash' mangling algorithm.
-o   Support munged dial for ldapsam (bug 800).
-o   Fix process_incoming_data() to return the number of bytes handled 
-    this call whether we have a complete PDU or not; fixes bug 
-    with multiple PDU request rpc's broken over SMBwriteX calls 
-    each.
-o   Fix incorrect smb flags2 for connections to pre-NT servers 
-    (causes smbclient to fail to OS2 for example) (bug 821).
-o   Update version string in smbldap-tools Makefile to 0.8.2.
-o   Correct a problem with "net rpc vampire" mis-parsing the 
-    alias member info reply.
-o   Ensure the ${libdir} is created by the installclientlib script.
-o   Fix detection of Windows 2003 client architecture in the smb.conf
-    %a variable.
-o   Ensure that smbd calls the add user script for a missing UNIX 
-    user on kerberos auth call (bug 445).
-o   Fix bugs in hosts allow/deny when using a mismatched 
-    network/netmask pair.
-o   Protect alloc_sub_basic() from crashing when the source string 
-    is NULL (partial work on bug 687).
-o   Fix spinlocks on IRIX.
-o   Corrected some bad destination paths when running "configure 
-    --with-fhs".
-o   Add packaging files for Fedora Core 1.
-o   Correct bug in SWAT install script for non-english languages.
-o   Support character set ISO-8859-1 internally (bug 558).
-o   Fixed more LDAP access errors when looking up group mappings 
-    (bug 281).
-o   Fix UNISTR2 length bug in LsaQueryInfo(3) that caused SID 
-    resolution to fail on local files on on domain members 
-    (bug 875).
-o   Fix uninitialized variable in passdb.c.
-o   Fix formal parameter type in get_static() in nsswitch/wins.c.
-o   Fix problem mounting directories when mount.cifs is installed 
-    with the setuid bit on.
-o   Fix bug that prevent --mandir from overriding the defaults
-    given in the --with-fhs macro.
-o   Fix bug in in-memory Kerberos keytab detection routines 
-    in configure.in
-
-
-
-######################################################################
-
-              =======================================
-              The original 3.0.0 release notes follow	       
-              =======================================
-
-
-Major new features:
--------------------
-
-1)  Active Directory support.  Samba 3.0 is now able to  
-    join a ADS realm as a member server and authenticate 
-    users using LDAP/Kerberos.
-
-2)  Unicode support. Samba will now negotiate UNICODE on the wire 
-    and internally there is now a much better infrastructure for 
-    multi-byte and UNICODE character sets.
-
-3)  New authentication system. The internal authentication system 
-    has been almost completely rewritten. Most of the changes are 
-    internal, but the new auth system is also very configurable.
-
-4)  New default filename mangling system.
-
-5)  A new "net" command has been added. It is somewhat similar to 
-    the "net" command in windows. Eventually we plan to replace 
-    numerous other utilities (such as smbpasswd) with subcommands 
-    in "net".
-
-6)  Samba now negotiates NT-style status32 codes on the wire. This
-    improves error handling a lot.
-
-7)  Better Windows 2000/XP/2003 printing support including publishing
-    printer attributes in active directory.
-
-8)  New loadable module support for passdb backends and character 
-    sets.
-
-9)  New default dual-daemon winbindd support for better performance.
-
-10) Support for migrating from a Windows NT 4.0 domain to a Samba 
-    domain and maintaining user, group and domain SIDs.
-
-11) Support for establishing trust relationships with Windows NT 4.0
-    domain controllers.
-  
-12) Initial support for a distributed Winbind architecture using
-    an LDAP directory for storing SID to uid/gid mappings.
-  
-13) Major updates to the Samba documentation tree.
-
-14) Full support for client and server SMB signing to ensure
-    compatibility with default Windows 2003 security settings.
-
-15) Improvement of ACL mapping features based on code donated by
-    Andreas Grünbacher.
-
-
-Plus lots of other improvements!
-
-
-Additional Documentation
-------------------------
-
-Please refer to Samba documentation tree (included in the docs/ 
-subdirectory) for extensive explanations of installing, configuring
-and maintaining Samba 3.0 servers and clients.  It is advised to 
-begin with the Samba-HOWTO-Collection for overviews and specific 
-tasks (the current book is up to approximately 400 pages) and to 
-refer to the various man pages for information on individual options.
-
-We are very glad to be able to include the second edition of
-"Using Samba" by Jay Ts, Robert Eckstein, and David Collier-Brown
-(O'Reilly & Associates) in this release.  The book is available
-on-line at http://samba.org/samba/docs/ and is included with 
-the Samba Web Administration Tool (SWAT).  Thanks to the authors and
-publisher for making "Using Samba" under the GNU Free Documentation 
-License.
-
-
-######################################################################
-Upgrading from a previous Samba 3.0 beta
-########################################
-
-Beginning with Samba 3.0.0beta3, the RID allocation functions
-have been moved into winbindd.  Previously these were handled
-by each passdb backend.  This means that winbindd must be running
-to automatically allocate RIDs for users and/or groups.  Otherwise,
-smbd will use the 2.2 algorithm for generating new RIDs.
-
-If you are using 'passdb backend = tdbsam' with a previous Samba 
-3.0 beta release (or possibly alpha), it may be necessary to 
-move the RID_COUNTER entry from /usr/local/samba/private/passdb.tdb
-to winbindd_idmap.tdb.  To do this:
-
-1)  Ensure that winbindd_idmap.tdb exists (launch winbindd at least 
-    once)
-2)  build tdbtool by executing 'make tdbtool' in the source/tdb/ 
-    directory
-3)  run: (note that 'tdb>' is the tool's prompt for input)
-
-       root# ./tdbtool /usr/local/samba/private/passdb.tdb
-       tdb> show RID_COUNTER
-       key 12 bytes
-       RID_COUNTER
-       data 4 bytes
-       [000] 0A 52 00 00                                       .R.
-
-       tdb> move RID_COUNTER /usr/local/samba/var/locks/winbindd_idmap.tdb
-       ....
-       record moved
-
-If you are using 'passdb backend = ldapsam', it will be necessary to 
-store idmap entries in the LDAP directory as well (i.e. idmap backend 
-= ldap).  Refer to the 'net idmap' command for more information on 
-migrating SID<->UNIX id mappings from one backend to another.
-
-If the RID_COUNTER record does not exist, then these instructions are
-unneccessary and the new RID_COUNTER record will be correctly generated
-if needed.  
-
-
-
-########################
-Upgrading from Samba 2.2
-########################
-
-This section is provided to help administrators understand the details
-involved with upgrading a Samba 2.2 server to Samba 3.0.
-
-
-Building
---------
-
-Many of the options to the GNU autoconf script have been modified 
-in the 3.0 release.  The most noticeable are:
-
-  * removal of --with-tdbsam (is now included by default; see section
-    on passdb backends and authentication for more details)
-    
-  * --with-ldapsam is now on used to provided backward compatible
-    parameters for LDAP enabled Samba 2.2 servers.  Refer to the passdb 
-    backend and authentication section for more details
-  
-  * inclusion of non-standard passdb modules may be enabled using
-    --with-expsam.  This includes an XML backend and a mysql backend.
-      
-  * removal of --with-msdfs (is now enabled by default)
-  
-  * removal of --with-ssl (no longer supported)
-  
-  * --with-utmp now defaults to 'yes' on supported systems
-  
-  * --with-sendfile-support is now enabled by default on supported 
-    systems
-  
-    
-Parameters
-----------
-
-This section contains a brief listing of changes to smb.conf options
-in the 3.0.0 release.  Please refer to the smb.conf(5) man page for
-complete descriptions of new or modified parameters.
-
-Removed Parameters (order alphabetically):
-
-  * admin log
-  * alternate permissions
-  * character set
-  * client codepage
-  * code page directory
-  * coding system
-  * domain admin group
-  * domain guest group
-  * force unknown acl user
-  * hide local users
-  * mangled stack
-  * nt smb support
-  * postscript
-  * printer driver
-  * printer driver file
-  * printer driver location
-  * read size
-  * source environment
-  * status
-  * strip dot
-  * total print jobs
-  * use rhosts
-  * valid chars
-  * vfs options
-
-New Parameters (new parameters have been grouped by function):
-
-  Remote management
-  -----------------
-  * abort shutdown script
-  * shutdown script
-
-  User and Group Account Management
-  ---------------------------------
-  * add group script
-  * add machine script
-  * add user to group script
-  * algorithmic rid base
-  * delete group script
-  * delete user from group script
-  * passdb backend
-  * set primary group script
-
-  Authentication
-  --------------
-  * auth methods
-  * realm
-  * passwd chat timeout
-
-  Protocol Options
-  ----------------
-  * client lanman auth
-  * client NTLMv2 auth
-  * client schannel
-  * client signing
-  * client use spnego
-  * disable netbios
-  * ntlm auth
-  * paranoid server security
-  * server schannel
-  * server signing
-  * smb ports
-  * use spnego
-
-  File Service
-  ------------
-  * get quota command
-  * hide special files
-  * hide unwriteable files
-  * hostname lookups
-  * kernel change notify
-  * mangle prefix
-  * map acl inherit
-  * msdfs proxy
-  * set quota command
-  * use sendfile
-  * vfs objects
-  
-  Printing
-  --------
-  * max reported print jobs
-
-  UNICODE and Character Sets
-  --------------------------
-  * display charset
-  * dos charset
-  * unicode
-  * unix charset
-  
-  SID to uid/gid Mappings
-  -----------------------
-  * idmap backend
-  * idmap gid
-  * idmap uid
-  * winbind enable local accounts
-  * winbind trusted domains only
-  * template primary group
-  * enable rid algorithm
-
-  LDAP
-  ----
-  * ldap delete dn
-  * ldap group suffix
-  * ldap idmap suffix
-  * ldap machine suffix
-  * ldap passwd sync
-  * ldap replication sleep
-  * ldap user suffix
-  
-  General Configuration
-  ---------------------
-  * preload modules
-  * private dir
-
-Modified Parameters (changes in behavior):
-
-  * encrypt passwords (enabled by default)
-  * mangling method (set to 'hash2' by default)
-  * passwd chat
-  * passwd program
-  * restrict anonymous (integer value)
-  * security (new 'ads' value)
-  * strict locking (enabled by default)
-  * unix extensions (enabled by default)
-  * winbind cache time (increased to 5 minutes)
-  * winbind uid (deprecated in favor of 'idmap uid')
-  * winbind gid (deprecated in favor of 'idmap gid')
-
-
-Databases
----------
-
-This section contains brief descriptions of any new databases 
-introduced in Samba 3.0.  Please remember to backup your existing 
-${lock directory}/*tdb before upgrading to Samba 3.0.  Samba will 
-upgrade databases as they are opened (if necessary), but downgrading 
-from 3.0 to 2.2 is an unsupported path.
-
-Name                    Description                             Backup?
-----                    -----------                             -------
-account_policy          User policy settings                    yes
-gencache                Generic caching db                      no
-group_mapping           Mapping table from Windows              yes
-                        groups/SID to unix groups        
-winbindd_idmap          ID map table from SIDS to UNIX          yes
-                        uids/gids.
-namecache               Name resolution cache entries           no
-netsamlogon_cache       Cache of NET_USER_INFO_3 structure      no
-                        returned as part of a successful
-                        net_sam_logon request 
-printing/*.tdb          Cached output from 'lpq                 no
-                        command' created on a per print 
-                        service basis
-registry                Read-only samba registry skeleton       no
-                        that provides support for exporting
-                        various db tables via the winreg RPCs
-
-
-Changes in Behavior
--------------------
-
-The following issues are known changes in behavior between Samba 2.2 and 
-Samba 3.0 that may affect certain installations of Samba.
-
-  1)  When operating as a member of a Windows domain, Samba 2.2 would 
-      map any users authenticated by the remote DC to the 'guest account'
-      if a uid could not be obtained via the getpwnam() call.  Samba 3.0
-      rejects the connection as NT_STATUS_LOGON_FAILURE.  There is no 
-      current work around to re-establish the 2.2 behavior.
-      
-  2)  When adding machines to a Samba 2.2 controlled domain, the 
-      'add user script' was used to create the UNIX identity of the 
-      machine trust account.  Samba 3.0 introduces a new 'add machine 
-      script' that must be specified for this purpose.  Samba 3.0 will
-      not fall back to using the 'add user script' in the absence of 
-      an 'add machine script'
-  
-
-######################################################################
-Passdb Backends and Authentication
-##################################
-
-There have been a few new changes that Samba administrators should be
-aware of when moving to Samba 3.0.
-
-  1) encrypted passwords have been enabled by default in order to 
-     inter-operate better with out-of-the-box Windows client 
-     installations.  This does mean that either (a) a samba account
-     must be created for each user, or (b) 'encrypt passwords = no'
-     must be explicitly defined in smb.conf.
-    
-  2) Inclusion of new 'security = ads' option for integration 
-     with an Active Directory domain using the native Windows
-     Kerberos 5 and LDAP protocols.
-
-     MIT kerberos 1.3.1 supports the ARCFOUR-HMAC-MD5 encryption 
-     type which is neccessary for servers on which the 
-     administrator password has not been changed, or kerberos-enabled 
-     SMB connections to servers that require Kerberos SMB signing.
-     Besides this one difference, either MIT or Heimdal Kerberos
-     distributions are usable by Samba 3.0.
-     
-
-Samba 3.0 also includes the possibility of setting up chains
-of authentication methods (auth methods) and account storage 
-backends (passdb backend).  Please refer to the smb.conf(5) 
-man page for details.  While both parameters assume sane default 
-values, it is likely that you will need to understand what the 
-values actually mean in order to ensure Samba operates correctly.
-
-The recommended passdb backends at this time are
-
-  * smbpasswd - 2.2 compatible flat file format
-  * tdbsam - attribute rich database intended as an smbpasswd
-    replacement for stand alone servers
-  * ldapsam - attribute rich account storage and retrieval 
-    backend utilizing an LDAP directory.  
-  * ldapsam_compat - a 2.2 backward compatible LDAP account 
-    backend
-    
-Certain functions of the smbpasswd(8) tool have been split between the 
-new smbpasswd(8) utility, the net(8) tool, and the new pdbedit(8) 
-utility.  See the respective man pages for details.
-    
-     
-######################################################################
-LDAP
-####
-
-This section outlines the new features affecting Samba / LDAP 
-integration.
-
-New Schema
-----------
-  
-A new object class (sambaSamAccount) has been introduced to replace 
-the old sambaAccount.  This change aids us in the renaming of 
-attributes to prevent clashes with attributes from other vendors.  
-There is a conversion script (examples/LDAP/convertSambaAccount) to 
-modify and LDIF file to the new schema.
-  
-Example:
-  
-  $ ldapsearch .... -b "ou=people,dc=..." > sambaAcct.ldif
-  $ convertSambaAccount --sid=<Domain SID> \
-    --input=sambaAcct.ldif --output=sambaSamAcct.ldif \
-    --changetype=[modify|add]
-	
-The <DOM SID> can be obtained by running 'net getlocalsid 
-<DOMAINNAME>' on the Samba PDC as root.  The changetype determines 
-the format of the generated LDIF output--either create new entries 
-or modify existing entries.
-    
-The old sambaAccount schema may still be used by specifying the 
-"ldapsam_compat" passdb backend.  However, the sambaAccount and
-associated attributes have been moved to the historical section of
-the schema file and must be uncommented before use if needed.
-The 2.2 object class declaration for a sambaAccount has not changed
-in the 3.0 samba.schema file. 
-  
-Other new object classes and their uses include:
-  
-  * sambaDomain - domain information used to allocate rids 
-    for users and groups as necessary.  The attributes are added
-    in 'ldap suffix' directory entry automatically if 
-    an idmap uid/gid range has been set and the 'ldapsam'
-    passdb backend has been selected.
-      
-  * sambaGroupMapping - an object representing the 
-    relationship between a posixGroup and a Windows
-    group/SID.  These entries are stored in the 'ldap 
-    group suffix' and managed by the 'net groupmap' command.
-    
-  * sambaUnixIdPool - created in the 'ldap idmap suffix' entry 
-    automatically and contains the next available 'idmap uid' and 
-    'idmap gid'
-    
-  * sambaIdmapEntry - object storing a mapping between a 
-    SID and a UNIX uid/gid.  These objects are created by the 
-    idmap_ldap module as needed.
-
-  * sambaSidEntry - object representing a SID alone, as a Structural
-    class on which to build the sambaIdmapEntry.
-
-    
-New Suffix for Searching
-------------------------
-  
-The following new smb.conf parameters have been added to aid in directing
-certain LDAP queries when 'passdb backend = ldapsam://...' has been
-specified.
-
-  * ldap suffix         - used to search for user and computer accounts
-  * ldap user suffix    - used to store user accounts
-  * ldap machine suffix - used to store machine trust accounts
-  * ldap group suffix   - location of posixGroup/sambaGroupMapping entries
-  * ldap idmap suffix   - location of sambaIdmapEntry objects
-
-If an 'ldap suffix' is defined, it will be appended to all of the 
-remaining sub-suffix parameters.  In this case, the order of the suffix
-listings in smb.conf is important.  Always place the 'ldap suffix' first
-in the list.  
-
-Due to a limitation in Samba's smb.conf parsing, you should not surround 
-the DN's with quotation marks.
-
-
-IdMap LDAP support
-------------------
-
-Samba 3.0 supports an ldap backend for the idmap subsystem.  The 
-following options would inform Samba that the idmap table should be
-stored on the directory server onterose in the "ou=idmap,dc=plainjoe,
-dc=org" partition.
-
- [global]
-    ...
-    idmap backend     = ldap:ldap://onterose/
-    ldap idmap suffix = ou=idmap,dc=plainjoe,dc=org
-    idmap uid         = 40000-50000
-    idmap gid         = 40000-50000
-
-This configuration allows winbind installations on multiple servers to
-share a uid/gid number space, thus avoiding the interoperability problems
-with NFS that were present in Samba 2.2.
-    
-
-
-######################################################################
-Trust Relationships and a Samba Domain
-######################################
-
-Samba 3.0.0beta2 is able to utilize winbindd as the means of 
-allocating uids and gids to trusted users and groups.  More
-information regarding Samba's support for establishing trust 
-relationships can be found in the Samba-HOWTO-Collection included
-in the docs/ directory of this release.
-
-First create your Samba PDC and ensure that everything is 
-working correctly before moving on the trusts.
-
-To establish Samba as the trusting domain (named SAMBA) from a Windows NT
-4.0 domain named WINDOWS:
-
-  1) create the trust account for SAMBA in "User Manager for Domains"
-  2) connect the trust from the Samba domain using
-     'net rpc trustdom establish GLASS'
-
-To create a trustlationship with SAMBA as the trusted domain:
-
-  1) create the initial trust account for GLASS using
-     'smbpasswd -a -i GLASS'.  You may need to create a UNIX
-     account for GLASS$ prior to this step (depending on your
-     local configuration).
-  2) connect the trust from a WINDOWS DC using "User Manager
-     for Domains"
-
-Now join winbindd on the Samba PDC to the SAMBA domain using
-the normal steps for adding a Samba server to an NT4 domain:
-(note that smbd & nmbd must be running at this point)
-
-   root# net rpc join -U root
-   Password: <enter root password from smbpasswd file here>
-
-Start winbindd and test the join with 'wbinfo -t'.
-
-Now test the trust relationship by connecting to the SAMBA DC
-(e.g. POGO) as a user from the WINDOWS domain:
-
-   $ smbclient //pogo/netlogon -U Administrator -W WINDOWS
-   Password:
-
-Now connect to the WINDOWS DC (e.g. CRYSTAL) as a Samba user:
-
-   $ smbclient //crystal/netlogon -U root -W WINDOWS
-   Password:
-
-######################################################################
-Changes in Winbind
-##################
-
-Beginning with Samba3.0.0beta3, winbindd has been given new account
-manage functionality equivalent to the 'add user script' family of
-smb.conf parameters.  The idmap design has also been changed to 
-centralize control of foreign SID lookups and matching to UNIX 
-uids and gids.
-
-
-Brief Description of Changes
-----------------------------
-
-1) The sid_to_uid() family of functions (smbd/uid.c) have been 
-   reverted to the 2.2.x design.  This means that when resolving a 
-   SID to a UID or similar mapping:
-
-        a) First consult winbindd
-        b) perform a local lookup only if winbindd fails to
-           return a successful answer
-
-   There are some variations to this, but these two rules generally
-   apply.
-
-2) All idmap lookups have been moved into winbindd.  This means that
-   a server must run winbindd (and support NSS) in order to achieve
-   any mappings of SID to dynamically allocated UNIX ids.  This was
-   a conscious design choice.
-
-3) New functions have been added to winbindd to emulate the 'add user 
-   script' family of smbd functions without requiring that external
-   scripts be defined.  This functionality is controlled by the 'winbind 
-   enable local accounts' smb.conf parameter (enabled by default).
-
-   However, this account management functionality is only supported 
-   in a local tdb (winbindd_idmap.tdb).  If these new UNIX accounts 
-   must be shared among multiple Samba servers (such as a PDC and BDCs), 
-   it will be necessary to define your own 'add user script', et. al.
-   programs that place the accounts/groups in some form of directory
-   such as NIS or LDAP.  This requirement was deemed beyond the scope
-   of winbind's account management functions.  Solutions for 
-   distributing UNIX system information have been deployed and tested 
-   for many years.  We saw no need to reinvent the wheel.
-
-4) A member of a Samba controlled domain running winbindd is now able 
-   to map domain users directly onto existing UNIX accounts while still
-   automatically creating accounts for trusted users and groups.  This
-   behavior is controlled by the 'winbind trusted domains only' smb.conf
-   parameter (disabled by default to provide 2.2.x winbind behavior).
-
-5) Group mapping support is wrapped in the local_XX_to_XX() functions
-   in smbd/uid.c.  The reason that group mappings are not included
-   in winbindd is because the purpose of Samba's group map is to
-   match any Windows SID with an existing UNIX group.  These UNIX
-   groups can be created by winbindd (see next section), but the
-   SID<->gid mapping is retreived by smbd, not winbindd.
-
-
-Examples
---------
-
-* security = server running winbindd to allocate accounts on demand
-
-* Samba PDC running winbindd to handle the automatic creation of UNIX
-  identities for machine trust accounts
-
-* Automtically creating UNIX user and groups when migrating a Windows NT
-  4.0 PDC to a Samba PDC.  Winbindd must be running when executing
-  'net rpc vampire' for this to work.
-
-   
-######################################################################
-Known Issues
-############
-
-* There are several bugs currently logged against the 3.0 codebase
-  that affect the use of NT 4.0 GUI domain management tools when run
-  against a Samba 3.0 PDC.  This bugs should be released in an early 
-  3.0.x release.
-
-Please refer to https://bugzilla.samba.org/ for a current list of bugs 
-filed against the Samba 3.0 codebase.
-
-
-######################################################################
-Reporting bugs & Development Discussion
-#######################################
-
-Please discuss this release on the samba-technical mailing list or by
-joining the #samba-technical IRC channel on irc.freenode.net.
-
-If you do report problems then please try to send high quality
-feedback. If you don't provide vital information to help us track down
-the problem then you will probably be ignored.  
-
-A new bugzilla installation has been established to help support the 
-Samba 3.0 community of users.  This server, located at 
-https://bugzilla.samba.org/, has replaced the older jitterbug server 
-previously located at http://bugs.samba.org/.
-
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-3.0.2a.html b/whatsnew/samba-3.0.2a.html
deleted file mode 100755
index 7b4233c..0000000
--- a/whatsnew/samba-3.0.2a.html
+++ /dev/null
@@ -1,1337 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2 align="center">Samba 3.0.2a Available for Download</H2>
-
-<p>
-<pre>
-Samba 3.0.2a is a minor patch release for the 3.0.2 code base
-to address, in particular, a problem when using pdbedit to 
-sanitize (--force-initialized-passwords) Samba's tdbsam 
-backend.   This is the latest stable release of Samba. This 
-is the version that all production Samba servers should be 
-running for all current bug-fixes.  
-
-******************* <em>Attention! Achtung! Kree!</em> *********************
-
-Beginning with Samba 3.0.2, passwords for accounts with a last 
-change time (LCT-XXX in smbpasswd, sambaPwdLastSet attribute in
-ldapsam, etc...) of zero (0) will be regarded as uninitialized 
-strings.  This will cause authentication to fail for such
-accounts.  If you have valid passwords that meet this criteria, 
-you must update the last change time to a non-zero value.  If you 
-do not, then  'pdbedit --force-initialized-passwords' will disable 
-these accounts and reset the password hashes to a string of X's.
-
-******************* <em>Attention! Achtung! Kree!</em> *********************
-
-
-######################################################################
-Changes
-#######
-
-Changes since 3.0.2
--------------------
-
-commits
--------
-
-Please refer to the CVS log for the SAMBA_3_0 branch for complete
-details.  The list of changes per contributor are as follows:
-
-
-o   Jeremy Allison <jra@samba.org>
-    * Added paranoia checks in parsing code.
-    
-
-o   Andrew Bartlet <abartlet@samba.org>
-    * Ensure that changes to uninitialized passwords in ldapsam 
-      are written to the DIT.
-
-
-o   Gerald (Jerry) Carter <jerry@samba.org>
-    * Fixed iterator in tdbsam.
-    * Fix bug that disabled accounts with a valid NT password 
-      hash, but no LanMan hash.
-    
-
-o   Steve French <sfrench@us.ibm.com>
-    * Added missing nosetuid and noexec options.
-
-    
-o   Bostjan Golob <golob@gimb.org>
-    * BUG 1046: Don't overwrite usernames of entries returned 
-      by getpwent_list().
-
-
-o   Sebastian Krahmer <krahmer@suse.de>
-    * Fixed potential crash bug in NTLMSSP parsing code.
-
-
-o   Tim Potter <tpot@samba.org>
-    * Fixed logic in tdb_brlock error checking.
-
-    
-o   Urban Widmark <urban@teststation.com>
-    * Set nosuid,nodev flags in smbmnt by default.
-
-
-Changes for older versions follow below:
-
-        --------------------------------------------------
-
-                  =============================
-                  Release Notes for Samba 3.0.2
-                        February 9, 2004
-                  =============================
-
-<em>Security Announcement:</em> It has been confirmed that 
-previous versions of Samba 3.0 are susceptible to a password 
-initialization bug that could grant an attacker unauthorized 
-access to a user account created by the mksmbpasswd.sh shell 
-script.
-
-The Common Vulnerabilities and Exposures project (cve.mitre.org) 
-has assigned the name CAN-2004-0082 to this issue.
-
-Samba administrators not wishing to upgrade to the current 
-version should download the 3.0.2 release, build the pdbedit 
-tool, and run 
-
-   root# pdbedit-3.0.2 --force-initialized-passwords
-      
-This will disable all accounts not possessing a valid password
-(e.g. the password field has been set a string of X's).
-
-Samba servers running 3.0.2 are not vulnerable to this bug 
-regardless of whether or not pdbedit has been used to sanitize
-the passdb backend.
-
-Some of the more visible bugs in 3.0.1 addressed in the 3.0.2
-release include:
-
-  o Joining a Samba domain from Pre-SP2 Windows 2000 clients.
-  o Logging onto a Samba domain from Windows XP clients.
-  o Problems with the %U and %u smb.conf variables in relation to 
-    Windows 9x/ME clients.
-  o Kerberos failures due to an invalid in memory keytab detection
-    test.
-  o Updates to the ntlm_auth tool.
-  o Fixes for various SMB signing errors.
-  o Better separation of WINS and DNS queries for domain controllers.
-  o Issues with nss_winbind FreeBSD and Solaris.
-  o Several crash bugs in smbd and winbindd.
-  o Output formatting fixes for smbclient for better compatibility
-    with scripts based on the 2.2 version.
-
-
-Changes since 3.0.1
--------------------
-
-smb.conf changes
-----------------
-
-    Parameter Name              Action
-    --------------              ------
-    ldap replication sleep      New
-    read size                   removed (unused)
-    source environment          removed (unused)
-
-
-commits
--------
-
-Please refer to the CVS log for the SAMBA_3_0 branch for complete
-details.  The list of changes per contributor are as follows:
-
-o   Jeremy Allison <jra@samba.org>
-    * Revert change that broke Exchange clear text samlogons.
-    * Fix gcc 3.4 warning in MS-DFS code.
-    * Tidy up of NTLMSSP code.
-    * Fixes for SMB signing errors
-    * BUG 815: Workaround NT4 bug to support plaintext
-      password logins and UNICODE.
-    * Fix SMB signing bug when copying large files.
-    * Correct error logic in mkdir_internals() (caused a panic
-      when combined with --enable-developer).
-    * BUG 830: Protect against crashes due to bad character 
-      conversions.
-
-      
-o   Petri Asikainen <paca@sci.fi>
-    * BUG 330, 387:Fix single valued attribute updates when 
-      working with Novell NDS.
-
-
-o   Andrew Bartlet <abartlet@samba.org>
-    * Correctly handle per-pipe NTLMSSP inside a NULL session.
-    * Fix segfault in gencache 
-    * Fix early free() of encrypted_session_key.
-    * Change DC lookup routines to more carefully separate
-      DNS names (realms) from NetBIOS domain names.
-    * Add new sid_to_dn() function for internal winbindd use.
-    * Refactor cli_ds_enum_domain_trusts().
-    * BUG 707: Implement range retrieval of ADS attributes (based 
-      on work from Volker <vl@samba.org> and Guenther Deschner 
-      <gd@suse.com>).
-    * Automatically initialize the signing engine if a session key
-      is available.
-    * BUG 916: Do not perform a + -> ' ' substitution for squid URL 
-      encoded strings, only form input in SWAT.
-    * Resets the NTLMSSP state for new negotiate packets.
-    * Add 2-byte alignments in net_samlogon() queries to parse 
-      odd-length plain text passwords.
-    * Allow Windows groups with no members in winbindd.
-    * Allow normal authentication in the absence of a server 
-      generated session key.
-    * More optimizations for looking up UNIX group lists.
-    * Clean up error codes and return values for pam_winbindd
-      and winbindd PAM interface.
-    * Fix string return values in ntlm_auth tool.
-    * Fix segfault when 'security = ads' but no realm is defined.
-    * BUG 722: Allow winbindd to map machine accounts to uids.
-    * More cleanups for winbindd's find_our_domain().
-    * More clearly detect whether a domain controller is an NT4
-      or mixed-mode AD DC (additional bug fixes by jerry & jmcd).
-    * Increase separation between DNS queries for hosts and queries
-      for AD domain controllers.
-    * Include additional NT_STATUS to PAM error mappings.
-    * Password initialization fixes.
-
-    
-o   Justin Baugh <justin.baugh@request.com>
-    * BUG 948: Implement missing functions required for FreeBSD 
-      nss_winbind support. 
-
-
-o   Alexander Bokovoy <ab@samba.org>
-    * BUG 922: Make sure enable fast path for strlower_m() and 
-      strupper_m().
-
-
-o   Luca Bolcioni <Luca.Bolcioni@yacme.com>
-    * Fix crash when using 'security = server' and 'encrypt 
-      passwords = no' by always initializing the session key.
-
-      
-o   Dmitry Butskoj <buc@odusz.elektra.ru>
-    * Fix for special files being hidden from admins.
-
-
-o   Gerald (Jerry) Carter <jerry@samba.org>
-    * Fix bug in the lanman session key generation.  Caused 
-      "decode_pw: incorrect password length" error messages.
-    * Save the right case for the located user name in 
-      fill_sam_account().  Fixes %U/%u expansion for win9x clients.
-    * BUG 897: Add well known rid for pre win2k compatible access
-      group.
-    * BUG 887: Correct typo in delete user script example.
-    * Use short lived TALLOC_CTX* for allocating printer objects 
-      from the print handle cache.
-    * BUG 912: Fix check for HAVE_MEMORY_KEYTAB.
-    * Fix several warnings reported by the SUN Forte C compiler.
-    * Fully control DNS queries for AD DC's using 'name resolve order'.
-    * BUG 770: Send the SMBjobid for UNIX jobs back to the client.
-    * BUG 972: Fix segfault in cli_ds_getprimarydominfo().
-    * BUG 936: fix bind credentials for schannel binds in smbd.
-    * BUG 446: Fix output of smbclient for better compatibility 
-      with scripts based on the 2.2 version (including Amanda).
-    * BUG 891, 949: Fedora packaging fixes.
-    * Fix bug that caused rpcclient to incorrectly retrieve 
-      the SID for a server (this causing all calls that required 
-      this information to fail). 
-    * BUG 977: Don't create a homes share for a user if a static 
-      share already exists by the same name.
-    * Removed unused smb.conf options.
-    * Password initialization fixes.
-    * Set the disable flag for template accounts created by
-      mksmbpasswd.sh.
-    * Disable any account has no passwords and does not have the
-      ACB_PWNOTREQ bit set.
-
-
-o   Guenther Deschner <gd@suse.com>
-    * Install smbwrapper.so should be put into the $(libdir) 
-      and not $(bindir).
-    * Add the capability to specify the new user password 
-      for "net ads password" on the command line.
-    * Correctly detect AFS headers on SuSE.
-	
-
-o   James Flemer <jflemer@uvm.edu>
-    * Fix AIX compile bug by linking HAVE_ATTR_LIST to 
-      HAVE_SYS_ATTRIBUTES_H.
-
-
-o   Luke Howard <lukeh@PADL.COM>
-    * Fix segfault in session setup reply caused by a early free().
-
-
-o   Stoian Ivanov <sdr@bultra.com>
-    * Implement grepable output for smbclient -L.
-
-
-o   LaMont Jones <lamont@debian.org>
-    * BUG 225328 (Debian): Correct false failure LFS test that resulted 
-      in  _GNU_SOURCE not being defined (thus resulting in strndup() 
-      not being defined).
-
-      
-o   Volker Lendecke <vl@samba.org>
-    * BUG 583: Ensure that user names always contain the short 
-      version of the domain name.
-    * Fix our parsing of the LDAP uri.
-    * Don't show the 'afs username map' in the SWAT basic view.
-    * Fix SMB signing issues in relation to failed NTLMSSP logins.
-    * BUG 924: Fix return codes in smbtorture harness.
-    * Always lower-case usernames before handing it to AFS code.
-    * Add a German translation for SWAT.
-    * Fix a segfaults in winbindd.
-    * Fix the user's domain passed to register_vuid() from 
-      reply_spnego_kerberos().
-    * Add NSS example code in nss_winbind to convert UNIX 
-      id's <-> Windows SIDs.
-    * Display more descriptive error messages for login via 'net'.
-    * Fix compiler warning in the net tool.
-    * Fix length bug when decoding base64 strings.
-    * Ensure we don't call getpwnam() inside a loop that is iterating 
-      over users with getpwent().  This broke on glibc 2.3.2.
-
-
-o   Herb Lewis <herb@samba.org>
-    * Fix bit rot in psec.
-
-
-o   Jianliang Lu <j.lu@tiesse.com>
-    * Ensure we delete the group mapping before calling the delete 
-      group script.
-    * Define well known RID for managing the  "Power Users" group.
-    * BUG 381: check builtin (not local) group SID when updating 
-      group membership.
-    * BUG 101: set the SV_TYPE_PRINTQ_SERVER flag in host announcement 
-      packet.
-
-
-o   John Klinger <john.klinger@lmco.com>
-    * Implement initgroups() call in nss_winbind on Solaris.
-
-
-o   Jim McDonough <jmcd@us.ibm.com>
-    * Fix regression in net rpc join caused by recent changes 
-      to cli_lsa_query_info_policy().
-    * BUG 964: Fix crash bug in 'net rpc join' using a preexisting
-      machine account.
-
-
-o   MORIYAMA Masayuki <moriyama@miraclelinux.com>
-    * BUG 570: Ensure that configure honors the LDFLAGS variable.
-
-
-o   Stefan Metzmacher <metze@samba.org>
-    * Implement LDAP rebind sleep patch.
-    * Revert to 2.2 quota code because of so many broken quota files 
-      out there.
-    * Fix XFS quotas: HAVE_XFS_QUOTA -> HAVE_XFS_QUOTAS
-                      XFS_USER_QUOTA -> USRQUOTA
-                      XFS_GROUP_QUOTA -> GRPQUOTA
-    * Fix disk_free calculation with group quotas.
-    * Add debug class 'quota' and a lot of DEBUG()'s 
-      to the quota code.
-    * Fix sys_chown() when no chown() is present.
-    * Add SIGABRT to fault handling in order to catch got a 
-      backtrace if an error occurs the OpenLDAP client libs.
-
-
-o   <ndb@theghet.to>
-    * Allow an existing LDAP machine account to be re-used when 
-      joining an AD domain.
-
-
-o   James Peach <jpeach@sgi.com>
-    * BUG 889: Change smbd to use pread/pwrite on platforms that 
-      support these calls. Can lead to a significant speed increase.
-
-
-o   Tim Potter <tpot@samba.org>
-    * BUG 905: Remove POBAD_CC to fix Solaris Forte compiles.
-    * BUG 924: Fix typo in RW2 torture test.
-    
-    
-o   Richard Sharpe <shape@samba.org>
-    * Small fixes to torture.c to cleanup the error handling 
-      and prevent crashes.
-
-
-o   J. Tournier <jerome.tournier@IDEALX.com>
-    * Small fixes for the smbldap-tool scripts.
-
-
-o   Andrew Tridgell <tridge@samba.org>
-    * Fix src len check in pull_usc2().
-    
-    
-o   Jelmer Vernooij <jelmer@samba.org>
-    * Put functions for generating SQL queries in pdb_sql.c
-    * Add pgSQL backend (based on patch by Hamish Friedlander)
-    * BUG 908: Fix -s option to smbcontrol.    
-    * Add smbget utility - a wget-clone for the SMB/CIFS protocol.
-    * Fix for libnss_wins on IRIX platforms.
-    * Fix swatdir for --with-fhs.
-
-
-        --------------------------------------------------
-
-                  =============================
-                  Release Notes for Samba 3.0.1
-                        December 15, 2003
-                  =============================
-
-Some of the more common bugs in 3.0.0 addressed in the release 
-include:
-
-  o Substitution problems with smb.conf variables.
-  o Errors in return codes which caused some applications
-    to fail to open files.
-  o General Protection Faults on Windows 2000/XP clients
-    using Samba point-n-print features.
-  o Several miscellaneous crash bugs.
-  o Access problems when enumerating group mappings are
-    stored in an LDAP Directory.
-  o Several common SWAT bugs when writing changes to
-    smb.conf.
-  o Internal inconsistencies when 'winbind use default
-    domain = yes'
-
-
-
-Changes since 3.0.0
-----------------------
-
-    Parameter Name              Action
-    --------------              ------
-    hide local users            Removed
-    mangled map                 Deprecated
-    mangled stack               Removed
-    passwd chat timeout         New
-
-
-commits
--------
-
-o   Change the interface for init_unistr2 to not take a length 
-    but a flags field.  We were assuming that 
-    2*strlen(mb_string) == length of ucs2-le string.  (bug 480).
-o   Allow d_printf() to handle strings with escaped quotation 
-    marks since the msg file includes the escape character (bug 489).
-o   Fix bad html table row termination in SWAT wizard code (bug 413).
-o   Fix to parse the level-2 strings.
-o   Fix for "valid users = %S" in [homes].  Fix read/write 
-    list as well. 
-o   Change AC_CHECK_LIB_EXT to prepend libraries instead of append.  
-    This is the same way AC_CHECK_LIB works (bug 508).
-o   Testparm output fixes for clarity.
-o   Fix broken wins hook functionality -- i18n bug (bug 528).
-o   Take care of condition where DOS and NT error codes must differ.
-o   Default to using only built-in charsets when a working iconv 
-    implementation cannot be located.
-o   Wrap internals of sys_setgroups() so the sys_XX() call can 
-    be done unconditionally (bug 550).
-o   Remove duplicate smbspool link on SWAT's front page (bug 541).
-o   Save and restore CFLAGS before/after AC_PROG_CC.  Ensures that
-    --enable-debug=[yes|no] works correctly.
-o   Allow ^C to interrupt smbpasswd if using our getpass 
-    (e.g. smbpasswd command).
-o   Support signing only on RPC's (bug 167).
-o   Correct bug that prevented  Excel 2000 clients from opening 
-    files marked as read-only.
-o   Portability fix bugs 546 - 549).
-o   Explicitly initialize the value of AR for vendor makes that don't
-    do this (e.g. HPUX 11).  (bug 552).
-o   More i18n fixes for SWAT (bug 413).
-o   Change the cwd before the postexec script to ensure that a
-    umount will succeed.
-o   Correct double free that caused winbindd to crash when a DC 
-    is rebooted (bug 437).
-o   Fix incorrect mode sum (bug 562).
-o   Canonicalize SMB_INFO_ALLOCATION in the same was as
-    SMB_FS_FULL_SIZE_INFORMATION (bug 564).
-o   Add script to generate *msg files.
-o   Add Dutch SWAT translation file.
-o   Make sure to call get_user_groups() with the full winbindd 
-    name for a user if he/she has one (bug 406).
-o   Fix up error code returns from Samba4 tester. Ensure invalid 
-    paths are validated the same way.  
-o   Allow Samba3 to pass the Samba4 RAW-READ tests.
-o   Refuse to configure if --with-expsam=$BACKEND was used but no 
-    libraries were found for $BACKEND.
-o   Move sysquotas autoconf tests to a separate file.
-o   Match W2K w.r.t. writelock and writeclose.  Samba4 torture 
-    tester
-o   Make sure that the files that contain the static_init_$subsystem; 
-    macro get recompiled after configure by removing the object 
-    files.
-o   Ensure canceling a blocking lock returns the correct error 
-    message.
-o   Match Samba 2.2 behavior; make ACB_NORMAL the default ACB value.
-o   Updated Japanese welcome file in SWAT.
-o   Fix to  nt-time <-> unix-time functions reversible.
-o   Ensure that winbindd uses the the escaped DN when querying
-    an AD ldap server.
-o   Fix portability issues when compiling (bug 505, 550)
-o   Compile fix for tdbbackup when Samba needs to override 
-    non-C99 compliant implementations of snprintf().
-o   Use @PICSUFFIX@ instead of .po in Makefile.in (bug 574).
-o   Make sure we break out of samsync loop on error.
-o   Ensure error code path doesn't free unmalloc()'d memory
-    (bug 628).
-o   Add configure test for krb5_keytab_entry keyblock vs key 
-    member (bug 636).
-o   Fixed spinlocks.
-o   Modified testparm so that all output so all debug output goes 
-    to stderr, and all file processing goes to stdout.
-o   Fix error return code for BUFFER_TOO_SMALL in smbcacls 
-    and smbcquotas.
-o   Fix "NULL dest in safe_strcpy()" log message by ensuring that 
-    we have a devmode before copying a string to the devicename.
-o   Support mapping REALM.COM\user to a local user account (without 
-    running winbindd)  for compatibility with 2.2.x release.
-o   Ensure we don't use mmap() on blacklisted systems.
-o   fixed a number of bugs and memory leaks in the AIX 
-    winbindd shim
-o   Call initgroups() in SWAT before becomming the user so that
-    secondary group permissions can be used when writing to 
-    smb.conf.
-o   Fix signing problems when reverse connecting back to a 
-    client for printer notify
-o   Fix signing problems caused by a miss-sequence bug.
-o   Missing map in errormap for ERROR_MORE_DATA -> ERRDOS, ERRmoredata.
-    Fixes NEXUS tools running on Win9x clients (bug 64).
-o   Don't leave the domain field uninitialized in cli_lsa.c if some 
-    SID could not be mapped.
-o   Fix segfault in mount.cifs helper when there is no options 
-    specified during mount.
-o   Change the \n after the password prompt to go to tty instead 
-    of stdout (bug 668).
-o   Stop net -P from prompting for machine account password (bug 451).
-o   Change in behavior to Not only change the effective uid but also
-    the real uid when becoming unprivileged.
-o   Cope with Exchange 5.5 cleartext pop password auth.
-o   New files for support of initshutdown pipe.  Win2k doesn't 
-    respond properly to all requests on the winreg pipe, so we need 
-    to handle this new pipe (bug 534).
-o   Added more va_copy() checks in configure.in.
-o   Include fixes for libsmbclient build problems.
-o   Missing UNIX -> DOS codepage conversion in lanman.c.
-o   Allow DFMS-S filenames can now have arbitrary case (bug 667).
-o   Parameterize the listen backlog in smbd and make it larger by
-    default. A backlog of 5 is way too small these days.
-o   Check for an invalid fid before dereferencing the fsp pointer
-    (bug 696).
-o   Remove invalid memory frees and return codes in pdb_ldap.c.
-o   Prompt for password when invoking --set-auth-user and no 
-    password is given.
-o   Bind the nmbd sending socket to the 'socket address'.
-o   Re-order link command for smbd, rpcclient and smbpasswd to ensure 
-    $LDFLAGS occurs before any library specification (bug 661).
-o   Fix large number of printf() calls for 64-bit size_t.
-o   Fix AC_CHECK_MEMBER so that SLES8 does correctly finds the 
-    keyblock in the krb5 structs.
-o   Remove #include <compat.h> in hopes to avoid problems with 
-    apache header files.
-o   Correct winbindd build problems on HP-UX 11.
-o   Lowercase netgroups lookups (bug 703).
-o   Use the actual size of the buffer in strftime instead of a made
-    up value which just happens to be less than sizeof(fstring).  
-    (bug 713).
-o   Add ldaplibs to pdbedit link line (bug 651).
-o   Fix crash bug in smbclient completion (bug 659).
-o   Fix packet length for browse list reply (bug 771).
-o   Fix coredump in cli_get_backup_list().
-o   Make sure that we expand %N (bug 612).
-o   Allow rpcclient adddriver command to specify printer driver 
-    version (bug 514).
-o   Compile tdbdump by default.
-o   Apply patches to fix iconv detection for FreeBSD.
-o   Do not allow the 'guest account' to be added to a passdb backend 
-    using smbpasswd or pdbedit (bug 624).
-o   Save LDFLAGS during iconv detection (bug 57).
-o   Run krb5 logins through the username map if the winbindd 
-    lookup fails (bug 698).
-o   Add const for lp_set_name_resolve_order() to avoid compiler 
-    warnings (bug 471).
-o   Add support for the %i macro in smb.conf to stand in for the for
-    the local IP address to which a client connected.
-o   Allow winbindd to match local accounts to domain SID when 
-    'winbind trusted domains only = yes' (bug 680).
-o   Remove code in idmap_ldap that searches the user suffix and group 
-    suffix.  It's not needed and provides inconsistent functionality 
-    from the tdb backend.
-o   Patch to handle munged dial string for Windows 200 TSE.
-o   Correct the "smbldap_open: cannot access when not root error"
-    messages when looking up group information (bug 281).
-o   Skip over the winbind separator when looking up a user.
-    This fixes the bug that prevented local users from
-    matching an AD user when not running winbindd (bug 698).
-o   Fix a problem with configure on *BSD systems. Make sure
-    we add -liconv etc to LDFLAGS.
-o   Fix core dump bug when "security = server" and the authentication
-    server goes away.
-o   Correct crash bug due to an empty munged dial string.
-o   Show files locked by a specific user (smbstatus -u 'user') 
-    (bug 590).
-o   Fix bug preventing print jobs from display in the queue
-    monitor used by Windows NT and later clients (bug 660).
-o   Fix several reported problems with point-n-print from
-    Windows 2000/XP clients due to a bug in the EnumPrinterDataEx()
-    reply (bug 338, 527 & 643).
-o   Fix a handful of potential memory leaks in the LDAP code used
-    by ldapsam[_compat] and the LDAP idmap backend.
-o   Fix for pdbedit error code returns (bug 763).
-o   Make sure we only enumerate group mapping entries  (not 
-    /etc/group) even when doing local aliases.
-o   Relax check on the pipe name in a dce/rpc bind response to work 
-    around issues with establishing trusts to a Windows 2003 domain.
-o   Ensure we mangle names ending in '.' in hash2 mangling method.
-o   Correct parsing issues with munged dial string.
-o   Fix bugs in quota support for XFS.
-o   Add a cleaner method for applications that need to provide 
-    name->SID mappings to do this via NSS rather than having to 
-    know the winbindd pipe protocol.
-o   Adds a variant of the winbindd_getgroups() call called 
-    winbindd_getusersids() that provides direct SID->SIDs listing of 
-    a users supplementary groups. This is enough to allow non-Samba 
-    applications to do ACL checking.
-o   Make sure we don't append the 'ldap suffix' when writing out the 
-    'ldap XXX suffix' values in SWAT (bug 328).
-o   Fix renames across file systems.
-o   Ensure that items in a list of strings containing whitespace are 
-    written out surrounded by single quotes.  This means that both 
-    double and single quotes are now used to surround strings in 
-    smb.conf (bug 481).
-o   Enable SWAT to correctly determine if winbindd is running (bug 
-    398).
-o   Include WWW-Authenticate field in 401 response for bad auth 
-    attempt (bug 629).
-o   Add support for NTLM2 (NTLMv2 session security).
-o   Add support for variable-length session keys.
-o   More privilege fixes for group enumeration in LDAP (bug 281).
-o   Use the dns name (or IP) as the originating client name when
-    using CUPS (bug 467).
-o   Fix various SMB signing bugs.
-o   Fix ACL propagation on a DFS root (bug 263).
-o   Disable NTLM2 for RPC pipes.
-o   Allow the client to specify the NTLM2 flags got NTLMSSP 
-    authentication.
-o   Change the name of the job passed off to cups from "Test Page" 
-    to "smbprn.00000033 Test Page" so that we can get the smb 
-    jobid back. This allow users to delete jobs with cups printing 
-    backend (partial work on bug 770).
-o   Fix build of winbindd with static pdb modules.
-o   Retrieve the correct ACL group bits if the file has an ACL 
-    (bug 802).
-o   Implement "net rpc group members": Get members of a domain group 
-    in human-readable format.
-o   Add MacOSX (Darwin) specific charset module code.
-o   Use samr_dispinfo(level == 1) for enumerating domain users so we 
-    can include the full name in gecos field (bug 587).
-o   Add support for winbind's NSS library on FeeeBSD 5.1 (bug 797).
-o   Implement 'net rpc group list [global|local|builtin]*' for a 
-    select listing of the respective user databases.
-o   Don't automatically set NT status code flag unless client tells 
-    us it can cope.
-o   Add 'net status [sessions|shares] [parseable]'.
-o   Don't mistake pre-existing UNIX jobs for smb jobs (remainder of  
-    bug 770).
-o   Add 'Replicator' and 'RAS Servers' to list of builtin SIDs 
-   (bug 608).
-o   Fix inverted logic in hosts allow/deny checks caused by 
-    s/strcmp/strequal/ (bug 846).
-o   Implement correct version SamrRemoveSidForeignDomain() (bug 252).
-o   Fix typo in 'hash' mangling algorithm.
-o   Support munged dial for ldapsam (bug 800).
-o   Fix process_incoming_data() to return the number of bytes handled 
-    this call whether we have a complete PDU or not; fixes bug 
-    with multiple PDU request rpc's broken over SMBwriteX calls 
-    each.
-o   Fix incorrect smb flags2 for connections to pre-NT servers 
-    (causes smbclient to fail to OS2 for example) (bug 821).
-o   Update version string in smbldap-tools Makefile to 0.8.2.
-o   Correct a problem with "net rpc vampire" mis-parsing the 
-    alias member info reply.
-o   Ensure the ${libdir} is created by the installclientlib script.
-o   Fix detection of Windows 2003 client architecture in the smb.conf
-    %a variable.
-o   Ensure that smbd calls the add user script for a missing UNIX 
-    user on kerberos auth call (bug 445).
-o   Fix bugs in hosts allow/deny when using a mismatched 
-    network/netmask pair.
-o   Protect alloc_sub_basic() from crashing when the source string 
-    is NULL (partial work on bug 687).
-o   Fix spinlocks on IRIX.
-o   Corrected some bad destination paths when running "configure 
-    --with-fhs".
-o   Add packaging files for Fedora Core 1.
-o   Correct bug in SWAT install script for non-english languages.
-o   Support character set ISO-8859-1 internally (bug 558).
-o   Fixed more LDAP access errors when looking up group mappings 
-    (bug 281).
-o   Fix UNISTR2 length bug in LsaQueryInfo(3) that caused SID 
-    resolution to fail on local files on on domain members 
-    (bug 875).
-o   Fix uninitialized variable in passdb.c.
-o   Fix formal parameter type in get_static() in nsswitch/wins.c.
-o   Fix problem mounting directories when mount.cifs is installed 
-    with the setuid bit on.
-o   Fix bug that prevent --mandir from overriding the defaults
-    given in the --with-fhs macro.
-o   Fix bug in in-memory Kerberos keytab detection routines 
-    in configure.in
-
-
-
-######################################################################
-
-              The original 3.0.0 release notes follow
-              =======================================
-                    WHATS NEW IN Samba 3.0.0
-                        September 24, 2003
-              =======================================
-
-
-Major new features:
--------------------
-
-1)  Active Directory support.  Samba 3.0 is now able to  
-    join a ADS realm as a member server and authenticate 
-    users using LDAP/Kerberos.
-
-2)  Unicode support. Samba will now negotiate UNICODE on the wire 
-    and internally there is now a much better infrastructure for 
-    multi-byte and UNICODE character sets.
-
-3)  New authentication system. The internal authentication system 
-    has been almost completely rewritten. Most of the changes are 
-    internal, but the new auth system is also very configurable.
-
-4)  New default filename mangling system.
-
-5)  A new "net" command has been added. It is somewhat similar to 
-    the "net" command in windows. Eventually we plan to replace 
-    numerous other utilities (such as smbpasswd) with subcommands 
-    in "net".
-
-6)  Samba now negotiates NT-style status32 codes on the wire. This
-    improves error handling a lot.
-
-7)  Better Windows 2000/XP/2003 printing support including publishing
-    printer attributes in active directory.
-
-8)  New loadable module support for passdb backends and character 
-    sets.
-
-9)  New default dual-daemon winbindd support for better performance.
-
-10) Support for migrating from a Windows NT 4.0 domain to a Samba 
-    domain and maintaining user, group and domain SIDs.
-
-11) Support for establishing trust relationships with Windows NT 4.0
-    domain controllers.
-  
-12) Initial support for a distributed Winbind architecture using
-    an LDAP directory for storing SID to uid/gid mappings.
-  
-13) Major updates to the Samba documentation tree.
-
-14) Full support for client and server SMB signing to ensure
-    compatibility with default Windows 2003 security settings.
-
-15) Improvement of ACL mapping features based on code donated by
-    Andreas Grünbacher.
-
-
-Plus lots of other improvements!
-
-
-Additional Documentation
-------------------------
-
-Please refer to Samba documentation tree (included in the docs/ 
-subdirectory) for extensive explanations of installing, configuring
-and maintaining Samba 3.0 servers and clients.  It is advised to 
-begin with the Samba-HOWTO-Collection for overviews and specific 
-tasks (the current book is up to approximately 400 pages) and to 
-refer to the various man pages for information on individual options.
-
-We are very glad to be able to include the second edition of
-"Using Samba" by Jay Ts, Robert Eckstein, and David Collier-Brown
-(O'Reilly & Associates) in this release.  The book is available
-on-line at http://samba.org/samba/docs/ and is included with 
-the Samba Web Administration Tool (SWAT).  Thanks to the authors and
-publisher for making "Using Samba" under the GNU Free Documentation 
-License.
-
-
-######################################################################
-Upgrading from a previous Samba 3.0 beta
-########################################
-
-Beginning with Samba 3.0.0beta3, the RID allocation functions
-have been moved into winbindd.  Previously these were handled
-by each passdb backend.  This means that winbindd must be running
-to automatically allocate RIDs for users and/or groups.  Otherwise,
-smbd will use the 2.2 algorithm for generating new RIDs.
-
-If you are using 'passdb backend = tdbsam' with a previous Samba 
-3.0 beta release (or possibly alpha), it may be necessary to 
-move the RID_COUNTER entry from /usr/local/samba/private/passdb.tdb
-to winbindd_idmap.tdb.  To do this:
-
-1)  Ensure that winbindd_idmap.tdb exists (launch winbindd at least 
-    once)
-2)  build tdbtool by executing 'make tdbtool' in the source/tdb/ 
-    directory
-3)  run: (note that 'tdb>' is the tool's prompt for input)
-
-       root# ./tdbtool /usr/local/samba/private/passdb.tdb
-       tdb> show RID_COUNTER
-       key 12 bytes
-       RID_COUNTER
-       data 4 bytes
-       [000] 0A 52 00 00                                       .R.
-
-       tdb> move RID_COUNTER /usr/local/samba/var/locks/winbindd_idmap.tdb
-       ....
-       record moved
-
-If you are using 'passdb backend = ldapsam', it will be necessary to 
-store idmap entries in the LDAP directory as well (i.e. idmap backend 
-= ldap).  Refer to the 'net idmap' command for more information on 
-migrating SID<->UNIX id mappings from one backend to another.
-
-If the RID_COUNTER record does not exist, then these instructions are
-unneccessary and the new RID_COUNTER record will be correctly generated
-if needed.  
-
-
-
-########################
-Upgrading from Samba 2.2
-########################
-
-This section is provided to help administrators understand the details
-involved with upgrading a Samba 2.2 server to Samba 3.0.
-
-
-Building
---------
-
-Many of the options to the GNU autoconf script have been modified 
-in the 3.0 release.  The most noticeable are:
-
-  * removal of --with-tdbsam (is now included by default; see section
-    on passdb backends and authentication for more details)
-    
-  * --with-ldapsam is now on used to provided backward compatible
-    parameters for LDAP enabled Samba 2.2 servers.  Refer to the passdb 
-    backend and authentication section for more details
-  
-  * inclusion of non-standard passdb modules may be enabled using
-    --with-expsam.  This includes an XML backend and a mysql backend.
-      
-  * removal of --with-msdfs (is now enabled by default)
-  
-  * removal of --with-ssl (no longer supported)
-  
-  * --with-utmp now defaults to 'yes' on supported systems
-  
-  * --with-sendfile-support is now enabled by default on supported 
-    systems
-  
-    
-Parameters
-----------
-
-This section contains a brief listing of changes to smb.conf options
-in the 3.0.0 release.  Please refer to the smb.conf(5) man page for
-complete descriptions of new or modified parameters.
-
-Removed Parameters (order alphabetically):
-
-  * admin log
-  * alternate permissions
-  * character set
-  * client codepage
-  * code page directory
-  * coding system
-  * domain admin group
-  * domain guest group
-  * force unknown acl user
-  * hide local users
-  * mangled stack
-  * nt smb support
-  * postscript
-  * printer driver
-  * printer driver file
-  * printer driver location
-  * read size
-  * source environment
-  * status
-  * strip dot
-  * total print jobs
-  * use rhosts
-  * valid chars
-  * vfs options
-
-New Parameters (new parameters have been grouped by function):
-
-  Remote management
-  -----------------
-  * abort shutdown script
-  * shutdown script
-
-  User and Group Account Management
-  ---------------------------------
-  * add group script
-  * add machine script
-  * add user to group script
-  * algorithmic rid base
-  * delete group script
-  * delete user from group script
-  * passdb backend
-  * set primary group script
-
-  Authentication
-  --------------
-  * auth methods
-  * realm
-  * passwd chat timeout
-
-  Protocol Options
-  ----------------
-  * client lanman auth
-  * client NTLMv2 auth
-  * client schannel
-  * client signing
-  * client use spnego
-  * disable netbios
-  * ntlm auth
-  * paranoid server security
-  * server schannel
-  * server signing
-  * smb ports
-  * use spnego
-
-  File Service
-  ------------
-  * get quota command
-  * hide special files
-  * hide unwriteable files
-  * hostname lookups
-  * kernel change notify
-  * mangle prefix
-  * map acl inherit
-  * msdfs proxy
-  * set quota command
-  * use sendfile
-  * vfs objects
-  
-  Printing
-  --------
-  * max reported print jobs
-
-  UNICODE and Character Sets
-  --------------------------
-  * display charset
-  * dos charset
-  * unicode
-  * unix charset
-  
-  SID to uid/gid Mappings
-  -----------------------
-  * idmap backend
-  * idmap gid
-  * idmap uid
-  * winbind enable local accounts
-  * winbind trusted domains only
-  * template primary group
-  * enable rid algorithm
-
-  LDAP
-  ----
-  * ldap delete dn
-  * ldap group suffix
-  * ldap idmap suffix
-  * ldap machine suffix
-  * ldap passwd sync
-  * ldap replication sleep
-  * ldap user suffix
-  
-  General Configuration
-  ---------------------
-  * preload modules
-  * private dir
-
-Modified Parameters (changes in behavior):
-
-  * encrypt passwords (enabled by default)
-  * mangling method (set to 'hash2' by default)
-  * passwd chat
-  * passwd program
-  * restrict anonymous (integer value)
-  * security (new 'ads' value)
-  * strict locking (enabled by default)
-  * unix extensions (enabled by default)
-  * winbind cache time (increased to 5 minutes)
-  * winbind uid (deprecated in favor of 'idmap uid')
-  * winbind gid (deprecated in favor of 'idmap gid')
-
-
-Databases
----------
-
-This section contains brief descriptions of any new databases 
-introduced in Samba 3.0.  Please remember to backup your existing 
-${lock directory}/*tdb before upgrading to Samba 3.0.  Samba will 
-upgrade databases as they are opened (if necessary), but downgrading 
-from 3.0 to 2.2 is an unsupported path.
-
-Name                    Description                             Backup?
-----                    -----------                             -------
-account_policy          User policy settings                    yes
-gencache                Generic caching db                      no
-group_mapping           Mapping table from Windows              yes
-                        groups/SID to unix groups        
-winbindd_idmap          ID map table from SIDS to UNIX          yes
-                        uids/gids.
-namecache               Name resolution cache entries           no
-netsamlogon_cache       Cache of NET_USER_INFO_3 structure      no
-                        returned as part of a successful
-                        net_sam_logon request 
-printing/*.tdb          Cached output from 'lpq                 no
-                        command' created on a per print 
-                        service basis
-registry                Read-only samba registry skeleton       no
-                        that provides support for exporting
-                        various db tables via the winreg RPCs
-
-
-Changes in Behavior
--------------------
-
-The following issues are known changes in behavior between Samba 2.2 and 
-Samba 3.0 that may affect certain installations of Samba.
-
-  1)  When operating as a member of a Windows domain, Samba 2.2 would 
-      map any users authenticated by the remote DC to the 'guest account'
-      if a uid could not be obtained via the getpwnam() call.  Samba 3.0
-      rejects the connection as NT_STATUS_LOGON_FAILURE.  There is no 
-      current work around to re-establish the 2.2 behavior.
-      
-  2)  When adding machines to a Samba 2.2 controlled domain, the 
-      'add user script' was used to create the UNIX identity of the 
-      machine trust account.  Samba 3.0 introduces a new 'add machine 
-      script' that must be specified for this purpose.  Samba 3.0 will
-      not fall back to using the 'add user script' in the absence of 
-      an 'add machine script'
-  
-
-######################################################################
-Passdb Backends and Authentication
-##################################
-
-There have been a few new changes that Samba administrators should be
-aware of when moving to Samba 3.0.
-
-  1) encrypted passwords have been enabled by default in order to 
-     inter-operate better with out-of-the-box Windows client 
-     installations.  This does mean that either (a) a samba account
-     must be created for each user, or (b) 'encrypt passwords = no'
-     must be explicitly defined in smb.conf.
-    
-  2) Inclusion of new 'security = ads' option for integration 
-     with an Active Directory domain using the native Windows
-     Kerberos 5 and LDAP protocols.
-
-     MIT kerberos 1.3.1 supports the ARCFOUR-HMAC-MD5 encryption 
-     type which is neccessary for servers on which the 
-     administrator password has not been changed, or kerberos-enabled 
-     SMB connections to servers that require Kerberos SMB signing.
-     Besides this one difference, either MIT or Heimdal Kerberos
-     distributions are usable by Samba 3.0.
-     
-
-Samba 3.0 also includes the possibility of setting up chains
-of authentication methods (auth methods) and account storage 
-backends (passdb backend).  Please refer to the smb.conf(5) 
-man page for details.  While both parameters assume sane default 
-values, it is likely that you will need to understand what the 
-values actually mean in order to ensure Samba operates correctly.
-
-The recommended passdb backends at this time are
-
-  * smbpasswd - 2.2 compatible flat file format
-  * tdbsam - attribute rich database intended as an smbpasswd
-    replacement for stand alone servers
-  * ldapsam - attribute rich account storage and retrieval 
-    backend utilizing an LDAP directory.  
-  * ldapsam_compat - a 2.2 backward compatible LDAP account 
-    backend
-    
-Certain functions of the smbpasswd(8) tool have been split between the 
-new smbpasswd(8) utility, the net(8) tool, and the new pdbedit(8) 
-utility.  See the respective man pages for details.
-    
-     
-######################################################################
-LDAP
-####
-
-This section outlines the new features affecting Samba / LDAP 
-integration.
-
-New Schema
-----------
-  
-A new object class (sambaSamAccount) has been introduced to replace 
-the old sambaAccount.  This change aids us in the renaming of 
-attributes to prevent clashes with attributes from other vendors.  
-There is a conversion script (examples/LDAP/convertSambaAccount) to 
-modify and LDIF file to the new schema.
-  
-Example:
-  
-  $ ldapsearch .... -b "ou=people,dc=..." > sambaAcct.ldif
-  $ convertSambaAccount --sid=<Domain SID> \
-    --input=sambaAcct.ldif --output=sambaSamAcct.ldif \
-    --changetype=[modify|add]
-	
-The <DOM SID> can be obtained by running 'net getlocalsid 
-<DOMAINNAME>' on the Samba PDC as root.  The changetype determines 
-the format of the generated LDIF output--either create new entries 
-or modify existing entries.
-    
-The old sambaAccount schema may still be used by specifying the 
-"ldapsam_compat" passdb backend.  However, the sambaAccount and
-associated attributes have been moved to the historical section of
-the schema file and must be uncommented before use if needed.
-The 2.2 object class declaration for a sambaAccount has not changed
-in the 3.0 samba.schema file. 
-  
-Other new object classes and their uses include:
-  
-  * sambaDomain - domain information used to allocate rids 
-    for users and groups as necessary.  The attributes are added
-    in 'ldap suffix' directory entry automatically if 
-    an idmap uid/gid range has been set and the 'ldapsam'
-    passdb backend has been selected.
-      
-  * sambaGroupMapping - an object representing the 
-    relationship between a posixGroup and a Windows
-    group/SID.  These entries are stored in the 'ldap 
-    group suffix' and managed by the 'net groupmap' command.
-    
-  * sambaUnixIdPool - created in the 'ldap idmap suffix' entry 
-    automatically and contains the next available 'idmap uid' and 
-    'idmap gid'
-    
-  * sambaIdmapEntry - object storing a mapping between a 
-    SID and a UNIX uid/gid.  These objects are created by the 
-    idmap_ldap module as needed.
-
-  * sambaSidEntry - object representing a SID alone, as a Structural
-    class on which to build the sambaIdmapEntry.
-
-    
-New Suffix for Searching
-------------------------
-  
-The following new smb.conf parameters have been added to aid in directing
-certain LDAP queries when 'passdb backend = ldapsam://...' has been
-specified.
-
-  * ldap suffix         - used to search for user and computer accounts
-  * ldap user suffix    - used to store user accounts
-  * ldap machine suffix - used to store machine trust accounts
-  * ldap group suffix   - location of posixGroup/sambaGroupMapping entries
-  * ldap idmap suffix   - location of sambaIdmapEntry objects
-
-If an 'ldap suffix' is defined, it will be appended to all of the 
-remaining sub-suffix parameters.  In this case, the order of the suffix
-listings in smb.conf is important.  Always place the 'ldap suffix' first
-in the list.  
-
-Due to a limitation in Samba's smb.conf parsing, you should not surround 
-the DN's with quotation marks.
-
-
-IdMap LDAP support
-------------------
-
-Samba 3.0 supports an ldap backend for the idmap subsystem.  The 
-following options would inform Samba that the idmap table should be
-stored on the directory server onterose in the "ou=idmap,dc=plainjoe,
-dc=org" partition.
-
- [global]
-    ...
-    idmap backend     = ldap:ldap://onterose/
-    ldap idmap suffix = ou=idmap,dc=plainjoe,dc=org
-    idmap uid         = 40000-50000
-    idmap gid         = 40000-50000
-
-This configuration allows winbind installations on multiple servers to
-share a uid/gid number space, thus avoiding the interoperability problems
-with NFS that were present in Samba 2.2.
-    
-
-
-######################################################################
-Trust Relationships and a Samba Domain
-######################################
-
-Samba 3.0.0beta2 is able to utilize winbindd as the means of 
-allocating uids and gids to trusted users and groups.  More
-information regarding Samba's support for establishing trust 
-relationships can be found in the Samba-HOWTO-Collection included
-in the docs/ directory of this release.
-
-First create your Samba PDC and ensure that everything is 
-working correctly before moving on the trusts.
-
-To establish Samba as the trusting domain (named SAMBA) from a Windows NT
-4.0 domain named WINDOWS:
-
-  1) create the trust account for SAMBA in "User Manager for Domains"
-  2) connect the trust from the Samba domain using
-     'net rpc trustdom establish GLASS'
-
-To create a trustlationship with SAMBA as the trusted domain:
-
-  1) create the initial trust account for GLASS using
-     'smbpasswd -a -i GLASS'.  You may need to create a UNIX
-     account for GLASS$ prior to this step (depending on your
-     local configuration).
-  2) connect the trust from a WINDOWS DC using "User Manager
-     for Domains"
-
-Now join winbindd on the Samba PDC to the SAMBA domain using
-the normal steps for adding a Samba server to an NT4 domain:
-(note that smbd & nmbd must be running at this point)
-
-   root# net rpc join -U root
-   Password: <enter root password from smbpasswd file here>
-
-Start winbindd and test the join with 'wbinfo -t'.
-
-Now test the trust relationship by connecting to the SAMBA DC
-(e.g. POGO) as a user from the WINDOWS domain:
-
-   $ smbclient //pogo/netlogon -U Administrator -W WINDOWS
-   Password:
-
-Now connect to the WINDOWS DC (e.g. CRYSTAL) as a Samba user:
-
-   $ smbclient //crystal/netlogon -U root -W WINDOWS
-   Password:
-
-######################################################################
-Changes in Winbind
-##################
-
-Beginning with Samba3.0.0beta3, winbindd has been given new account
-manage functionality equivalent to the 'add user script' family of
-smb.conf parameters.  The idmap design has also been changed to 
-centralize control of foreign SID lookups and matching to UNIX 
-uids and gids.
-
-
-Brief Description of Changes
-----------------------------
-
-1) The sid_to_uid() family of functions (smbd/uid.c) have been 
-   reverted to the 2.2.x design.  This means that when resolving a 
-   SID to a UID or similar mapping:
-
-        a) First consult winbindd
-        b) perform a local lookup only if winbindd fails to
-           return a successful answer
-
-   There are some variations to this, but these two rules generally
-   apply.
-
-2) All idmap lookups have been moved into winbindd.  This means that
-   a server must run winbindd (and support NSS) in order to achieve
-   any mappings of SID to dynamically allocated UNIX ids.  This was
-   a conscious design choice.
-
-3) New functions have been added to winbindd to emulate the 'add user 
-   script' family of smbd functions without requiring that external
-   scripts be defined.  This functionality is controlled by the 'winbind 
-   enable local accounts' smb.conf parameter (enabled by default).
-
-   However, this account management functionality is only supported 
-   in a local tdb (winbindd_idmap.tdb).  If these new UNIX accounts 
-   must be shared among multiple Samba servers (such as a PDC and BDCs), 
-   it will be necessary to define your own 'add user script', et. al.
-   programs that place the accounts/groups in some form of directory
-   such as NIS or LDAP.  This requirement was deemed beyond the scope
-   of winbind's account management functions.  Solutions for 
-   distributing UNIX system information have been deployed and tested 
-   for many years.  We saw no need to reinvent the wheel.
-
-4) A member of a Samba controlled domain running winbindd is now able 
-   to map domain users directly onto existing UNIX accounts while still
-   automatically creating accounts for trusted users and groups.  This
-   behavior is controlled by the 'winbind trusted domains only' smb.conf
-   parameter (disabled by default to provide 2.2.x winbind behavior).
-
-5) Group mapping support is wrapped in the local_XX_to_XX() functions
-   in smbd/uid.c.  The reason that group mappings are not included
-   in winbindd is because the purpose of Samba's group map is to
-   match any Windows SID with an existing UNIX group.  These UNIX
-   groups can be created by winbindd (see next section), but the
-   SID<->gid mapping is retreived by smbd, not winbindd.
-
-
-Examples
---------
-
-* security = server running winbindd to allocate accounts on demand
-
-* Samba PDC running winbindd to handle the automatic creation of UNIX
-  identities for machine trust accounts
-
-* Automtically creating UNIX user and groups when migrating a Windows NT
-  4.0 PDC to a Samba PDC.  Winbindd must be running when executing
-  'net rpc vampire' for this to work.
-
-   
-######################################################################
-Known Issues
-############
-
-* There are several bugs currently logged against the 3.0 codebase
-  that affect the use of NT 4.0 GUI domain management tools when run
-  against a Samba 3.0 PDC.  This bugs should be released in an early 
-  3.0.x release.
-
-Please refer to https://bugzilla.samba.org/ for a current list of bugs 
-filed against the Samba 3.0 codebase.
-
-
-######################################################################
-Reporting bugs & Development Discussion
-#######################################
-
-Please discuss this release on the samba-technical mailing list or by
-joining the #samba-technical IRC channel on irc.freenode.net.
-
-If you do report problems then please try to send high quality
-feedback. If you don't provide vital information to help us track down
-the problem then you will probably be ignored.  
-
-A new bugzilla installation has been established to help support the 
-Samba 3.0 community of users.  This server, located at 
-https://bugzilla.samba.org/, has replaced the older jitterbug server 
-previously located at http://bugs.samba.org/.
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-3.0.3.html b/whatsnew/samba-3.0.3.html
deleted file mode 100755
index 14c5a01..0000000
--- a/whatsnew/samba-3.0.3.html
+++ /dev/null
@@ -1,1900 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>Samba 3.0.3 Available for Download</H2>
-
-<p>
-<pre>
-This is the latest stable release of Samba. This is the version
-that production Samba servers should be running for all
-current bug-fixes.  There have been several issues fixes since
-the 3.0.2a release and new features have been added as well.
-See the "Changes" section for details on exact updates.
-
-Common bugs fixed in Samba 3.0.3 include:
-
-  o Crash bugs and change notify issues in Samba's
-    printing code.
-  o Honoring secondary group membership on domain member
-    servers.
-  o TDB scalability issue surrounding the TDB_CLEAR_IF_FIRST
-    flag.
-  o Substitution errors for %[UuGg] in smb.conf.
-  o winbindd crashes when using ADS security mode.
-  o SMB signing errors.
-  o Delays in winbindd startup caused by unnecessary
-    connections to trusted domain controllers.
-  o Various small memory leaks.
-  o Winbindd failing due to expired Kerberos tickets.
-
-New features introduced in Samba 3.0.3 include:
-
-  o Improved support for i18n character sets.
-  o Support for account lockout policy based on
-    bad password attempts.
-  o Improved support for long password changes (>14
-    characters) and strong password enforcement.
-  o Support for Windows aliases (i.e. nested groups).
-  o Experimental support for storing DOS attribute on files
-    and folders in Extended Attributes.
-  o Support for local nested groups via winbindd.
-  o Specifying options to be passed directly to the CUPS
-    libraries.
-
-The source code can be downloaded from :
-
-  <a href="/samba/ftp/">http://download.samba.org/samba/ftp/</a>
-
-The uncompressed tarball and patch file have been signed
-using GnuPG.  The Samba public key is available at
-
-  <a href="/samba/ftp/samba-pubkey.asc">http://download.samba.org/samba/ftp/samba-pubkey.asc</a>
-
-Binary packages are available at
-
-  <a href="/samba/ftp/Binary_Packages/">http://download.samba.org/samba/ftp/Binary_Packages/</a>
-
-The release notes are also available on-line at
-
-  <a href="/samba/whatsnew/samba-3.0.3.html">http://www.samba.org/samba/whatsnew/samba-3.0.3.html</a>
-
-As always, all bugs (<a href="https://bugzilla.samba.org/">https://bugzilla.samba.org/</a>) are our
-responsibility.
-
-                                  --Enjoy
-                                  The Samba Team
-
-    --------------------------------------------------
-
-                 =============================
-                 Release Notes for Samba 3.0.3
-                        April 29, 2004
-                 =============================
-
-This is the latest stable release of Samba. This is the version 
-that production Samba servers should be running for all 
-current bug-fixes.  There have been several issues fixes since 
-the 3.0.2a release and new features have been added as well.  
-See the "Changes" section for details on exact updates.
-
-Common bugs fixed in Samba 3.0.3 include:
-
-  o Crash bugs and change notify issues in Samba's printing code.
-  o Honoring secondary group membership on domain member servers.
-  o TDB scalability issue surrounding the TDB_CLEAR_IF_FIRST flag.
-  o Substitution errors for %[UuGg] in smb.conf.
-  o winbindd crashes when using ADS security mode.
-  o SMB signing errors.
-  o Delays in winbindd startup caused by unnecessary 
-    connections to trusted domain controllers.
-  o Various small memory leaks.
-  o Winbindd failing due to expired Kerberos tickets.
-
-New features introduced in Samba 3.0.3 include:
-
-  o Improved support for i18n character sets.
-  o Support for account lockout policy based on
-    bad password attempts.
-  o Improved support for long password changes (>14
-    characters) and strong password enforcement.
-  o Support for Windows aliases (i.e. nested groups).
-  o Experimental support for storing DOS attribute on files
-    and folders in Extended Attributes.
-  o Support for local nested groups via winbindd.
-  o Specifying options to be passed directly to the CUPS libraries.
-
-Please be aware that the Samba source code repository was 
-migrated from CVS to Subversion on April 4, 2004.  Details on 
-accessing the Samba source tree via anonymous svn can be found 
-at http://svn.samba.org/samba/subversion.html.
-
-
-######################################################################
-Changes
-#######
-
-Changes since 3.0.3rc1
-----------------------
-
-commits
--------
-
-o   Timur Bakeyev <timur@com.bat.ru>
-    * BUG 1141: Fix nss*.so names on FreeBSD 5.x.
-
-
-o   Gerald Carter <jerry@samba.org>
-    * BUG 1288: resolve any machine netbios name (0x00) and not just 
-      servers (0x20).
-    * BUG 1199: Fix potential symlink issue in 
-      examples/printing/smbprint.
-
-
-o   Landon Fuller <landonf@opendarwin.org>
-    * BUG 1232: patch from landonf@opendarwin.org (Landon Fuller) 
-      to fix user/group enumeration on systems whose libc does not 
-      call setgrent() before trying to enumerate users (i.e. 
-      FreeBSD 5.2).
-
-
-o   Volker Lendecke <vl@samba.org>
-    * Correct case where adding a domain user to a XP local group 
-      did a lsalookupname on the user without domain prefix, and 
-      failed.
-    * Fix segfault in winbindd caused by 'wbinfo -a'.
-
-
-o   Stefan Metzmacher <metze@samba.org>
-    * Add shadow_copy vfs module.
-    * Fix segault in login_cache support.
-
-
-o   Tim Potter <tpot@samba.org>
-    * Relicense tdb python module as LGPL.
-
-
-o   Jelmer Vernooij <jelmer@samba.org>
-    * Fix syntax error in example mysql table
-
-
-
-Changes since 3.0.2a
---------------------
-smb.conf changes
-----------------
-
-    Parameter Name              Action
-    --------------              ------
-    cups options                New
-    ea support                  New
-    only user                   Deprecated
-    store dos attributes        New
-    unicode                     Removed
-    winbind nested groups       New
-
-    
-commits
--------
-
-o   Jeremy Allison <jra@samba.org>
-    * Ensure that Kerberos mutex is always properly unlocked.
-    * Removed Heimdal "in-memory keytab" support.
-    * Fixup the 'multiple-vuids' bugs in our server code.
-    * Correct return code from lsa_lookup_sids() on unmapped
-      sids (based on work by vl@samba.org).
-    * Fix the "too many fcntl locks" scalability problem 
-      raised by tridge.
-    * Fixup correct (as per W2K3) returns for lookupsids 
-      as well as lookupnames.
-    * Fixups for delete-on-close semantics as per Win2k3 behavior.
-    * Make SMB_FILE_ACCESS_INFORMATION call work correctly.
-    * Fix "unable to initialize" bug when smbd hasn't been run with 
-      new system and a user is being added via pdbedit/smbpasswd.
-    * Added NTrename SMB (0xA5).
-    * Fixup correct timeout values for blocking lock timeouts.
-    * Fix various bugs reported by 'gentest'.
-    * More locking fixes in the case where we own the lock.
-    * Fix up regression in IS_NAME_VALID and renames.
-    * Don't set allocation size on directories.
-    * Return correct error code on fail if file exists and target 
-      is a directory.
-    * Added client "hardlink" comment to test doing NT rename with 
-      hard links.  Added hardlink_internals() code - UNIX extensions 
-      now use this as well.
-    * Use a common function to parse all pathnames from the wire for 
-      much closer emulation of Win2k3 error return codes.
-    * Implement check_path_syntax() and rewrite string sub 
-      functions for better multibyte support.
-    * Ensure msdfs referrals are multibyte safe.
-    * Allow msdfs symlink syntax to be more forgiving.
-      eg. sym_link -> msdfs://server/share/path/in/share 
-      or  sym_link -> msdfs:\\server\share\path\in\share.
-    * Cleanup multibyte netbios name support in nmbd ( based on patch
-      by MORIYAMA Masayuki <moriyama@miraclelinux.com>).
-    * Fix check_path_syntax() for multibyte encodings which have 
-      no '\' as second byte (based on work by ab@samba.org.
-    * Fix the "dfs self-referrals as anonymous user" problem
-      (based on patch from vl@samba.org).
-    * BUG 1064: Ensure truncate attribute checking is done correctly 
-      on "hidden" dot files.
-    * Fix bug in anonymous dfs self-referrals again.
-    * Fix get/set of EA's in client library
-    * Added support for OS/2 EA's in smbd server.
-    * Added 'ea support' parameter to smb.conf.
-    * Added 'store dos attributes' parameter to smb.conf.
-    * Fix wildcard identical rename.
-    * Fix reply_ctemp - make compatible with w2k3.
-    * Fix wildcard unlink.
-    * Fix wildcard src with wildcard dest renames.      
-    * BUG 1139: Fix based on suggestion by jdev@panix.com.
-      swap lookups for user and group - group will do an
-      algorithmic lookup if it fails, user won't.
-    * Make EA's lookups case independent.
-    * Fix SETPATHINFO in 'unix extensions' support.
-    * Make 3.x pass the Samba 4.x RAW-SEARCH tests - except for 
-      the UNIX info levels, and the short case preserve names.
-
-
-o   Timur Bakeyev <timur@com.bat.ru>
-    * BUG 1144: only set --with-fhs when the argument is 'yes'
-    * BUG 1152: Allow python modules to build despite libraries added 
-      to LDFLAGS instead of LDPATH.
-
-
-o   Craig Barratt <cbarratt@users.sourceforge.net>
-    * BUG 389: Allow multiple exclude arguments with smbclient 
-      tar -Xr options (better support for Amanda backup client).
-
-
-o   Andrew Bartlet <abartlet@samba.org>
-    * Include support for linking with cracklib for enforcing strong 
-      password changes.
-    * Add support for >14 character password changes from Windows 
-      clients.
-    * Add 'admin set password' capability to 'net rpc'.
-    * Allow 'net rpc samdump' to work with any joined domain 
-      regardless of smb.conf settings.
-    * Use an allocated buffer for count_chars.
-    * Add sanity checks for changes in the domain SID in an 
-      LDAP DIT.
-    * Implement python unit tests for Samba's multibyte string 
-      support.
-    * Remove 'unicode' smb.conf option.
-    * BUG 1138: Fix support for 'optional' SMB signing and other 
-      signing bugs.
-    * BUG 169: Fix NTLMv2-only behavior.
-    * Ensure 'net' honors the 'netbios name' in the smb.conf by 
-      default.
-    * Support SMB signing on connections using only the LANMAN 
-      password and generate the correct the 'session key' for these 
-      connections.
-    * Implement --required-membership-of=, an ntlm_auth option 
-      that restricts all authentication to members of this particular 
-      group.
-    * Improve our fall back code for password changes.
-    * Only send the ntlm_auth 'ntlm-server-1' helper client a '.' 
-      after the server had said something (such as an error).
-    * Add 'ntlm-server-1' helper protocol to ntlm_auth.
-
-      
-o   Alexander Bokovoy <ab@samba.org>
-    * Fix incorrect size calculation of the directory name 
-      in recycle.so.
-    * Fix problems with very long filenames in both smbd and smbclient
-      caused by truncating paths during character conversions.
-    * Fix smbfs problem with Tree Disconnect issued before smbfs 
-      starts its work.
-
-
-o   Gerald Carter <jerry@samba.org>
-    * BUG 850: Fix 'make installmodules' bug on True64.
-    * BUG 66: mark 'only user' deprecated.
-    * Remove corrupt tdb and shutdown (only for printing tdbs, 
-      connections, sessionid & locking).
-    * decrement smbd counter in connections.tdb in smb_panic().
-    * RedHat specfile updates.
-    * Fix xattr.h build issue on Debian testing and SuSE 8.2.
-    * BUG 1147; bad pointer case in get_stored_queue_info() 
-      causing seg fault.
-    * BUG 761: read the config file before initialized default 
-      values for printing options; don't default to bsd printing 
-      Linux.
-    * Allow the 'printing' parameter to be set on a per share basis.
-    * BUG 503: RedHat/Fedora packaging fixes regarding logrotate.
-    * BUG 848: don't create winbind local users/groups that already 
-      exist in the tdb.
-    * BUG 1080: fix declaration of SMB_BIG_UINT (broke compile on 
-      LynxOS/ppc).
-    * BUG 488: fix the 'show client in col 1' button and correctly 
-      enumerate active connections.
-    * BUG 1007 (partial): Fix abort in smbd caused by byte ordering 
-      problem when storing the updating pid for the lpq cache.
-    * BUG 1007 (partial): Fix print change notify bugs.
-    * BUG 1165, 1126: Fix bug with secondary groups (security = ads) 
-      and winbind use default domain = yes.  Also ensures that 
-    * BUG 1151: Ensure that winbindd users are passed through 
-      the username map.
-    * Fix client rpc binds for ASU derived servers (pc netlink, 
-      etc...).
-    * BUG 417, 1128: Ensure that the current_user_info is set
-      consistently so that %[UuGg] is expanded correctly.
-    * BUG 1195: Fix crash in winbindd when the ADS server is 
-      unavailable.
-    * BUG 1185: Set reconnect time to be the same as the 
-      'winbind cache time'.
-    * Ensure that we return the sec_desc in smb_io_printer_info_2.
-    * Change Samba printers Win32 attribute to PRINTER_ATTRIBUTE_LOCAL.
-    * BUG 1095: Honor the '-l' option in smbclient.
-    * BUG 1023: surround get_group_from_gid() with become_unbecome_root() 
-      block.
-    * Ensure server schannel uses the auth level requested by the 
-      client.
-    * Removed --with-cracklib option due to potential crash issue.
-    * Fix -lcrypto linking problem with wbinfo.
-    * BUG 761: allow printing parameter to set defaults on a per 
-      share basis.
-    * Add 'cups options' parameter to allow raw printing without 
-      changing /etc/cups/cupsd.conf.
-    * BUG 1081, 1183: Added remove_duplicate_gids() to smbd and 
-      winbindd.
-    * BUG 1246: Fix typo in Fedora /etc/init.d/winbind.
-
-
-o   Robert Dahlem <Robert.Dahlem@gmx.net>
-    * BUG 1048:  Don't return short names when when 'mangled names = no'
-
-
-o   Guenther Deschner <gd@suse.com>
-    * Remove hard coded attribute name in the ads ranged retrieval
-      code.
-    * Add --with-libdir and --with-mandir to autoconf script.
-
-
-o   Bostjan Golob <golob@gimb.org>
-    * BUG 1046: Fix  getpwent_list() so that the username is not 
-      overwritten by other fields.
-
-
-o   Steve French <sfrench@us.ibm.com>
-    * Update mount.cifs to version 1.1.
-    * Disable dev (MS_NODEV) on user mounts from cifs vfs.
-    * Fixes to minor security bug in the mount helper.
-    * Fix credential file mounting for cifs vfs.
-    * Fix free of incremented pointer in cifsvfs mount helper.
-    * Fix path canonicalization of the mount target path and help 
-      text display in the cifs mount helper.
-    * Add missing guest mount option for mount.cifs.
-
-
-o   SATOH Fumiyasu <fumiya@miraclelinux.com>
-    * BUG 1055; formatting fixes for 'net share'.
-    * BUG 692: correct truncation of share names and workgroup 
-      names in smbclient.
-    * BUG 1088: use strchr_m() for query_host (smbclient -L).
-    * Patch from to internally count characters correctly.
-
-
-o   Paul Green <paulg@samba.org>
-    * Update VOS _POSIX_C_SOURCE macro to 200112L.
-    * Fix bug in configure.ion by moving the first use of 
-      AC_CHECK_HEADERS so it is always executed.
-    * Fix configure.in to only use $BLDSHARED to select whether to 
-      build static or shared libraries.
-
-
-o   Pat Haywarrd <Pat.Hayward@propero.net>
-    * Make the session_users list dynamic (max of 128K).
-    
-    
-o   Cal Heldenbrand <calzplace@yahoo.com> 
-    * Fix for for 'pam_smbpass migrate' functionality.
-
-
-o   Chris Hertel <crh@samba.org>
-    * fix enumeration of shares 12 characters in length via 
-      smbclient.
-
-
-o   Ulrich Holeschak <ulrich@holeschak.de>
-    * BUG 932: fix local password change using pam_smbpass
-
-
-o   Krischan Jodies <kj@sernet.de>
-    * Implement 'net rpc group delete'
-
-
-o   John Klinger <john.klinger@lmco.com>
-    * Return NSS_SUCCESS once the max number of gids possible 
-       has been found in initgroups() on Solaris.
-    * BUG 1182: Re-enable the -n 'no cache' option for winbindd.
-
-
-o   Volker Lendecke <vl@samba.org>
-    * Fix success message for net groupmap modify.
-    * Fix errors when enumerating members of groups in 'net rpc'.
-    * Match Windows behavior in samr_lookup_names() by returning
-      ALIAS(4) when you search in BUILTIN. 
-    * Fix server SAMR code to be able to set alias info for 
-      builtin as well. 
-    * Fix duplication of logic when creating groups via smbd.
-    * Ensure that the HWM values are set correctly after running 
-      'net idmap'.
-    * Add 'net rpc group add'.
-    * Implement 'net groupmap set' and 'net groupmap cleanup'.
-    * Add 'net rpc group [add|del]mem' for domain groups and aliases.
-    * Fix wb_delgrpmem (wbinfo -o).
-    * As a DC we should not reply to lsalookupnames on DCNAME\\user.
-    * Fix sambaUserWorkstations on a Samba DC.
-    * Implement wbinfo -k: Have winbind generate an AFS token after
-      authenticating the user.
-    * Add expand_msdfs VFS module for providing referrals based on the
-      the client's IP address.
-    * Implement client side NETLOGON GetDCName function.
-    * Fix caching of name->sid lookups.
-    * Add support in winbindd for expanding nested local groups.
-    * Fix memleak in winbindd.
-    * Fix msdfs proxy.
-    * Don't list domain groups from BUILTIN.
-    * Fix memleak in policy handle utility functions.
-    * Decrease winbindd startup time by only contacting trusted 
-      domains as necessary.
-    * Allow winbindd to ask the DC for its domain for a trusted 
-      DC.
-    * Fix Netscape DS schema based on comments from 
-      <thomas.mueller@christ-wasser.de>.
-    
-
-o   Herb Lewis <herb@samba.org>
-    * Fix typo for tag in proto file.
-    * Add missing #ifdef HAVE_BICONV stuff.
-    * Truncate Samba's netbios name at the first '.' (not 
-      right to left).
-
-
-o   Derrell Lipman <Derrell.Lipman@UnwiredUniverse.com>
-    * Bug fixes and enhancements to libsmbclient library.
-
-    
-o   Jianliang Lu <j.lu@tiesse.com>
-    * Enforce the 'user must change password at next login' flag.
-    * Decode meaning of 'fields present' flags (improves support 
-      for usrmgr.exe).
-    * NTLMv2 fixes.
-    * Don't force an upper case domain name in the ntlmssp code.
-    
-
-o   L. Lucius <ib@digicron.com>.
-    * type fixes.
-
-
-o   Jim McDonough <jmcd@us.ibm.com>
-    * Add versioning support to tdbsam.
-    * Update the IBM Directory Server schema with the OpenLDAP 
-      file.
-    * Various decoding fixes to improve usrmgr.exe support.
-    * Fix statfs redeclaration of statfs struct on ppc
-    * Implement support for password lockout of Samba domain 
-      controllers and standalone servers.
-    * Get MungedDial attribute actually working with full TS 
-      strings in it for pdb_ldap.
-    * BUG 1208 (partial): Improvements for working with expired krb5 
-      tickets in winbindd.
-    * Use timegm, or our already existing replacement instead of 
-      timezone (spotted by Andrzej Tobola <san@iem.pw.edu.pl>).
-    * Remove modifyTimestamp from list of our attributes.  
-    * Fix lsalookupnames to check for domain users as well as local 
-      users. 
-    * Merge struct uuid replacement for GUID from trunk.
-    * BUG 1208: Finish support for handling expired tickets in 
-      winbindd (in conjunction with Guenther Deschner <gd@suse.de>).
-
-
-o   Stefan Metzmacher <metze@samba.org>
-    * Implement new VERSION schema based on subversion revision 
-      numbers.
-
-
-o    Heinrich Mislik <Heinrich.Mislik@univie.ac.at>
-     o BUG 979 -- Fix quota display on AIX.
-
-
-o   James Peach <jpeach@sgi.com>
-    * Correct check for printf() format when using the SGI MIPSPro 
-      compiler.
-    * BUG 1038: support backtrace for 'panic action' on IRIX.
-    * BUG 768: Accept profileing arg to IRIX init script.
-    * BUG 748: Relax arg parsing to sambalp script (IRIX).
-    * BUG 758: Fix pdma build.
-    * Search IRIX ABI paths for libiconv.  Based on initial fix from 
-      Jason Mader.
-      
-
-o   Kurt Pfeifle <kpfeifle@danka.de>
-    * Add example shell script for migrating drivers and printers 
-      from a Windows print server to a Samba print server using 
-      smbclient/rpcclient (examples/printing/VamireDriversFunctions).
-
-
-o   Tim Potter <tpot@samba.org>
-    * Fix logic bug in tdb non-blocking lock routines when 
-      errno == EAGAIN.
-    * BUG 1025: Include sys/acl.h in check for broken nisplus 
-      include files.      
-    * BUG 1066: s/printf/d_printf/g in SWAT.
-    * BUG 1098: rename internal msleep() function to fix build 
-      problems on AIX.
-    * BUG 1112: Fix for writable printerdata problem in python bindings.
-    * BUG 1154: Remove reference to <sys/mman.h> in tdbdump.c.
-    * BUG 1155: enclose use of fchown() with guards.
-
-
-o   Richard Sharpe <rsharpe@samba.org>
-    * Add support to smbclient for multiple logins on the same 
-      session (based on work by abartlet@samba.org).
-    * Correct blocking condition in smbd's use of accept() on IRIX.
-    * Add support for printing out the MAC address on nmblookup.
-
-
-o   Simo Source <idra@samba.org>
-    * Replace unknown_3 with fields_present in SAMR code.
-    * More length checks in strlcat().
-
-
-o   Andrew Tridgell <tridge@samba.org>
-    * Rewrote the AIX UESS backend for winbindd.
-    * Fixed compilation with --enable-dmalloc.
-    * Change tdb license to LGPL (see source/tdb/tdb.c).
-    * Force winbindd to use schannel in clients connections to 
-      DC's if possible.
-
-
-o   Jelmer Vernooij <jelmer@samba.org>
-   * Fix ETA Calculation when resuming downloads in smbget.
-   * Add -O (for writing downloaded files to standard out) 
-     based on patch by Bas van Sisseren <bas@dnd.utwente.nl>.
-
-           
-o   TAKEDA yasuma <yasuma@miraclelinux.com>
-    * BUG 900: fix token processing in cmd_symlink, cmd_link, 
-      cmd_chown, cmd_chmod smbclient functions.
-
-
-o    Shiro Yamada <shiro@miraclelinux.com>
-     * BUG 1129: install image files for SWAT.
-
-      
-Changes for older versions follow below:
-
-    --------------------------------------------------
-
-                  ==============================
-                  Release Notes for Samba 3.0.2a
-                        February 13, 2004
-                  ==============================
-
-Samba 3.0.2a is a minor patch release for the 3.0.2 code base
-to address, in particular, a problem when using pdbedit to 
-sanitize (--force-initialized-passwords) Samba's tdbsam 
-backend.   This is the latest stable release of Samba. This 
-is the version that all production Samba servers should be 
-running for all current bug-fixes.  
-
-******************* Attention! Achtung! Kree! *********************
-
-Beginning with Samba 3.0.2, passwords for accounts with a last 
-change time (LCT-XXX in smbpasswd, sambaPwdLastSet attribute in
-ldapsam, etc...) of zero (0) will be regarded as uninitialized 
-strings.  This will cause authentication to fail for such
-accounts.  If you have valid passwords that meet this criteria, 
-you must update the last change time to a non-zero value.  If you 
-do not, then  'pdbedit --force-initialized-passwords' will disable 
-these accounts and reset the password hashes to a string of X's.
-
-******************* Attention! Achtung! Kree! *********************
-
-
-Changes since 3.0.2
--------------------
-
-commits
--------
-
-Please refer to the CVS log for the SAMBA_3_0 branch for complete
-details.  The list of changes per contributor are as follows:
-
-
-o   Jeremy Allison <jra@samba.org>
-    * Added paranoia checks in parsing code.
-    
-
-o   Andrew Bartlet <abartlet@samba.org>
-    * Ensure that changes to uninitialized passwords in ldapsam 
-      are written to the DIT.
-
-
-o   Gerald (Jerry) Carter <jerry@samba.org>
-    * Fixed iterator in tdbsam.
-    * Fix bug that disabled accounts with a valid NT password 
-      hash, but no LanMan hash.
-    
-
-o   Steve French <sfrench@us.ibm.com>
-    * Added missing nosetuid and noexec options.
-
-    
-o   Bostjan Golob <golob@gimb.org>
-    * BUG 1046: Don't overwrite usernames of entries returned 
-      by getpwent_list().
-
-
-o   Sebastian Krahmer <krahmer@suse.de>
-    * Fixed potential crash bug in NTLMSSP parsing code.
-
-
-o   Tim Potter <tpot@samba.org>
-    * Fixed logic in tdb_brlock error checking.
-
-    
-o   Urban Widmark <urban@teststation.com>
-    * Set nosuid,nodev flags in smbmnt by default.
-    
-    
-        --------------------------------------------------
-                  
-                  =============================
-                  Release Notes for Samba 3.0.2
-                        February 9, 2004
-                  =============================
-
-It has been confirmed that previous versions of Samba 3.0 are
-susceptible to a password initialization bug that could grant an 
-attacker unauthorized access to a user account created by the
-mksmbpasswd.sh shell script.
-
-The Common Vulnerabilities and Exposures project (cve.mitre.org) 
-has assigned the name CAN-2004-0082 to this issue.
-
-Samba administrators not wishing to upgrade to the current 
-version should download the 3.0.2 release, build the pdbedit 
-tool, and run 
-
-   root# pdbedit-3.0.2 --force-initialized-passwords
-      
-This will disable all accounts not possessing a valid password
-(e.g. the password field has been set a string of X's).
-
-Samba servers running 3.0.2 are not vulnerable to this bug 
-regardless of whether or not pdbedit has been used to sanitize
-the passdb backend.
-
-Some of the more visible bugs in 3.0.1 addressed in the 3.0.2
-release include:
-
-  o Joining a Samba domain from Pre-SP2 Windows 2000 clients.
-  o Logging onto a Samba domain from Windows XP clients.
-  o Problems with the %U and %u smb.conf variables in relation to 
-    Windows 9x/ME clients.
-  o Kerberos failures due to an invalid in memory keytab detection
-    test.
-  o Updates to the ntlm_auth tool.
-  o Fixes for various SMB signing errors.
-  o Better separation of WINS and DNS queries for domain controllers.
-  o Issues with nss_winbind FreeBSD and Solaris.
-  o Several crash bugs in smbd and winbindd.
-  o Output formatting fixes for smbclient for better compatibility
-    with scripts based on the 2.2 version.
-
-
-Changes since 3.0.1
--------------------
-
-smb.conf changes
-----------------
-
-    Parameter Name              Action
-    --------------              ------
-    ldap replication sleep      New
-    read size                   removed (unused)
-    source environment          removed (unused)
-
-
-commits
--------
-
-Please refer to the CVS log for the SAMBA_3_0 branch for complete
-details.  The list of changes per contributor are as follows:
-
-o   Jeremy Allison <jra@samba.org>
-    * Revert change that broke Exchange clear text samlogons.
-    * Fix gcc 3.4 warning in MS-DFS code.
-    * Tidy up of NTLMSSP code.
-    * Fixes for SMB signing errors
-    * BUG 815: Workaround NT4 bug to support plaintext
-      password logins and UNICODE.
-    * Fix SMB signing bug when copying large files.
-    * Correct error logic in mkdir_internals() (caused a panic
-      when combined with --enable-developer).
-    * BUG 830: Protect against crashes due to bad character 
-      conversions.
-
-      
-o   Petri Asikainen <paca@sci.fi>
-    * BUG 330, 387:Fix single valued attribute updates when 
-      working with Novell NDS.
-
-
-o   Andrew Bartlet <abartlet@samba.org>
-    * Correctly handle per-pipe NTLMSSP inside a NULL session.
-    * Fix segfault in gencache 
-    * Fix early free() of encrypted_session_key.
-    * Change DC lookup routines to more carefully separate
-      DNS names (realms) from NetBIOS domain names.
-    * Add new sid_to_dn() function for internal winbindd use.
-    * Refactor cli_ds_enum_domain_trusts().
-    * BUG 707: Implement range retrieval of ADS attributes (based 
-      on work from Volker <vl@samba.org> and Guenther Deschner 
-      <gd@suse.com>).
-    * Automatically initialize the signing engine if a session key
-      is available.
-    * BUG 916: Do not perform a + -> ' ' substitution for squid URL 
-      encoded strings, only form input in SWAT.
-    * Resets the NTLMSSP state for new negotiate packets.
-    * Add 2-byte alignments in net_samlogon() queries to parse 
-      odd-length plain text passwords.
-    * Allow Windows groups with no members in winbindd.
-    * Allow normal authentication in the absence of a server 
-      generated session key.
-    * More optimizations for looking up UNIX group lists.
-    * Clean up error codes and return values for pam_winbindd
-      and winbindd PAM interface.
-    * Fix string return values in ntlm_auth tool.
-    * Fix segfault when 'security = ads' but no realm is defined.
-    * BUG 722: Allow winbindd to map machine accounts to uids.
-    * More cleanups for winbindd's find_our_domain().
-    * More clearly detect whether a domain controller is an NT4
-      or mixed-mode AD DC (additional bug fixes by jerry & jmcd).
-    * Increase separation between DNS queries for hosts and queries
-      for AD domain controllers.
-    * Include additional NT_STATUS to PAM error mappings.
-    * Password initialization fixes.
-
-    
-o   Justin Baugh <justin.baugh@request.com>
-    * BUG 948: Implement missing functions required for FreeBSD 
-      nss_winbind support. 
-
-
-o   Alexander Bokovoy <ab@samba.org>
-    * BUG 922: Make sure enable fast path for strlower_m() and 
-      strupper_m().
-
-
-o   Luca Bolcioni <Luca.Bolcioni@yacme.com>
-    * Fix crash when using 'security = server' and 'encrypt 
-      passwords = no' by always initializing the session key.
-
-      
-o   Dmitry Butskoj <buc@odusz.elektra.ru>
-    * Fix for special files being hidden from admins.
-
-
-o   Gerald (Jerry) Carter <jerry@samba.org>
-    * Fix bug in the lanman session key generation.  Caused 
-      "decode_pw: incorrect password length" error messages.
-    * Save the right case for the located user name in 
-      fill_sam_account().  Fixes %U/%u expansion for win9x clients.
-    * BUG 897: Add well known rid for pre win2k compatible access
-      group.
-    * BUG 887: Correct typo in delete user script example.
-    * Use short lived TALLOC_CTX* for allocating printer objects 
-      from the print handle cache.
-    * BUG 912: Fix check for HAVE_MEMORY_KEYTAB.
-    * Fix several warnings reported by the SUN Forte C compiler.
-    * Fully control DNS queries for AD DC's using 'name resolve order'.
-    * BUG 770: Send the SMBjobid for UNIX jobs back to the client.
-    * BUG 972: Fix segfault in cli_ds_getprimarydominfo().
-    * BUG 936: fix bind credentials for schannel binds in smbd.
-    * BUG 446: Fix output of smbclient for better compatibility 
-      with scripts based on the 2.2 version (including Amanda).
-    * BUG 891, 949: Fedora packaging fixes.
-    * Fix bug that caused rpcclient to incorrectly retrieve 
-      the SID for a server (this causing all calls that required 
-      this information to fail). 
-    * BUG 977: Don't create a homes share for a user if a static 
-      share already exists by the same name.
-    * Removed unused smb.conf options.
-    * Password initialization fixes.
-    * Set the disable flag for template accounts created by
-      mksmbpasswd.sh.
-    * Disable any account has no passwords and does not have the
-      ACB_PWNOTREQ bit set.
-
-
-o   Guenther Deschner <gd@suse.com>
-    * Install smbwrapper.so should be put into the $(libdir) 
-      and not $(bindir).
-    * Add the capability to specify the new user password 
-      for "net ads password" on the command line.
-    * Correctly detect AFS headers on SuSE.
-	
-
-o   James Flemer <jflemer@uvm.edu>
-    * Fix AIX compile bug by linking HAVE_ATTR_LIST to 
-      HAVE_SYS_ATTRIBUTES_H.
-
-
-o   Luke Howard <lukeh@PADL.COM>
-    * Fix segfault in session setup reply caused by a early free().
-
-
-o   Stoian Ivanov <sdr@bultra.com>
-    * Implement grepable output for smbclient -L.
-
-
-o   LaMont Jones <lamont@debian.org>
-    * BUG 225328 (Debian): Correct false failure LFS test that resulted 
-      in  _GNU_SOURCE not being defined (thus resulting in strndup() 
-      not being defined).
-
-      
-o   Volker Lendecke <vl@samba.org>
-    * BUG 583: Ensure that user names always contain the short 
-      version of the domain name.
-    * Fix our parsing of the LDAP uri.
-    * Don't show the 'afs username map' in the SWAT basic view.
-    * Fix SMB signing issues in relation to failed NTLMSSP logins.
-    * BUG 924: Fix return codes in smbtorture harness.
-    * Always lower-case usernames before handing it to AFS code.
-    * Add a German translation for SWAT.
-    * Fix a segfaults in winbindd.
-    * Fix the user's domain passed to register_vuid() from 
-      reply_spnego_kerberos().
-    * Add NSS example code in nss_winbind to convert UNIX 
-      id's <-> Windows SIDs.
-    * Display more descriptive error messages for login via 'net'.
-    * Fix compiler warning in the net tool.
-    * Fix length bug when decoding base64 strings.
-    * Ensure we don't call getpwnam() inside a loop that is iterating 
-      over users with getpwent().  This broke on glibc 2.3.2.
-
-
-o   Herb Lewis <herb@samba.org>
-    * Fix bit rot in psec.
-
-
-o   Jianliang Lu <j.lu@tiesse.com>
-    * Ensure we delete the group mapping before calling the delete 
-      group script.
-    * Define well known RID for managing the  "Power Users" group.
-    * BUG 381: check builtin (not local) group SID when updating 
-      group membership.
-    * BUG 101: set the SV_TYPE_PRINTQ_SERVER flag in host announcement 
-      packet.
-
-
-o   John Klinger <john.klinger@lmco.com>
-    * Implement initgroups() call in nss_winbind on Solaris.
-
-
-o   Jim McDonough <jmcd@us.ibm.com>
-    * Fix regression in net rpc join caused by recent changes 
-      to cli_lsa_query_info_policy().
-    * BUG 964: Fix crash bug in 'net rpc join' using a preexisting
-      machine account.
-
-
-o   MORIYAMA Masayuki <moriyama@miraclelinux.com>
-    * BUG 570: Ensure that configure honors the LDFLAGS variable.
-
-
-o   Stefan Metzmacher <metze@samba.org>
-    * Implement LDAP rebind sleep patch.
-    * Revert to 2.2 quota code because of so many broken quota files 
-      out there.
-    * Fix XFS quotas: HAVE_XFS_QUOTA -> HAVE_XFS_QUOTAS
-                      XFS_USER_QUOTA -> USRQUOTA
-                      XFS_GROUP_QUOTA -> GRPQUOTA
-    * Fix disk_free calculation with group quotas.
-    * Add debug class 'quota' and a lot of DEBUG()'s 
-      to the quota code.
-    * Fix sys_chown() when no chown() is present.
-    * Add SIGABRT to fault handling in order to catch got a 
-      backtrace if an error occurs the OpenLDAP client libs.
-
-
-o   <ndb@theghet.to>
-    * Allow an existing LDAP machine account to be re-used when 
-      joining an AD domain.
-
-
-o   James Peach <jpeach@sgi.com>
-    * BUG 889: Change smbd to use pread/pwrite on platforms that 
-      support these calls. Can lead to a significant speed increase.
-
-
-o   Tim Potter <tpot@samba.org>
-    * BUG 905: Remove POBAD_CC to fix Solaris Forte compiles.
-    * BUG 924: Fix typo in RW2 torture test.
-    
-    
-o   Richard Sharpe <shape@samba.org>
-    * Small fixes to torture.c to cleanup the error handling 
-      and prevent crashes.
-
-
-o   J. Tournier <jerome.tournier@IDEALX.com>
-    * Small fixes for the smbldap-tool scripts.
-
-
-o   Andrew Tridgell <tridge@samba.org>
-    * Fix src len check in pull_usc2().
-    
-    
-o   Jelmer Vernooij <jelmer@samba.org>
-    * Put functions for generating SQL queries in pdb_sql.c
-    * Add pgSQL backend (based on patch by Hamish Friedlander)
-    * BUG 908: Fix -s option to smbcontrol.    
-    * Add smbget utility - a wget-clone for the SMB/CIFS protocol.
-    * Fix for libnss_wins on IRIX platforms.
-    * Fix swatdir for --with-fhs.
-
-
-        --------------------------------------------------
-
-                  =============================
-                  Release Notes for Samba 3.0.1
-                        December 15, 2003
-                  =============================
-
-Some of the more common bugs in 3.0.0 addressed in the release 
-include:
-
-  o Substitution problems with smb.conf variables.
-  o Errors in return codes which caused some applications
-    to fail to open files.
-  o General Protection Faults on Windows 2000/XP clients
-    using Samba point-n-print features.
-  o Several miscellaneous crash bugs.
-  o Access problems when enumerating group mappings are
-    stored in an LDAP Directory.
-  o Several common SWAT bugs when writing changes to
-    smb.conf.
-  o Internal inconsistencies when 'winbind use default
-    domain = yes'
-
-
-
-Changes since 3.0.0
-----------------------
-
-    Parameter Name              Action
-    --------------              ------
-    hide local users            Removed
-    mangled map                 Deprecated
-    mangled stack               Removed
-    passwd chat timeout         New
-
-
-commits
--------
-
-o   Change the interface for init_unistr2 to not take a length 
-    but a flags field.  We were assuming that 
-    2*strlen(mb_string) == length of ucs2-le string.  (bug 480).
-o   Allow d_printf() to handle strings with escaped quotation 
-    marks since the msg file includes the escape character (bug 489).
-o   Fix bad html table row termination in SWAT wizard code (bug 413).
-o   Fix to parse the level-2 strings.
-o   Fix for "valid users = %S" in [homes].  Fix read/write 
-    list as well. 
-o   Change AC_CHECK_LIB_EXT to prepend libraries instead of append.  
-    This is the same way AC_CHECK_LIB works (bug 508).
-o   Testparm output fixes for clarity.
-o   Fix broken wins hook functionality -- i18n bug (bug 528).
-o   Take care of condition where DOS and NT error codes must differ.
-o   Default to using only built-in charsets when a working iconv 
-    implementation cannot be located.
-o   Wrap internals of sys_setgroups() so the sys_XX() call can 
-    be done unconditionally (bug 550).
-o   Remove duplicate smbspool link on SWAT's front page (bug 541).
-o   Save and restore CFLAGS before/after AC_PROG_CC.  Ensures that
-    --enable-debug=[yes|no] works correctly.
-o   Allow ^C to interrupt smbpasswd if using our getpass 
-    (e.g. smbpasswd command).
-o   Support signing only on RPC's (bug 167).
-o   Correct bug that prevented  Excel 2000 clients from opening 
-    files marked as read-only.
-o   Portability fix bugs 546 - 549).
-o   Explicitly initialize the value of AR for vendor makes that don't
-    do this (e.g. HPUX 11).  (bug 552).
-o   More i18n fixes for SWAT (bug 413).
-o   Change the cwd before the postexec script to ensure that a
-    umount will succeed.
-o   Correct double free that caused winbindd to crash when a DC 
-    is rebooted (bug 437).
-o   Fix incorrect mode sum (bug 562).
-o   Canonicalize SMB_INFO_ALLOCATION in the same was as
-    SMB_FS_FULL_SIZE_INFORMATION (bug 564).
-o   Add script to generate *msg files.
-o   Add Dutch SWAT translation file.
-o   Make sure to call get_user_groups() with the full winbindd 
-    name for a user if he/she has one (bug 406).
-o   Fix up error code returns from Samba4 tester. Ensure invalid 
-    paths are validated the same way.  
-o   Allow Samba3 to pass the Samba4 RAW-READ tests.
-o   Refuse to configure if --with-expsam=$BACKEND was used but no 
-    libraries were found for $BACKEND.
-o   Move sysquotas autoconf tests to a separate file.
-o   Match W2K w.r.t. writelock and writeclose.  Samba4 torture 
-    tester
-o   Make sure that the files that contain the static_init_$subsystem; 
-    macro get recompiled after configure by removing the object 
-    files.
-o   Ensure canceling a blocking lock returns the correct error 
-    message.
-o   Match Samba 2.2 behavior; make ACB_NORMAL the default ACB value.
-o   Updated Japanese welcome file in SWAT.
-o   Fix to  nt-time <-> unix-time functions reversible.
-o   Ensure that winbindd uses the the escaped DN when querying
-    an AD ldap server.
-o   Fix portability issues when compiling (bug 505, 550)
-o   Compile fix for tdbbackup when Samba needs to override 
-    non-C99 compliant implementations of snprintf().
-o   Use @PICSUFFIX@ instead of .po in Makefile.in (bug 574).
-o   Make sure we break out of samsync loop on error.
-o   Ensure error code path doesn't free unmalloc()'d memory
-    (bug 628).
-o   Add configure test for krb5_keytab_entry keyblock vs key 
-    member (bug 636).
-o   Fixed spinlocks.
-o   Modified testparm so that all output so all debug output goes 
-    to stderr, and all file processing goes to stdout.
-o   Fix error return code for BUFFER_TOO_SMALL in smbcacls 
-    and smbcquotas.
-o   Fix "NULL dest in safe_strcpy()" log message by ensuring that 
-    we have a devmode before copying a string to the devicename.
-o   Support mapping REALM.COM\user to a local user account (without 
-    running winbindd)  for compatibility with 2.2.x release.
-o   Ensure we don't use mmap() on blacklisted systems.
-o   fixed a number of bugs and memory leaks in the AIX 
-    winbindd shim
-o   Call initgroups() in SWAT before becomming the user so that
-    secondary group permissions can be used when writing to 
-    smb.conf.
-o   Fix signing problems when reverse connecting back to a 
-    client for printer notify
-o   Fix signing problems caused by a miss-sequence bug.
-o   Missing map in errormap for ERROR_MORE_DATA -> ERRDOS, ERRmoredata.
-    Fixes NEXUS tools running on Win9x clients (bug 64).
-o   Don't leave the domain field uninitialized in cli_lsa.c if some 
-    SID could not be mapped.
-o   Fix segfault in mount.cifs helper when there is no options 
-    specified during mount.
-o   Change the \n after the password prompt to go to tty instead 
-    of stdout (bug 668).
-o   Stop net -P from prompting for machine account password (bug 451).
-o   Change in behavior to Not only change the effective uid but also
-    the real uid when becoming unprivileged.
-o   Cope with Exchange 5.5 cleartext pop password auth.
-o   New files for support of initshutdown pipe.  Win2k doesn't 
-    respond properly to all requests on the winreg pipe, so we need 
-    to handle this new pipe (bug 534).
-o   Added more va_copy() checks in configure.in.
-o   Include fixes for libsmbclient build problems.
-o   Missing UNIX -> DOS codepage conversion in lanman.c.
-o   Allow DFMS-S filenames can now have arbitrary case (bug 667).
-o   Parameterize the listen backlog in smbd and make it larger by
-    default. A backlog of 5 is way too small these days.
-o   Check for an invalid fid before dereferencing the fsp pointer
-    (bug 696).
-o   Remove invalid memory frees and return codes in pdb_ldap.c.
-o   Prompt for password when invoking --set-auth-user and no 
-    password is given.
-o   Bind the nmbd sending socket to the 'socket address'.
-o   Re-order link command for smbd, rpcclient and smbpasswd to ensure 
-    $LDFLAGS occurs before any library specification (bug 661).
-o   Fix large number of printf() calls for 64-bit size_t.
-o   Fix AC_CHECK_MEMBER so that SLES8 does correctly finds the 
-    keyblock in the krb5 structs.
-o   Remove #include <compat.h> in hopes to avoid problems with 
-    apache header files.
-o   Correct winbindd build problems on HP-UX 11.
-o   Lowercase netgroups lookups (bug 703).
-o   Use the actual size of the buffer in strftime instead of a made
-    up value which just happens to be less than sizeof(fstring).  
-    (bug 713).
-o   Add ldaplibs to pdbedit link line (bug 651).
-o   Fix crash bug in smbclient completion (bug 659).
-o   Fix packet length for browse list reply (bug 771).
-o   Fix coredump in cli_get_backup_list().
-o   Make sure that we expand %N (bug 612).
-o   Allow rpcclient adddriver command to specify printer driver 
-    version (bug 514).
-o   Compile tdbdump by default.
-o   Apply patches to fix iconv detection for FreeBSD.
-o   Do not allow the 'guest account' to be added to a passdb backend 
-    using smbpasswd or pdbedit (bug 624).
-o   Save LDFLAGS during iconv detection (bug 57).
-o   Run krb5 logins through the username map if the winbindd 
-    lookup fails (bug 698).
-o   Add const for lp_set_name_resolve_order() to avoid compiler 
-    warnings (bug 471).
-o   Add support for the %i macro in smb.conf to stand in for the for
-    the local IP address to which a client connected.
-o   Allow winbindd to match local accounts to domain SID when 
-    'winbind trusted domains only = yes' (bug 680).
-o   Remove code in idmap_ldap that searches the user suffix and group 
-    suffix.  It's not needed and provides inconsistent functionality 
-    from the tdb backend.
-o   Patch to handle munged dial string for Windows 2000 TSE.
-    Thanks to Gaz de France, Direction de la Recherche, Service 
-    Informatique Métier for their supporting this work by Aurelien 
-    Degrémont <adegremont@idealx.com>.
-o   Correct the "smbldap_open: cannot access when not root error"
-    messages when looking up group information (bug 281).
-o   Skip over the winbind separator when looking up a user.
-    This fixes the bug that prevented local users from
-    matching an AD user when not running winbindd (bug 698).
-o   Fix a problem with configure on *BSD systems. Make sure
-    we add -liconv etc to LDFLAGS.
-o   Fix core dump bug when "security = server" and the authentication
-    server goes away.
-o   Correct crash bug due to an empty munged dial string.
-o   Show files locked by a specific user (smbstatus -u 'user') 
-    (bug 590).
-o   Fix bug preventing print jobs from display in the queue
-    monitor used by Windows NT and later clients (bug 660).
-o   Fix several reported problems with point-n-print from
-    Windows 2000/XP clients due to a bug in the EnumPrinterDataEx()
-    reply (bug 338, 527 & 643).
-o   Fix a handful of potential memory leaks in the LDAP code used
-    by ldapsam[_compat] and the LDAP idmap backend.
-o   Fix for pdbedit error code returns (bug 763).
-o   Make sure we only enumerate group mapping entries  (not 
-    /etc/group) even when doing local aliases.
-o   Relax check on the pipe name in a dce/rpc bind response to work 
-    around issues with establishing trusts to a Windows 2003 domain.
-o   Ensure we mangle names ending in '.' in hash2 mangling method.
-o   Correct parsing issues with munged dial string.
-o   Fix bugs in quota support for XFS.
-o   Add a cleaner method for applications that need to provide 
-    name->SID mappings to do this via NSS rather than having to 
-    know the winbindd pipe protocol.
-o   Adds a variant of the winbindd_getgroups() call called 
-    winbindd_getusersids() that provides direct SID->SIDs listing of 
-    a users supplementary groups. This is enough to allow non-Samba 
-    applications to do ACL checking.
-o   Make sure we don't append the 'ldap suffix' when writing out the 
-    'ldap XXX suffix' values in SWAT (bug 328).
-o   Fix renames across file systems.
-o   Ensure that items in a list of strings containing whitespace are 
-    written out surrounded by single quotes.  This means that both 
-    double and single quotes are now used to surround strings in 
-    smb.conf (bug 481).
-o   Enable SWAT to correctly determine if winbindd is running (bug 
-    398).
-o   Include WWW-Authenticate field in 401 response for bad auth 
-    attempt (bug 629).
-o   Add support for NTLM2 (NTLMv2 session security).
-o   Add support for variable-length session keys.
-o   More privilege fixes for group enumeration in LDAP (bug 281).
-o   Use the dns name (or IP) as the originating client name when
-    using CUPS (bug 467).
-o   Fix various SMB signing bugs.
-o   Fix ACL propagation on a DFS root (bug 263).
-o   Disable NTLM2 for RPC pipes.
-o   Allow the client to specify the NTLM2 flags got NTLMSSP 
-    authentication.
-o   Change the name of the job passed off to cups from "Test Page" 
-    to "smbprn.00000033 Test Page" so that we can get the smb 
-    jobid back. This allow users to delete jobs with cups printing 
-    backend (partial work on bug 770).
-o   Fix build of winbindd with static pdb modules.
-o   Retrieve the correct ACL group bits if the file has an ACL 
-    (bug 802).
-o   Implement "net rpc group members": Get members of a domain group 
-    in human-readable format.
-o   Add MacOSX (Darwin) specific charset module code.
-o   Use samr_dispinfo(level == 1) for enumerating domain users so we 
-    can include the full name in gecos field (bug 587).
-o   Add support for winbind's NSS library on FeeeBSD 5.1 (bug 797).
-o   Implement 'net rpc group list [global|local|builtin]*' for a 
-    select listing of the respective user databases.
-o   Don't automatically set NT status code flag unless client tells 
-    us it can cope.
-o   Add 'net status [sessions|shares] [parseable]'.
-o   Don't mistake pre-existing UNIX jobs for smb jobs (remainder of  
-    bug 770).
-o   Add 'Replicator' and 'RAS Servers' to list of builtin SIDs 
-   (bug 608).
-o   Fix inverted logic in hosts allow/deny checks caused by 
-    s/strcmp/strequal/ (bug 846).
-o   Implement correct version SamrRemoveSidForeignDomain() (bug 252).
-o   Fix typo in 'hash' mangling algorithm.
-o   Support munged dial for ldapsam (bug 800).
-o   Fix process_incoming_data() to return the number of bytes handled 
-    this call whether we have a complete PDU or not; fixes bug 
-    with multiple PDU request rpc's broken over SMBwriteX calls 
-    each.
-o   Fix incorrect smb flags2 for connections to pre-NT servers 
-    (causes smbclient to fail to OS2 for example) (bug 821).
-o   Update version string in smbldap-tools Makefile to 0.8.2.
-o   Correct a problem with "net rpc vampire" mis-parsing the 
-    alias member info reply.
-o   Ensure the ${libdir} is created by the installclientlib script.
-o   Fix detection of Windows 2003 client architecture in the smb.conf
-    %a variable.
-o   Ensure that smbd calls the add user script for a missing UNIX 
-    user on kerberos auth call (bug 445).
-o   Fix bugs in hosts allow/deny when using a mismatched 
-    network/netmask pair.
-o   Protect alloc_sub_basic() from crashing when the source string 
-    is NULL (partial work on bug 687).
-o   Fix spinlocks on IRIX.
-o   Corrected some bad destination paths when running "configure 
-    --with-fhs".
-o   Add packaging files for Fedora Core 1.
-o   Correct bug in SWAT install script for non-english languages.
-o   Support character set ISO-8859-1 internally (bug 558).
-o   Fixed more LDAP access errors when looking up group mappings 
-    (bug 281).
-o   Fix UNISTR2 length bug in LsaQueryInfo(3) that caused SID 
-    resolution to fail on local files on on domain members 
-    (bug 875).
-o   Fix uninitialized variable in passdb.c.
-o   Fix formal parameter type in get_static() in nsswitch/wins.c.
-o   Fix problem mounting directories when mount.cifs is installed 
-    with the setuid bit on.
-o   Fix bug that prevent --mandir from overriding the defaults
-    given in the --with-fhs macro.
-o   Fix bug in in-memory Kerberos keytab detection routines 
-    in configure.in
-
-
-
-######################################################################
-
-              The original 3.0.0 release notes follow
-              =======================================
-                    WHATS NEW IN Samba 3.0.0
-                        September 24, 2003
-              =======================================
-
-
-Major new features:
--------------------
-
-1)  Active Directory support.  Samba 3.0 is now able to  
-    join a ADS realm as a member server and authenticate 
-    users using LDAP/Kerberos.
-
-2)  Unicode support. Samba will now negotiate UNICODE on the wire 
-    and internally there is now a much better infrastructure for 
-    multi-byte and UNICODE character sets.
-
-3)  New authentication system. The internal authentication system 
-    has been almost completely rewritten. Most of the changes are 
-    internal, but the new auth system is also very configurable.
-
-4)  New default filename mangling system.
-
-5)  A new "net" command has been added. It is somewhat similar to 
-    the "net" command in windows. Eventually we plan to replace 
-    numerous other utilities (such as smbpasswd) with subcommands 
-    in "net".
-
-6)  Samba now negotiates NT-style status32 codes on the wire. This
-    improves error handling a lot.
-
-7)  Better Windows 2000/XP/2003 printing support including publishing
-    printer attributes in active directory.
-
-8)  New loadable module support for passdb backends and character 
-    sets.
-
-9)  New default dual-daemon winbindd support for better performance.
-
-10) Support for migrating from a Windows NT 4.0 domain to a Samba 
-    domain and maintaining user, group and domain SIDs.
-
-11) Support for establishing trust relationships with Windows NT 4.0
-    domain controllers.
-  
-12) Initial support for a distributed Winbind architecture using
-    an LDAP directory for storing SID to uid/gid mappings.
-  
-13) Major updates to the Samba documentation tree.
-
-14) Full support for client and server SMB signing to ensure
-    compatibility with default Windows 2003 security settings.
-
-15) Improvement of ACL mapping features based on code donated by
-    Andreas Grünbacher.
-
-
-Plus lots of other improvements!
-
-
-Additional Documentation
-------------------------
-
-Please refer to Samba documentation tree (included in the docs/ 
-subdirectory) for extensive explanations of installing, configuring
-and maintaining Samba 3.0 servers and clients.  It is advised to 
-begin with the Samba-HOWTO-Collection for overviews and specific 
-tasks (the current book is up to approximately 400 pages) and to 
-refer to the various man pages for information on individual options.
-
-We are very glad to be able to include the second edition of
-"Using Samba" by Jay Ts, Robert Eckstein, and David Collier-Brown
-(O'Reilly & Associates) in this release.  The book is available
-on-line at http://samba.org/samba/docs/ and is included with 
-the Samba Web Administration Tool (SWAT).  Thanks to the authors and
-publisher for making "Using Samba" under the GNU Free Documentation 
-License.
-
-
-######################################################################
-Upgrading from a previous Samba 3.0 beta
-########################################
-
-Beginning with Samba 3.0.0beta3, the RID allocation functions
-have been moved into winbindd.  Previously these were handled
-by each passdb backend.  This means that winbindd must be running
-to automatically allocate RIDs for users and/or groups.  Otherwise,
-smbd will use the 2.2 algorithm for generating new RIDs.
-
-If you are using 'passdb backend = tdbsam' with a previous Samba 
-3.0 beta release (or possibly alpha), it may be necessary to 
-move the RID_COUNTER entry from /usr/local/samba/private/passdb.tdb
-to winbindd_idmap.tdb.  To do this:
-
-1)  Ensure that winbindd_idmap.tdb exists (launch winbindd at least 
-    once)
-2)  build tdbtool by executing 'make tdbtool' in the source/tdb/ 
-    directory
-3)  run: (note that 'tdb>' is the tool's prompt for input)
-
-       root# ./tdbtool /usr/local/samba/private/passdb.tdb
-       tdb> show RID_COUNTER
-       key 12 bytes
-       RID_COUNTER
-       data 4 bytes
-       [000] 0A 52 00 00                                       .R.
-
-       tdb> move RID_COUNTER /usr/local/samba/var/locks/winbindd_idmap.tdb
-       ....
-       record moved
-
-If you are using 'passdb backend = ldapsam', it will be necessary to 
-store idmap entries in the LDAP directory as well (i.e. idmap backend 
-= ldap).  Refer to the 'net idmap' command for more information on 
-migrating SID<->UNIX id mappings from one backend to another.
-
-If the RID_COUNTER record does not exist, then these instructions are
-unneccessary and the new RID_COUNTER record will be correctly generated
-if needed.  
-
-
-
-########################
-Upgrading from Samba 2.2
-########################
-
-This section is provided to help administrators understand the details
-involved with upgrading a Samba 2.2 server to Samba 3.0.
-
-
-Building
---------
-
-Many of the options to the GNU autoconf script have been modified 
-in the 3.0 release.  The most noticeable are:
-
-  * removal of --with-tdbsam (is now included by default; see section
-    on passdb backends and authentication for more details)
-    
-  * --with-ldapsam is now on used to provided backward compatible
-    parameters for LDAP enabled Samba 2.2 servers.  Refer to the passdb 
-    backend and authentication section for more details
-  
-  * inclusion of non-standard passdb modules may be enabled using
-    --with-expsam.  This includes an XML backend and a mysql backend.
-      
-  * removal of --with-msdfs (is now enabled by default)
-  
-  * removal of --with-ssl (no longer supported)
-  
-  * --with-utmp now defaults to 'yes' on supported systems
-  
-  * --with-sendfile-support is now enabled by default on supported 
-    systems
-  
-    
-Parameters
-----------
-
-This section contains a brief listing of changes to smb.conf options
-in the 3.0.0 release.  Please refer to the smb.conf(5) man page for
-complete descriptions of new or modified parameters.
-
-Removed Parameters (order alphabetically):
-
-  * admin log
-  * alternate permissions
-  * character set
-  * client codepage
-  * code page directory
-  * coding system
-  * domain admin group
-  * domain guest group
-  * force unknown acl user
-  * hide local users
-  * mangled stack
-  * nt smb support
-  * postscript
-  * printer driver
-  * printer driver file
-  * printer driver location
-  * read size
-  * source environment
-  * status
-  * strip dot
-  * total print jobs
-  * use rhosts
-  * valid chars
-  * vfs options
-
-New Parameters (new parameters have been grouped by function):
-
-  Remote management
-  -----------------
-  * abort shutdown script
-  * shutdown script
-
-  User and Group Account Management
-  ---------------------------------
-  * add group script
-  * add machine script
-  * add user to group script
-  * algorithmic rid base
-  * delete group script
-  * delete user from group script
-  * passdb backend
-  * set primary group script
-
-  Authentication
-  --------------
-  * auth methods
-  * realm
-  * passwd chat timeout
-
-  Protocol Options
-  ----------------
-  * client lanman auth
-  * client NTLMv2 auth
-  * client schannel
-  * client signing
-  * client use spnego
-  * disable netbios
-  * ntlm auth
-  * paranoid server security
-  * server schannel
-  * server signing
-  * smb ports
-  * use spnego
-
-  File Service
-  ------------
-  * get quota command
-  * hide special files
-  * hide unwriteable files
-  * hostname lookups
-  * kernel change notify
-  * mangle prefix
-  * map acl inherit
-  * msdfs proxy
-  * set quota command
-  * use sendfile
-  * vfs objects
-  
-  Printing
-  --------
-  * max reported print jobs
-
-  UNICODE and Character Sets
-  --------------------------
-  * display charset
-  * dos charset
-  * unicode
-  * unix charset
-  
-  SID to uid/gid Mappings
-  -----------------------
-  * idmap backend
-  * idmap gid
-  * idmap uid
-  * winbind enable local accounts
-  * winbind trusted domains only
-  * template primary group
-  * enable rid algorithm
-
-  LDAP
-  ----
-  * ldap delete dn
-  * ldap group suffix
-  * ldap idmap suffix
-  * ldap machine suffix
-  * ldap passwd sync
-  * ldap replication sleep
-  * ldap user suffix
-  
-  General Configuration
-  ---------------------
-  * preload modules
-  * private dir
-
-Modified Parameters (changes in behavior):
-
-  * encrypt passwords (enabled by default)
-  * mangling method (set to 'hash2' by default)
-  * passwd chat
-  * passwd program
-  * restrict anonymous (integer value)
-  * security (new 'ads' value)
-  * strict locking (enabled by default)
-  * unix extensions (enabled by default)
-  * winbind cache time (increased to 5 minutes)
-  * winbind uid (deprecated in favor of 'idmap uid')
-  * winbind gid (deprecated in favor of 'idmap gid')
-
-
-Databases
----------
-
-This section contains brief descriptions of any new databases 
-introduced in Samba 3.0.  Please remember to backup your existing 
-${lock directory}/*tdb before upgrading to Samba 3.0.  Samba will 
-upgrade databases as they are opened (if necessary), but downgrading 
-from 3.0 to 2.2 is an unsupported path.
-
-Name                    Description                             Backup?
-----                    -----------                             -------
-account_policy          User policy settings                    yes
-gencache                Generic caching db                      no
-group_mapping           Mapping table from Windows              yes
-                        groups/SID to unix groups        
-winbindd_idmap          ID map table from SIDS to UNIX          yes
-                        uids/gids.
-namecache               Name resolution cache entries           no
-netsamlogon_cache       Cache of NET_USER_INFO_3 structure      no
-                        returned as part of a successful
-                        net_sam_logon request 
-printing/*.tdb          Cached output from 'lpq                 no
-                        command' created on a per print 
-                        service basis
-registry                Read-only samba registry skeleton       no
-                        that provides support for exporting
-                        various db tables via the winreg RPCs
-
-
-Changes in Behavior
--------------------
-
-The following issues are known changes in behavior between Samba 2.2 and 
-Samba 3.0 that may affect certain installations of Samba.
-
-  1)  When operating as a member of a Windows domain, Samba 2.2 would 
-      map any users authenticated by the remote DC to the 'guest account'
-      if a uid could not be obtained via the getpwnam() call.  Samba 3.0
-      rejects the connection as NT_STATUS_LOGON_FAILURE.  There is no 
-      current work around to re-establish the 2.2 behavior.
-      
-  2)  When adding machines to a Samba 2.2 controlled domain, the 
-      'add user script' was used to create the UNIX identity of the 
-      machine trust account.  Samba 3.0 introduces a new 'add machine 
-      script' that must be specified for this purpose.  Samba 3.0 will
-      not fall back to using the 'add user script' in the absence of 
-      an 'add machine script'
-  
-
-######################################################################
-Passdb Backends and Authentication
-##################################
-
-There have been a few new changes that Samba administrators should be
-aware of when moving to Samba 3.0.
-
-  1) encrypted passwords have been enabled by default in order to 
-     inter-operate better with out-of-the-box Windows client 
-     installations.  This does mean that either (a) a samba account
-     must be created for each user, or (b) 'encrypt passwords = no'
-     must be explicitly defined in smb.conf.
-    
-  2) Inclusion of new 'security = ads' option for integration 
-     with an Active Directory domain using the native Windows
-     Kerberos 5 and LDAP protocols.
-
-     MIT kerberos 1.3.1 supports the ARCFOUR-HMAC-MD5 encryption 
-     type which is neccessary for servers on which the 
-     administrator password has not been changed, or kerberos-enabled 
-     SMB connections to servers that require Kerberos SMB signing.
-     Besides this one difference, either MIT or Heimdal Kerberos
-     distributions are usable by Samba 3.0.
-     
-
-Samba 3.0 also includes the possibility of setting up chains
-of authentication methods (auth methods) and account storage 
-backends (passdb backend).  Please refer to the smb.conf(5) 
-man page for details.  While both parameters assume sane default 
-values, it is likely that you will need to understand what the 
-values actually mean in order to ensure Samba operates correctly.
-
-The recommended passdb backends at this time are
-
-  * smbpasswd - 2.2 compatible flat file format
-  * tdbsam - attribute rich database intended as an smbpasswd
-    replacement for stand alone servers
-  * ldapsam - attribute rich account storage and retrieval 
-    backend utilizing an LDAP directory.  
-  * ldapsam_compat - a 2.2 backward compatible LDAP account 
-    backend
-    
-Certain functions of the smbpasswd(8) tool have been split between the 
-new smbpasswd(8) utility, the net(8) tool, and the new pdbedit(8) 
-utility.  See the respective man pages for details.
-    
-     
-######################################################################
-LDAP
-####
-
-This section outlines the new features affecting Samba / LDAP 
-integration.
-
-New Schema
-----------
-  
-A new object class (sambaSamAccount) has been introduced to replace 
-the old sambaAccount.  This change aids us in the renaming of 
-attributes to prevent clashes with attributes from other vendors.  
-There is a conversion script (examples/LDAP/convertSambaAccount) to 
-modify and LDIF file to the new schema.
-  
-Example:
-  
-  $ ldapsearch .... -b "ou=people,dc=..." > sambaAcct.ldif
-  $ convertSambaAccount --sid=<Domain SID> \
-    --input=sambaAcct.ldif --output=sambaSamAcct.ldif \
-    --changetype=[modify|add]
-	
-The <DOM SID> can be obtained by running 'net getlocalsid 
-<DOMAINNAME>' on the Samba PDC as root.  The changetype determines 
-the format of the generated LDIF output--either create new entries 
-or modify existing entries.
-    
-The old sambaAccount schema may still be used by specifying the 
-"ldapsam_compat" passdb backend.  However, the sambaAccount and
-associated attributes have been moved to the historical section of
-the schema file and must be uncommented before use if needed.
-The 2.2 object class declaration for a sambaAccount has not changed
-in the 3.0 samba.schema file. 
-  
-Other new object classes and their uses include:
-  
-  * sambaDomain - domain information used to allocate rids 
-    for users and groups as necessary.  The attributes are added
-    in 'ldap suffix' directory entry automatically if 
-    an idmap uid/gid range has been set and the 'ldapsam'
-    passdb backend has been selected.
-      
-  * sambaGroupMapping - an object representing the 
-    relationship between a posixGroup and a Windows
-    group/SID.  These entries are stored in the 'ldap 
-    group suffix' and managed by the 'net groupmap' command.
-    
-  * sambaUnixIdPool - created in the 'ldap idmap suffix' entry 
-    automatically and contains the next available 'idmap uid' and 
-    'idmap gid'
-    
-  * sambaIdmapEntry - object storing a mapping between a 
-    SID and a UNIX uid/gid.  These objects are created by the 
-    idmap_ldap module as needed.
-
-  * sambaSidEntry - object representing a SID alone, as a Structural
-    class on which to build the sambaIdmapEntry.
-
-    
-New Suffix for Searching
-------------------------
-  
-The following new smb.conf parameters have been added to aid in directing
-certain LDAP queries when 'passdb backend = ldapsam://...' has been
-specified.
-
-  * ldap suffix         - used to search for user and computer accounts
-  * ldap user suffix    - used to store user accounts
-  * ldap machine suffix - used to store machine trust accounts
-  * ldap group suffix   - location of posixGroup/sambaGroupMapping entries
-  * ldap idmap suffix   - location of sambaIdmapEntry objects
-
-If an 'ldap suffix' is defined, it will be appended to all of the 
-remaining sub-suffix parameters.  In this case, the order of the suffix
-listings in smb.conf is important.  Always place the 'ldap suffix' first
-in the list.  
-
-Due to a limitation in Samba's smb.conf parsing, you should not surround 
-the DN's with quotation marks.
-
-
-IdMap LDAP support
-------------------
-
-Samba 3.0 supports an ldap backend for the idmap subsystem.  The 
-following options would inform Samba that the idmap table should be
-stored on the directory server onterose in the "ou=idmap,dc=plainjoe,
-dc=org" partition.
-
- [global]
-    ...
-    idmap backend     = ldap:ldap://onterose/
-    ldap idmap suffix = ou=idmap,dc=plainjoe,dc=org
-    idmap uid         = 40000-50000
-    idmap gid         = 40000-50000
-
-This configuration allows winbind installations on multiple servers to
-share a uid/gid number space, thus avoiding the interoperability problems
-with NFS that were present in Samba 2.2.
-    
-
-
-######################################################################
-Trust Relationships and a Samba Domain
-######################################
-
-Samba 3.0.0beta2 is able to utilize winbindd as the means of 
-allocating uids and gids to trusted users and groups.  More
-information regarding Samba's support for establishing trust 
-relationships can be found in the Samba-HOWTO-Collection included
-in the docs/ directory of this release.
-
-First create your Samba PDC and ensure that everything is 
-working correctly before moving on the trusts.
-
-To establish Samba as the trusting domain (named SAMBA) from a Windows NT
-4.0 domain named WINDOWS:
-
-  1) create the trust account for SAMBA in "User Manager for Domains"
-  2) connect the trust from the Samba domain using
-     'net rpc trustdom establish GLASS'
-
-To create a trustlationship with SAMBA as the trusted domain:
-
-  1) create the initial trust account for GLASS using
-     'smbpasswd -a -i GLASS'.  You may need to create a UNIX
-     account for GLASS$ prior to this step (depending on your
-     local configuration).
-  2) connect the trust from a WINDOWS DC using "User Manager
-     for Domains"
-
-Now join winbindd on the Samba PDC to the SAMBA domain using
-the normal steps for adding a Samba server to an NT4 domain:
-(note that smbd & nmbd must be running at this point)
-
-   root# net rpc join -U root
-   Password: <enter root password from smbpasswd file here>
-
-Start winbindd and test the join with 'wbinfo -t'.
-
-Now test the trust relationship by connecting to the SAMBA DC
-(e.g. POGO) as a user from the WINDOWS domain:
-
-   $ smbclient //pogo/netlogon -U Administrator -W WINDOWS
-   Password:
-
-Now connect to the WINDOWS DC (e.g. CRYSTAL) as a Samba user:
-
-   $ smbclient //crystal/netlogon -U root -W WINDOWS
-   Password:
-
-######################################################################
-Changes in Winbind
-##################
-
-Beginning with Samba3.0.0beta3, winbindd has been given new account
-manage functionality equivalent to the 'add user script' family of
-smb.conf parameters.  The idmap design has also been changed to 
-centralize control of foreign SID lookups and matching to UNIX 
-uids and gids.
-
-
-Brief Description of Changes
-----------------------------
-
-1) The sid_to_uid() family of functions (smbd/uid.c) have been 
-   reverted to the 2.2.x design.  This means that when resolving a 
-   SID to a UID or similar mapping:
-
-        a) First consult winbindd
-        b) perform a local lookup only if winbindd fails to
-           return a successful answer
-
-   There are some variations to this, but these two rules generally
-   apply.
-
-2) All idmap lookups have been moved into winbindd.  This means that
-   a server must run winbindd (and support NSS) in order to achieve
-   any mappings of SID to dynamically allocated UNIX ids.  This was
-   a conscious design choice.
-
-3) New functions have been added to winbindd to emulate the 'add user 
-   script' family of smbd functions without requiring that external
-   scripts be defined.  This functionality is controlled by the 'winbind 
-   enable local accounts' smb.conf parameter (enabled by default).
-
-   However, this account management functionality is only supported 
-   in a local tdb (winbindd_idmap.tdb).  If these new UNIX accounts 
-   must be shared among multiple Samba servers (such as a PDC and BDCs), 
-   it will be necessary to define your own 'add user script', et. al.
-   programs that place the accounts/groups in some form of directory
-   such as NIS or LDAP.  This requirement was deemed beyond the scope
-   of winbind's account management functions.  Solutions for 
-   distributing UNIX system information have been deployed and tested 
-   for many years.  We saw no need to reinvent the wheel.
-
-4) A member of a Samba controlled domain running winbindd is now able 
-   to map domain users directly onto existing UNIX accounts while still
-   automatically creating accounts for trusted users and groups.  This
-   behavior is controlled by the 'winbind trusted domains only' smb.conf
-   parameter (disabled by default to provide 2.2.x winbind behavior).
-
-5) Group mapping support is wrapped in the local_XX_to_XX() functions
-   in smbd/uid.c.  The reason that group mappings are not included
-   in winbindd is because the purpose of Samba's group map is to
-   match any Windows SID with an existing UNIX group.  These UNIX
-   groups can be created by winbindd (see next section), but the
-   SID<->gid mapping is retreived by smbd, not winbindd.
-
-
-Examples
---------
-
-* security = server running winbindd to allocate accounts on demand
-
-* Samba PDC running winbindd to handle the automatic creation of UNIX
-  identities for machine trust accounts
-
-* Automtically creating UNIX user and groups when migrating a Windows NT
-  4.0 PDC to a Samba PDC.  Winbindd must be running when executing
-  'net rpc vampire' for this to work.
-
-   
-######################################################################
-Known Issues
-############
-
-* There are several bugs currently logged against the 3.0 codebase
-  that affect the use of NT 4.0 GUI domain management tools when run
-  against a Samba 3.0 PDC.  This bugs should be released in an early 
-  3.0.x release.
-
-Please refer to https://bugzilla.samba.org/ for a current list of bugs 
-filed against the Samba 3.0 codebase.
-
-
-######################################################################
-Reporting bugs & Development Discussion
-#######################################
-
-Please discuss this release on the samba-technical mailing list or by
-joining the #samba-technical IRC channel on irc.freenode.net.
-
-If you do report problems then please try to send high quality
-feedback. If you don't provide vital information to help us track down
-the problem then you will probably be ignored.  
-
-A new bugzilla installation has been established to help support the 
-Samba 3.0 community of users.  This server, located at 
-https://bugzilla.samba.org/, has replaced the older jitterbug server 
-previously located at http://bugs.samba.org/.
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-3.0.4.html b/whatsnew/samba-3.0.4.html
deleted file mode 100755
index eb39091..0000000
--- a/whatsnew/samba-3.0.4.html
+++ /dev/null
@@ -1,1916 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>Samba 3.0.4 Available for Download</H2>
-
-<p>
-<pre>
-                 =============================
-                 Release Notes for Samba 3.0.4
-                          May 8, 2004
-                 =============================
-
-This is the latest stable release of Samba. This is the version 
-that production Samba servers should be running for all 
-current bug-fixes.  There have been several issues fixes since 
-the 3.0.3 release and new features have been added as well.  
-See the "Changes" section for details on exact updates.
-
-Common bugs fixed in Samba 3.0.4 include:
-
-  o Password changing after applying the patch described in 
-    the Microsoft KB828741 article to Windows clients.
-  o Crashes in smbd.
-  o Managing print jobs via Windows on Big-Endian servers.
-  o Several memory leaks in winbindd and smbd.
-  o Compile issues on AIX and *BSD.
-
-
-######################################################################
-Changes
-#######
-
-Changes since 3.0.3
---------------------
-
-commits
--------
-
-o   Jeremy Allison <jra@samba.org>
-    * Fix path processing for DeletePrinterDriverEx().
-    * BUG 1303: Fix for Microsoft hotfix MS04-011 password change 
-      breakage.
-
-
-o   Andrew Bartlett <abartlet@samba.org>
-    * Fix alignment bug in GetDomPwInfo().
-
-
-o   Alexander Bokovoy <ab@samba.org>
-    * Fix utime[s]() issues in smbwrapper on systems 
-      that can boot both the 2.4 and 2.6 Linux kernels.
-
-
-o   Gerald Carter <jerry@samba.org>
-    * Fedora packaging fixes.
-    * BUG 1302: Fix seg fault by not trying to optimize a list of 
-      invalid gids using the wrong array size.
-    * BUG 1309: fix seg fault caused by trying to strdup(NULL)
-      seen when 'security = share'.
-    * Fix problems when using IBM's compiler on AIX.
-    * Link Developer's Guide, Example Guide, and multi-page HOWTO
-      into SWAT's welcome page.
-    * BUG 1293: fix double free in printer publishing code.
-
-    
-o   Wim Delvaux <wim.delvaux@adaptiveplanet.com>
-    * Fix for handling timeouts in socket connections.
-
-
-o   Michel Gravey <michel.gravey@optogone.com>
-    * BUG 483: patch from  to fix password hash creation in SWAT.
-    
-
-o   Volker Lendecke <vl@samba.org>
-    * Close the open NT pipes before the tdis.
-    * Fix AFS related build issues.
-    * Handle error conditions when base64 encoding a blob of 0 bytes.
-
-    
-o   Herb Lewis <herb@samba.org>
-    * Added 'acls' debug class.
-
-o   kawasa_r@itg.hitachi.co.jp
-    * Multiple variable initialization and memory leak fixes.
-    
-    
-o   Stephan Kulow <coolo@suse.de>
-    * Fix string length bug in libsmbclient that caused KDE's 
-      Konqueror to crash.
-    * BUG 429: More libsmbclient fixes.
-
-
-o   Jim McDonough <jmcd@us.ibm.com>
-    * BUG 1007, 1279: Store the print job using a little-endian key.
-
-
-o   Eric Mertens
-    o Compile fix for OpenBSD (ENOTSUP not supported).
-
-    
-o   Stefan Metzmacher <metze@samba.org>
-    * Correct bug in disks quota views from explorer.
-
-    
-o   Tim Potter <tpot@samba.org>
-    BUG 1305: Correct debug output.
-
-
-o   Richard Sharpe <rsharpe@samba.org>
-    * Fix incorrect error code mapping.
-
-
-o   Jelmer Vernooij <jelmer@samba.org>
-    * Add additional NT_STATUS errorm mappings.
-    
-
-Changes for older versions follow below:
-
-    --------------------------------------------------
-
-                 =============================
-                 Release Notes for Samba 3.0.3
-                        April 29, 2004
-                 =============================
-
-
-Common bugs fixed in Samba 3.0.3 include:
-
-  o Crash bugs and change notify issues in Samba's printing code.
-  o Honoring secondary group membership on domain member servers.
-  o TDB scalability issue surrounding the TDB_CLEAR_IF_FIRST flag.
-  o Substitution errors for %[UuGg] in smb.conf.
-  o winbindd crashes when using ADS security mode.
-  o SMB signing errors.
-  o Delays in winbindd startup caused by unnecessary 
-    connections to trusted domain controllers.
-  o Various small memory leaks.
-  o Winbindd failing due to expired Kerberos tickets.
-
-New features introduced in Samba 3.0.3 include:
-
-  o Improved support for i18n character sets.
-  o Support for account lockout policy based on
-    bad password attempts.
-  o Improved support for long password changes (>14
-    characters) and strong password enforcement.
-  o Support for Windows aliases (i.e. nested groups).
-  o Experimental support for storing DOS attribute on files
-    and folders in Extended Attributes.
-  o Support for local nested groups via winbindd.
-  o Specifying options to be passed directly to the CUPS libraries.
-
-Please be aware that the Samba source code repository was 
-migrated from CVS to Subversion on April 4, 2004.  Details on 
-accessing the Samba source tree via anonymous svn can be found 
-at http://svn.samba.org/samba/subversion.html.
-
-
-Changes since 3.0.2a
---------------------
-smb.conf changes
-----------------
-
-    Parameter Name              Action
-    --------------              ------
-    cups options                New
-    ea support                  New
-    only user                   Deprecated
-    store dos attributes        New
-    unicode                     Removed
-    winbind nested groups       New
-
-    
-commits
--------
-
-o   Jeremy Allison <jra@samba.org>
-    * Ensure that Kerberos mutex is always properly unlocked.
-    * Removed Heimdal "in-memory keytab" support.
-    * Fixup the 'multiple-vuids' bugs in our server code.
-    * Correct return code from lsa_lookup_sids() on unmapped
-      sids (based on work by vl@samba.org).
-    * Fix the "too many fcntl locks" scalability problem 
-      raised by tridge.
-    * Fixup correct (as per W2K3) returns for lookupsids 
-      as well as lookupnames.
-    * Fixups for delete-on-close semantics as per Win2k3 behavior.
-    * Make SMB_FILE_ACCESS_INFORMATION call work correctly.
-    * Fix "unable to initialize" bug when smbd hasn't been run with 
-      new system and a user is being added via pdbedit/smbpasswd.
-    * Added NTrename SMB (0xA5).
-    * Fixup correct timeout values for blocking lock timeouts.
-    * Fix various bugs reported by 'gentest'.
-    * More locking fixes in the case where we own the lock.
-    * Fix up regression in IS_NAME_VALID and renames.
-    * Don't set allocation size on directories.
-    * Return correct error code on fail if file exists and target 
-      is a directory.
-    * Added client "hardlink" comment to test doing NT rename with 
-      hard links.  Added hardlink_internals() code - UNIX extensions 
-      now use this as well.
-    * Use a common function to parse all pathnames from the wire for 
-      much closer emulation of Win2k3 error return codes.
-    * Implement check_path_syntax() and rewrite string sub 
-      functions for better multibyte support.
-    * Ensure msdfs referrals are multibyte safe.
-    * Allow msdfs symlink syntax to be more forgiving.
-      eg. sym_link -> msdfs://server/share/path/in/share 
-      or  sym_link -> msdfs:\\server\share\path\in\share.
-    * Cleanup multibyte netbios name support in nmbd ( based on patch
-      by MORIYAMA Masayuki <moriyama@miraclelinux.com>).
-    * Fix check_path_syntax() for multibyte encodings which have 
-      no '\' as second byte (based on work by ab@samba.org.
-    * Fix the "dfs self-referrals as anonymous user" problem
-      (based on patch from vl@samba.org).
-    * BUG 1064: Ensure truncate attribute checking is done correctly 
-      on "hidden" dot files.
-    * Fix bug in anonymous dfs self-referrals again.
-    * Fix get/set of EA's in client library
-    * Added support for OS/2 EA's in smbd server.
-    * Added 'ea support' parameter to smb.conf.
-    * Added 'store dos attributes' parameter to smb.conf.
-    * Fix wildcard identical rename.
-    * Fix reply_ctemp - make compatible with w2k3.
-    * Fix wildcard unlink.
-    * Fix wildcard src with wildcard dest renames.      
-    * BUG 1139: Fix based on suggestion by jdev@panix.com.
-      swap lookups for user and group - group will do an
-      algorithmic lookup if it fails, user won't.
-    * Make EA's lookups case independent.
-    * Fix SETPATHINFO in 'unix extensions' support.
-    * Make 3.x pass the Samba 4.x RAW-SEARCH tests - except for 
-      the UNIX info levels, and the short case preserve names.
-
-
-o   Timur Bakeyev <timur@com.bat.ru>
-    * BUG 1144: only set --with-fhs when the argument is 'yes'
-    * BUG 1152: Allow python modules to build despite libraries added 
-      to LDFLAGS instead of LDPATH.
-    * BUG 1141: Fix nss*.so names on FreeBSD 5.x.
-
-
-o   Craig Barratt <cbarratt@users.sourceforge.net>
-    * BUG 389: Allow multiple exclude arguments with smbclient 
-      tar -Xr options (better support for Amanda backup client).
-
-
-o   Andrew Bartlett <abartlet@samba.org>
-    * Include support for linking with cracklib for enforcing strong 
-      password changes.
-    * Add support for >14 character password changes from Windows 
-      clients.
-    * Add 'admin set password' capability to 'net rpc'.
-    * Allow 'net rpc samdump' to work with any joined domain 
-      regardless of smb.conf settings.
-    * Use an allocated buffer for count_chars.
-    * Add sanity checks for changes in the domain SID in an 
-      LDAP DIT.
-    * Implement python unit tests for Samba's multibyte string 
-      support.
-    * Remove 'unicode' smb.conf option.
-    * BUG 1138: Fix support for 'optional' SMB signing and other 
-      signing bugs.
-    * BUG 169: Fix NTLMv2-only behavior.
-    * Ensure 'net' honors the 'netbios name' in the smb.conf by 
-      default.
-    * Support SMB signing on connections using only the LANMAN 
-      password and generate the correct the 'session key' for these 
-      connections.
-    * Implement --required-membership-of=, an ntlm_auth option 
-      that restricts all authentication to members of this particular 
-      group.
-    * Improve our fall back code for password changes.
-    * Only send the ntlm_auth 'ntlm-server-1' helper client a '.' 
-      after the server had said something (such as an error).
-    * Add 'ntlm-server-1' helper protocol to ntlm_auth.
-
-      
-o   Alexander Bokovoy <ab@samba.org>
-    * Fix incorrect size calculation of the directory name 
-      in recycle.so.
-    * Fix problems with very long filenames in both smbd and smbclient
-      caused by truncating paths during character conversions.
-    * Fix smbfs problem with Tree Disconnect issued before smbfs 
-      starts its work.
-
-
-o   Gerald Carter <jerry@samba.org>
-    * BUG 850: Fix 'make installmodules' bug on True64.
-    * BUG 66: mark 'only user' deprecated.
-    * Remove corrupt tdb and shutdown (only for printing tdbs, 
-      connections, sessionid & locking).
-    * decrement smbd counter in connections.tdb in smb_panic().
-    * RedHat specfile updates.
-    * Fix xattr.h build issue on Debian testing and SuSE 8.2.
-    * BUG 1147; bad pointer case in get_stored_queue_info() 
-      causing seg fault.
-    * BUG 761: read the config file before initialized default 
-      values for printing options; don't default to bsd printing 
-      Linux.
-    * Allow the 'printing' parameter to be set on a per share basis.
-    * BUG 503: RedHat/Fedora packaging fixes regarding logrotate.
-    * BUG 848: don't create winbind local users/groups that already 
-      exist in the tdb.
-    * BUG 1080: fix declaration of SMB_BIG_UINT (broke compile on 
-      LynxOS/ppc).
-    * BUG 488: fix the 'show client in col 1' button and correctly 
-      enumerate active connections.
-    * BUG 1007 (partial): Fix abort in smbd caused by byte ordering 
-      problem when storing the updating pid for the lpq cache.
-    * BUG 1007 (partial): Fix print change notify bugs.
-    * BUG 1165, 1126: Fix bug with secondary groups (security = ads) 
-      and winbind use default domain = yes.  Also ensures that 
-    * BUG 1151: Ensure that winbindd users are passed through 
-      the username map.
-    * Fix client rpc binds for ASU derived servers (pc netlink, 
-      etc...).
-    * BUG 417, 1128: Ensure that the current_user_info is set
-      consistently so that %[UuGg] is expanded correctly.
-    * BUG 1195: Fix crash in winbindd when the ADS server is 
-      unavailable.
-    * BUG 1185: Set reconnect time to be the same as the 
-      'winbind cache time'.
-    * Ensure that we return the sec_desc in smb_io_printer_info_2.
-    * Change Samba printers Win32 attribute to PRINTER_ATTRIBUTE_LOCAL.
-    * BUG 1095: Honor the '-l' option in smbclient.
-    * BUG 1023: surround get_group_from_gid() with become_unbecome_root() 
-      block.
-    * Ensure server schannel uses the auth level requested by the 
-      client.
-    * Removed --with-cracklib option due to potential crash issue.
-    * Fix -lcrypto linking problem with wbinfo.
-    * BUG 761: allow printing parameter to set defaults on a per 
-      share basis.
-    * Add 'cups options' parameter to allow raw printing without 
-      changing /etc/cups/cupsd.conf.
-    * BUG 1081, 1183: Added remove_duplicate_gids() to smbd and 
-      winbindd.
-    * BUG 1246: Fix typo in Fedora /etc/init.d/winbind.
-    * BUG 1288: resolve any machine netbios name (0x00) and not just 
-      servers (0x20).
-    * BUG 1199: Fix potential symlink issue in 
-      examples/printing/smbprint.
-
-
-o   Robert Dahlem <Robert.Dahlem@gmx.net>
-    * BUG 1048:  Don't return short names when when 'mangled names = no'
-
-
-o   Guenther Deschner <gd@suse.com>
-    * Remove hard coded attribute name in the ads ranged retrieval
-      code.
-    * Add --with-libdir and --with-mandir to autoconf script.
-
-
-o   Bostjan Golob <golob@gimb.org>
-    * BUG 1046: Fix  getpwent_list() so that the username is not 
-      overwritten by other fields.
-
-
-o   Landon Fuller <landonf@opendarwin.org>
-    * BUG 1232: patch from landonf@opendarwin.org (Landon Fuller) 
-      to fix user/group enumeration on systems whose libc does not 
-      call setgrent() before trying to enumerate users (i.e. 
-      FreeBSD 5.2).
-
-
-o   Steve French <sfrench@us.ibm.com>
-    * Update mount.cifs to version 1.1.
-    * Disable dev (MS_NODEV) on user mounts from cifs vfs.
-    * Fixes to minor security bug in the mount helper.
-    * Fix credential file mounting for cifs vfs.
-    * Fix free of incremented pointer in cifsvfs mount helper.
-    * Fix path canonicalization of the mount target path and help 
-      text display in the cifs mount helper.
-    * Add missing guest mount option for mount.cifs.
-
-
-o   SATOH Fumiyasu <fumiya@miraclelinux.com>
-    * BUG 1055; formatting fixes for 'net share'.
-    * BUG 692: correct truncation of share names and workgroup 
-      names in smbclient.
-    * BUG 1088: use strchr_m() for query_host (smbclient -L).
-    * Patch from to internally count characters correctly.
-
-
-o   Paul Green <paulg@samba.org>
-    * Update VOS _POSIX_C_SOURCE macro to 200112L.
-    * Fix bug in configure.ion by moving the first use of 
-      AC_CHECK_HEADERS so it is always executed.
-    * Fix configure.in to only use $BLDSHARED to select whether to 
-      build static or shared libraries.
-
-
-o   Pat Haywarrd <Pat.Hayward@propero.net>
-    * Make the session_users list dynamic (max of 128K).
-    
-    
-o   Cal Heldenbrand <calzplace@yahoo.com> 
-    * Fix for for 'pam_smbpass migrate' functionality.
-
-
-o   Chris Hertel <crh@samba.org>
-    * fix enumeration of shares 12 characters in length via 
-      smbclient.
-
-
-o   Ulrich Holeschak <ulrich@holeschak.de>
-    * BUG 932: fix local password change using pam_smbpass
-
-
-o   Krischan Jodies <kj@sernet.de>
-    * Implement 'net rpc group delete'
-
-
-o   John Klinger <john.klinger@lmco.com>
-    * Return NSS_SUCCESS once the max number of gids possible 
-       has been found in initgroups() on Solaris.
-    * BUG 1182: Re-enable the -n 'no cache' option for winbindd.
-
-
-o   Volker Lendecke <vl@samba.org>
-    * Fix success message for net groupmap modify.
-    * Fix errors when enumerating members of groups in 'net rpc'.
-    * Match Windows behavior in samr_lookup_names() by returning
-      ALIAS(4) when you search in BUILTIN. 
-    * Fix server SAMR code to be able to set alias info for 
-      builtin as well. 
-    * Fix duplication of logic when creating groups via smbd.
-    * Ensure that the HWM values are set correctly after running 
-      'net idmap'.
-    * Add 'net rpc group add'.
-    * Implement 'net groupmap set' and 'net groupmap cleanup'.
-    * Add 'net rpc group [add|del]mem' for domain groups and aliases.
-    * Fix wb_delgrpmem (wbinfo -o).
-    * As a DC we should not reply to lsalookupnames on DCNAME\\user.
-    * Fix sambaUserWorkstations on a Samba DC.
-    * Implement wbinfo -k: Have winbind generate an AFS token after
-      authenticating the user.
-    * Add expand_msdfs VFS module for providing referrals based on the
-      the client's IP address.
-    * Implement client side NETLOGON GetDCName function.
-    * Fix caching of name->sid lookups.
-    * Add support in winbindd for expanding nested local groups.
-    * Fix memleak in winbindd.
-    * Fix msdfs proxy.
-    * Don't list domain groups from BUILTIN.
-    * Fix memleak in policy handle utility functions.
-    * Decrease winbindd startup time by only contacting trusted 
-      domains as necessary.
-    * Allow winbindd to ask the DC for its domain for a trusted 
-      DC.
-    * Fix Netscape DS schema based on comments from 
-      <thomas.mueller@christ-wasser.de>.
-    * Correct case where adding a domain user to a XP local group 
-      did a lsalookupname on the user without domain prefix, and 
-      failed.
-    * Fix segfault in winbindd caused by 'wbinfo -a'.
-    
-
-o   Herb Lewis <herb@samba.org>
-    * Fix typo for tag in proto file.
-    * Add missing #ifdef HAVE_BICONV stuff.
-    * Truncate Samba's netbios name at the first '.' (not 
-      right to left).
-
-
-o   Derrell Lipman <Derrell.Lipman@UnwiredUniverse.com>
-    * Bug fixes and enhancements to libsmbclient library.
-
-    
-o   Jianliang Lu <j.lu@tiesse.com>
-    * Enforce the 'user must change password at next login' flag.
-    * Decode meaning of 'fields present' flags (improves support 
-      for usrmgr.exe).
-    * NTLMv2 fixes.
-    * Don't force an upper case domain name in the ntlmssp code.
-    
-
-o   L. Lucius <ib@digicron.com>.
-    * type fixes.
-
-
-o   Jim McDonough <jmcd@us.ibm.com>
-    * Add versioning support to tdbsam.
-    * Update the IBM Directory Server schema with the OpenLDAP 
-      file.
-    * Various decoding fixes to improve usrmgr.exe support.
-    * Fix statfs redeclaration of statfs struct on ppc
-    * Implement support for password lockout of Samba domain 
-      controllers and standalone servers.
-    * Get MungedDial attribute actually working with full TS 
-      strings in it for pdb_ldap.
-    * BUG 1208 (partial): Improvements for working with expired krb5 
-      tickets in winbindd.
-    * Use timegm, or our already existing replacement instead of 
-      timezone (spotted by Andrzej Tobola <san@iem.pw.edu.pl>).
-    * Remove modifyTimestamp from list of our attributes.  
-    * Fix lsalookupnames to check for domain users as well as local 
-      users. 
-    * Merge struct uuid replacement for GUID from trunk.
-    * BUG 1208: Finish support for handling expired tickets in 
-      winbindd (in conjunction with Guenther Deschner <gd@suse.de>).
-
-
-o   Stefan Metzmacher <metze@samba.org>
-    * Implement new VERSION schema based on subversion revision 
-      numbers.
-    * Add shadow_copy vfs module.
-    * Fix segault in login_cache support.
-
-
-o    Heinrich Mislik <Heinrich.Mislik@univie.ac.at>
-     o BUG 979 -- Fix quota display on AIX.
-
-
-o   James Peach <jpeach@sgi.com>
-    * Correct check for printf() format when using the SGI MIPSPro 
-      compiler.
-    * BUG 1038: support backtrace for 'panic action' on IRIX.
-    * BUG 768: Accept profileing arg to IRIX init script.
-    * BUG 748: Relax arg parsing to sambalp script (IRIX).
-    * BUG 758: Fix pdma build.
-    * Search IRIX ABI paths for libiconv.  Based on initial fix from 
-      Jason Mader.
-      
-
-o   Kurt Pfeifle <kpfeifle@danka.de>
-    * Add example shell script for migrating drivers and printers 
-      from a Windows print server to a Samba print server using 
-      smbclient/rpcclient (examples/printing/VamireDriversFunctions).
-
-
-o   Tim Potter <tpot@samba.org>
-    * Fix logic bug in tdb non-blocking lock routines when 
-      errno == EAGAIN.
-    * BUG 1025: Include sys/acl.h in check for broken nisplus 
-      include files.      
-    * BUG 1066: s/printf/d_printf/g in SWAT.
-    * BUG 1098: rename internal msleep() function to fix build 
-      problems on AIX.
-    * BUG 1112: Fix for writable printerdata problem in python bindings.
-    * BUG 1154: Remove reference to <sys/mman.h> in tdbdump.c.
-    * BUG 1155: enclose use of fchown() with guards.
-    * Relicense tdb python module as LGPL.
-
-
-o   Richard Sharpe <rsharpe@samba.org>
-    * Add support to smbclient for multiple logins on the same 
-      session (based on work by abartlet@samba.org).
-    * Correct blocking condition in smbd's use of accept() on IRIX.
-    * Add support for printing out the MAC address on nmblookup.
-
-
-o   Simo Source <idra@samba.org>
-    * Replace unknown_3 with fields_present in SAMR code.
-    * More length checks in strlcat().
-
-
-o   Andrew Tridgell <tridge@samba.org>
-    * Rewrote the AIX UESS backend for winbindd.
-    * Fixed compilation with --enable-dmalloc.
-    * Change tdb license to LGPL (see source/tdb/tdb.c).
-    * Force winbindd to use schannel in clients connections to 
-      DC's if possible.
-
-
-o   Jelmer Vernooij <jelmer@samba.org>
-   * Fix ETA Calculation when resuming downloads in smbget.
-   * Add -O (for writing downloaded files to standard out) 
-     based on patch by Bas van Sisseren <bas@dnd.utwente.nl>.
-    * Fix syntax error in example mysql table
-
-           
-o   TAKEDA yasuma <yasuma@miraclelinux.com>
-    * BUG 900: fix token processing in cmd_symlink, cmd_link, 
-      cmd_chown, cmd_chmod smbclient functions.
-
-
-o    Shiro Yamada <shiro@miraclelinux.com>
-     * BUG 1129: install image files for SWAT.
-
-      
-    --------------------------------------------------
-
-                  ==============================
-                  Release Notes for Samba 3.0.2a
-                        February 13, 2004
-                  ==============================
-
-Samba 3.0.2a is a minor patch release for the 3.0.2 code base
-to address, in particular, a problem when using pdbedit to 
-sanitize (--force-initialized-passwords) Samba's tdbsam 
-backend.   This is the latest stable release of Samba. This 
-is the version that all production Samba servers should be 
-running for all current bug-fixes.  
-
-******************* Attention! Achtung! Kree! *********************
-
-Beginning with Samba 3.0.2, passwords for accounts with a last 
-change time (LCT-XXX in smbpasswd, sambaPwdLastSet attribute in
-ldapsam, etc...) of zero (0) will be regarded as uninitialized 
-strings.  This will cause authentication to fail for such
-accounts.  If you have valid passwords that meet this criteria, 
-you must update the last change time to a non-zero value.  If you 
-do not, then  'pdbedit --force-initialized-passwords' will disable 
-these accounts and reset the password hashes to a string of X's.
-
-******************* Attention! Achtung! Kree! *********************
-
-
-Changes since 3.0.2
--------------------
-
-commits
--------
-
-Please refer to the CVS log for the SAMBA_3_0 branch for complete
-details.  The list of changes per contributor are as follows:
-
-
-o   Jeremy Allison <jra@samba.org>
-    * Added paranoia checks in parsing code.
-    
-
-o   Andrew Bartlett <abartlet@samba.org>
-    * Ensure that changes to uninitialized passwords in ldapsam 
-      are written to the DIT.
-
-
-o   Gerald (Jerry) Carter <jerry@samba.org>
-    * Fixed iterator in tdbsam.
-    * Fix bug that disabled accounts with a valid NT password 
-      hash, but no LanMan hash.
-    
-
-o   Steve French <sfrench@us.ibm.com>
-    * Added missing nosetuid and noexec options.
-
-    
-o   Bostjan Golob <golob@gimb.org>
-    * BUG 1046: Don't overwrite usernames of entries returned 
-      by getpwent_list().
-
-
-o   Sebastian Krahmer <krahmer@suse.de>
-    * Fixed potential crash bug in NTLMSSP parsing code.
-
-
-o   Tim Potter <tpot@samba.org>
-    * Fixed logic in tdb_brlock error checking.
-
-    
-o   Urban Widmark <urban@teststation.com>
-    * Set nosuid,nodev flags in smbmnt by default.
-    
-    
-        --------------------------------------------------
-                  
-                  =============================
-                  Release Notes for Samba 3.0.2
-                        February 9, 2004
-                  =============================
-
-It has been confirmed that previous versions of Samba 3.0 are
-susceptible to a password initialization bug that could grant an 
-attacker unauthorized access to a user account created by the
-mksmbpasswd.sh shell script.
-
-The Common Vulnerabilities and Exposures project (cve.mitre.org) 
-has assigned the name CAN-2004-0082 to this issue.
-
-Samba administrators not wishing to upgrade to the current 
-version should download the 3.0.2 release, build the pdbedit 
-tool, and run 
-
-   root# pdbedit-3.0.2 --force-initialized-passwords
-      
-This will disable all accounts not possessing a valid password
-(e.g. the password field has been set a string of X's).
-
-Samba servers running 3.0.2 are not vulnerable to this bug 
-regardless of whether or not pdbedit has been used to sanitize
-the passdb backend.
-
-Some of the more visible bugs in 3.0.1 addressed in the 3.0.2
-release include:
-
-  o Joining a Samba domain from Pre-SP2 Windows 2000 clients.
-  o Logging onto a Samba domain from Windows XP clients.
-  o Problems with the %U and %u smb.conf variables in relation to 
-    Windows 9x/ME clients.
-  o Kerberos failures due to an invalid in memory keytab detection
-    test.
-  o Updates to the ntlm_auth tool.
-  o Fixes for various SMB signing errors.
-  o Better separation of WINS and DNS queries for domain controllers.
-  o Issues with nss_winbind FreeBSD and Solaris.
-  o Several crash bugs in smbd and winbindd.
-  o Output formatting fixes for smbclient for better compatibility
-    with scripts based on the 2.2 version.
-
-
-Changes since 3.0.1
--------------------
-
-smb.conf changes
-----------------
-
-    Parameter Name              Action
-    --------------              ------
-    ldap replication sleep      New
-    read size                   removed (unused)
-    source environment          removed (unused)
-
-
-commits
--------
-
-Please refer to the CVS log for the SAMBA_3_0 branch for complete
-details.  The list of changes per contributor are as follows:
-
-o   Jeremy Allison <jra@samba.org>
-    * Revert change that broke Exchange clear text samlogons.
-    * Fix gcc 3.4 warning in MS-DFS code.
-    * Tidy up of NTLMSSP code.
-    * Fixes for SMB signing errors
-    * BUG 815: Workaround NT4 bug to support plaintext
-      password logins and UNICODE.
-    * Fix SMB signing bug when copying large files.
-    * Correct error logic in mkdir_internals() (caused a panic
-      when combined with --enable-developer).
-    * BUG 830: Protect against crashes due to bad character 
-      conversions.
-
-      
-o   Petri Asikainen <paca@sci.fi>
-    * BUG 330, 387:Fix single valued attribute updates when 
-      working with Novell NDS.
-
-
-o   Andrew Bartlett <abartlet@samba.org>
-    * Correctly handle per-pipe NTLMSSP inside a NULL session.
-    * Fix segfault in gencache 
-    * Fix early free() of encrypted_session_key.
-    * Change DC lookup routines to more carefully separate
-      DNS names (realms) from NetBIOS domain names.
-    * Add new sid_to_dn() function for internal winbindd use.
-    * Refactor cli_ds_enum_domain_trusts().
-    * BUG 707: Implement range retrieval of ADS attributes (based 
-      on work from Volker <vl@samba.org> and Guenther Deschner 
-      <gd@suse.com>).
-    * Automatically initialize the signing engine if a session key
-      is available.
-    * BUG 916: Do not perform a + -> ' ' substitution for squid URL 
-      encoded strings, only form input in SWAT.
-    * Resets the NTLMSSP state for new negotiate packets.
-    * Add 2-byte alignments in net_samlogon() queries to parse 
-      odd-length plain text passwords.
-    * Allow Windows groups with no members in winbindd.
-    * Allow normal authentication in the absence of a server 
-      generated session key.
-    * More optimizations for looking up UNIX group lists.
-    * Clean up error codes and return values for pam_winbindd
-      and winbindd PAM interface.
-    * Fix string return values in ntlm_auth tool.
-    * Fix segfault when 'security = ads' but no realm is defined.
-    * BUG 722: Allow winbindd to map machine accounts to uids.
-    * More cleanups for winbindd's find_our_domain().
-    * More clearly detect whether a domain controller is an NT4
-      or mixed-mode AD DC (additional bug fixes by jerry & jmcd).
-    * Increase separation between DNS queries for hosts and queries
-      for AD domain controllers.
-    * Include additional NT_STATUS to PAM error mappings.
-    * Password initialization fixes.
-
-    
-o   Justin Baugh <justin.baugh@request.com>
-    * BUG 948: Implement missing functions required for FreeBSD 
-      nss_winbind support. 
-
-
-o   Alexander Bokovoy <ab@samba.org>
-    * BUG 922: Make sure enable fast path for strlower_m() and 
-      strupper_m().
-
-
-o   Luca Bolcioni <Luca.Bolcioni@yacme.com>
-    * Fix crash when using 'security = server' and 'encrypt 
-      passwords = no' by always initializing the session key.
-
-      
-o   Dmitry Butskoj <buc@odusz.elektra.ru>
-    * Fix for special files being hidden from admins.
-
-
-o   Gerald (Jerry) Carter <jerry@samba.org>
-    * Fix bug in the lanman session key generation.  Caused 
-      "decode_pw: incorrect password length" error messages.
-    * Save the right case for the located user name in 
-      fill_sam_account().  Fixes %U/%u expansion for win9x clients.
-    * BUG 897: Add well known rid for pre win2k compatible access
-      group.
-    * BUG 887: Correct typo in delete user script example.
-    * Use short lived TALLOC_CTX* for allocating printer objects 
-      from the print handle cache.
-    * BUG 912: Fix check for HAVE_MEMORY_KEYTAB.
-    * Fix several warnings reported by the SUN Forte C compiler.
-    * Fully control DNS queries for AD DC's using 'name resolve order'.
-    * BUG 770: Send the SMBjobid for UNIX jobs back to the client.
-    * BUG 972: Fix segfault in cli_ds_getprimarydominfo().
-    * BUG 936: fix bind credentials for schannel binds in smbd.
-    * BUG 446: Fix output of smbclient for better compatibility 
-      with scripts based on the 2.2 version (including Amanda).
-    * BUG 891, 949: Fedora packaging fixes.
-    * Fix bug that caused rpcclient to incorrectly retrieve 
-      the SID for a server (this causing all calls that required 
-      this information to fail). 
-    * BUG 977: Don't create a homes share for a user if a static 
-      share already exists by the same name.
-    * Removed unused smb.conf options.
-    * Password initialization fixes.
-    * Set the disable flag for template accounts created by
-      mksmbpasswd.sh.
-    * Disable any account has no passwords and does not have the
-      ACB_PWNOTREQ bit set.
-
-
-o   Guenther Deschner <gd@suse.com>
-    * Install smbwrapper.so should be put into the $(libdir) 
-      and not $(bindir).
-    * Add the capability to specify the new user password 
-      for "net ads password" on the command line.
-    * Correctly detect AFS headers on SuSE.
-	
-
-o   James Flemer <jflemer@uvm.edu>
-    * Fix AIX compile bug by linking HAVE_ATTR_LIST to 
-      HAVE_SYS_ATTRIBUTES_H.
-
-
-o   Luke Howard <lukeh@PADL.COM>
-    * Fix segfault in session setup reply caused by a early free().
-
-
-o   Stoian Ivanov <sdr@bultra.com>
-    * Implement grepable output for smbclient -L.
-
-
-o   LaMont Jones <lamont@debian.org>
-    * BUG 225328 (Debian): Correct false failure LFS test that resulted 
-      in  _GNU_SOURCE not being defined (thus resulting in strndup() 
-      not being defined).
-
-      
-o   Volker Lendecke <vl@samba.org>
-    * BUG 583: Ensure that user names always contain the short 
-      version of the domain name.
-    * Fix our parsing of the LDAP uri.
-    * Don't show the 'afs username map' in the SWAT basic view.
-    * Fix SMB signing issues in relation to failed NTLMSSP logins.
-    * BUG 924: Fix return codes in smbtorture harness.
-    * Always lower-case usernames before handing it to AFS code.
-    * Add a German translation for SWAT.
-    * Fix a segfaults in winbindd.
-    * Fix the user's domain passed to register_vuid() from 
-      reply_spnego_kerberos().
-    * Add NSS example code in nss_winbind to convert UNIX 
-      id's <-> Windows SIDs.
-    * Display more descriptive error messages for login via 'net'.
-    * Fix compiler warning in the net tool.
-    * Fix length bug when decoding base64 strings.
-    * Ensure we don't call getpwnam() inside a loop that is iterating 
-      over users with getpwent().  This broke on glibc 2.3.2.
-
-
-o   Herb Lewis <herb@samba.org>
-    * Fix bit rot in psec.
-
-
-o   Jianliang Lu <j.lu@tiesse.com>
-    * Ensure we delete the group mapping before calling the delete 
-      group script.
-    * Define well known RID for managing the  "Power Users" group.
-    * BUG 381: check builtin (not local) group SID when updating 
-      group membership.
-    * BUG 101: set the SV_TYPE_PRINTQ_SERVER flag in host announcement 
-      packet.
-
-
-o   John Klinger <john.klinger@lmco.com>
-    * Implement initgroups() call in nss_winbind on Solaris.
-
-
-o   Jim McDonough <jmcd@us.ibm.com>
-    * Fix regression in net rpc join caused by recent changes 
-      to cli_lsa_query_info_policy().
-    * BUG 964: Fix crash bug in 'net rpc join' using a preexisting
-      machine account.
-
-
-o   MORIYAMA Masayuki <moriyama@miraclelinux.com>
-    * BUG 570: Ensure that configure honors the LDFLAGS variable.
-
-
-o   Stefan Metzmacher <metze@samba.org>
-    * Implement LDAP rebind sleep patch.
-    * Revert to 2.2 quota code because of so many broken quota files 
-      out there.
-    * Fix XFS quotas: HAVE_XFS_QUOTA -> HAVE_XFS_QUOTAS
-                      XFS_USER_QUOTA -> USRQUOTA
-                      XFS_GROUP_QUOTA -> GRPQUOTA
-    * Fix disk_free calculation with group quotas.
-    * Add debug class 'quota' and a lot of DEBUG()'s 
-      to the quota code.
-    * Fix sys_chown() when no chown() is present.
-    * Add SIGABRT to fault handling in order to catch got a 
-      backtrace if an error occurs the OpenLDAP client libs.
-
-
-o   <ndb@theghet.to>
-    * Allow an existing LDAP machine account to be re-used when 
-      joining an AD domain.
-
-
-o   James Peach <jpeach@sgi.com>
-    * BUG 889: Change smbd to use pread/pwrite on platforms that 
-      support these calls. Can lead to a significant speed increase.
-
-
-o   Tim Potter <tpot@samba.org>
-    * BUG 905: Remove POBAD_CC to fix Solaris Forte compiles.
-    * BUG 924: Fix typo in RW2 torture test.
-    
-    
-o   Richard Sharpe <shape@samba.org>
-    * Small fixes to torture.c to cleanup the error handling 
-      and prevent crashes.
-
-
-o   J. Tournier <jerome.tournier@IDEALX.com>
-    * Small fixes for the smbldap-tool scripts.
-
-
-o   Andrew Tridgell <tridge@samba.org>
-    * Fix src len check in pull_usc2().
-    
-    
-o   Jelmer Vernooij <jelmer@samba.org>
-    * Put functions for generating SQL queries in pdb_sql.c
-    * Add pgSQL backend (based on patch by Hamish Friedlander)
-    * BUG 908: Fix -s option to smbcontrol.    
-    * Add smbget utility - a wget-clone for the SMB/CIFS protocol.
-    * Fix for libnss_wins on IRIX platforms.
-    * Fix swatdir for --with-fhs.
-
-
-        --------------------------------------------------
-
-                  =============================
-                  Release Notes for Samba 3.0.1
-                        December 15, 2003
-                  =============================
-
-Some of the more common bugs in 3.0.0 addressed in the release 
-include:
-
-  o Substitution problems with smb.conf variables.
-  o Errors in return codes which caused some applications
-    to fail to open files.
-  o General Protection Faults on Windows 2000/XP clients
-    using Samba point-n-print features.
-  o Several miscellaneous crash bugs.
-  o Access problems when enumerating group mappings are
-    stored in an LDAP Directory.
-  o Several common SWAT bugs when writing changes to
-    smb.conf.
-  o Internal inconsistencies when 'winbind use default
-    domain = yes'
-
-
-
-Changes since 3.0.0
-----------------------
-
-    Parameter Name              Action
-    --------------              ------
-    hide local users            Removed
-    mangled map                 Deprecated
-    mangled stack               Removed
-    passwd chat timeout         New
-
-
-commits
--------
-
-o   Change the interface for init_unistr2 to not take a length 
-    but a flags field.  We were assuming that 
-    2*strlen(mb_string) == length of ucs2-le string.  (bug 480).
-o   Allow d_printf() to handle strings with escaped quotation 
-    marks since the msg file includes the escape character (bug 489).
-o   Fix bad html table row termination in SWAT wizard code (bug 413).
-o   Fix to parse the level-2 strings.
-o   Fix for "valid users = %S" in [homes].  Fix read/write 
-    list as well. 
-o   Change AC_CHECK_LIB_EXT to prepend libraries instead of append.  
-    This is the same way AC_CHECK_LIB works (bug 508).
-o   Testparm output fixes for clarity.
-o   Fix broken wins hook functionality -- i18n bug (bug 528).
-o   Take care of condition where DOS and NT error codes must differ.
-o   Default to using only built-in charsets when a working iconv 
-    implementation cannot be located.
-o   Wrap internals of sys_setgroups() so the sys_XX() call can 
-    be done unconditionally (bug 550).
-o   Remove duplicate smbspool link on SWAT's front page (bug 541).
-o   Save and restore CFLAGS before/after AC_PROG_CC.  Ensures that
-    --enable-debug=[yes|no] works correctly.
-o   Allow ^C to interrupt smbpasswd if using our getpass 
-    (e.g. smbpasswd command).
-o   Support signing only on RPC's (bug 167).
-o   Correct bug that prevented  Excel 2000 clients from opening 
-    files marked as read-only.
-o   Portability fix bugs 546 - 549).
-o   Explicitly initialize the value of AR for vendor makes that don't
-    do this (e.g. HPUX 11).  (bug 552).
-o   More i18n fixes for SWAT (bug 413).
-o   Change the cwd before the postexec script to ensure that a
-    umount will succeed.
-o   Correct double free that caused winbindd to crash when a DC 
-    is rebooted (bug 437).
-o   Fix incorrect mode sum (bug 562).
-o   Canonicalize SMB_INFO_ALLOCATION in the same was as
-    SMB_FS_FULL_SIZE_INFORMATION (bug 564).
-o   Add script to generate *msg files.
-o   Add Dutch SWAT translation file.
-o   Make sure to call get_user_groups() with the full winbindd 
-    name for a user if he/she has one (bug 406).
-o   Fix up error code returns from Samba4 tester. Ensure invalid 
-    paths are validated the same way.  
-o   Allow Samba3 to pass the Samba4 RAW-READ tests.
-o   Refuse to configure if --with-expsam=$BACKEND was used but no 
-    libraries were found for $BACKEND.
-o   Move sysquotas autoconf tests to a separate file.
-o   Match W2K w.r.t. writelock and writeclose.  Samba4 torture 
-    tester
-o   Make sure that the files that contain the static_init_$subsystem; 
-    macro get recompiled after configure by removing the object 
-    files.
-o   Ensure canceling a blocking lock returns the correct error 
-    message.
-o   Match Samba 2.2 behavior; make ACB_NORMAL the default ACB value.
-o   Updated Japanese welcome file in SWAT.
-o   Fix to  nt-time <-> unix-time functions reversible.
-o   Ensure that winbindd uses the the escaped DN when querying
-    an AD ldap server.
-o   Fix portability issues when compiling (bug 505, 550)
-o   Compile fix for tdbbackup when Samba needs to override 
-    non-C99 compliant implementations of snprintf().
-o   Use @PICSUFFIX@ instead of .po in Makefile.in (bug 574).
-o   Make sure we break out of samsync loop on error.
-o   Ensure error code path doesn't free unmalloc()'d memory
-    (bug 628).
-o   Add configure test for krb5_keytab_entry keyblock vs key 
-    member (bug 636).
-o   Fixed spinlocks.
-o   Modified testparm so that all output so all debug output goes 
-    to stderr, and all file processing goes to stdout.
-o   Fix error return code for BUFFER_TOO_SMALL in smbcacls 
-    and smbcquotas.
-o   Fix "NULL dest in safe_strcpy()" log message by ensuring that 
-    we have a devmode before copying a string to the devicename.
-o   Support mapping REALM.COM\user to a local user account (without 
-    running winbindd)  for compatibility with 2.2.x release.
-o   Ensure we don't use mmap() on blacklisted systems.
-o   fixed a number of bugs and memory leaks in the AIX 
-    winbindd shim
-o   Call initgroups() in SWAT before becomming the user so that
-    secondary group permissions can be used when writing to 
-    smb.conf.
-o   Fix signing problems when reverse connecting back to a 
-    client for printer notify
-o   Fix signing problems caused by a miss-sequence bug.
-o   Missing map in errormap for ERROR_MORE_DATA -> ERRDOS, ERRmoredata.
-    Fixes NEXUS tools running on Win9x clients (bug 64).
-o   Don't leave the domain field uninitialized in cli_lsa.c if some 
-    SID could not be mapped.
-o   Fix segfault in mount.cifs helper when there is no options 
-    specified during mount.
-o   Change the \n after the password prompt to go to tty instead 
-    of stdout (bug 668).
-o   Stop net -P from prompting for machine account password (bug 451).
-o   Change in behavior to Not only change the effective uid but also
-    the real uid when becoming unprivileged.
-o   Cope with Exchange 5.5 cleartext pop password auth.
-o   New files for support of initshutdown pipe.  Win2k doesn't 
-    respond properly to all requests on the winreg pipe, so we need 
-    to handle this new pipe (bug 534).
-o   Added more va_copy() checks in configure.in.
-o   Include fixes for libsmbclient build problems.
-o   Missing UNIX -> DOS codepage conversion in lanman.c.
-o   Allow DFMS-S filenames can now have arbitrary case (bug 667).
-o   Parameterize the listen backlog in smbd and make it larger by
-    default. A backlog of 5 is way too small these days.
-o   Check for an invalid fid before dereferencing the fsp pointer
-    (bug 696).
-o   Remove invalid memory frees and return codes in pdb_ldap.c.
-o   Prompt for password when invoking --set-auth-user and no 
-    password is given.
-o   Bind the nmbd sending socket to the 'socket address'.
-o   Re-order link command for smbd, rpcclient and smbpasswd to ensure 
-    $LDFLAGS occurs before any library specification (bug 661).
-o   Fix large number of printf() calls for 64-bit size_t.
-o   Fix AC_CHECK_MEMBER so that SLES8 does correctly finds the 
-    keyblock in the krb5 structs.
-o   Remove #include <compat.h> in hopes to avoid problems with 
-    apache header files.
-o   Correct winbindd build problems on HP-UX 11.
-o   Lowercase netgroups lookups (bug 703).
-o   Use the actual size of the buffer in strftime instead of a made
-    up value which just happens to be less than sizeof(fstring).  
-    (bug 713).
-o   Add ldaplibs to pdbedit link line (bug 651).
-o   Fix crash bug in smbclient completion (bug 659).
-o   Fix packet length for browse list reply (bug 771).
-o   Fix coredump in cli_get_backup_list().
-o   Make sure that we expand %N (bug 612).
-o   Allow rpcclient adddriver command to specify printer driver 
-    version (bug 514).
-o   Compile tdbdump by default.
-o   Apply patches to fix iconv detection for FreeBSD.
-o   Do not allow the 'guest account' to be added to a passdb backend 
-    using smbpasswd or pdbedit (bug 624).
-o   Save LDFLAGS during iconv detection (bug 57).
-o   Run krb5 logins through the username map if the winbindd 
-    lookup fails (bug 698).
-o   Add const for lp_set_name_resolve_order() to avoid compiler 
-    warnings (bug 471).
-o   Add support for the %i macro in smb.conf to stand in for the for
-    the local IP address to which a client connected.
-o   Allow winbindd to match local accounts to domain SID when 
-    'winbind trusted domains only = yes' (bug 680).
-o   Remove code in idmap_ldap that searches the user suffix and group 
-    suffix.  It's not needed and provides inconsistent functionality 
-    from the tdb backend.
-o   Patch to handle munged dial string for Windows 2000 TSE.
-    Thanks to Gaz de France, Direction de la Recherche, Service 
-    Informatique Métier for their supporting this work by Aurelien 
-    Degrémont <adegremont@idealx.com>.
-o   Correct the "smbldap_open: cannot access when not root error"
-    messages when looking up group information (bug 281).
-o   Skip over the winbind separator when looking up a user.
-    This fixes the bug that prevented local users from
-    matching an AD user when not running winbindd (bug 698).
-o   Fix a problem with configure on *BSD systems. Make sure
-    we add -liconv etc to LDFLAGS.
-o   Fix core dump bug when "security = server" and the authentication
-    server goes away.
-o   Correct crash bug due to an empty munged dial string.
-o   Show files locked by a specific user (smbstatus -u 'user') 
-    (bug 590).
-o   Fix bug preventing print jobs from display in the queue
-    monitor used by Windows NT and later clients (bug 660).
-o   Fix several reported problems with point-n-print from
-    Windows 2000/XP clients due to a bug in the EnumPrinterDataEx()
-    reply (bug 338, 527 & 643).
-o   Fix a handful of potential memory leaks in the LDAP code used
-    by ldapsam[_compat] and the LDAP idmap backend.
-o   Fix for pdbedit error code returns (bug 763).
-o   Make sure we only enumerate group mapping entries  (not 
-    /etc/group) even when doing local aliases.
-o   Relax check on the pipe name in a dce/rpc bind response to work 
-    around issues with establishing trusts to a Windows 2003 domain.
-o   Ensure we mangle names ending in '.' in hash2 mangling method.
-o   Correct parsing issues with munged dial string.
-o   Fix bugs in quota support for XFS.
-o   Add a cleaner method for applications that need to provide 
-    name->SID mappings to do this via NSS rather than having to 
-    know the winbindd pipe protocol.
-o   Adds a variant of the winbindd_getgroups() call called 
-    winbindd_getusersids() that provides direct SID->SIDs listing of 
-    a users supplementary groups. This is enough to allow non-Samba 
-    applications to do ACL checking.
-o   Make sure we don't append the 'ldap suffix' when writing out the 
-    'ldap XXX suffix' values in SWAT (bug 328).
-o   Fix renames across file systems.
-o   Ensure that items in a list of strings containing whitespace are 
-    written out surrounded by single quotes.  This means that both 
-    double and single quotes are now used to surround strings in 
-    smb.conf (bug 481).
-o   Enable SWAT to correctly determine if winbindd is running (bug 
-    398).
-o   Include WWW-Authenticate field in 401 response for bad auth 
-    attempt (bug 629).
-o   Add support for NTLM2 (NTLMv2 session security).
-o   Add support for variable-length session keys.
-o   More privilege fixes for group enumeration in LDAP (bug 281).
-o   Use the dns name (or IP) as the originating client name when
-    using CUPS (bug 467).
-o   Fix various SMB signing bugs.
-o   Fix ACL propagation on a DFS root (bug 263).
-o   Disable NTLM2 for RPC pipes.
-o   Allow the client to specify the NTLM2 flags got NTLMSSP 
-    authentication.
-o   Change the name of the job passed off to cups from "Test Page" 
-    to "smbprn.00000033 Test Page" so that we can get the smb 
-    jobid back. This allow users to delete jobs with cups printing 
-    backend (partial work on bug 770).
-o   Fix build of winbindd with static pdb modules.
-o   Retrieve the correct ACL group bits if the file has an ACL 
-    (bug 802).
-o   Implement "net rpc group members": Get members of a domain group 
-    in human-readable format.
-o   Add MacOSX (Darwin) specific charset module code.
-o   Use samr_dispinfo(level == 1) for enumerating domain users so we 
-    can include the full name in gecos field (bug 587).
-o   Add support for winbind's NSS library on FeeeBSD 5.1 (bug 797).
-o   Implement 'net rpc group list [global|local|builtin]*' for a 
-    select listing of the respective user databases.
-o   Don't automatically set NT status code flag unless client tells 
-    us it can cope.
-o   Add 'net status [sessions|shares] [parseable]'.
-o   Don't mistake pre-existing UNIX jobs for smb jobs (remainder of  
-    bug 770).
-o   Add 'Replicator' and 'RAS Servers' to list of builtin SIDs 
-   (bug 608).
-o   Fix inverted logic in hosts allow/deny checks caused by 
-    s/strcmp/strequal/ (bug 846).
-o   Implement correct version SamrRemoveSidForeignDomain() (bug 252).
-o   Fix typo in 'hash' mangling algorithm.
-o   Support munged dial for ldapsam (bug 800).
-o   Fix process_incoming_data() to return the number of bytes handled 
-    this call whether we have a complete PDU or not; fixes bug 
-    with multiple PDU request rpc's broken over SMBwriteX calls 
-    each.
-o   Fix incorrect smb flags2 for connections to pre-NT servers 
-    (causes smbclient to fail to OS2 for example) (bug 821).
-o   Update version string in smbldap-tools Makefile to 0.8.2.
-o   Correct a problem with "net rpc vampire" mis-parsing the 
-    alias member info reply.
-o   Ensure the ${libdir} is created by the installclientlib script.
-o   Fix detection of Windows 2003 client architecture in the smb.conf
-    %a variable.
-o   Ensure that smbd calls the add user script for a missing UNIX 
-    user on kerberos auth call (bug 445).
-o   Fix bugs in hosts allow/deny when using a mismatched 
-    network/netmask pair.
-o   Protect alloc_sub_basic() from crashing when the source string 
-    is NULL (partial work on bug 687).
-o   Fix spinlocks on IRIX.
-o   Corrected some bad destination paths when running "configure 
-    --with-fhs".
-o   Add packaging files for Fedora Core 1.
-o   Correct bug in SWAT install script for non-english languages.
-o   Support character set ISO-8859-1 internally (bug 558).
-o   Fixed more LDAP access errors when looking up group mappings 
-    (bug 281).
-o   Fix UNISTR2 length bug in LsaQueryInfo(3) that caused SID 
-    resolution to fail on local files on on domain members 
-    (bug 875).
-o   Fix uninitialized variable in passdb.c.
-o   Fix formal parameter type in get_static() in nsswitch/wins.c.
-o   Fix problem mounting directories when mount.cifs is installed 
-    with the setuid bit on.
-o   Fix bug that prevent --mandir from overriding the defaults
-    given in the --with-fhs macro.
-o   Fix bug in in-memory Kerberos keytab detection routines 
-    in configure.in
-
-
-
-######################################################################
-
-              The original 3.0.0 release notes follow
-              =======================================
-                    WHATS NEW IN Samba 3.0.0
-                        September 24, 2003
-              =======================================
-
-
-Major new features:
--------------------
-
-1)  Active Directory support.  Samba 3.0 is now able to  
-    join a ADS realm as a member server and authenticate 
-    users using LDAP/Kerberos.
-
-2)  Unicode support. Samba will now negotiate UNICODE on the wire 
-    and internally there is now a much better infrastructure for 
-    multi-byte and UNICODE character sets.
-
-3)  New authentication system. The internal authentication system 
-    has been almost completely rewritten. Most of the changes are 
-    internal, but the new auth system is also very configurable.
-
-4)  New default filename mangling system.
-
-5)  A new "net" command has been added. It is somewhat similar to 
-    the "net" command in windows. Eventually we plan to replace 
-    numerous other utilities (such as smbpasswd) with subcommands 
-    in "net".
-
-6)  Samba now negotiates NT-style status32 codes on the wire. This
-    improves error handling a lot.
-
-7)  Better Windows 2000/XP/2003 printing support including publishing
-    printer attributes in active directory.
-
-8)  New loadable module support for passdb backends and character 
-    sets.
-
-9)  New default dual-daemon winbindd support for better performance.
-
-10) Support for migrating from a Windows NT 4.0 domain to a Samba 
-    domain and maintaining user, group and domain SIDs.
-
-11) Support for establishing trust relationships with Windows NT 4.0
-    domain controllers.
-  
-12) Initial support for a distributed Winbind architecture using
-    an LDAP directory for storing SID to uid/gid mappings.
-  
-13) Major updates to the Samba documentation tree.
-
-14) Full support for client and server SMB signing to ensure
-    compatibility with default Windows 2003 security settings.
-
-15) Improvement of ACL mapping features based on code donated by
-    Andreas Grünbacher.
-
-
-Plus lots of other improvements!
-
-
-Additional Documentation
-------------------------
-
-Please refer to Samba documentation tree (included in the docs/ 
-subdirectory) for extensive explanations of installing, configuring
-and maintaining Samba 3.0 servers and clients.  It is advised to 
-begin with the Samba-HOWTO-Collection for overviews and specific 
-tasks (the current book is up to approximately 400 pages) and to 
-refer to the various man pages for information on individual options.
-
-We are very glad to be able to include the second edition of
-"Using Samba" by Jay Ts, Robert Eckstein, and David Collier-Brown
-(O'Reilly & Associates) in this release.  The book is available
-on-line at http://samba.org/samba/docs/ and is included with 
-the Samba Web Administration Tool (SWAT).  Thanks to the authors and
-publisher for making "Using Samba" under the GNU Free Documentation 
-License.
-
-
-######################################################################
-Upgrading from a previous Samba 3.0 beta
-########################################
-
-Beginning with Samba 3.0.0beta3, the RID allocation functions
-have been moved into winbindd.  Previously these were handled
-by each passdb backend.  This means that winbindd must be running
-to automatically allocate RIDs for users and/or groups.  Otherwise,
-smbd will use the 2.2 algorithm for generating new RIDs.
-
-If you are using 'passdb backend = tdbsam' with a previous Samba 
-3.0 beta release (or possibly alpha), it may be necessary to 
-move the RID_COUNTER entry from /usr/local/samba/private/passdb.tdb
-to winbindd_idmap.tdb.  To do this:
-
-1)  Ensure that winbindd_idmap.tdb exists (launch winbindd at least 
-    once)
-2)  build tdbtool by executing 'make tdbtool' in the source/tdb/ 
-    directory
-3)  run: (note that 'tdb>' is the tool's prompt for input)
-
-       root# ./tdbtool /usr/local/samba/private/passdb.tdb
-       tdb> show RID_COUNTER
-       key 12 bytes
-       RID_COUNTER
-       data 4 bytes
-       [000] 0A 52 00 00                                       .R.
-
-       tdb> move RID_COUNTER /usr/local/samba/var/locks/winbindd_idmap.tdb
-       ....
-       record moved
-
-If you are using 'passdb backend = ldapsam', it will be necessary to 
-store idmap entries in the LDAP directory as well (i.e. idmap backend 
-= ldap).  Refer to the 'net idmap' command for more information on 
-migrating SID<->UNIX id mappings from one backend to another.
-
-If the RID_COUNTER record does not exist, then these instructions are
-unneccessary and the new RID_COUNTER record will be correctly generated
-if needed.  
-
-
-
-########################
-Upgrading from Samba 2.2
-########################
-
-This section is provided to help administrators understand the details
-involved with upgrading a Samba 2.2 server to Samba 3.0.
-
-
-Building
---------
-
-Many of the options to the GNU autoconf script have been modified 
-in the 3.0 release.  The most noticeable are:
-
-  * removal of --with-tdbsam (is now included by default; see section
-    on passdb backends and authentication for more details)
-    
-  * --with-ldapsam is now on used to provided backward compatible
-    parameters for LDAP enabled Samba 2.2 servers.  Refer to the passdb 
-    backend and authentication section for more details
-  
-  * inclusion of non-standard passdb modules may be enabled using
-    --with-expsam.  This includes an XML backend and a mysql backend.
-      
-  * removal of --with-msdfs (is now enabled by default)
-  
-  * removal of --with-ssl (no longer supported)
-  
-  * --with-utmp now defaults to 'yes' on supported systems
-  
-  * --with-sendfile-support is now enabled by default on supported 
-    systems
-  
-    
-Parameters
-----------
-
-This section contains a brief listing of changes to smb.conf options
-in the 3.0.0 release.  Please refer to the smb.conf(5) man page for
-complete descriptions of new or modified parameters.
-
-Removed Parameters (order alphabetically):
-
-  * admin log
-  * alternate permissions
-  * character set
-  * client codepage
-  * code page directory
-  * coding system
-  * domain admin group
-  * domain guest group
-  * force unknown acl user
-  * hide local users
-  * mangled stack
-  * nt smb support
-  * postscript
-  * printer driver
-  * printer driver file
-  * printer driver location
-  * read size
-  * source environment
-  * status
-  * strip dot
-  * total print jobs
-  * use rhosts
-  * valid chars
-  * vfs options
-
-New Parameters (new parameters have been grouped by function):
-
-  Remote management
-  -----------------
-  * abort shutdown script
-  * shutdown script
-
-  User and Group Account Management
-  ---------------------------------
-  * add group script
-  * add machine script
-  * add user to group script
-  * algorithmic rid base
-  * delete group script
-  * delete user from group script
-  * passdb backend
-  * set primary group script
-
-  Authentication
-  --------------
-  * auth methods
-  * realm
-  * passwd chat timeout
-
-  Protocol Options
-  ----------------
-  * client lanman auth
-  * client NTLMv2 auth
-  * client schannel
-  * client signing
-  * client use spnego
-  * disable netbios
-  * ntlm auth
-  * paranoid server security
-  * server schannel
-  * server signing
-  * smb ports
-  * use spnego
-
-  File Service
-  ------------
-  * get quota command
-  * hide special files
-  * hide unwriteable files
-  * hostname lookups
-  * kernel change notify
-  * mangle prefix
-  * map acl inherit
-  * msdfs proxy
-  * set quota command
-  * use sendfile
-  * vfs objects
-  
-  Printing
-  --------
-  * max reported print jobs
-
-  UNICODE and Character Sets
-  --------------------------
-  * display charset
-  * dos charset
-  * unicode
-  * unix charset
-  
-  SID to uid/gid Mappings
-  -----------------------
-  * idmap backend
-  * idmap gid
-  * idmap uid
-  * winbind enable local accounts
-  * winbind trusted domains only
-  * template primary group
-  * enable rid algorithm
-
-  LDAP
-  ----
-  * ldap delete dn
-  * ldap group suffix
-  * ldap idmap suffix
-  * ldap machine suffix
-  * ldap passwd sync
-  * ldap replication sleep
-  * ldap user suffix
-  
-  General Configuration
-  ---------------------
-  * preload modules
-  * private dir
-
-Modified Parameters (changes in behavior):
-
-  * encrypt passwords (enabled by default)
-  * mangling method (set to 'hash2' by default)
-  * passwd chat
-  * passwd program
-  * restrict anonymous (integer value)
-  * security (new 'ads' value)
-  * strict locking (enabled by default)
-  * unix extensions (enabled by default)
-  * winbind cache time (increased to 5 minutes)
-  * winbind uid (deprecated in favor of 'idmap uid')
-  * winbind gid (deprecated in favor of 'idmap gid')
-
-
-Databases
----------
-
-This section contains brief descriptions of any new databases 
-introduced in Samba 3.0.  Please remember to backup your existing 
-${lock directory}/*tdb before upgrading to Samba 3.0.  Samba will 
-upgrade databases as they are opened (if necessary), but downgrading 
-from 3.0 to 2.2 is an unsupported path.
-
-Name                    Description                             Backup?
-----                    -----------                             -------
-account_policy          User policy settings                    yes
-gencache                Generic caching db                      no
-group_mapping           Mapping table from Windows              yes
-                        groups/SID to unix groups        
-winbindd_idmap          ID map table from SIDS to UNIX          yes
-                        uids/gids.
-namecache               Name resolution cache entries           no
-netsamlogon_cache       Cache of NET_USER_INFO_3 structure      no
-                        returned as part of a successful
-                        net_sam_logon request 
-printing/*.tdb          Cached output from 'lpq                 no
-                        command' created on a per print 
-                        service basis
-registry                Read-only samba registry skeleton       no
-                        that provides support for exporting
-                        various db tables via the winreg RPCs
-
-
-Changes in Behavior
--------------------
-
-The following issues are known changes in behavior between Samba 2.2 and 
-Samba 3.0 that may affect certain installations of Samba.
-
-  1)  When operating as a member of a Windows domain, Samba 2.2 would 
-      map any users authenticated by the remote DC to the 'guest account'
-      if a uid could not be obtained via the getpwnam() call.  Samba 3.0
-      rejects the connection as NT_STATUS_LOGON_FAILURE.  There is no 
-      current work around to re-establish the 2.2 behavior.
-      
-  2)  When adding machines to a Samba 2.2 controlled domain, the 
-      'add user script' was used to create the UNIX identity of the 
-      machine trust account.  Samba 3.0 introduces a new 'add machine 
-      script' that must be specified for this purpose.  Samba 3.0 will
-      not fall back to using the 'add user script' in the absence of 
-      an 'add machine script'
-  
-
-######################################################################
-Passdb Backends and Authentication
-##################################
-
-There have been a few new changes that Samba administrators should be
-aware of when moving to Samba 3.0.
-
-  1) encrypted passwords have been enabled by default in order to 
-     inter-operate better with out-of-the-box Windows client 
-     installations.  This does mean that either (a) a samba account
-     must be created for each user, or (b) 'encrypt passwords = no'
-     must be explicitly defined in smb.conf.
-    
-  2) Inclusion of new 'security = ads' option for integration 
-     with an Active Directory domain using the native Windows
-     Kerberos 5 and LDAP protocols.
-
-     MIT kerberos 1.3.1 supports the ARCFOUR-HMAC-MD5 encryption 
-     type which is neccessary for servers on which the 
-     administrator password has not been changed, or kerberos-enabled 
-     SMB connections to servers that require Kerberos SMB signing.
-     Besides this one difference, either MIT or Heimdal Kerberos
-     distributions are usable by Samba 3.0.
-     
-
-Samba 3.0 also includes the possibility of setting up chains
-of authentication methods (auth methods) and account storage 
-backends (passdb backend).  Please refer to the smb.conf(5) 
-man page for details.  While both parameters assume sane default 
-values, it is likely that you will need to understand what the 
-values actually mean in order to ensure Samba operates correctly.
-
-The recommended passdb backends at this time are
-
-  * smbpasswd - 2.2 compatible flat file format
-  * tdbsam - attribute rich database intended as an smbpasswd
-    replacement for stand alone servers
-  * ldapsam - attribute rich account storage and retrieval 
-    backend utilizing an LDAP directory.  
-  * ldapsam_compat - a 2.2 backward compatible LDAP account 
-    backend
-    
-Certain functions of the smbpasswd(8) tool have been split between the 
-new smbpasswd(8) utility, the net(8) tool, and the new pdbedit(8) 
-utility.  See the respective man pages for details.
-    
-     
-######################################################################
-LDAP
-####
-
-This section outlines the new features affecting Samba / LDAP 
-integration.
-
-New Schema
-----------
-  
-A new object class (sambaSamAccount) has been introduced to replace 
-the old sambaAccount.  This change aids us in the renaming of 
-attributes to prevent clashes with attributes from other vendors.  
-There is a conversion script (examples/LDAP/convertSambaAccount) to 
-modify and LDIF file to the new schema.
-  
-Example:
-  
-  $ ldapsearch .... -b "ou=people,dc=..." > sambaAcct.ldif
-  $ convertSambaAccount --sid=<Domain SID> \
-    --input=sambaAcct.ldif --output=sambaSamAcct.ldif \
-    --changetype=[modify|add]
-	
-The <DOM SID> can be obtained by running 'net getlocalsid 
-<DOMAINNAME>' on the Samba PDC as root.  The changetype determines 
-the format of the generated LDIF output--either create new entries 
-or modify existing entries.
-    
-The old sambaAccount schema may still be used by specifying the 
-"ldapsam_compat" passdb backend.  However, the sambaAccount and
-associated attributes have been moved to the historical section of
-the schema file and must be uncommented before use if needed.
-The 2.2 object class declaration for a sambaAccount has not changed
-in the 3.0 samba.schema file. 
-  
-Other new object classes and their uses include:
-  
-  * sambaDomain - domain information used to allocate rids 
-    for users and groups as necessary.  The attributes are added
-    in 'ldap suffix' directory entry automatically if 
-    an idmap uid/gid range has been set and the 'ldapsam'
-    passdb backend has been selected.
-      
-  * sambaGroupMapping - an object representing the 
-    relationship between a posixGroup and a Windows
-    group/SID.  These entries are stored in the 'ldap 
-    group suffix' and managed by the 'net groupmap' command.
-    
-  * sambaUnixIdPool - created in the 'ldap idmap suffix' entry 
-    automatically and contains the next available 'idmap uid' and 
-    'idmap gid'
-    
-  * sambaIdmapEntry - object storing a mapping between a 
-    SID and a UNIX uid/gid.  These objects are created by the 
-    idmap_ldap module as needed.
-
-  * sambaSidEntry - object representing a SID alone, as a Structural
-    class on which to build the sambaIdmapEntry.
-
-    
-New Suffix for Searching
-------------------------
-  
-The following new smb.conf parameters have been added to aid in directing
-certain LDAP queries when 'passdb backend = ldapsam://...' has been
-specified.
-
-  * ldap suffix         - used to search for user and computer accounts
-  * ldap user suffix    - used to store user accounts
-  * ldap machine suffix - used to store machine trust accounts
-  * ldap group suffix   - location of posixGroup/sambaGroupMapping entries
-  * ldap idmap suffix   - location of sambaIdmapEntry objects
-
-If an 'ldap suffix' is defined, it will be appended to all of the 
-remaining sub-suffix parameters.  In this case, the order of the suffix
-listings in smb.conf is important.  Always place the 'ldap suffix' first
-in the list.  
-
-Due to a limitation in Samba's smb.conf parsing, you should not surround 
-the DN's with quotation marks.
-
-
-IdMap LDAP support
-------------------
-
-Samba 3.0 supports an ldap backend for the idmap subsystem.  The 
-following options would inform Samba that the idmap table should be
-stored on the directory server onterose in the "ou=idmap,dc=plainjoe,
-dc=org" partition.
-
- [global]
-    ...
-    idmap backend     = ldap:ldap://onterose/
-    ldap idmap suffix = ou=idmap,dc=plainjoe,dc=org
-    idmap uid         = 40000-50000
-    idmap gid         = 40000-50000
-
-This configuration allows winbind installations on multiple servers to
-share a uid/gid number space, thus avoiding the interoperability problems
-with NFS that were present in Samba 2.2.
-    
-
-
-######################################################################
-Trust Relationships and a Samba Domain
-######################################
-
-Samba 3.0.0beta2 is able to utilize winbindd as the means of 
-allocating uids and gids to trusted users and groups.  More
-information regarding Samba's support for establishing trust 
-relationships can be found in the Samba-HOWTO-Collection included
-in the docs/ directory of this release.
-
-First create your Samba PDC and ensure that everything is 
-working correctly before moving on the trusts.
-
-To establish Samba as the trusting domain (named SAMBA) from a Windows NT
-4.0 domain named WINDOWS:
-
-  1) create the trust account for SAMBA in "User Manager for Domains"
-  2) connect the trust from the Samba domain using
-     'net rpc trustdom establish GLASS'
-
-To create a trustlationship with SAMBA as the trusted domain:
-
-  1) create the initial trust account for GLASS using
-     'smbpasswd -a -i GLASS'.  You may need to create a UNIX
-     account for GLASS$ prior to this step (depending on your
-     local configuration).
-  2) connect the trust from a WINDOWS DC using "User Manager
-     for Domains"
-
-Now join winbindd on the Samba PDC to the SAMBA domain using
-the normal steps for adding a Samba server to an NT4 domain:
-(note that smbd & nmbd must be running at this point)
-
-   root# net rpc join -U root
-   Password: <enter root password from smbpasswd file here>
-
-Start winbindd and test the join with 'wbinfo -t'.
-
-Now test the trust relationship by connecting to the SAMBA DC
-(e.g. POGO) as a user from the WINDOWS domain:
-
-   $ smbclient //pogo/netlogon -U Administrator -W WINDOWS
-   Password:
-
-Now connect to the WINDOWS DC (e.g. CRYSTAL) as a Samba user:
-
-   $ smbclient //crystal/netlogon -U root -W WINDOWS
-   Password:
-
-######################################################################
-Changes in Winbind
-##################
-
-Beginning with Samba3.0.0beta3, winbindd has been given new account
-manage functionality equivalent to the 'add user script' family of
-smb.conf parameters.  The idmap design has also been changed to 
-centralize control of foreign SID lookups and matching to UNIX 
-uids and gids.
-
-
-Brief Description of Changes
-----------------------------
-
-1) The sid_to_uid() family of functions (smbd/uid.c) have been 
-   reverted to the 2.2.x design.  This means that when resolving a 
-   SID to a UID or similar mapping:
-
-        a) First consult winbindd
-        b) perform a local lookup only if winbindd fails to
-           return a successful answer
-
-   There are some variations to this, but these two rules generally
-   apply.
-
-2) All idmap lookups have been moved into winbindd.  This means that
-   a server must run winbindd (and support NSS) in order to achieve
-   any mappings of SID to dynamically allocated UNIX ids.  This was
-   a conscious design choice.
-
-3) New functions have been added to winbindd to emulate the 'add user 
-   script' family of smbd functions without requiring that external
-   scripts be defined.  This functionality is controlled by the 'winbind 
-   enable local accounts' smb.conf parameter (enabled by default).
-
-   However, this account management functionality is only supported 
-   in a local tdb (winbindd_idmap.tdb).  If these new UNIX accounts 
-   must be shared among multiple Samba servers (such as a PDC and BDCs), 
-   it will be necessary to define your own 'add user script', et. al.
-   programs that place the accounts/groups in some form of directory
-   such as NIS or LDAP.  This requirement was deemed beyond the scope
-   of winbind's account management functions.  Solutions for 
-   distributing UNIX system information have been deployed and tested 
-   for many years.  We saw no need to reinvent the wheel.
-
-4) A member of a Samba controlled domain running winbindd is now able 
-   to map domain users directly onto existing UNIX accounts while still
-   automatically creating accounts for trusted users and groups.  This
-   behavior is controlled by the 'winbind trusted domains only' smb.conf
-   parameter (disabled by default to provide 2.2.x winbind behavior).
-
-5) Group mapping support is wrapped in the local_XX_to_XX() functions
-   in smbd/uid.c.  The reason that group mappings are not included
-   in winbindd is because the purpose of Samba's group map is to
-   match any Windows SID with an existing UNIX group.  These UNIX
-   groups can be created by winbindd (see next section), but the
-   SID<->gid mapping is retreived by smbd, not winbindd.
-
-
-Examples
---------
-
-* security = server running winbindd to allocate accounts on demand
-
-* Samba PDC running winbindd to handle the automatic creation of UNIX
-  identities for machine trust accounts
-
-* Automtically creating UNIX user and groups when migrating a Windows NT
-  4.0 PDC to a Samba PDC.  Winbindd must be running when executing
-  'net rpc vampire' for this to work.
-
-   
-######################################################################
-Known Issues
-############
-
-* There are several bugs currently logged against the 3.0 codebase
-  that affect the use of NT 4.0 GUI domain management tools when run
-  against a Samba 3.0 PDC.  This bugs should be released in an early 
-  3.0.x release.
-
-Please refer to https://bugzilla.samba.org/ for a current list of bugs 
-filed against the Samba 3.0 codebase.
-
-
-######################################################################
-Reporting bugs & Development Discussion
-#######################################
-
-Please discuss this release on the samba-technical mailing list or by
-joining the #samba-technical IRC channel on irc.freenode.net.
-
-If you do report problems then please try to send high quality
-feedback. If you don't provide vital information to help us track down
-the problem then you will probably be ignored.  
-
-A new bugzilla installation has been established to help support the 
-Samba 3.0 community of users.  This server, located at 
-https://bugzilla.samba.org/, has replaced the older jitterbug server 
-previously located at http://bugs.samba.org/.
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba-3.0.5.html b/whatsnew/samba-3.0.5.html
deleted file mode 100755
index 04c2a44..0000000
--- a/whatsnew/samba-3.0.5.html
+++ /dev/null
@@ -1,1998 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>Security Release -- Samba 3.0.5 Available for Download</H2>
-
-<p>
-<pre>
-                 =============================
-                 Release Notes for Samba 3.0.5
-                         July 20, 2004
-                 =============================
-
-######################## SECURITY RELEASE ########################
-
-Summary:       Multiple Potential Buffer Overruns in Samba 3.0.x
-CVE ID:        CAN-2004-0600, CAN-2004-0686
-               (http://cve.mitre.org/)
-
-
-This is the latest stable release of Samba. This is the version
-that production Samba servers should be running for all current
-bug-fixes.
-
-It has been confirmed that versions of Samba 3 prior to v3.0.5
-are vulnerable to two potential buffer overruns.  The individual
-details are given below.
-
-
--------------
-CAN-2004-0600
--------------
-
-Affected Versions:      Samba 3.0.2 and later
-
-The internal routine used by the Samba Web Administration
-Tool (SWAT v3.0.2 and later) to decode the base64 data
-during HTTP basic authentication is subject to a buffer
-overrun caused by an invalid base64 character.  It is
-recommended that all Samba v3.0.2 or later installations
-running SWAT either (a) upgrade to v3.0.5, or (b) disable
-the swat administration service as a temporary workaround.
-
-This same code is used internally to decode the
-sambaMungedDial attribute value when using the ldapsam
-passdb backend. While we do not believe that the base64
-decoding routines used by the ldapsam passdb backend can
-be exploited, sites using an LDAP directory service with
-Samba are strongly encouraged to verify that the DIT only
-allows write access to sambaSamAccount attributes by a
-sufficiently authorized user.
-
-The Samba Team would like to heartily thank Evgeny Demidov
-for analyzing and reporting this bug.
-
-
--------------
-CAN-2004-0686
--------------
-
-Affected Versions:      Samba 3.0.0 and later
-
-A buffer overrun has been located in the code used to support
-the 'mangling method = hash' smb.conf option.  Please be aware
-that the default setting for this parameter is 'mangling method
-= hash2' and therefore not vulnerable.
-
-Affected Samba 3 installations can avoid this possible security
-bug by using the default hash2 mangling method.  Server
-installations requiring the hash mangling method are encouraged
-to upgrade to Samba 3.0.5.
-
-##################################################################
-
-
-The source code can be downloaded from :
-
-    <a href="/samba/ftp">http://download.samba.org/samba/ftp/</a>
-
-in the file samba-3.0.5.tar.gz.  The uncompressed archive has
-been signed using the Samba Distribution Key.
-
-Our code, Our bugs, Our responsibility (<a href="https://bugzilla.samba.org/">Samba Bugzilla</a>).
-
-                           -- The Samba Team
-
-
-
-Changes for older versions follow below:
-
-    --------------------------------------------------
-
-                 =============================
-                 Release Notes for Samba 3.0.4
-                          May 8, 2004
-                 =============================
-
-This is the latest stable release of Samba. This is the version 
-that production Samba servers should be running for all 
-current bug-fixes.  There have been several issues fixes since 
-the 3.0.3 release and new features have been added as well.  
-See the "Changes" section for details on exact updates.
-
-Common bugs fixed in Samba 3.0.4 include:
-
-  o Password changing after applying the patch described in 
-    the Microsoft KB828741 article to Windows clients.
-  o Crashes in smbd.
-  o Managing print jobs via Windows on Big-Endian servers.
-  o Several memory leaks in winbindd and smbd.
-  o Compile issues on AIX and *BSD.
-
-
-######################################################################
-Changes
-#######
-
-Changes since 3.0.3
---------------------
-
-commits
--------
-
-o   Jeremy Allison <jra@samba.org>
-    * Fix path processing for DeletePrinterDriverEx().
-    * BUG 1303: Fix for Microsoft hotfix MS04-011 password change 
-      breakage.
-
-
-o   Andrew Bartlett <abartlet@samba.org>
-    * Fix alignment bug in GetDomPwInfo().
-
-
-o   Alexander Bokovoy <ab@samba.org>
-    * Fix utime[s]() issues in smbwrapper on systems 
-      that can boot both the 2.4 and 2.6 Linux kernels.
-
-
-o   Gerald Carter <jerry@samba.org>
-    * Fedora packaging fixes.
-    * BUG 1302: Fix seg fault by not trying to optimize a list of 
-      invalid gids using the wrong array size.
-    * BUG 1309: fix seg fault caused by trying to strdup(NULL)
-      seen when 'security = share'.
-    * Fix problems when using IBM's compiler on AIX.
-    * Link Developer's Guide, Example Guide, and multi-page HOWTO
-      into SWAT's welcome page.
-    * BUG 1293: fix double free in printer publishing code.
-
-    
-o   Wim Delvaux <wim.delvaux@adaptiveplanet.com>
-    * Fix for handling timeouts in socket connections.
-
-
-o   Michel Gravey <michel.gravey@optogone.com>
-    * BUG 483: patch from  to fix password hash creation in SWAT.
-    
-
-o   Volker Lendecke <vl@samba.org>
-    * Close the open NT pipes before the tdis.
-    * Fix AFS related build issues.
-    * Handle error conditions when base64 encoding a blob of 0 bytes.
-
-    
-o   Herb Lewis <herb@samba.org>
-    * Added 'acls' debug class.
-
-o   kawasa_r@itg.hitachi.co.jp
-    * Multiple variable initialization and memory leak fixes.
-    
-    
-o   Stephan Kulow <coolo@suse.de>
-    * Fix string length bug in libsmbclient that caused KDE's 
-      Konqueror to crash.
-    * BUG 429: More libsmbclient fixes.
-
-
-o   Jim McDonough <jmcd@us.ibm.com>
-    * BUG 1007, 1279: Store the print job using a little-endian key.
-
-
-o   Eric Mertens
-    o Compile fix for OpenBSD (ENOTSUP not supported).
-
-    
-o   Stefan Metzmacher <metze@samba.org>
-    * Correct bug in disks quota views from explorer.
-
-    
-o   Tim Potter <tpot@samba.org>
-    BUG 1305: Correct debug output.
-
-
-o   Richard Sharpe <rsharpe@samba.org>
-    * Fix incorrect error code mapping.
-
-
-o   Jelmer Vernooij <jelmer@samba.org>
-    * Add additional NT_STATUS errorm mappings.
-    
-
-    --------------------------------------------------
-
-                 =============================
-                 Release Notes for Samba 3.0.3
-                        April 29, 2004
-                 =============================
-
-
-Common bugs fixed in Samba 3.0.3 include:
-
-  o Crash bugs and change notify issues in Samba's printing code.
-  o Honoring secondary group membership on domain member servers.
-  o TDB scalability issue surrounding the TDB_CLEAR_IF_FIRST flag.
-  o Substitution errors for %[UuGg] in smb.conf.
-  o winbindd crashes when using ADS security mode.
-  o SMB signing errors.
-  o Delays in winbindd startup caused by unnecessary 
-    connections to trusted domain controllers.
-  o Various small memory leaks.
-  o Winbindd failing due to expired Kerberos tickets.
-
-New features introduced in Samba 3.0.3 include:
-
-  o Improved support for i18n character sets.
-  o Support for account lockout policy based on
-    bad password attempts.
-  o Improved support for long password changes (>14
-    characters) and strong password enforcement.
-  o Support for Windows aliases (i.e. nested groups).
-  o Experimental support for storing DOS attribute on files
-    and folders in Extended Attributes.
-  o Support for local nested groups via winbindd.
-  o Specifying options to be passed directly to the CUPS libraries.
-
-Please be aware that the Samba source code repository was 
-migrated from CVS to Subversion on April 4, 2004.  Details on 
-accessing the Samba source tree via anonymous svn can be found 
-at http://svn.samba.org/samba/subversion.html.
-
-
-Changes since 3.0.2a
---------------------
-smb.conf changes
-----------------
-
-    Parameter Name              Action
-    --------------              ------
-    cups options                New
-    ea support                  New
-    only user                   Deprecated
-    store dos attributes        New
-    unicode                     Removed
-    winbind nested groups       New
-
-    
-commits
--------
-
-o   Jeremy Allison <jra@samba.org>
-    * Ensure that Kerberos mutex is always properly unlocked.
-    * Removed Heimdal "in-memory keytab" support.
-    * Fixup the 'multiple-vuids' bugs in our server code.
-    * Correct return code from lsa_lookup_sids() on unmapped
-      sids (based on work by vl@samba.org).
-    * Fix the "too many fcntl locks" scalability problem 
-      raised by tridge.
-    * Fixup correct (as per W2K3) returns for lookupsids 
-      as well as lookupnames.
-    * Fixups for delete-on-close semantics as per Win2k3 behavior.
-    * Make SMB_FILE_ACCESS_INFORMATION call work correctly.
-    * Fix "unable to initialize" bug when smbd hasn't been run with 
-      new system and a user is being added via pdbedit/smbpasswd.
-    * Added NTrename SMB (0xA5).
-    * Fixup correct timeout values for blocking lock timeouts.
-    * Fix various bugs reported by 'gentest'.
-    * More locking fixes in the case where we own the lock.
-    * Fix up regression in IS_NAME_VALID and renames.
-    * Don't set allocation size on directories.
-    * Return correct error code on fail if file exists and target 
-      is a directory.
-    * Added client "hardlink" comment to test doing NT rename with 
-      hard links.  Added hardlink_internals() code - UNIX extensions 
-      now use this as well.
-    * Use a common function to parse all pathnames from the wire for 
-      much closer emulation of Win2k3 error return codes.
-    * Implement check_path_syntax() and rewrite string sub 
-      functions for better multibyte support.
-    * Ensure msdfs referrals are multibyte safe.
-    * Allow msdfs symlink syntax to be more forgiving.
-      eg. sym_link -> msdfs://server/share/path/in/share 
-      or  sym_link -> msdfs:\\server\share\path\in\share.
-    * Cleanup multibyte netbios name support in nmbd ( based on patch
-      by MORIYAMA Masayuki <moriyama@miraclelinux.com>).
-    * Fix check_path_syntax() for multibyte encodings which have 
-      no '\' as second byte (based on work by ab@samba.org.
-    * Fix the "dfs self-referrals as anonymous user" problem
-      (based on patch from vl@samba.org).
-    * BUG 1064: Ensure truncate attribute checking is done correctly 
-      on "hidden" dot files.
-    * Fix bug in anonymous dfs self-referrals again.
-    * Fix get/set of EA's in client library
-    * Added support for OS/2 EA's in smbd server.
-    * Added 'ea support' parameter to smb.conf.
-    * Added 'store dos attributes' parameter to smb.conf.
-    * Fix wildcard identical rename.
-    * Fix reply_ctemp - make compatible with w2k3.
-    * Fix wildcard unlink.
-    * Fix wildcard src with wildcard dest renames.      
-    * BUG 1139: Fix based on suggestion by jdev@panix.com.
-      swap lookups for user and group - group will do an
-      algorithmic lookup if it fails, user won't.
-    * Make EA's lookups case independent.
-    * Fix SETPATHINFO in 'unix extensions' support.
-    * Make 3.x pass the Samba 4.x RAW-SEARCH tests - except for 
-      the UNIX info levels, and the short case preserve names.
-
-
-o   Timur Bakeyev <timur@com.bat.ru>
-    * BUG 1144: only set --with-fhs when the argument is 'yes'
-    * BUG 1152: Allow python modules to build despite libraries added 
-      to LDFLAGS instead of LDPATH.
-    * BUG 1141: Fix nss*.so names on FreeBSD 5.x.
-
-
-o   Craig Barratt <cbarratt@users.sourceforge.net>
-    * BUG 389: Allow multiple exclude arguments with smbclient 
-      tar -Xr options (better support for Amanda backup client).
-
-
-o   Andrew Bartlett <abartlet@samba.org>
-    * Include support for linking with cracklib for enforcing strong 
-      password changes.
-    * Add support for >14 character password changes from Windows 
-      clients.
-    * Add 'admin set password' capability to 'net rpc'.
-    * Allow 'net rpc samdump' to work with any joined domain 
-      regardless of smb.conf settings.
-    * Use an allocated buffer for count_chars.
-    * Add sanity checks for changes in the domain SID in an 
-      LDAP DIT.
-    * Implement python unit tests for Samba's multibyte string 
-      support.
-    * Remove 'unicode' smb.conf option.
-    * BUG 1138: Fix support for 'optional' SMB signing and other 
-      signing bugs.
-    * BUG 169: Fix NTLMv2-only behavior.
-    * Ensure 'net' honors the 'netbios name' in the smb.conf by 
-      default.
-    * Support SMB signing on connections using only the LANMAN 
-      password and generate the correct the 'session key' for these 
-      connections.
-    * Implement --required-membership-of=, an ntlm_auth option 
-      that restricts all authentication to members of this particular 
-      group.
-    * Improve our fall back code for password changes.
-    * Only send the ntlm_auth 'ntlm-server-1' helper client a '.' 
-      after the server had said something (such as an error).
-    * Add 'ntlm-server-1' helper protocol to ntlm_auth.
-
-      
-o   Alexander Bokovoy <ab@samba.org>
-    * Fix incorrect size calculation of the directory name 
-      in recycle.so.
-    * Fix problems with very long filenames in both smbd and smbclient
-      caused by truncating paths during character conversions.
-    * Fix smbfs problem with Tree Disconnect issued before smbfs 
-      starts its work.
-
-
-o   Gerald Carter <jerry@samba.org>
-    * BUG 850: Fix 'make installmodules' bug on True64.
-    * BUG 66: mark 'only user' deprecated.
-    * Remove corrupt tdb and shutdown (only for printing tdbs, 
-      connections, sessionid & locking).
-    * decrement smbd counter in connections.tdb in smb_panic().
-    * RedHat specfile updates.
-    * Fix xattr.h build issue on Debian testing and SuSE 8.2.
-    * BUG 1147; bad pointer case in get_stored_queue_info() 
-      causing seg fault.
-    * BUG 761: read the config file before initialized default 
-      values for printing options; don't default to bsd printing 
-      Linux.
-    * Allow the 'printing' parameter to be set on a per share basis.
-    * BUG 503: RedHat/Fedora packaging fixes regarding logrotate.
-    * BUG 848: don't create winbind local users/groups that already 
-      exist in the tdb.
-    * BUG 1080: fix declaration of SMB_BIG_UINT (broke compile on 
-      LynxOS/ppc).
-    * BUG 488: fix the 'show client in col 1' button and correctly 
-      enumerate active connections.
-    * BUG 1007 (partial): Fix abort in smbd caused by byte ordering 
-      problem when storing the updating pid for the lpq cache.
-    * BUG 1007 (partial): Fix print change notify bugs.
-    * BUG 1165, 1126: Fix bug with secondary groups (security = ads) 
-      and winbind use default domain = yes.  Also ensures that 
-    * BUG 1151: Ensure that winbindd users are passed through 
-      the username map.
-    * Fix client rpc binds for ASU derived servers (pc netlink, 
-      etc...).
-    * BUG 417, 1128: Ensure that the current_user_info is set
-      consistently so that %[UuGg] is expanded correctly.
-    * BUG 1195: Fix crash in winbindd when the ADS server is 
-      unavailable.
-    * BUG 1185: Set reconnect time to be the same as the 
-      'winbind cache time'.
-    * Ensure that we return the sec_desc in smb_io_printer_info_2.
-    * Change Samba printers Win32 attribute to PRINTER_ATTRIBUTE_LOCAL.
-    * BUG 1095: Honor the '-l' option in smbclient.
-    * BUG 1023: surround get_group_from_gid() with become_unbecome_root() 
-      block.
-    * Ensure server schannel uses the auth level requested by the 
-      client.
-    * Removed --with-cracklib option due to potential crash issue.
-    * Fix -lcrypto linking problem with wbinfo.
-    * BUG 761: allow printing parameter to set defaults on a per 
-      share basis.
-    * Add 'cups options' parameter to allow raw printing without 
-      changing /etc/cups/cupsd.conf.
-    * BUG 1081, 1183: Added remove_duplicate_gids() to smbd and 
-      winbindd.
-    * BUG 1246: Fix typo in Fedora /etc/init.d/winbind.
-    * BUG 1288: resolve any machine netbios name (0x00) and not just 
-      servers (0x20).
-    * BUG 1199: Fix potential symlink issue in 
-      examples/printing/smbprint.
-
-
-o   Robert Dahlem <Robert.Dahlem@gmx.net>
-    * BUG 1048:  Don't return short names when when 'mangled names = no'
-
-
-o   Guenther Deschner <gd@suse.com>
-    * Remove hard coded attribute name in the ads ranged retrieval
-      code.
-    * Add --with-libdir and --with-mandir to autoconf script.
-
-
-o   Bostjan Golob <golob@gimb.org>
-    * BUG 1046: Fix  getpwent_list() so that the username is not 
-      overwritten by other fields.
-
-
-o   Landon Fuller <landonf@opendarwin.org>
-    * BUG 1232: patch from landonf@opendarwin.org (Landon Fuller) 
-      to fix user/group enumeration on systems whose libc does not 
-      call setgrent() before trying to enumerate users (i.e. 
-      FreeBSD 5.2).
-
-
-o   Steve French <sfrench@us.ibm.com>
-    * Update mount.cifs to version 1.1.
-    * Disable dev (MS_NODEV) on user mounts from cifs vfs.
-    * Fixes to minor security bug in the mount helper.
-    * Fix credential file mounting for cifs vfs.
-    * Fix free of incremented pointer in cifsvfs mount helper.
-    * Fix path canonicalization of the mount target path and help 
-      text display in the cifs mount helper.
-    * Add missing guest mount option for mount.cifs.
-
-
-o   SATOH Fumiyasu <fumiya@miraclelinux.com>
-    * BUG 1055; formatting fixes for 'net share'.
-    * BUG 692: correct truncation of share names and workgroup 
-      names in smbclient.
-    * BUG 1088: use strchr_m() for query_host (smbclient -L).
-    * Patch from to internally count characters correctly.
-
-
-o   Paul Green <paulg@samba.org>
-    * Update VOS _POSIX_C_SOURCE macro to 200112L.
-    * Fix bug in configure.ion by moving the first use of 
-      AC_CHECK_HEADERS so it is always executed.
-    * Fix configure.in to only use $BLDSHARED to select whether to 
-      build static or shared libraries.
-
-
-o   Pat Haywarrd <Pat.Hayward@propero.net>
-    * Make the session_users list dynamic (max of 128K).
-    
-    
-o   Cal Heldenbrand <calzplace@yahoo.com> 
-    * Fix for for 'pam_smbpass migrate' functionality.
-
-
-o   Chris Hertel <crh@samba.org>
-    * fix enumeration of shares 12 characters in length via 
-      smbclient.
-
-
-o   Ulrich Holeschak <ulrich@holeschak.de>
-    * BUG 932: fix local password change using pam_smbpass
-
-
-o   Krischan Jodies <kj@sernet.de>
-    * Implement 'net rpc group delete'
-
-
-o   John Klinger <john.klinger@lmco.com>
-    * Return NSS_SUCCESS once the max number of gids possible 
-       has been found in initgroups() on Solaris.
-    * BUG 1182: Re-enable the -n 'no cache' option for winbindd.
-
-
-o   Volker Lendecke <vl@samba.org>
-    * Fix success message for net groupmap modify.
-    * Fix errors when enumerating members of groups in 'net rpc'.
-    * Match Windows behavior in samr_lookup_names() by returning
-      ALIAS(4) when you search in BUILTIN. 
-    * Fix server SAMR code to be able to set alias info for 
-      builtin as well. 
-    * Fix duplication of logic when creating groups via smbd.
-    * Ensure that the HWM values are set correctly after running 
-      'net idmap'.
-    * Add 'net rpc group add'.
-    * Implement 'net groupmap set' and 'net groupmap cleanup'.
-    * Add 'net rpc group [add|del]mem' for domain groups and aliases.
-    * Fix wb_delgrpmem (wbinfo -o).
-    * As a DC we should not reply to lsalookupnames on DCNAME\\user.
-    * Fix sambaUserWorkstations on a Samba DC.
-    * Implement wbinfo -k: Have winbind generate an AFS token after
-      authenticating the user.
-    * Add expand_msdfs VFS module for providing referrals based on the
-      the client's IP address.
-    * Implement client side NETLOGON GetDCName function.
-    * Fix caching of name->sid lookups.
-    * Add support in winbindd for expanding nested local groups.
-    * Fix memleak in winbindd.
-    * Fix msdfs proxy.
-    * Don't list domain groups from BUILTIN.
-    * Fix memleak in policy handle utility functions.
-    * Decrease winbindd startup time by only contacting trusted 
-      domains as necessary.
-    * Allow winbindd to ask the DC for its domain for a trusted 
-      DC.
-    * Fix Netscape DS schema based on comments from 
-      <thomas.mueller@christ-wasser.de>.
-    * Correct case where adding a domain user to a XP local group 
-      did a lsalookupname on the user without domain prefix, and 
-      failed.
-    * Fix segfault in winbindd caused by 'wbinfo -a'.
-    
-
-o   Herb Lewis <herb@samba.org>
-    * Fix typo for tag in proto file.
-    * Add missing #ifdef HAVE_BICONV stuff.
-    * Truncate Samba's netbios name at the first '.' (not 
-      right to left).
-
-
-o   Derrell Lipman <Derrell.Lipman@UnwiredUniverse.com>
-    * Bug fixes and enhancements to libsmbclient library.
-
-    
-o   Jianliang Lu <j.lu@tiesse.com>
-    * Enforce the 'user must change password at next login' flag.
-    * Decode meaning of 'fields present' flags (improves support 
-      for usrmgr.exe).
-    * NTLMv2 fixes.
-    * Don't force an upper case domain name in the ntlmssp code.
-    
-
-o   L. Lucius <ib@digicron.com>.
-    * type fixes.
-
-
-o   Jim McDonough <jmcd@us.ibm.com>
-    * Add versioning support to tdbsam.
-    * Update the IBM Directory Server schema with the OpenLDAP 
-      file.
-    * Various decoding fixes to improve usrmgr.exe support.
-    * Fix statfs redeclaration of statfs struct on ppc
-    * Implement support for password lockout of Samba domain 
-      controllers and standalone servers.
-    * Get MungedDial attribute actually working with full TS 
-      strings in it for pdb_ldap.
-    * BUG 1208 (partial): Improvements for working with expired krb5 
-      tickets in winbindd.
-    * Use timegm, or our already existing replacement instead of 
-      timezone (spotted by Andrzej Tobola <san@iem.pw.edu.pl>).
-    * Remove modifyTimestamp from list of our attributes.  
-    * Fix lsalookupnames to check for domain users as well as local 
-      users. 
-    * Merge struct uuid replacement for GUID from trunk.
-    * BUG 1208: Finish support for handling expired tickets in 
-      winbindd (in conjunction with Guenther Deschner <gd@suse.de>).
-
-
-o   Stefan Metzmacher <metze@samba.org>
-    * Implement new VERSION schema based on subversion revision 
-      numbers.
-    * Add shadow_copy vfs module.
-    * Fix segault in login_cache support.
-
-
-o    Heinrich Mislik <Heinrich.Mislik@univie.ac.at>
-     o BUG 979 -- Fix quota display on AIX.
-
-
-o   James Peach <jpeach@sgi.com>
-    * Correct check for printf() format when using the SGI MIPSPro 
-      compiler.
-    * BUG 1038: support backtrace for 'panic action' on IRIX.
-    * BUG 768: Accept profileing arg to IRIX init script.
-    * BUG 748: Relax arg parsing to sambalp script (IRIX).
-    * BUG 758: Fix pdma build.
-    * Search IRIX ABI paths for libiconv.  Based on initial fix from 
-      Jason Mader.
-      
-
-o   Kurt Pfeifle <kpfeifle@danka.de>
-    * Add example shell script for migrating drivers and printers 
-      from a Windows print server to a Samba print server using 
-      smbclient/rpcclient (examples/printing/VamireDriversFunctions).
-
-
-o   Tim Potter <tpot@samba.org>
-    * Fix logic bug in tdb non-blocking lock routines when 
-      errno == EAGAIN.
-    * BUG 1025: Include sys/acl.h in check for broken nisplus 
-      include files.      
-    * BUG 1066: s/printf/d_printf/g in SWAT.
-    * BUG 1098: rename internal msleep() function to fix build 
-      problems on AIX.
-    * BUG 1112: Fix for writable printerdata problem in python bindings.
-    * BUG 1154: Remove reference to <sys/mman.h> in tdbdump.c.
-    * BUG 1155: enclose use of fchown() with guards.
-    * Relicense tdb python module as LGPL.
-
-
-o   Richard Sharpe <rsharpe@samba.org>
-    * Add support to smbclient for multiple logins on the same 
-      session (based on work by abartlet@samba.org).
-    * Correct blocking condition in smbd's use of accept() on IRIX.
-    * Add support for printing out the MAC address on nmblookup.
-
-
-o   Simo Source <idra@samba.org>
-    * Replace unknown_3 with fields_present in SAMR code.
-    * More length checks in strlcat().
-
-
-o   Andrew Tridgell <tridge@samba.org>
-    * Rewrote the AIX UESS backend for winbindd.
-    * Fixed compilation with --enable-dmalloc.
-    * Change tdb license to LGPL (see source/tdb/tdb.c).
-    * Force winbindd to use schannel in clients connections to 
-      DC's if possible.
-
-
-o   Jelmer Vernooij <jelmer@samba.org>
-   * Fix ETA Calculation when resuming downloads in smbget.
-   * Add -O (for writing downloaded files to standard out) 
-     based on patch by Bas van Sisseren <bas@dnd.utwente.nl>.
-    * Fix syntax error in example mysql table
-
-           
-o   TAKEDA yasuma <yasuma@miraclelinux.com>
-    * BUG 900: fix token processing in cmd_symlink, cmd_link, 
-      cmd_chown, cmd_chmod smbclient functions.
-
-
-o    Shiro Yamada <shiro@miraclelinux.com>
-     * BUG 1129: install image files for SWAT.
-
-      
-    --------------------------------------------------
-
-                  ==============================
-                  Release Notes for Samba 3.0.2a
-                        February 13, 2004
-                  ==============================
-
-Samba 3.0.2a is a minor patch release for the 3.0.2 code base
-to address, in particular, a problem when using pdbedit to 
-sanitize (--force-initialized-passwords) Samba's tdbsam 
-backend.   This is the latest stable release of Samba. This 
-is the version that all production Samba servers should be 
-running for all current bug-fixes.  
-
-******************* Attention! Achtung! Kree! *********************
-
-Beginning with Samba 3.0.2, passwords for accounts with a last 
-change time (LCT-XXX in smbpasswd, sambaPwdLastSet attribute in
-ldapsam, etc...) of zero (0) will be regarded as uninitialized 
-strings.  This will cause authentication to fail for such
-accounts.  If you have valid passwords that meet this criteria, 
-you must update the last change time to a non-zero value.  If you 
-do not, then  'pdbedit --force-initialized-passwords' will disable 
-these accounts and reset the password hashes to a string of X's.
-
-******************* Attention! Achtung! Kree! *********************
-
-
-Changes since 3.0.2
--------------------
-
-commits
--------
-
-Please refer to the CVS log for the SAMBA_3_0 branch for complete
-details.  The list of changes per contributor are as follows:
-
-
-o   Jeremy Allison <jra@samba.org>
-    * Added paranoia checks in parsing code.
-    
-
-o   Andrew Bartlett <abartlet@samba.org>
-    * Ensure that changes to uninitialized passwords in ldapsam 
-      are written to the DIT.
-
-
-o   Gerald (Jerry) Carter <jerry@samba.org>
-    * Fixed iterator in tdbsam.
-    * Fix bug that disabled accounts with a valid NT password 
-      hash, but no LanMan hash.
-    
-
-o   Steve French <sfrench@us.ibm.com>
-    * Added missing nosetuid and noexec options.
-
-    
-o   Bostjan Golob <golob@gimb.org>
-    * BUG 1046: Don't overwrite usernames of entries returned 
-      by getpwent_list().
-
-
-o   Sebastian Krahmer <krahmer@suse.de>
-    * Fixed potential crash bug in NTLMSSP parsing code.
-
-
-o   Tim Potter <tpot@samba.org>
-    * Fixed logic in tdb_brlock error checking.
-
-    
-o   Urban Widmark <urban@teststation.com>
-    * Set nosuid,nodev flags in smbmnt by default.
-    
-    
-        --------------------------------------------------
-                  
-                  =============================
-                  Release Notes for Samba 3.0.2
-                        February 9, 2004
-                  =============================
-
-It has been confirmed that previous versions of Samba 3.0 are
-susceptible to a password initialization bug that could grant an 
-attacker unauthorized access to a user account created by the
-mksmbpasswd.sh shell script.
-
-The Common Vulnerabilities and Exposures project (cve.mitre.org) 
-has assigned the name CAN-2004-0082 to this issue.
-
-Samba administrators not wishing to upgrade to the current 
-version should download the 3.0.2 release, build the pdbedit 
-tool, and run 
-
-   root# pdbedit-3.0.2 --force-initialized-passwords
-      
-This will disable all accounts not possessing a valid password
-(e.g. the password field has been set a string of X's).
-
-Samba servers running 3.0.2 are not vulnerable to this bug 
-regardless of whether or not pdbedit has been used to sanitize
-the passdb backend.
-
-Some of the more visible bugs in 3.0.1 addressed in the 3.0.2
-release include:
-
-  o Joining a Samba domain from Pre-SP2 Windows 2000 clients.
-  o Logging onto a Samba domain from Windows XP clients.
-  o Problems with the %U and %u smb.conf variables in relation to 
-    Windows 9x/ME clients.
-  o Kerberos failures due to an invalid in memory keytab detection
-    test.
-  o Updates to the ntlm_auth tool.
-  o Fixes for various SMB signing errors.
-  o Better separation of WINS and DNS queries for domain controllers.
-  o Issues with nss_winbind FreeBSD and Solaris.
-  o Several crash bugs in smbd and winbindd.
-  o Output formatting fixes for smbclient for better compatibility
-    with scripts based on the 2.2 version.
-
-
-Changes since 3.0.1
--------------------
-
-smb.conf changes
-----------------
-
-    Parameter Name              Action
-    --------------              ------
-    ldap replication sleep      New
-    read size                   removed (unused)
-    source environment          removed (unused)
-
-
-commits
--------
-
-Please refer to the CVS log for the SAMBA_3_0 branch for complete
-details.  The list of changes per contributor are as follows:
-
-o   Jeremy Allison <jra@samba.org>
-    * Revert change that broke Exchange clear text samlogons.
-    * Fix gcc 3.4 warning in MS-DFS code.
-    * Tidy up of NTLMSSP code.
-    * Fixes for SMB signing errors
-    * BUG 815: Workaround NT4 bug to support plaintext
-      password logins and UNICODE.
-    * Fix SMB signing bug when copying large files.
-    * Correct error logic in mkdir_internals() (caused a panic
-      when combined with --enable-developer).
-    * BUG 830: Protect against crashes due to bad character 
-      conversions.
-
-      
-o   Petri Asikainen <paca@sci.fi>
-    * BUG 330, 387:Fix single valued attribute updates when 
-      working with Novell NDS.
-
-
-o   Andrew Bartlett <abartlet@samba.org>
-    * Correctly handle per-pipe NTLMSSP inside a NULL session.
-    * Fix segfault in gencache 
-    * Fix early free() of encrypted_session_key.
-    * Change DC lookup routines to more carefully separate
-      DNS names (realms) from NetBIOS domain names.
-    * Add new sid_to_dn() function for internal winbindd use.
-    * Refactor cli_ds_enum_domain_trusts().
-    * BUG 707: Implement range retrieval of ADS attributes (based 
-      on work from Volker <vl@samba.org> and Guenther Deschner 
-      <gd@suse.com>).
-    * Automatically initialize the signing engine if a session key
-      is available.
-    * BUG 916: Do not perform a + -> ' ' substitution for squid URL 
-      encoded strings, only form input in SWAT.
-    * Resets the NTLMSSP state for new negotiate packets.
-    * Add 2-byte alignments in net_samlogon() queries to parse 
-      odd-length plain text passwords.
-    * Allow Windows groups with no members in winbindd.
-    * Allow normal authentication in the absence of a server 
-      generated session key.
-    * More optimizations for looking up UNIX group lists.
-    * Clean up error codes and return values for pam_winbindd
-      and winbindd PAM interface.
-    * Fix string return values in ntlm_auth tool.
-    * Fix segfault when 'security = ads' but no realm is defined.
-    * BUG 722: Allow winbindd to map machine accounts to uids.
-    * More cleanups for winbindd's find_our_domain().
-    * More clearly detect whether a domain controller is an NT4
-      or mixed-mode AD DC (additional bug fixes by jerry & jmcd).
-    * Increase separation between DNS queries for hosts and queries
-      for AD domain controllers.
-    * Include additional NT_STATUS to PAM error mappings.
-    * Password initialization fixes.
-
-    
-o   Justin Baugh <justin.baugh@request.com>
-    * BUG 948: Implement missing functions required for FreeBSD 
-      nss_winbind support. 
-
-
-o   Alexander Bokovoy <ab@samba.org>
-    * BUG 922: Make sure enable fast path for strlower_m() and 
-      strupper_m().
-
-
-o   Luca Bolcioni <Luca.Bolcioni@yacme.com>
-    * Fix crash when using 'security = server' and 'encrypt 
-      passwords = no' by always initializing the session key.
-
-      
-o   Dmitry Butskoj <buc@odusz.elektra.ru>
-    * Fix for special files being hidden from admins.
-
-
-o   Gerald (Jerry) Carter <jerry@samba.org>
-    * Fix bug in the lanman session key generation.  Caused 
-      "decode_pw: incorrect password length" error messages.
-    * Save the right case for the located user name in 
-      fill_sam_account().  Fixes %U/%u expansion for win9x clients.
-    * BUG 897: Add well known rid for pre win2k compatible access
-      group.
-    * BUG 887: Correct typo in delete user script example.
-    * Use short lived TALLOC_CTX* for allocating printer objects 
-      from the print handle cache.
-    * BUG 912: Fix check for HAVE_MEMORY_KEYTAB.
-    * Fix several warnings reported by the SUN Forte C compiler.
-    * Fully control DNS queries for AD DC's using 'name resolve order'.
-    * BUG 770: Send the SMBjobid for UNIX jobs back to the client.
-    * BUG 972: Fix segfault in cli_ds_getprimarydominfo().
-    * BUG 936: fix bind credentials for schannel binds in smbd.
-    * BUG 446: Fix output of smbclient for better compatibility 
-      with scripts based on the 2.2 version (including Amanda).
-    * BUG 891, 949: Fedora packaging fixes.
-    * Fix bug that caused rpcclient to incorrectly retrieve 
-      the SID for a server (this causing all calls that required 
-      this information to fail). 
-    * BUG 977: Don't create a homes share for a user if a static 
-      share already exists by the same name.
-    * Removed unused smb.conf options.
-    * Password initialization fixes.
-    * Set the disable flag for template accounts created by
-      mksmbpasswd.sh.
-    * Disable any account has no passwords and does not have the
-      ACB_PWNOTREQ bit set.
-
-
-o   Guenther Deschner <gd@suse.com>
-    * Install smbwrapper.so should be put into the $(libdir) 
-      and not $(bindir).
-    * Add the capability to specify the new user password 
-      for "net ads password" on the command line.
-    * Correctly detect AFS headers on SuSE.
-	
-
-o   James Flemer <jflemer@uvm.edu>
-    * Fix AIX compile bug by linking HAVE_ATTR_LIST to 
-      HAVE_SYS_ATTRIBUTES_H.
-
-
-o   Luke Howard <lukeh@PADL.COM>
-    * Fix segfault in session setup reply caused by a early free().
-
-
-o   Stoian Ivanov <sdr@bultra.com>
-    * Implement grepable output for smbclient -L.
-
-
-o   LaMont Jones <lamont@debian.org>
-    * BUG 225328 (Debian): Correct false failure LFS test that resulted 
-      in  _GNU_SOURCE not being defined (thus resulting in strndup() 
-      not being defined).
-
-      
-o   Volker Lendecke <vl@samba.org>
-    * BUG 583: Ensure that user names always contain the short 
-      version of the domain name.
-    * Fix our parsing of the LDAP uri.
-    * Don't show the 'afs username map' in the SWAT basic view.
-    * Fix SMB signing issues in relation to failed NTLMSSP logins.
-    * BUG 924: Fix return codes in smbtorture harness.
-    * Always lower-case usernames before handing it to AFS code.
-    * Add a German translation for SWAT.
-    * Fix a segfaults in winbindd.
-    * Fix the user's domain passed to register_vuid() from 
-      reply_spnego_kerberos().
-    * Add NSS example code in nss_winbind to convert UNIX 
-      id's <-> Windows SIDs.
-    * Display more descriptive error messages for login via 'net'.
-    * Fix compiler warning in the net tool.
-    * Fix length bug when decoding base64 strings.
-    * Ensure we don't call getpwnam() inside a loop that is iterating 
-      over users with getpwent().  This broke on glibc 2.3.2.
-
-
-o   Herb Lewis <herb@samba.org>
-    * Fix bit rot in psec.
-
-
-o   Jianliang Lu <j.lu@tiesse.com>
-    * Ensure we delete the group mapping before calling the delete 
-      group script.
-    * Define well known RID for managing the  "Power Users" group.
-    * BUG 381: check builtin (not local) group SID when updating 
-      group membership.
-    * BUG 101: set the SV_TYPE_PRINTQ_SERVER flag in host announcement 
-      packet.
-
-
-o   John Klinger <john.klinger@lmco.com>
-    * Implement initgroups() call in nss_winbind on Solaris.
-
-
-o   Jim McDonough <jmcd@us.ibm.com>
-    * Fix regression in net rpc join caused by recent changes 
-      to cli_lsa_query_info_policy().
-    * BUG 964: Fix crash bug in 'net rpc join' using a preexisting
-      machine account.
-
-
-o   MORIYAMA Masayuki <moriyama@miraclelinux.com>
-    * BUG 570: Ensure that configure honors the LDFLAGS variable.
-
-
-o   Stefan Metzmacher <metze@samba.org>
-    * Implement LDAP rebind sleep patch.
-    * Revert to 2.2 quota code because of so many broken quota files 
-      out there.
-    * Fix XFS quotas: HAVE_XFS_QUOTA -> HAVE_XFS_QUOTAS
-                      XFS_USER_QUOTA -> USRQUOTA
-                      XFS_GROUP_QUOTA -> GRPQUOTA
-    * Fix disk_free calculation with group quotas.
-    * Add debug class 'quota' and a lot of DEBUG()'s 
-      to the quota code.
-    * Fix sys_chown() when no chown() is present.
-    * Add SIGABRT to fault handling in order to catch got a 
-      backtrace if an error occurs the OpenLDAP client libs.
-
-
-o   <ndb@theghet.to>
-    * Allow an existing LDAP machine account to be re-used when 
-      joining an AD domain.
-
-
-o   James Peach <jpeach@sgi.com>
-    * BUG 889: Change smbd to use pread/pwrite on platforms that 
-      support these calls. Can lead to a significant speed increase.
-
-
-o   Tim Potter <tpot@samba.org>
-    * BUG 905: Remove POBAD_CC to fix Solaris Forte compiles.
-    * BUG 924: Fix typo in RW2 torture test.
-    
-    
-o   Richard Sharpe <shape@samba.org>
-    * Small fixes to torture.c to cleanup the error handling 
-      and prevent crashes.
-
-
-o   J. Tournier <jerome.tournier@IDEALX.com>
-    * Small fixes for the smbldap-tool scripts.
-
-
-o   Andrew Tridgell <tridge@samba.org>
-    * Fix src len check in pull_usc2().
-    
-    
-o   Jelmer Vernooij <jelmer@samba.org>
-    * Put functions for generating SQL queries in pdb_sql.c
-    * Add pgSQL backend (based on patch by Hamish Friedlander)
-    * BUG 908: Fix -s option to smbcontrol.    
-    * Add smbget utility - a wget-clone for the SMB/CIFS protocol.
-    * Fix for libnss_wins on IRIX platforms.
-    * Fix swatdir for --with-fhs.
-
-
-        --------------------------------------------------
-
-                  =============================
-                  Release Notes for Samba 3.0.1
-                        December 15, 2003
-                  =============================
-
-Some of the more common bugs in 3.0.0 addressed in the release 
-include:
-
-  o Substitution problems with smb.conf variables.
-  o Errors in return codes which caused some applications
-    to fail to open files.
-  o General Protection Faults on Windows 2000/XP clients
-    using Samba point-n-print features.
-  o Several miscellaneous crash bugs.
-  o Access problems when enumerating group mappings are
-    stored in an LDAP Directory.
-  o Several common SWAT bugs when writing changes to
-    smb.conf.
-  o Internal inconsistencies when 'winbind use default
-    domain = yes'
-
-
-
-Changes since 3.0.0
-----------------------
-
-    Parameter Name              Action
-    --------------              ------
-    hide local users            Removed
-    mangled map                 Deprecated
-    mangled stack               Removed
-    passwd chat timeout         New
-
-
-commits
--------
-
-o   Change the interface for init_unistr2 to not take a length 
-    but a flags field.  We were assuming that 
-    2*strlen(mb_string) == length of ucs2-le string.  (bug 480).
-o   Allow d_printf() to handle strings with escaped quotation 
-    marks since the msg file includes the escape character (bug 489).
-o   Fix bad html table row termination in SWAT wizard code (bug 413).
-o   Fix to parse the level-2 strings.
-o   Fix for "valid users = %S" in [homes].  Fix read/write 
-    list as well. 
-o   Change AC_CHECK_LIB_EXT to prepend libraries instead of append.  
-    This is the same way AC_CHECK_LIB works (bug 508).
-o   Testparm output fixes for clarity.
-o   Fix broken wins hook functionality -- i18n bug (bug 528).
-o   Take care of condition where DOS and NT error codes must differ.
-o   Default to using only built-in charsets when a working iconv 
-    implementation cannot be located.
-o   Wrap internals of sys_setgroups() so the sys_XX() call can 
-    be done unconditionally (bug 550).
-o   Remove duplicate smbspool link on SWAT's front page (bug 541).
-o   Save and restore CFLAGS before/after AC_PROG_CC.  Ensures that
-    --enable-debug=[yes|no] works correctly.
-o   Allow ^C to interrupt smbpasswd if using our getpass 
-    (e.g. smbpasswd command).
-o   Support signing only on RPC's (bug 167).
-o   Correct bug that prevented  Excel 2000 clients from opening 
-    files marked as read-only.
-o   Portability fix bugs 546 - 549).
-o   Explicitly initialize the value of AR for vendor makes that don't
-    do this (e.g. HPUX 11).  (bug 552).
-o   More i18n fixes for SWAT (bug 413).
-o   Change the cwd before the postexec script to ensure that a
-    umount will succeed.
-o   Correct double free that caused winbindd to crash when a DC 
-    is rebooted (bug 437).
-o   Fix incorrect mode sum (bug 562).
-o   Canonicalize SMB_INFO_ALLOCATION in the same was as
-    SMB_FS_FULL_SIZE_INFORMATION (bug 564).
-o   Add script to generate *msg files.
-o   Add Dutch SWAT translation file.
-o   Make sure to call get_user_groups() with the full winbindd 
-    name for a user if he/she has one (bug 406).
-o   Fix up error code returns from Samba4 tester. Ensure invalid 
-    paths are validated the same way.  
-o   Allow Samba3 to pass the Samba4 RAW-READ tests.
-o   Refuse to configure if --with-expsam=$BACKEND was used but no 
-    libraries were found for $BACKEND.
-o   Move sysquotas autoconf tests to a separate file.
-o   Match W2K w.r.t. writelock and writeclose.  Samba4 torture 
-    tester
-o   Make sure that the files that contain the static_init_$subsystem; 
-    macro get recompiled after configure by removing the object 
-    files.
-o   Ensure canceling a blocking lock returns the correct error 
-    message.
-o   Match Samba 2.2 behavior; make ACB_NORMAL the default ACB value.
-o   Updated Japanese welcome file in SWAT.
-o   Fix to  nt-time <-> unix-time functions reversible.
-o   Ensure that winbindd uses the the escaped DN when querying
-    an AD ldap server.
-o   Fix portability issues when compiling (bug 505, 550)
-o   Compile fix for tdbbackup when Samba needs to override 
-    non-C99 compliant implementations of snprintf().
-o   Use @PICSUFFIX@ instead of .po in Makefile.in (bug 574).
-o   Make sure we break out of samsync loop on error.
-o   Ensure error code path doesn't free unmalloc()'d memory
-    (bug 628).
-o   Add configure test for krb5_keytab_entry keyblock vs key 
-    member (bug 636).
-o   Fixed spinlocks.
-o   Modified testparm so that all output so all debug output goes 
-    to stderr, and all file processing goes to stdout.
-o   Fix error return code for BUFFER_TOO_SMALL in smbcacls 
-    and smbcquotas.
-o   Fix "NULL dest in safe_strcpy()" log message by ensuring that 
-    we have a devmode before copying a string to the devicename.
-o   Support mapping REALM.COM\user to a local user account (without 
-    running winbindd)  for compatibility with 2.2.x release.
-o   Ensure we don't use mmap() on blacklisted systems.
-o   fixed a number of bugs and memory leaks in the AIX 
-    winbindd shim
-o   Call initgroups() in SWAT before becomming the user so that
-    secondary group permissions can be used when writing to 
-    smb.conf.
-o   Fix signing problems when reverse connecting back to a 
-    client for printer notify
-o   Fix signing problems caused by a miss-sequence bug.
-o   Missing map in errormap for ERROR_MORE_DATA -> ERRDOS, ERRmoredata.
-    Fixes NEXUS tools running on Win9x clients (bug 64).
-o   Don't leave the domain field uninitialized in cli_lsa.c if some 
-    SID could not be mapped.
-o   Fix segfault in mount.cifs helper when there is no options 
-    specified during mount.
-o   Change the \n after the password prompt to go to tty instead 
-    of stdout (bug 668).
-o   Stop net -P from prompting for machine account password (bug 451).
-o   Change in behavior to Not only change the effective uid but also
-    the real uid when becoming unprivileged.
-o   Cope with Exchange 5.5 cleartext pop password auth.
-o   New files for support of initshutdown pipe.  Win2k doesn't 
-    respond properly to all requests on the winreg pipe, so we need 
-    to handle this new pipe (bug 534).
-o   Added more va_copy() checks in configure.in.
-o   Include fixes for libsmbclient build problems.
-o   Missing UNIX -> DOS codepage conversion in lanman.c.
-o   Allow DFMS-S filenames can now have arbitrary case (bug 667).
-o   Parameterize the listen backlog in smbd and make it larger by
-    default. A backlog of 5 is way too small these days.
-o   Check for an invalid fid before dereferencing the fsp pointer
-    (bug 696).
-o   Remove invalid memory frees and return codes in pdb_ldap.c.
-o   Prompt for password when invoking --set-auth-user and no 
-    password is given.
-o   Bind the nmbd sending socket to the 'socket address'.
-o   Re-order link command for smbd, rpcclient and smbpasswd to ensure 
-    $LDFLAGS occurs before any library specification (bug 661).
-o   Fix large number of printf() calls for 64-bit size_t.
-o   Fix AC_CHECK_MEMBER so that SLES8 does correctly finds the 
-    keyblock in the krb5 structs.
-o   Remove #include <compat.h> in hopes to avoid problems with 
-    apache header files.
-o   Correct winbindd build problems on HP-UX 11.
-o   Lowercase netgroups lookups (bug 703).
-o   Use the actual size of the buffer in strftime instead of a made
-    up value which just happens to be less than sizeof(fstring).  
-    (bug 713).
-o   Add ldaplibs to pdbedit link line (bug 651).
-o   Fix crash bug in smbclient completion (bug 659).
-o   Fix packet length for browse list reply (bug 771).
-o   Fix coredump in cli_get_backup_list().
-o   Make sure that we expand %N (bug 612).
-o   Allow rpcclient adddriver command to specify printer driver 
-    version (bug 514).
-o   Compile tdbdump by default.
-o   Apply patches to fix iconv detection for FreeBSD.
-o   Do not allow the 'guest account' to be added to a passdb backend 
-    using smbpasswd or pdbedit (bug 624).
-o   Save LDFLAGS during iconv detection (bug 57).
-o   Run krb5 logins through the username map if the winbindd 
-    lookup fails (bug 698).
-o   Add const for lp_set_name_resolve_order() to avoid compiler 
-    warnings (bug 471).
-o   Add support for the %i macro in smb.conf to stand in for the for
-    the local IP address to which a client connected.
-o   Allow winbindd to match local accounts to domain SID when 
-    'winbind trusted domains only = yes' (bug 680).
-o   Remove code in idmap_ldap that searches the user suffix and group 
-    suffix.  It's not needed and provides inconsistent functionality 
-    from the tdb backend.
-o   Patch to handle munged dial string for Windows 2000 TSE.
-    Thanks to Gaz de France, Direction de la Recherche, Service 
-    Informatique Métier for their supporting this work by Aurelien 
-    Degrémont <adegremont@idealx.com>.
-o   Correct the "smbldap_open: cannot access when not root error"
-    messages when looking up group information (bug 281).
-o   Skip over the winbind separator when looking up a user.
-    This fixes the bug that prevented local users from
-    matching an AD user when not running winbindd (bug 698).
-o   Fix a problem with configure on *BSD systems. Make sure
-    we add -liconv etc to LDFLAGS.
-o   Fix core dump bug when "security = server" and the authentication
-    server goes away.
-o   Correct crash bug due to an empty munged dial string.
-o   Show files locked by a specific user (smbstatus -u 'user') 
-    (bug 590).
-o   Fix bug preventing print jobs from display in the queue
-    monitor used by Windows NT and later clients (bug 660).
-o   Fix several reported problems with point-n-print from
-    Windows 2000/XP clients due to a bug in the EnumPrinterDataEx()
-    reply (bug 338, 527 & 643).
-o   Fix a handful of potential memory leaks in the LDAP code used
-    by ldapsam[_compat] and the LDAP idmap backend.
-o   Fix for pdbedit error code returns (bug 763).
-o   Make sure we only enumerate group mapping entries  (not 
-    /etc/group) even when doing local aliases.
-o   Relax check on the pipe name in a dce/rpc bind response to work 
-    around issues with establishing trusts to a Windows 2003 domain.
-o   Ensure we mangle names ending in '.' in hash2 mangling method.
-o   Correct parsing issues with munged dial string.
-o   Fix bugs in quota support for XFS.
-o   Add a cleaner method for applications that need to provide 
-    name->SID mappings to do this via NSS rather than having to 
-    know the winbindd pipe protocol.
-o   Adds a variant of the winbindd_getgroups() call called 
-    winbindd_getusersids() that provides direct SID->SIDs listing of 
-    a users supplementary groups. This is enough to allow non-Samba 
-    applications to do ACL checking.
-o   Make sure we don't append the 'ldap suffix' when writing out the 
-    'ldap XXX suffix' values in SWAT (bug 328).
-o   Fix renames across file systems.
-o   Ensure that items in a list of strings containing whitespace are 
-    written out surrounded by single quotes.  This means that both 
-    double and single quotes are now used to surround strings in 
-    smb.conf (bug 481).
-o   Enable SWAT to correctly determine if winbindd is running (bug 
-    398).
-o   Include WWW-Authenticate field in 401 response for bad auth 
-    attempt (bug 629).
-o   Add support for NTLM2 (NTLMv2 session security).
-o   Add support for variable-length session keys.
-o   More privilege fixes for group enumeration in LDAP (bug 281).
-o   Use the dns name (or IP) as the originating client name when
-    using CUPS (bug 467).
-o   Fix various SMB signing bugs.
-o   Fix ACL propagation on a DFS root (bug 263).
-o   Disable NTLM2 for RPC pipes.
-o   Allow the client to specify the NTLM2 flags got NTLMSSP 
-    authentication.
-o   Change the name of the job passed off to cups from "Test Page" 
-    to "smbprn.00000033 Test Page" so that we can get the smb 
-    jobid back. This allow users to delete jobs with cups printing 
-    backend (partial work on bug 770).
-o   Fix build of winbindd with static pdb modules.
-o   Retrieve the correct ACL group bits if the file has an ACL 
-    (bug 802).
-o   Implement "net rpc group members": Get members of a domain group 
-    in human-readable format.
-o   Add MacOSX (Darwin) specific charset module code.
-o   Use samr_dispinfo(level == 1) for enumerating domain users so we 
-    can include the full name in gecos field (bug 587).
-o   Add support for winbind's NSS library on FeeeBSD 5.1 (bug 797).
-o   Implement 'net rpc group list [global|local|builtin]*' for a 
-    select listing of the respective user databases.
-o   Don't automatically set NT status code flag unless client tells 
-    us it can cope.
-o   Add 'net status [sessions|shares] [parseable]'.
-o   Don't mistake pre-existing UNIX jobs for smb jobs (remainder of  
-    bug 770).
-o   Add 'Replicator' and 'RAS Servers' to list of builtin SIDs 
-   (bug 608).
-o   Fix inverted logic in hosts allow/deny checks caused by 
-    s/strcmp/strequal/ (bug 846).
-o   Implement correct version SamrRemoveSidForeignDomain() (bug 252).
-o   Fix typo in 'hash' mangling algorithm.
-o   Support munged dial for ldapsam (bug 800).
-o   Fix process_incoming_data() to return the number of bytes handled 
-    this call whether we have a complete PDU or not; fixes bug 
-    with multiple PDU request rpc's broken over SMBwriteX calls 
-    each.
-o   Fix incorrect smb flags2 for connections to pre-NT servers 
-    (causes smbclient to fail to OS2 for example) (bug 821).
-o   Update version string in smbldap-tools Makefile to 0.8.2.
-o   Correct a problem with "net rpc vampire" mis-parsing the 
-    alias member info reply.
-o   Ensure the ${libdir} is created by the installclientlib script.
-o   Fix detection of Windows 2003 client architecture in the smb.conf
-    %a variable.
-o   Ensure that smbd calls the add user script for a missing UNIX 
-    user on kerberos auth call (bug 445).
-o   Fix bugs in hosts allow/deny when using a mismatched 
-    network/netmask pair.
-o   Protect alloc_sub_basic() from crashing when the source string 
-    is NULL (partial work on bug 687).
-o   Fix spinlocks on IRIX.
-o   Corrected some bad destination paths when running "configure 
-    --with-fhs".
-o   Add packaging files for Fedora Core 1.
-o   Correct bug in SWAT install script for non-english languages.
-o   Support character set ISO-8859-1 internally (bug 558).
-o   Fixed more LDAP access errors when looking up group mappings 
-    (bug 281).
-o   Fix UNISTR2 length bug in LsaQueryInfo(3) that caused SID 
-    resolution to fail on local files on on domain members 
-    (bug 875).
-o   Fix uninitialized variable in passdb.c.
-o   Fix formal parameter type in get_static() in nsswitch/wins.c.
-o   Fix problem mounting directories when mount.cifs is installed 
-    with the setuid bit on.
-o   Fix bug that prevent --mandir from overriding the defaults
-    given in the --with-fhs macro.
-o   Fix bug in in-memory Kerberos keytab detection routines 
-    in configure.in
-
-
-
-######################################################################
-
-              The original 3.0.0 release notes follow
-              =======================================
-                    WHATS NEW IN Samba 3.0.0
-                        September 24, 2003
-              =======================================
-
-
-Major new features:
--------------------
-
-1)  Active Directory support.  Samba 3.0 is now able to  
-    join a ADS realm as a member server and authenticate 
-    users using LDAP/Kerberos.
-
-2)  Unicode support. Samba will now negotiate UNICODE on the wire 
-    and internally there is now a much better infrastructure for 
-    multi-byte and UNICODE character sets.
-
-3)  New authentication system. The internal authentication system 
-    has been almost completely rewritten. Most of the changes are 
-    internal, but the new auth system is also very configurable.
-
-4)  New default filename mangling system.
-
-5)  A new "net" command has been added. It is somewhat similar to 
-    the "net" command in windows. Eventually we plan to replace 
-    numerous other utilities (such as smbpasswd) with subcommands 
-    in "net".
-
-6)  Samba now negotiates NT-style status32 codes on the wire. This
-    improves error handling a lot.
-
-7)  Better Windows 2000/XP/2003 printing support including publishing
-    printer attributes in active directory.
-
-8)  New loadable module support for passdb backends and character 
-    sets.
-
-9)  New default dual-daemon winbindd support for better performance.
-
-10) Support for migrating from a Windows NT 4.0 domain to a Samba 
-    domain and maintaining user, group and domain SIDs.
-
-11) Support for establishing trust relationships with Windows NT 4.0
-    domain controllers.
-  
-12) Initial support for a distributed Winbind architecture using
-    an LDAP directory for storing SID to uid/gid mappings.
-  
-13) Major updates to the Samba documentation tree.
-
-14) Full support for client and server SMB signing to ensure
-    compatibility with default Windows 2003 security settings.
-
-15) Improvement of ACL mapping features based on code donated by
-    Andreas Grünbacher.
-
-
-Plus lots of other improvements!
-
-
-Additional Documentation
-------------------------
-
-Please refer to Samba documentation tree (included in the docs/ 
-subdirectory) for extensive explanations of installing, configuring
-and maintaining Samba 3.0 servers and clients.  It is advised to 
-begin with the Samba-HOWTO-Collection for overviews and specific 
-tasks (the current book is up to approximately 400 pages) and to 
-refer to the various man pages for information on individual options.
-
-We are very glad to be able to include the second edition of
-"Using Samba" by Jay Ts, Robert Eckstein, and David Collier-Brown
-(O'Reilly & Associates) in this release.  The book is available
-on-line at http://samba.org/samba/docs/ and is included with 
-the Samba Web Administration Tool (SWAT).  Thanks to the authors and
-publisher for making "Using Samba" under the GNU Free Documentation 
-License.
-
-
-######################################################################
-Upgrading from a previous Samba 3.0 beta
-########################################
-
-Beginning with Samba 3.0.0beta3, the RID allocation functions
-have been moved into winbindd.  Previously these were handled
-by each passdb backend.  This means that winbindd must be running
-to automatically allocate RIDs for users and/or groups.  Otherwise,
-smbd will use the 2.2 algorithm for generating new RIDs.
-
-If you are using 'passdb backend = tdbsam' with a previous Samba 
-3.0 beta release (or possibly alpha), it may be necessary to 
-move the RID_COUNTER entry from /usr/local/samba/private/passdb.tdb
-to winbindd_idmap.tdb.  To do this:
-
-1)  Ensure that winbindd_idmap.tdb exists (launch winbindd at least 
-    once)
-2)  build tdbtool by executing 'make tdbtool' in the source/tdb/ 
-    directory
-3)  run: (note that 'tdb>' is the tool's prompt for input)
-
-       root# ./tdbtool /usr/local/samba/private/passdb.tdb
-       tdb> show RID_COUNTER
-       key 12 bytes
-       RID_COUNTER
-       data 4 bytes
-       [000] 0A 52 00 00                                       .R.
-
-       tdb> move RID_COUNTER /usr/local/samba/var/locks/winbindd_idmap.tdb
-       ....
-       record moved
-
-If you are using 'passdb backend = ldapsam', it will be necessary to 
-store idmap entries in the LDAP directory as well (i.e. idmap backend 
-= ldap).  Refer to the 'net idmap' command for more information on 
-migrating SID<->UNIX id mappings from one backend to another.
-
-If the RID_COUNTER record does not exist, then these instructions are
-unneccessary and the new RID_COUNTER record will be correctly generated
-if needed.  
-
-
-
-########################
-Upgrading from Samba 2.2
-########################
-
-This section is provided to help administrators understand the details
-involved with upgrading a Samba 2.2 server to Samba 3.0.
-
-
-Building
---------
-
-Many of the options to the GNU autoconf script have been modified 
-in the 3.0 release.  The most noticeable are:
-
-  * removal of --with-tdbsam (is now included by default; see section
-    on passdb backends and authentication for more details)
-    
-  * --with-ldapsam is now on used to provided backward compatible
-    parameters for LDAP enabled Samba 2.2 servers.  Refer to the passdb 
-    backend and authentication section for more details
-  
-  * inclusion of non-standard passdb modules may be enabled using
-    --with-expsam.  This includes an XML backend and a mysql backend.
-      
-  * removal of --with-msdfs (is now enabled by default)
-  
-  * removal of --with-ssl (no longer supported)
-  
-  * --with-utmp now defaults to 'yes' on supported systems
-  
-  * --with-sendfile-support is now enabled by default on supported 
-    systems
-  
-    
-Parameters
-----------
-
-This section contains a brief listing of changes to smb.conf options
-in the 3.0.0 release.  Please refer to the smb.conf(5) man page for
-complete descriptions of new or modified parameters.
-
-Removed Parameters (order alphabetically):
-
-  * admin log
-  * alternate permissions
-  * character set
-  * client codepage
-  * code page directory
-  * coding system
-  * domain admin group
-  * domain guest group
-  * force unknown acl user
-  * hide local users
-  * mangled stack
-  * nt smb support
-  * postscript
-  * printer driver
-  * printer driver file
-  * printer driver location
-  * read size
-  * source environment
-  * status
-  * strip dot
-  * total print jobs
-  * use rhosts
-  * valid chars
-  * vfs options
-
-New Parameters (new parameters have been grouped by function):
-
-  Remote management
-  -----------------
-  * abort shutdown script
-  * shutdown script
-
-  User and Group Account Management
-  ---------------------------------
-  * add group script
-  * add machine script
-  * add user to group script
-  * algorithmic rid base
-  * delete group script
-  * delete user from group script
-  * passdb backend
-  * set primary group script
-
-  Authentication
-  --------------
-  * auth methods
-  * realm
-  * passwd chat timeout
-
-  Protocol Options
-  ----------------
-  * client lanman auth
-  * client NTLMv2 auth
-  * client schannel
-  * client signing
-  * client use spnego
-  * disable netbios
-  * ntlm auth
-  * paranoid server security
-  * server schannel
-  * server signing
-  * smb ports
-  * use spnego
-
-  File Service
-  ------------
-  * get quota command
-  * hide special files
-  * hide unwriteable files
-  * hostname lookups
-  * kernel change notify
-  * mangle prefix
-  * map acl inherit
-  * msdfs proxy
-  * set quota command
-  * use sendfile
-  * vfs objects
-  
-  Printing
-  --------
-  * max reported print jobs
-
-  UNICODE and Character Sets
-  --------------------------
-  * display charset
-  * dos charset
-  * unicode
-  * unix charset
-  
-  SID to uid/gid Mappings
-  -----------------------
-  * idmap backend
-  * idmap gid
-  * idmap uid
-  * winbind enable local accounts
-  * winbind trusted domains only
-  * template primary group
-  * enable rid algorithm
-
-  LDAP
-  ----
-  * ldap delete dn
-  * ldap group suffix
-  * ldap idmap suffix
-  * ldap machine suffix
-  * ldap passwd sync
-  * ldap replication sleep
-  * ldap user suffix
-  
-  General Configuration
-  ---------------------
-  * preload modules
-  * private dir
-
-Modified Parameters (changes in behavior):
-
-  * encrypt passwords (enabled by default)
-  * mangling method (set to 'hash2' by default)
-  * passwd chat
-  * passwd program
-  * restrict anonymous (integer value)
-  * security (new 'ads' value)
-  * strict locking (enabled by default)
-  * unix extensions (enabled by default)
-  * winbind cache time (increased to 5 minutes)
-  * winbind uid (deprecated in favor of 'idmap uid')
-  * winbind gid (deprecated in favor of 'idmap gid')
-
-
-Databases
----------
-
-This section contains brief descriptions of any new databases 
-introduced in Samba 3.0.  Please remember to backup your existing 
-${lock directory}/*tdb before upgrading to Samba 3.0.  Samba will 
-upgrade databases as they are opened (if necessary), but downgrading 
-from 3.0 to 2.2 is an unsupported path.
-
-Name                    Description                             Backup?
-----                    -----------                             -------
-account_policy          User policy settings                    yes
-gencache                Generic caching db                      no
-group_mapping           Mapping table from Windows              yes
-                        groups/SID to unix groups        
-winbindd_idmap          ID map table from SIDS to UNIX          yes
-                        uids/gids.
-namecache               Name resolution cache entries           no
-netsamlogon_cache       Cache of NET_USER_INFO_3 structure      no
-                        returned as part of a successful
-                        net_sam_logon request 
-printing/*.tdb          Cached output from 'lpq                 no
-                        command' created on a per print 
-                        service basis
-registry                Read-only samba registry skeleton       no
-                        that provides support for exporting
-                        various db tables via the winreg RPCs
-
-
-Changes in Behavior
--------------------
-
-The following issues are known changes in behavior between Samba 2.2 and 
-Samba 3.0 that may affect certain installations of Samba.
-
-  1)  When operating as a member of a Windows domain, Samba 2.2 would 
-      map any users authenticated by the remote DC to the 'guest account'
-      if a uid could not be obtained via the getpwnam() call.  Samba 3.0
-      rejects the connection as NT_STATUS_LOGON_FAILURE.  There is no 
-      current work around to re-establish the 2.2 behavior.
-      
-  2)  When adding machines to a Samba 2.2 controlled domain, the 
-      'add user script' was used to create the UNIX identity of the 
-      machine trust account.  Samba 3.0 introduces a new 'add machine 
-      script' that must be specified for this purpose.  Samba 3.0 will
-      not fall back to using the 'add user script' in the absence of 
-      an 'add machine script'
-  
-
-######################################################################
-Passdb Backends and Authentication
-##################################
-
-There have been a few new changes that Samba administrators should be
-aware of when moving to Samba 3.0.
-
-  1) encrypted passwords have been enabled by default in order to 
-     inter-operate better with out-of-the-box Windows client 
-     installations.  This does mean that either (a) a samba account
-     must be created for each user, or (b) 'encrypt passwords = no'
-     must be explicitly defined in smb.conf.
-    
-  2) Inclusion of new 'security = ads' option for integration 
-     with an Active Directory domain using the native Windows
-     Kerberos 5 and LDAP protocols.
-
-     MIT kerberos 1.3.1 supports the ARCFOUR-HMAC-MD5 encryption 
-     type which is neccessary for servers on which the 
-     administrator password has not been changed, or kerberos-enabled 
-     SMB connections to servers that require Kerberos SMB signing.
-     Besides this one difference, either MIT or Heimdal Kerberos
-     distributions are usable by Samba 3.0.
-     
-
-Samba 3.0 also includes the possibility of setting up chains
-of authentication methods (auth methods) and account storage 
-backends (passdb backend).  Please refer to the smb.conf(5) 
-man page for details.  While both parameters assume sane default 
-values, it is likely that you will need to understand what the 
-values actually mean in order to ensure Samba operates correctly.
-
-The recommended passdb backends at this time are
-
-  * smbpasswd - 2.2 compatible flat file format
-  * tdbsam - attribute rich database intended as an smbpasswd
-    replacement for stand alone servers
-  * ldapsam - attribute rich account storage and retrieval 
-    backend utilizing an LDAP directory.  
-  * ldapsam_compat - a 2.2 backward compatible LDAP account 
-    backend
-    
-Certain functions of the smbpasswd(8) tool have been split between the 
-new smbpasswd(8) utility, the net(8) tool, and the new pdbedit(8) 
-utility.  See the respective man pages for details.
-    
-     
-######################################################################
-LDAP
-####
-
-This section outlines the new features affecting Samba / LDAP 
-integration.
-
-New Schema
-----------
-  
-A new object class (sambaSamAccount) has been introduced to replace 
-the old sambaAccount.  This change aids us in the renaming of 
-attributes to prevent clashes with attributes from other vendors.  
-There is a conversion script (examples/LDAP/convertSambaAccount) to 
-modify and LDIF file to the new schema.
-  
-Example:
-  
-  $ ldapsearch .... -b "ou=people,dc=..." > sambaAcct.ldif
-  $ convertSambaAccount --sid=<Domain SID> \
-    --input=sambaAcct.ldif --output=sambaSamAcct.ldif \
-    --changetype=[modify|add]
-	
-The <DOM SID> can be obtained by running 'net getlocalsid 
-<DOMAINNAME>' on the Samba PDC as root.  The changetype determines 
-the format of the generated LDIF output--either create new entries 
-or modify existing entries.
-    
-The old sambaAccount schema may still be used by specifying the 
-"ldapsam_compat" passdb backend.  However, the sambaAccount and
-associated attributes have been moved to the historical section of
-the schema file and must be uncommented before use if needed.
-The 2.2 object class declaration for a sambaAccount has not changed
-in the 3.0 samba.schema file. 
-  
-Other new object classes and their uses include:
-  
-  * sambaDomain - domain information used to allocate rids 
-    for users and groups as necessary.  The attributes are added
-    in 'ldap suffix' directory entry automatically if 
-    an idmap uid/gid range has been set and the 'ldapsam'
-    passdb backend has been selected.
-      
-  * sambaGroupMapping - an object representing the 
-    relationship between a posixGroup and a Windows
-    group/SID.  These entries are stored in the 'ldap 
-    group suffix' and managed by the 'net groupmap' command.
-    
-  * sambaUnixIdPool - created in the 'ldap idmap suffix' entry 
-    automatically and contains the next available 'idmap uid' and 
-    'idmap gid'
-    
-  * sambaIdmapEntry - object storing a mapping between a 
-    SID and a UNIX uid/gid.  These objects are created by the 
-    idmap_ldap module as needed.
-
-  * sambaSidEntry - object representing a SID alone, as a Structural
-    class on which to build the sambaIdmapEntry.
-
-    
-New Suffix for Searching
-------------------------
-  
-The following new smb.conf parameters have been added to aid in directing
-certain LDAP queries when 'passdb backend = ldapsam://...' has been
-specified.
-
-  * ldap suffix         - used to search for user and computer accounts
-  * ldap user suffix    - used to store user accounts
-  * ldap machine suffix - used to store machine trust accounts
-  * ldap group suffix   - location of posixGroup/sambaGroupMapping entries
-  * ldap idmap suffix   - location of sambaIdmapEntry objects
-
-If an 'ldap suffix' is defined, it will be appended to all of the 
-remaining sub-suffix parameters.  In this case, the order of the suffix
-listings in smb.conf is important.  Always place the 'ldap suffix' first
-in the list.  
-
-Due to a limitation in Samba's smb.conf parsing, you should not surround 
-the DN's with quotation marks.
-
-
-IdMap LDAP support
-------------------
-
-Samba 3.0 supports an ldap backend for the idmap subsystem.  The 
-following options would inform Samba that the idmap table should be
-stored on the directory server onterose in the "ou=idmap,dc=plainjoe,
-dc=org" partition.
-
- [global]
-    ...
-    idmap backend     = ldap:ldap://onterose/
-    ldap idmap suffix = ou=idmap,dc=plainjoe,dc=org
-    idmap uid         = 40000-50000
-    idmap gid         = 40000-50000
-
-This configuration allows winbind installations on multiple servers to
-share a uid/gid number space, thus avoiding the interoperability problems
-with NFS that were present in Samba 2.2.
-    
-
-
-######################################################################
-Trust Relationships and a Samba Domain
-######################################
-
-Samba 3.0.0beta2 is able to utilize winbindd as the means of 
-allocating uids and gids to trusted users and groups.  More
-information regarding Samba's support for establishing trust 
-relationships can be found in the Samba-HOWTO-Collection included
-in the docs/ directory of this release.
-
-First create your Samba PDC and ensure that everything is 
-working correctly before moving on the trusts.
-
-To establish Samba as the trusting domain (named SAMBA) from a Windows NT
-4.0 domain named WINDOWS:
-
-  1) create the trust account for SAMBA in "User Manager for Domains"
-  2) connect the trust from the Samba domain using
-     'net rpc trustdom establish GLASS'
-
-To create a trustlationship with SAMBA as the trusted domain:
-
-  1) create the initial trust account for GLASS using
-     'smbpasswd -a -i GLASS'.  You may need to create a UNIX
-     account for GLASS$ prior to this step (depending on your
-     local configuration).
-  2) connect the trust from a WINDOWS DC using "User Manager
-     for Domains"
-
-Now join winbindd on the Samba PDC to the SAMBA domain using
-the normal steps for adding a Samba server to an NT4 domain:
-(note that smbd & nmbd must be running at this point)
-
-   root# net rpc join -U root
-   Password: <enter root password from smbpasswd file here>
-
-Start winbindd and test the join with 'wbinfo -t'.
-
-Now test the trust relationship by connecting to the SAMBA DC
-(e.g. POGO) as a user from the WINDOWS domain:
-
-   $ smbclient //pogo/netlogon -U Administrator -W WINDOWS
-   Password:
-
-Now connect to the WINDOWS DC (e.g. CRYSTAL) as a Samba user:
-
-   $ smbclient //crystal/netlogon -U root -W WINDOWS
-   Password:
-
-######################################################################
-Changes in Winbind
-##################
-
-Beginning with Samba3.0.0beta3, winbindd has been given new account
-manage functionality equivalent to the 'add user script' family of
-smb.conf parameters.  The idmap design has also been changed to 
-centralize control of foreign SID lookups and matching to UNIX 
-uids and gids.
-
-
-Brief Description of Changes
-----------------------------
-
-1) The sid_to_uid() family of functions (smbd/uid.c) have been 
-   reverted to the 2.2.x design.  This means that when resolving a 
-   SID to a UID or similar mapping:
-
-        a) First consult winbindd
-        b) perform a local lookup only if winbindd fails to
-           return a successful answer
-
-   There are some variations to this, but these two rules generally
-   apply.
-
-2) All idmap lookups have been moved into winbindd.  This means that
-   a server must run winbindd (and support NSS) in order to achieve
-   any mappings of SID to dynamically allocated UNIX ids.  This was
-   a conscious design choice.
-
-3) New functions have been added to winbindd to emulate the 'add user 
-   script' family of smbd functions without requiring that external
-   scripts be defined.  This functionality is controlled by the 'winbind 
-   enable local accounts' smb.conf parameter (enabled by default).
-
-   However, this account management functionality is only supported 
-   in a local tdb (winbindd_idmap.tdb).  If these new UNIX accounts 
-   must be shared among multiple Samba servers (such as a PDC and BDCs), 
-   it will be necessary to define your own 'add user script', et. al.
-   programs that place the accounts/groups in some form of directory
-   such as NIS or LDAP.  This requirement was deemed beyond the scope
-   of winbind's account management functions.  Solutions for 
-   distributing UNIX system information have been deployed and tested 
-   for many years.  We saw no need to reinvent the wheel.
-
-4) A member of a Samba controlled domain running winbindd is now able 
-   to map domain users directly onto existing UNIX accounts while still
-   automatically creating accounts for trusted users and groups.  This
-   behavior is controlled by the 'winbind trusted domains only' smb.conf
-   parameter (disabled by default to provide 2.2.x winbind behavior).
-
-5) Group mapping support is wrapped in the local_XX_to_XX() functions
-   in smbd/uid.c.  The reason that group mappings are not included
-   in winbindd is because the purpose of Samba's group map is to
-   match any Windows SID with an existing UNIX group.  These UNIX
-   groups can be created by winbindd (see next section), but the
-   SID<->gid mapping is retreived by smbd, not winbindd.
-
-
-Examples
---------
-
-* security = server running winbindd to allocate accounts on demand
-
-* Samba PDC running winbindd to handle the automatic creation of UNIX
-  identities for machine trust accounts
-
-* Automtically creating UNIX user and groups when migrating a Windows NT
-  4.0 PDC to a Samba PDC.  Winbindd must be running when executing
-  'net rpc vampire' for this to work.
-
-   
-######################################################################
-Known Issues
-############
-
-* There are several bugs currently logged against the 3.0 codebase
-  that affect the use of NT 4.0 GUI domain management tools when run
-  against a Samba 3.0 PDC.  This bugs should be released in an early 
-  3.0.x release.
-
-Please refer to https://bugzilla.samba.org/ for a current list of bugs 
-filed against the Samba 3.0 codebase.
-
-
-######################################################################
-Reporting bugs & Development Discussion
-#######################################
-
-Please discuss this release on the samba-technical mailing list or by
-joining the #samba-technical IRC channel on irc.freenode.net.
-
-If you do report problems then please try to send high quality
-feedback. If you don't provide vital information to help us track down
-the problem then you will probably be ignored.  
-
-A new bugzilla installation has been established to help support the 
-Samba 3.0 community of users.  This server, located at 
-https://bugzilla.samba.org/, has replaced the older jitterbug server 
-previously located at http://bugs.samba.org/.
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba1.9.17.html b/whatsnew/samba1.9.17.html
deleted file mode 100755
index 6eb2819..0000000
--- a/whatsnew/samba1.9.17.html
+++ /dev/null
@@ -1,174 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-<H3 align=center>
-Samba Team Announces Samba 1.9.17
-</H3>
-<pre>
-Greater speed and scalability for corporate networks with
-Windows-compatible clients
-
-
-Canberra, Australia, August 26 1997 - The Samba Team is pleased to
-announce version 1.9.17 of Samba, the leading suite of corporate network
-integration tools. Designed to service any Server Message Block (SMB)
-client, Samba is compatible with all Microsoft (tm) Networking clients
-including Windows 95 (tm), Windows NT (tm) Workstation and Server,
-Windows for Workgroups (tm), IBM OS/2 (tm), smbfs for Linux and
-Thursby Software Systems DAVE (tm) Macintosh SMB client.
-
-Samba is distinguished by its scalability, speed and flexibility. It is
-freely distributed with source code, and has high-quality support.
-Over ninety specialist support companies worldwide offer commercial
-support for Samba, which is also supported by copious Internet
-resources and a mailing list with ten thousand subscribers.
-
-Sites with Microsoft Windows NT or Windows 95 clients benefit
-particularly from this new release. Samba now functions as a logon
-server for Windows 95 and supports roving profiles. Already a favorite
-with administrators because of its flexible and dynamic configuration
-options, version 1.9.17 of Samba has even more reasons for being used
-to serve files and printers to Microsoft clients.
-
-Samba has an assured future. With many hundreds of thousands of
-installed systems around the world, Samba is making it possible for many
-kinds of systems to share files that have been incompatible until now.
-The Samba Team has been consulting widely with large (and small) users
-of the product about future directions for Samba  and will be
-publishing a road-map with the next major release. Anyone wishing to
-provide input should send a message to the mailing list
-<a href="mailto:samba-plans@samba.org">samba-plans@samba.org</a>
-
-Besides this, the next release will focus on better integration of
-non-UNIX ports, further performance improvements and scalability to
-hundreds of thousands of machines in an SMB network.
-
-
-<strong>Also in release 1.9.17 of Samba:</strong>
-
-<strong>CIFS Support</strong>
-
-Samba implements the Common Internet Filesystem protocol, the Internet
-Engineering Task Force draft protocol for extending SMB to the Internet.
-Samba keeps pace with CIFS developments. See
-<a href="http://anu.samba.org/cifs/">http://anu.samba.org/cifs/</a>.
-
-<strong>More speed</strong>
-
-Samba now passes the most rigorous Ziff-Davis NetBench test suite with
-flying colors. Performance is not lost when more users are added, up to
-the limits of the host operating system. When used with technologies
-such 64-bit operating systems (such as some versions of UNIX, MVS or
-VMS), many CPUs and Gibabit ethernet, pre-release versions of Samba
-1.9.17 have been running for some months at several large sites
-supporting tens of thousands of users.
-
-<strong>More servers</strong>
-
-Samba runs on UNIX (tm) and near clones from over 30 vendors, besides
-IBM MVS (tm), Digital Equipment VMS (tm), Stratos VOS (tm), all versions of
-IBM OS/2 Warp (tm), Novell Netware (tm), Amiga OS (tm) and others.
-Most corporate data servers are supported, besides countless small
-networks running less powerful operating systems.
-
-<strong>More clients</strong>
-
-Windows NT, Windows 95, Linux, OS/2 Warp, Windows for Workgroups come
-with SMB network file systems by default. Windows 3.1, DOS, AIX and others
-have equivalent add-ons. Different SMB clients have different extensions and
-different bugs. Samba goes to great lengths to accommodate clients that
-are in use, and is now more compatible with more types of clients than
-any other SMB server.
-
-<strong>Larger networks</strong>
-
-Release 1.9.17 provides support for over 2,000 clients simultaneously
-per samba server. Many Samba servers of this scale can work together.
-Some sites have shown that a user database of 100 000 users shared
-between 20 servers works. We do not know what the upper limit is,
-although we plan to find out. The Samba Team has been focusing on
-providing reliable wide-area operation, and acknowledges the support of
-major UNIX system vendors who have helped in testing on large WANs.
-
-<strong>Better Browsing</strong>
-
-This release improves Samba maintenance of browse lists (the Network
-Neighborhood), especially across large multi-segmented networks. Samba
-can provide a picture of what machines are available on even very large
-networks, beyond the scope of any other SMB product.
-
-
-<strong>More Information and Downloading</strong>
-
-For more information on Samba see
-
-        <a href="http://samba.canberra.edu.au/pub/samba/">http://samba.canberra.edu.au/pub/samba/</a>
-
-Demand for Samba is very high. For a faster download and to minimize
-Internet traffic over the period following this release, please use a
-Samba mirror site. The list of mirror sites is contained in
-
-        <a href="ftp://samba.org/pub/samba/MIRRORS.txt">ftp://samba.org/pub/samba/MIRRORS.txt</a>
-
-The official master ftp location is
-
-        <a href="ftp://samba.org/pub/samba/samba-latest.tar.gz">ftp://samba.org/pub/samba/samba-latest.tar.gz</a>
-
-Some of the products mentioned in this document are registered
-trademarks of other companies. The samba-bugs@samba.org address
-referred to in this release is *not* to be used for general enquiries or
-support requests. See the web pages for information about the general
-Samba mailing list and a listing of commercial support providers.
-
-<strong>Thanks</strong>
-
-This release of Samba was made possible with the generous help of the
-following companies (in alphabetical order):
-
-Aquasoft Pty Ltd.       : <a href="http://www.aquasoft.com.au">http://www.aquasoft.com.au</a>
-Red Hat Software.       : <a href="http://www.redhat.com">http://www.redhat.com</a>
-Silicon Graphics, Inc.  : <a href="http://www.sgi.com.">http://www.sgi.com.</a>
-Whistle Communications  : <a href="http://www.whistle.com">http://www.whistle.com</a>
-
-Please note that this does not imply endorsement of Samba by the above
-named companies.
-
-
-<strong>Samba Team members</strong>
-
-The Samba Team are (in alphabetical order) :
-
-Jeremy Allison  - Whistle Communications
-Paul Blackman   - University of Canberra
-Dave Fenwick    - Asset Software
-Chris Hertel    - University of Minnesota
-Peter Kelly     - ETS
-Luke Leighton   - Pires
-Richard Sharpe  - NS Computer Software
-Dan Shearer     - University of South Australia
-John Terpstra   - Aquasoft Pty Ltd.
-Andrew Tridgell - Australian National University
-Volker Lendeke  - Service Network, GmbH.
-
-<strong>Copying</strong>
-
-Unrestricted reproduction rights of this press release are granted, so
-long as it remains clear that:
-
-         i) Samba is copyright by Andrew Tridgell and the Samba Team, 1992-1997
-        ii) Samba is made available freely under the widely-used
-            GNU public license. A copy of this is at
-
-                <a href="ftp://samba.org/pub/samba/COPYING">ftp://samba.org/pub/samba/COPYING</a>
-
-            This license encourages commercial use and modification. The
-            only restriction is that all source code incorporating Samba
-            must always be freely available
-       iii) The contact for all issues related to intellectual
-            property rights for Samba is <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-
-Regards,
-	The Samba Team.
-</pre>
-
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba1.9.17alpha1.html b/whatsnew/samba1.9.17alpha1.html
deleted file mode 100755
index 1c6eba6..0000000
--- a/whatsnew/samba1.9.17alpha1.html
+++ /dev/null
@@ -1,100 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-<H3 align=center>
-The Samba Team, on behalf of Andrew Tridgell, is pleased
-to announce a new alpha release of Samba, version 
-1.9.17alpha1.
-</H3>
-<pre>
-This is known unofficially as the 'browse-fix' release
-as it contains much new and revised code to make browsing
-across subnets work for the first time.
-
-It also contains a substantial re-write of the share-mode
-locking code, which is beleived to be much more robust
-than the previous versions.
-
-It may be downloaded from the Samba site at :
-<a href="ftp://samba.org/pub/samba/alpha/samba-1.9.17alpha1.tar.gz">
-ftp://samba.org/pub/samba/alpha/samba-1.9.17alpha1.tar.gz</a>
-
-as a gzipp'ed tar file.
-
-Due to the large number of changes, this is an alpha release
-and we would welcome people trying it out and reporting all
-bugs to :
-
-<a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-Once a sufficient number of people have reported stability
-with this release or subsequent alphas released to fix 
-bugs we will make a stable 1.9.17 production release. It is
-recommended that people with production Samba servers wait
-until then before upgrading (although the locking code
-*really* is more stable and correct than the 1.9.16 code :-).
-
-Here is the file WHATSNEW.txt, now included with the release
-to give people an idea of what has been changed. Also, with
-this release there is a new version of the BROWSING.txt in 
-the docs directory which describes how to set up the new
-cross subnet browsing features.
-
-Regards,
-
-The Samba Team.
-
---------------WHATSNEW.txt---------------------------------
-
-              WHATS NEW IN 1.9.17alpha1 - May 21st 1997.
-              ==========================================
-
-Improved browsing support. 
---------------------------
-
-Samba now should support propagation of browse lists 
-across subnets correctly. Look in the file docs/BROWSING.txt 
-as it has been largely re-written to explain how to do this.
-
-Thanks to Silicon Graphics for allowing us to test the new 
-code on their corporate network.
-
-Improved share mode handling
-----------------------------
-
-The handling of share modes has been completely rewritten.
-Samba can now run agressive PC Benchmarks (Ziff-Davis
-NetBench) correctly with many hundreds of concurrent PC's.
-The confidence level on share mode handling in Samba
-is now much higher than it was previously. PC database
-packages should be much safer when run against a
-Samba share. Thanks to Silicon Graphics for testing
-this code for us.
-
-If at all possible compile Samba to use the new share
-mode handling with shared memory (set the flags 
-FAST_SHARE_MODES in the Makefile). This will be *much* faster
-than old file-based share modes. FAST_SHARE_MODES have
-been turned on by default on the following platforms in
-the Makefile :
-
-        Linux
-        Solaris
-        BSDI
-        IRIX 5.x.x
-        FreeBSD
-
-Updated smb.conf documentation
-------------------------------
-
-All options are now documented we believe.
-
-Many small bugfixes and improvements
-------------------------------------
-From around the 'net around the world. Many
-thanks to everyone who contributed.
-
-Remember - this is new code so there may be
-bugs or problems.
-</pre>
-
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba1.9.17alpha3.html b/whatsnew/samba1.9.17alpha3.html
deleted file mode 100755
index 95db22b..0000000
--- a/whatsnew/samba1.9.17alpha3.html
+++ /dev/null
@@ -1,153 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-<H3 align=center>
-The Samba Team, is pleased to announce a new alpha release of 
-Samba, version 1.9.17alpha3.
-</H3>
-<pre>
-1.9.17alpha3 fixes the problems that were reported in the
-alpha1 and alpha 2 releases. The current release fix list
-looks like :
-
-alpha1 - original 'browse fix' release.
-alpha2 - released to fix a printing bug with alpha1.
-alpha3 - More fixes for browsing. nmbd now correctly
-         releases names on exit. nmbd memory leak and
-         core dump bugs identified and fixed. Fix for
-         shared memory allocation bug with NetBench.
-
-The 1.9.17alpha series are known unofficially as the 'browse-fix' 
-releases as they contains much new and revised code to make browsing
-across subnets work for the first time.
-
-If you are setting up 1.9.17alpha series Samba servers to
-test cross subnet browsing issues it is very important to
-ensure that all Samba servers set up as local master browsers
-or domain master browsers be 1.9.17alpha3 servers. Previous
-(1.9.16p11 and before) version of nmbd will *NOT* function
-correctly in this role and will prevent cross subnet browsing
-from working. This also applies to the Samba machine set up
-as the WINS server, if you are not using a Microsoft WINS
-server.
-
-The 1.9.17alpha series also contains a substantial re-write 
-of the share-mode locking code, which is believed to be much 
-more robust than the previous versions (1.9.16p11 and before).
-Samba 1.9.17alphas 1-3 have been tested with the Ziff Davis
-NetBench file server testing software. The 1.9.17alpha3 release
-has no known problems with this software.
-
-It may be downloaded from the Samba site at :
-
-<a href="ftp://samba.org/pub/samba/alpha/samba-1.9.17alpha3.tar.gz">ftp://samba.org/pub/samba/alpha/samba-1.9.17alpha3.tar.gz</a>
-
-as a gzipp'ed tar file.
-
-Due to the large number of changes, this is an alpha release
-and we would welcome people trying it out and reporting all
-bugs to :
-
-<a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-Once a sufficient number of people have reported stability
-with this release or subsequent alphas released to fix 
-bugs we will make a stable 1.9.17 production release. It is
-recommended that people with production Samba servers wait
-until then before upgrading (although the locking code
-*really* is more stable and correct than the 1.9.16 code :-).
-
-Here is the file WHATSNEW.txt, now included with the release
-to give people an idea of what has been changed. Also, with
-this release there is a new version of the BROWSING.txt in 
-the docs directory which describes how to set up the new
-cross subnet browsing features.
-
-Regards,
-
-The Samba Team.
-
---------------WHATSNEW.txt---------------------------------
-
-              WHATS NEW IN 1.9.17alpha3 - June 6th 1997.
-              ==========================================
-
-Improved browsing support. 
---------------------------
-
-Samba now should support propagation of browse lists 
-across subnets correctly. Look in the file docs/BROWSING.txt 
-as it has been largely re-written to explain how to do this.
-
-*IMPORTANT* All Samba servers acting as local/domain master
-browsers must be running 1.9.17alpha3, as should the nmbd
-set up as the WINS server.
-
-Thanks to Silicon Graphics for allowing us to test the new 
-code on their corporate network.
-
-Improved share mode handling
-----------------------------
-
-The handling of share modes has been completely rewritten.
-Samba can now run agressive PC Benchmarks (Ziff-Davis
-NetBench) correctly with many hundreds of concurrent PC's.
-The confidence level on share mode handling in Samba
-is now much higher than it was previously. PC database
-packages should be much safer when run against a
-Samba share. Thanks to Silicon Graphics for testing
-this code for us.
-
-If at all possible compile Samba to use the new share
-mode handling with shared memory (set the flags 
-FAST_SHARE_MODES in the Makefile). This will be *much* faster
-than old file-based share modes. FAST_SHARE_MODES have
-been turned on by default on the following platforms in
-the Makefile :
-
-        Linux
-        Solaris
-        BSDI
-        IRIX 5.x.x
-        FreeBSD
-
-Updated smb.conf documentation
-------------------------------
-
-All options are now documented we believe.
-
-Many small bugfixes and improvements
-------------------------------------
-From around the 'net around the world. Many
-thanks to everyone who contributed.
-
-Remaining known issues with cross-subnet browsing.
---------------------------------------------------
-
-When nmbd is acting as a WINS server it doesn't handle
-de-registering of members of a WORKGROUP<1e> name correctly.
-The first machine to de-register will remove the name. This
-should be fixed in a later release when group names are 
-handled correctly in the WINS code.
-
-Propagation of servers between local master browsers and
-the domain master browser doesn't take into account the
-fact that only names seen by the local master browser on
-the local subnet should be propagated. This causes machines
-that have stopped serving to be propagated between browse
-masters. This issue will be fixed in the smbd code in a
-later release.
-
-Remember - this is new code so there may be
-bugs or problems.
-
-As always, all bugs are our responsibility - 
-please report them to :
-
-samba-bugs@samba.org
-
-
-Regards,
-
-        The Samba Team.
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba1.9.17alpha4.html b/whatsnew/samba1.9.17alpha4.html
deleted file mode 100755
index e6ffdbe..0000000
--- a/whatsnew/samba1.9.17alpha4.html
+++ /dev/null
@@ -1,172 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-<H3 align=center>
-The Samba Team, is pleased to announce a new alpha release of
-Samba, version 1.9.17alpha4.
-</H3>
-<pre>
-The Samba Team, is pleased to announce a new alpha release of
-Samba, version 1.9.17alpha4.
-
-1.9.17alpha4 fixes the problems that were reported in the
-alpha1, alpha2 and alpha3 releases. The current release fix
-list looks like :
-
-alpha1 - original 'browse fix' release.
-alpha2 - released to fix a printing bug with alpha1.
-alpha3 - More fixes for browsing. nmbd now correctly
-         releases names on exit. nmbd memory leak and
-	 core dump bugs identified and fixed. Fix for
-	 shared memory allocation bug with NetBench.
-alpha4 - Fix for roaming profiles hanging on a Samba drive.
-	 smbclient can now query Win95/NT print queues.
-	 smbd can now rename across filesystem mount points.
-	 New 'force xxx mode' options allow more control over
-	 Unix file permissions. Documented in smb.conf man page.
-	 New 'client code page' option for internationalization
-	 support. Documented in smb.conf man page.
-	 Documentation update.
-
-The 1.9.17alpha series are known unofficially as the 'browse-fix'
-releases as they contains much new and revised code to make browsing
-across subnets work for the first time.
-
-If you are setting up 1.9.17alpha series Samba servers to
-test cross subnet browsing issues it is very important to
-ensure that all Samba servers set up as local master browsers
-or domain master browsers be 1.9.17alpha3 or 1.9.17alpha4 servers.
-Previous (1.9.16p11 and before) version of nmbd will *NOT* function
-correctly in this role and will prevent cross subnet browsing
-from working. This also applies to the Samba machine set up
-as the WINS server, if you are not using a Microsoft WINS
-server.
-
-The 1.9.17alpha series also contains a substantial re-write
-of the share-mode locking code, which is believed to be much
-more robust than the previous versions (1.9.16p11 and before).
-Samba 1.9.17alphas 1-4 have been tested with the Ziff Davis
-NetBench file server testing software. The 1.9.17alpha4 release
-has no known problems with this software.
-
-It may be downloaded from the Samba site at :
-
-<a href="ftp://samba.org/pub/samba/alpha/samba-1.9.17alpha4.tar.gz">ftp://samba.org/pub/samba/alpha/samba-1.9.17alpha4.tar.gz</a>
-
-as a gzipp'ed tar file.
-
-Due to the large number of changes, this is an alpha release
-and we would welcome people trying it out and reporting all
-bugs to :
-
-<a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-Once a sufficient number of people have reported stability
-with this release or subsequent alphas released to fix
-bugs we will make a stable 1.9.17 production release. It is
-recommended that people with production Samba servers wait
-until then before upgrading (although the locking code
-*really* is more stable and correct than the 1.9.16 code :-).
-
-Here is the file WHATSNEW.txt, now included with the release
-to give people an idea of what has been changed. Also, with
-this release there is a new version of the BROWSING.txt in
-the docs directory which describes how to set up the new
-cross subnet browsing features.
-
-Regards,
-
-The Samba Team.
-
---------------WHATSNEW.txt---------------------------------
-WHATS NEW IN 1.9.17alpha4 - July 3rd 1997.
-==========================================
-
-Improved browsing support.
---------------------------
-
-Samba now should support propagation of browse lists
-across subnets correctly. Look in the file docs/BROWSING.txt
-as it has been largely re-written to explain how to do this.
-
-*IMPORTANT* All Samba servers acting as local/domain master
-browsers must be running 1.9.17alpha3 (or later).
-
-Samba 1.9.17alpha4 should now keep global and authoritative
-browse lists separate - see docs/BROWSING.txt for full details.
-
-Thanks to Silicon Graphics for allowing us to test the new
-code on their corporate network.
-
-
-Improved share mode handling
-----------------------------
-
-The handling of share modes has been completely rewritten.
-Samba can now run agressive PC Benchmarks (Ziff-Davis
-NetBench) correctly with many hundreds of concurrent PC's.
-The confidence level on share mode handling in Samba
-is now much higher than it was previously. PC database
-packages should be much safer when run against a
-Samba share. Thanks to Silicon Graphics for testing
-this code for us.
-
-If at all possible compile Samba to use the new share
-mode handling with shared memory (set the flags
-FAST_SHARE_MODES in the Makefile). This will be *much* faster
-than old file-based share modes. FAST_SHARE_MODES have
-been turned on by default on the following platforms in
-the Makefile :
-
-	Linux
-	Solaris
-	BSDI
-	IRIX 5.x.x
-	FreeBSD
-
-A crash bug with slow share modes in 1.9.17alpha3 has been
-corrected.
-
-Updated smb.conf documentation
-------------------------------
-All options are now documented we believe.
-
-Many bugfixes and improvements
-------------------------------
-From around the 'net around the world. Many
-thanks to everyone who contributed.
-
-A list of the new code since alpha3 includes :
-
-*** Fix for roaming profiles hanging on a Samba drive.
-*** smbclient can now query Win95/NT print queues.
-*** smbd can now rename across filesystem mount points.
-*** New 'force xxx mode' options allow more control over
-    Unix file permissions.
-*** New 'client code page' option for internationalization
-    support.
-*** Documentation update.
-
-Remaining known issues with cross-subnet browsing.
---------------------------------------------------
-When nmbd is acting as a WINS server it doesn't handle
-de-registering of members of a WORKGROUP<1e> name correctly.
-The first machine to de-register will remove the name. This
-should be fixed in a later release when group names are
-handled correctly in the WINS code.
-
-Remember - this is new code so there may be
-bugs or problems.
-
-As always, all bugs are our responsibility -
-please report them to :
-
-<a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-
-Regards,
-
-The Samba Team.
----------------end----------------------------------
-</pre>
-
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba1.9.17alpha5.html b/whatsnew/samba1.9.17alpha5.html
deleted file mode 100755
index 58f3566..0000000
--- a/whatsnew/samba1.9.17alpha5.html
+++ /dev/null
@@ -1,140 +0,0 @@
-<HTML><HEAD><TITLE>Samba: New Alpha release - 1.9.17alpha5</TITLE></HEAD>
-<BODY background="images/back.gif">
-<p align=center>
-<a href="samba.html"><IMG border=0 SRC="images/sambanew.gif" ALT="****  SAMBA Web Pages  ****"></a>
-<HR size=4 width=75% align=center>
-
-<H3 align=center>
-The Samba Team have just released a new alpha version of
-Samba - 1.9.17alpha5
-</H3>
-<pre>
-The Samba Team have just released a new alpha version of
-Samba - 1.9.17alpha5. It is our hope that this will be the
-last version of the 1.9.17 alpha series before the full
-1.9.17 release.
-
-The new release is available from the URL:
-
-<a href="ftp://samba.org/pub/samba/alpha/samba-1.9.17alpha5.tar.gz">ftp://samba.org/pub/samba/alpha/samba-1.9.17alpha5.tar.gz</a>
-
-and is in the form of a gzip'ed tar file.
-
-Here is the WHATSNEW.txt from the release.
-
-Regards,
-
-       The Samba Team.
-       <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
---------------cut here------------------------------------
-
-              WHATS NEW IN 1.9.17alpha5 - July 31st 1997.
-              ==========================================
-
-Last Alpha before full release.
--------------------------------
-
-It is our intention that 1.9.17alpha5 be the last alpha
-before the full 1.9.17 release. If you are concerned that
-Samba 1.9.17 compile cleanly out of the box on your platform
-please try 1.9.17alpha5 and make sure it compiles for your
-particular platform. Please let <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-know if you have problems.
-
-The differences between 1.9.17alpha4 and 1.9.17alpha5 are
-mainly tidying code to ensure portability over different
-platforms (although some new code has been added).
-
-Thanks to Cisco for the new netbios alias code support.
-
-Improved browsing support.
---------------------------
-
-Samba now should support propagation of browse lists
-across subnets correctly. Look in the file docs/BROWSING.txt
-as it has been largely re-written to explain how to do this.
-
-*IMPORTANT* All Samba servers acting as local/domain master
-browsers must be running 1.9.17alpha3 (or later).
-
-Thanks to Silicon Graphics for allowing us to test the new
-code on their corporate network.
-
-
-Improved share mode handling
-----------------------------
-
-The handling of share modes has been completely rewritten.
-Samba can now run agressive PC Benchmarks (Ziff-Davis
-NetBench) correctly with many hundreds of concurrent PC's.
-The confidence level on share mode handling in Samba
-is now much higher than it was previously. PC database
-packages should be much safer when run against a
-Samba share. Thanks to Silicon Graphics for testing
-this code for us.
-
-If at all possible compile Samba to use the new share
-mode handling with shared memory (set the flags
-FAST_SHARE_MODES in the Makefile). This will be *much* faster
-than old file-based share modes. FAST_SHARE_MODES have
-been turned on by default on the following platforms in
-the Makefile :
-
-	Linux
-	Solaris
-	BSDI
-	IRIX 5.x.x
-	FreeBSD
-
-Updated smb.conf documentation
-------------------------------
-All options are now documented we believe.
-
-Many bugfixes and improvements
-------------------------------
-From around the 'net around the world. Many
-thanks to everyone who contributed.
-
-Some of the changes since alpha4 are:
-
-*** Alias names for Samba servers.
-*** Fixes for smbtar.
-*** New "follow symlinks" option can prevent any
-    symlink following for security reasons.
-*** Authentication for Kerberos 5 clients (note that
-    this is not the same as the Kerberos 5 Microsoft
-    will be using, that has not yet been documented).
-*** smbpasswd can now add users to the smbpasswd file.
-*** Hex dump style of debug packets.
-
-Remaining known issues with cross-subnet browsing.
---------------------------------------------------
-When nmbd is acting as a WINS server it doesn't handle
-de-registering of members of a WORKGROUP<1e> name correctly.
-The first machine to de-register will remove the name. This
-should be fixed in a later release when group names are
-handled correctly in the WINS code.
-
-Remember - this is new code so there may be
-bugs or problems.
-
-As always, all bugs are our responsibility -
-please report them to :
-
-<a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-
-Regards,
-
-	The Samba Team.
-
-</pre>
-
-<HR size=4>
-<a href="samba.html">SAMBA Web Pages</a> maintained by <A HREF="http://lake.canberra.edu.au/pwb/pwbhome.html"><I>Paul Blackman</I></A>,
- <img src="images/mailto.gif"> <I>ictinus@lake.canberra.edu.au</I>
-<BR> SAMBA created by <I>Andrew Tridgell</I>, <img src="images/mailto.gif"> <A HREF="mailto:samba-bugs@samba.org"><I>samba-bugs@samba.org</I></A>
-<br><font size=-3><i>All trademarks are the sole property of their respective owners.</font><br>
-</BODY>
-</HTML>
diff --git a/whatsnew/samba1.9.17p1.html b/whatsnew/samba1.9.17p1.html
deleted file mode 100755
index 2fbbd62..0000000
--- a/whatsnew/samba1.9.17p1.html
+++ /dev/null
@@ -1,205 +0,0 @@
-<HTML><HEAD><TITLE>Samba: New Patch Release - 1.9.17p1</TITLE></HEAD>
-<BODY background="images/back.gif">
-<p align=center>
-<a href="samba.html"><IMG border=0 SRC="images/sambanew.gif" ALT="****  SAMBA Web Pages  ****"></a>
-<HR size=4 width=75% align=center>
-
-<H3 align=center>
-The Samba Team are pleased to announce Samba 1.9.17p1.
-</H3>
-<pre>
-This is a patch release designed to fix the few bugs that
-users had reported with our last major release, 1.9.17.
-
-This release adds no new functionality, and if you
-were not impacted by the bugs then there is no need
-to upgrade from 1.9.17.
-
-The list of fixed bugs are :
-
--------------------fix list--------------------------------
-Fix for DOS and Windows 95 clients having trouble
-deleting files on a Samba share in a DOS command line 
-environment.
-
-Fixes to set the 'flag' bits correctly when talking to a 
-non-Samba WINS server.
-
-Fix for NT clients being dropped when using security=server.
-
-Fixes to the printer queue reporting code.
-
-Fix for the name map mangle bug (mangling .html -> .htm was
-not working).
-------------------------------------------------------------
-
-The full release notes (from WHATSNEW.txt in the release)
-are listed below.
-
-This new release may be obtained from the following
-URL:
-
-<a href="ftp://samba.org/pub/samba/samba-1.9.17p1.tar.gz">ftp://samba.org/pub/samba/samba-1.9.17p1.tar.gz</a>
-
-as a GNU gzip compressed tar file. Thanks to SGI for
-providing the samba.org Web server hardware.
-
-RedHat rpm packaged files will be built by the Samba 
-team, a further announcement will be provided shortly
-describing their availability.
-
-The samba web pages are found at :
-
-<a href="http://samba.org/">http://samba.org/</a>
-
-As usual, please report any bugs with this release to
-
-<a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-Regards,
-
-	
-	The Samba Team.
-
-----------------cut here for WHATSNEW.txt-------------------
-              WHATS NEW IN 1.9.17p1 - September 5 1997
-              ========================================
-
-New stable patch release: Samba - version 1.9.17p1.
----------------------------------------------------
-
-This is a patch release which superceedes the
-last stable release of Samba, release 1.9.17.
-This release fixes the few bugs that users reported
-in the previous stable release (1.9.17).
-
-These bugfixes are :
-
-Fix for DOS and Windows 95 clients having trouble
-deleting files on a Samba share in a DOS command line 
-environment.
-
-Fixes to set the 'flag' bits correctly when talking to a 
-non-Samba WINS server.
-
-Fix for NT clients being dropped when using security=server.
-
-Fixes to the printer queue reporting code.
-
-Fix for the name map mangle bug (mangling .html -> .htm was
-not working).
-
-If you are not affected by any of these problems then there
-is no need to upgrade.
-
-The release notes from the previous stable release follow.
-
-The Samba Team.
-
--------------Previous release notes-------------------------
-
-New stable release of Samba - 1.9.17
-------------------------------------
-
-This is the new stable release of Samba, superceeding
-the last stable release 1.9.16p11. All users are
-encouraged to upgrade to this new release as there have
-been many improvements to the code since that time.
-
-Changes since 1.9.16p11.
-------------------------
-
-Improved browsing support. 
---------------------------
-
-Samba now should support propagation of browse lists 
-across subnets correctly. Look in the file docs/BROWSING.txt 
-as it has been largely re-written to explain how to do this.
-
-*IMPORTANT* All Samba servers acting as local/domain master
-browsers must be running 1.9.17 (or later).
-
-Thanks to Silicon Graphics for allowing us to test the new 
-code on their corporate network.
-
-
-Improved share mode handling
-----------------------------
-
-The handling of share modes has been completely rewritten.
-Samba can now run agressive PC Benchmarks (Ziff-Davis
-NetBench) correctly with many hundreds of concurrent PC's.
-The confidence level on share mode handling in Samba
-is now much higher than it was previously. PC database
-packages should be safe when run against a Samba share. 
-Thanks to Silicon Graphics for testing this code for us.
-
-If at all possible compile Samba to use the new share
-mode handling with shared memory (set the flags 
-FAST_SHARE_MODES in the Makefile). This will be *much* faster
-than old file-based share modes. FAST_SHARE_MODES have
-been turned on by default on the following platforms in
-the Makefile :
-
-	Linux
-	Solaris
-	BSDI
-	IRIX 5.x.x
-	FreeBSD
-
-Roving profile support.
------------------------
-
-Roving profiles are believed to work correctly
-with Windows NT 4.x and Windows 95. Domain logons
-are fully implemented *for Windows 95 machines only*.
-
-
-Updated documentation
----------------------
-All options are now documented in the smb.conf man page
-we believe. Much work has been done by Samba Team members
-to improve the quality and quantity of the Samba documentation.
-
-Many bugfixes and improvements
-------------------------------
-From around the 'net around the world. Many
-thanks to everyone who contributed.
-
-Commercial thanks.
-------------------
-
-Thanks to Cisco for the new netbios alias code support.
-Thanks to Silicon Graphics for the help with the cross
-subnet browsing and NetBench code.
-Thanks to Whistle for funding one of the Samba Team
-members.
-
-Reporting bugs
---------------
-
-The Samba Team believes that this is a stable
-production release, but all software has bugs.
-If you have problems, or think you have found a
-bug please email a report to :
-
-<a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-Stating the version number of Samba that you
-are running, and *full details* of the steps
-we need to reproduce the problem.
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-	The Samba Team.
-</pre>
-
-<HR size=4>
-<a href="samba.html">SAMBA Web Pages</a> maintained by <A HREF="http://lake.canberra.edu.au/pwb/pwbhome.html"><I>Paul Blackman</I></A>,
- <img src="images/mailto.gif"> <I>ictinus@lake.canberra.edu.au</I>
-<BR> SAMBA created by <I>Andrew Tridgell</I>, <img src="images/mailto.gif"> <A HREF="mailto:samba-bugs@samba.org"><I>samba-bugs@samba.org</I></A>
-<br><font size=-3><i>All trademarks are the sole property of their respective owners.</font><br>
-</BODY>
-</HTML>
diff --git a/whatsnew/samba1.9.17p2.html b/whatsnew/samba1.9.17p2.html
deleted file mode 100755
index eb7ee9b..0000000
--- a/whatsnew/samba1.9.17p2.html
+++ /dev/null
@@ -1,65 +0,0 @@
-<HTML><HEAD><TITLE>Samba: New Patch Release - 1.9.17p2</TITLE></HEAD>
-<BODY background="images/back.gif">
-<p align=center>
-<a href="samba.html"><IMG border=0 SRC="images/sambanew.gif" ALT="****  SAMBA Web Pages  ****"></a>
-<HR size=4 width=75% align=center>
-
-<H3 align=center>
-The Samba Team announce Samba 1.9.17p2.
-</H3>
-<pre>
-Security fix release: Samba - version 1.9.17p2.<p>
-
-This new stable release fixes a very important security hole in all
-versions of Samba.<p>
-
-The security hole allows a remote user to obtain root access on the
-Samba server. A program which exploits this bug has been posted to the
-internet.<p>
-
-The security hole is only known to affect Samba servers running on
-Intel based hardware, and has only been demonstrated for Intel
-Linux. It is likley that exploits for other architectures would be
-very difficult but the possibility cannot be excluded completely.<p>
-
-This patch fixes the security hole for all platforms.<p>
-
-This patch also adds a routine which will log a message when a user
-attempts to take advantage of the security hole.<p>
-
-A number of other minor bugs have also been fixed in this release.<p>
-
-This new release may be obtained from the following
-URL:
-
-<a href="ftp://samba.org/pub/samba/samba-1.9.17p2.tar.gz">ftp://samba.org/pub/samba/samba-1.9.17p2.tar.gz</a>
-
-as a GNU gzip compressed tar file. Thanks to SGI for
-providing the samba.org Web server hardware.
-
-RedHat rpm packaged files will be built by the Samba 
-team, a further announcement will be provided shortly
-describing their availability.
-
-The samba web pages are found at :
-
-<a href="http://samba.org/">http://samba.org/</a>
-
-As usual, please report any bugs with this release to
-
-<a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-Regards,
-
-	
-	The Samba Team.
-
-</pre>
-
-<HR size=4>
-<a href="samba.html">SAMBA Web Pages</a> maintained by <A HREF="http://lake.canberra.edu.au/pwb/pwbhome.html"><I>Paul Blackman</I></A>,
- <img src="images/mailto.gif"> <I>ictinus@lake.canberra.edu.au</I>
-<BR> SAMBA created by <I>Andrew Tridgell</I>, <img src="images/mailto.gif"> <A HREF="mailto:samba-bugs@samba.org"><I>samba-bugs@samba.org</I></A>
-<br><font size=-3><i>All trademarks are the sole property of their respective owners.</font><br>
-</BODY>
-</HTML>
diff --git a/whatsnew/samba1.9.17p3.html b/whatsnew/samba1.9.17p3.html
deleted file mode 100755
index 417e2ce..0000000
--- a/whatsnew/samba1.9.17p3.html
+++ /dev/null
@@ -1,224 +0,0 @@
-<HTML><HEAD><TITLE>Samba: New Patch Release - 1.9.17p3</TITLE></HEAD>
-<BODY background="images/back.gif">
-<p align=center>
-<a href="samba.html"><IMG border=0 SRC="images/sambaani64.gif" ALT="****  SAMBA Web Pages  ****"></a>
-<HR size=4 width=75% align=center>
-
-<H3 align=center>
-The Samba Team are pleased to announce Samba 1.9.17p3.
-</H3>
-<pre>
-This is a patch release designed to fix the few bugs that
-users had reported with our last major release, 1.9.17p2.
-
-This release adds no new functionality, and if you
-were not impacted by the bugs then there is no need
-to upgrade from 1.9.17p2.
-
-Note however, that *all* users should upgrade to at
-least Samba version 1.9.17p2 due to a critical security
-bug fix that was integrated at that time.
-
-This new release may be obtained from the following
-URL:
-
-<a href="ftp://samba.org/pub/samba/samba-1.9.17p3.tar.gz">ftp://samba.org/pub/samba/samba-1.9.17p3.tar.gz</a>
-
-as a GNU gzip compressed tar file. Thanks to SGI for
-providing the samba.org Web server hardware.
-
-RedHat rpm files for Linux will be made available for
-this release, their availability will announced at a
-later date.
-
-Regards,
-
-	The Samba Team.
-
---------------------release notes------------------------
-
-
-              WHATS NEW IN 1.9.17p3 - October 14th 1997
-              ===========================================
-
-Update release: Samba - version 1.9.17p3.
------------------------------------------
-
-This is the latest stable release of Samba. This is the
-version that all production Samba servers should be running
-for all current bug-fixes.
-
-Here are a list of the fixes in this release (the fixes
-introduced between 1.9.17p2 and 1.9.17p3) :
-
-1). Removed truncation problem with long browse lists.
-2). Crash bug when dead share mode memory entries need removing.
-3). Race condition in slow share mode code.
-4). Potential buffer overflow from password server.
-5). Fix for read-prediction growing read-only files.
-6). Many quota code fixes.
-7). Fix for spelling mistake in attack warning :-).
-8). Removed 'ERRbaddirectory' error code - caused problem with
-    Visual Basic apps.
-9). Allow 'hosts allow/deny' to work before client packet parsed.
-10). Wrapping log file causes incorrect errors to be returned to
-     the clients.
-11). Crash fix for nmbd Get_Hostbyname bad return.
-12). 'become_root' 'unbecome_root' added to fix changing uid problems.
-13). No magic scripts or printing done on exceptional file close
-problems.
-
-Reporting bugs
---------------
-
-The Samba Team believes that this is a stable
-production release, but all software has bugs.
-If you have problems, or think you have found a
-bug please email a report to :
-
-<a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-Stating the version number of Samba that you
-are running, and *full details* of the steps
-we need to reproduce the problem.
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-    The Samba Team.
-
--------------Previous release notes-------------------------
-
-Security fix release: Samba - version 1.9.17p2.
-----------------------------------------------
-
-This new stable release fixes a very important security hole in all
-versions of Samba.
-
-The security hole allows a remote user to obtain root access on the
-Samba server. A program which exploits this bug has been posted to the
-internet.
-
-The security hole is only known to affect Samba servers running on
-Intel based hardware, and has only been demonstrated for Intel
-Linux. It is likley that exploits for other architectures would be
-very difficult but the possibility cannot be excluded completely.
-
-This patch fixes the security hole for all platforms.
-
-This patch also adds a routine which will log a message when a user
-attempts to take advantage of the security hole.
-
-A number of other minor bugs have also been fixed in this release.
-
-The Samba Team.
-
-
--------------Previous release notes-------------------------
-
-New stable release of Samba - 1.9.17
-------------------------------------
-
-This is the new stable release of Samba, superceeding
-the last stable release 1.9.16p11. All users are
-encouraged to upgrade to this new release as there have
-been many improvements to the code since that time.
-
-Changes since 1.9.16p11.
-------------------------
-
-Improved browsing support.
---------------------------
-
-Samba now should support propagation of browse lists
-across subnets correctly. Look in the file docs/BROWSING.txt
-as it has been largely re-written to explain how to do this.
-
-*IMPORTANT* All Samba servers acting as local/domain master
-browsers must be running 1.9.17 (or later).
-
-Thanks to Silicon Graphics for allowing us to test the new
-code on their corporate network.
-
-
-Improved share mode handling
-----------------------------
-
-The handling of share modes has been completely rewritten.
-Samba can now run agressive PC Benchmarks (Ziff-Davis
-NetBench) correctly with many hundreds of concurrent PC's.
-The confidence level on share mode handling in Samba
-is now much higher than it was previously. PC database
-packages should be safe when run against a Samba share.
-Thanks to Silicon Graphics for testing this code for us.
-
-If at all possible compile Samba to use the new share
-mode handling with shared memory (set the flags
-FAST_SHARE_MODES in the Makefile). This will be *much* faster
-than old file-based share modes. FAST_SHARE_MODES have
-been turned on by default on the following platforms in
-the Makefile :
-
-	Linux
-	Solaris
-	BSDI
-	IRIX 5.x.x
-	FreeBSD
-
-Roving profile support.
------------------------
-
-Roving profiles are believed to work correctly
-with Windows NT 4.x and Windows 95. Domain logons
-are fully implemented *for Windows 95 machines only*.
-
-
-Updated documentation
----------------------
-All options are now documented in the smb.conf man page
-we believe. Much work has been done by Samba Team members
-to improve the quality and quantity of the Samba documentation.
-
-Many bugfixes and improvements
-------------------------------
-From around the 'net around the world. Many
-thanks to everyone who contributed.
-
-Commercial thanks.
-------------------
-
-Thanks to Cisco for the new netbios alias code support.
-Thanks to Silicon Graphics for the help with the cross
-subnet browsing and NetBench code.
-Thanks to Whistle for funding one of the Samba Team
-members.
-
-Reporting bugs
---------------
-
-The Samba Team believes that this is a stable
-production release, but all software has bugs.
-If you have problems, or think you have found a
-bug please email a report to :
-
-<a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-Stating the version number of Samba that you
-are running, and *full details* of the steps
-we need to reproduce the problem.
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-	The Samba Team.
-</pre>
-
-<HR size=4>
-<a href="samba.html">SAMBA Web Pages</a> maintained by <A HREF="http://lake.canberra.edu.au/pwb/pwbhome.html"><I>Paul Blackman</I></A>,
- <img src="images/mailto.gif"> <I>samba-bugs@samba.org</I>
-<BR> SAMBA created by <I>Andrew Tridgell</I>, <img src="images/mailto.gif"> <A HREF="mailto:samba-bugs@samba.org"><I>samba-bugs@samba.org</I></A>
-<br><font size=-3><i>All trademarks are the sole property of their respective owners.</font><br>
-</BODY>
-</HTML>
diff --git a/whatsnew/samba1.9.17p4.html b/whatsnew/samba1.9.17p4.html
deleted file mode 100755
index 2eb4690..0000000
--- a/whatsnew/samba1.9.17p4.html
+++ /dev/null
@@ -1,95 +0,0 @@
-<HTML><HEAD><TITLE>Samba: New Patch Release - 1.9.17p4</TITLE></HEAD>
-<BODY background="images/back.gif">
-<p align=center>
-<a href="samba.html"><IMG border=0 SRC="images/sambaani64.gif" ALT="****  SAMBA Web Pages  ****"></a>
-<HR size=4 width=75% align=center>
-
-<H3>
-The Samba Team are pleased to announce Samba 1.9.17p4.
-</H3>
-<pre>
-This is a patch release designed to fix the few bugs that
-users had reported with our last major release, 1.9.17p3.
-
-This release adds no new functionality, and if you
-were not impacted by the bugs then there is no need
-to upgrade from 1.9.17p3.
-
-Note however, that *all* users should upgrade to at
-least Samba version 1.9.17p2 due to a critical security
-bug fix that was integrated at that time.
-
-RedHat rpm files for Linux will be made available for 
-this release, their availability will announced at a
-later date.
-
-This new release may be obtained from the following URL:
-<a href="ftp://samba.org/pub/samba/samba-1.9.17p4.tar.gz">ftp://samba.org/pub/samba/samba-1.9.17p4.tar.gz</a>
-
-For details on previous releases see <a href="./samba1.9.17p3.html">samba1.9.17p3.html</a>
-
-Regards,
-
-        The Samba Team.
-
---------------------release notes------------------------
-
-              WHATS NEW IN 1.9.17p4 - October 21st. 1997
-              ==========================================
-
-Update release: Samba - version 1.9.17p4.
------------------------------------------
-
-This is the latest stable release of Samba. This is the
-version that all production Samba servers should be running
-for all current bug-fixes.
-
-Here are a list of the fixes in this release (the fixes
-introduced between 1.9.17p3 and 1.9.17p4) :
-
-1). Fix in nmbd for Windows 95 machines hanging on logout !
-2). Fix for slow share mode code leaving zero length share
-    files.
-3). Fix for security = server, some broken NT4.x servers don't 
-    set the guest bit on connections. New code to check logged 
-    in user matches requested user.
-4). Fix for security = server. Problem with previous workaround
-    which caused machine logon restrictions on an NT server to fail.
-    This code has been completely re-written.
-5). New option 'dos filetimes' to fix UTIME_WORKAROUND problem.
-6). Fix so nmbd ignores loopback packets.
-7). Fix for nmbd ignoring WINS negative responses.
-8). New PAM support from RedHat for new PAM version.
-9). Memory leak fix when files included from an smb.conf
-    are changed.
-10). Client now logs when connecting as 'guest'.
-11). Updated documentation.
-
-Reporting bugs
---------------
-    
-The Samba Team believes that this is a stable
-production release, but all software has bugs. 
-If you have problems, or think you have found a
-bug please email a report to :
-
-<a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-Stating the version number of Samba that you
-are running, and *full details* of the steps  
-we need to reproduce the problem.
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-    The Samba Team.
-</pre>
-
-<HR size=4>
-<a href="samba.html">SAMBA Web Pages</a> maintained by <A HREF="http://lake.canberra.edu.au/pwb/pwbhome.html"><I>Paul Blackman</I></A>,
- <img src="images/mailto.gif"> <I>samba-bugs@samba.org</I>
-<BR> SAMBA created by <I>Andrew Tridgell</I>, <img src="images/mailto.gif"> <A HREF="mailto:samba-bugs@samba.org"><I>samba-bugs@samba.org</I></A>
-<br><font size=-3><i>All trademarks are the sole property of their respective owners.</font><br>
-</BODY>
-</HTML>
diff --git a/whatsnew/samba1.9.17p5.html b/whatsnew/samba1.9.17p5.html
deleted file mode 100755
index 0116719..0000000
--- a/whatsnew/samba1.9.17p5.html
+++ /dev/null
@@ -1,95 +0,0 @@
-<HTML><HEAD><TITLE>Samba: New Patch Release - 1.9.17p4</TITLE></HEAD>
-<BODY background="images/back.gif">
-<p align=center>
-<a href="samba.html"><IMG border=0 SRC="images/sambaani64.gif" ALT="****  SAMBA Web Pages  ****"></a>
-<HR size=4 width=75% align=center>
-
-<H3>
-The Samba Team are pleased to announce Samba 1.9.17p5.
-</H3>
-<pre>
-This is a patch release designed to fix the few bugs that
-users had reported with our last stable release, 1.9.17p4.
-
-This release adds no new functionality, and if you
-were not impacted by the bugs then there is no need
-to upgrade from 1.9.17p4.
-
-Note however, that *all* users should upgrade to at
-least Samba version 1.9.17p2 due to a critical security
-bug fix that was integrated at that time.
-
-This is intended to be the last release in the Samba 
-1.9.17 code series. The next release will be 1.9.18 
-which should be soon. This 1.9.17p5 release is being
-made so that people who wish to stay with the 1.9.17
-series of code for a while will be running with the
-most stable version of that code base available.
-
-The release may be downloaded from the URL :
-
-<a href="ftp://samba.org/pub/samba/samba-1.9.17p5.tar.gz">ftp://samba.org/pub/samba/samba-1.9.17p5.tar.gz</a>
-
-Regards,
-
-       The Samba Team.
-
---------------------release notes------------------------
-
-              WHATS NEW IN 1.9.17p5 - December 19th. 1997
-              ===========================================
-
-Update release: Samba - version 1.9.17p5.
------------------------------------------
-
-This is the latest stable release of Samba. This is the
-version that all production Samba servers should be running
-for all current bug-fixes.
-
-Here are a list of the fixes in this release (the fixes
-introduced between 1.9.17p4 and 1.9.17p5) :
-
-1). Addition of 'remote browse sync' parameter.
-2). Fix for bug where nmbd would not stop announcing itself
-    as a local master browser once it had lost the election.
-3). No longer fill in status fields in node status reply for
-    security.
-4). Code added to seach the nmbd name cache for the results
-    of a previous dns search.
-5). Treat WORKGROUP&lt;1c&gt; names correctly when registering (don't
-    treat them as a normal group name).
-6). Fix bug in the handling of the 'character set' parameter.
-7). Disable read prediction code by default - conflicts with
-    locking fixes.
-8). Fix bug with name mangling with UNIX filenames containing ':'.
-
-Reporting bugs
---------------
-
-The Samba Team believes that this is a stable
-production release, but all software has bugs.
-If you have problems, or think you have found a
-bug please email a report to :
-
-<a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-Stating the version number of Samba that you
-are running, and *full details* of the steps
-we need to reproduce the problem.
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-    The Samba Team.
-
-For details on previous releases see <a href="./samba1.9.17p4.html">samba1.9.17p4.html</a>
-</pre>
-
-<HR size=4>
-<a href="samba.html">SAMBA Web Pages</a> maintained by <A HREF="http://lake.canberra.edu.au/pwb/pwbhome.html"><I>Paul Blackman</I></A>,
- <img src="images/mailto.gif"> <I>samba-bugs@samba.org</I>
-<BR> SAMBA created by <I>Andrew Tridgell</I>, <img src="images/mailto.gif"> <A HREF="mailto:samba-bugs@samba.org"><I>samba-bugs@samba.org</I></A>
-<br><font size=-3><i>All trademarks are the sole property of their respective owners.</font><br>
-</BODY>
-</HTML>
diff --git a/whatsnew/samba1.9.18-glossy.html b/whatsnew/samba1.9.18-glossy.html
deleted file mode 100755
index 31f2213..0000000
--- a/whatsnew/samba1.9.18-glossy.html
+++ /dev/null
@@ -1,218 +0,0 @@
-<HTML><HEAD><TITLE>Glossy press release for Samba 1.9.18</TITLE></HEAD>
-<BODY background="images/back.gif">
-<p align=center>
-<a href="samba.html"><IMG border=0 SRC="images/sambaani64.gif" ALT="****  SAMBA Web Pages  ****"></a>
-<HR size=4 width=75% align=center>
-<h1>Glossy press release for Samba 1.9.18.</h1>
-<p>
-<H3>Samba Team Announces Samba 1.9.18</h3>
-
-<p>
-Canberra, Australia, January 1998 - The Samba Team is pleased to
-announce version 1.9.18 of Samba, the leading file and print server 
-suite for corporate network integration with Microsoft Windows (tm) 
-clients. 
-<p>
-<p>
-<h3>Speed and Internationalization Improvements.</h3>
-
-<p>
-<p>
-With this release, Samba becomes one of the fastest available SMB/CIFS 
-file servers, out-performing many commercial alternatives. Samba now 
-implements the opportunistic locking features of the SMB/CIFS protocol. 
-This can improve file access performance by an order of magnitude over 
-previous versions. Samba has been internally benchmarked as faster than 
-commercially available SMB servers on the same hardware platforms.
-<p>
-<p>
-Samba now provides for dynamic code page support, allowing easy roll-out
-of servers within an international organization. Samba now allows
-network
-administrators to configure the way clients view internationalized
-filenames
-on a server-by-server basis.
-<p>
-<p>
-Servers with multiple network interfaces are now fully supported by
-Samba 
-in the same way as Microsoft Windows NT (tm) servers, allowing network
-administrators to easily load-balance client accesses over all available
-bandwidth.
-<p>
-<p>
-
-Samba also provides automatic downloading of printer drivers for
-Microsoft Windows 95 (tm) clients, allowing it to completely replace
-Microsoft Windows NT servers for both file and printer services.
-
-<p>
-<p>
-Samba has no client license fees, and may be used without cost on any
-compatible server operating system (most versions of UNIX).
-<p>
-<p>
-Samba is the clear choice for robust, scalable, file and print services
-for Microsoft Windows clients and is used by thousands of corporations
-worldwide, as a mission-critical part of their networking
-infrastructure.
-<p>
-For a list of the companies that use Samba, open your browser on the
-URL:
-<p>
-<a href="http://anu.samba.org/samba/survey/">http://anu.samba.org/samba/survey/</a>
-<p>
-To purchase commercial support for Samba, open your browser on the URL:
-<p>
-<a href="ftp://samba.org/pub/samba/Support.txt">ftp://samba.org/pub/samba/Support.txt</a>
-<p>
-<p>
-<p>
-<h3>About the Samba File and Print Server program.</h3>
-
-<p>
-Designed to service any Server Message Block (SMB) file sharing client, 
-Samba is compatible with all Microsoft Networking  clients including 
-Windows 95 (tm), Windows NT (tm) Workstation and Server, Windows for 
-Workgroups (tm), IBM OS/2 (tm), smbfs for Linux and Thursby Software 
-Systems DAVE (tm) Macintosh SMB client.
-<p>
-Samba also functions as a logon server for Windows 95 and supports
-roving 
-profiles. Samba can provide support for over 2,000 clients
-simultaneously
-per samba server and many Samba servers of this scale can work together.
-<p>
-Samba is distinguished by its scalability, speed and flexibility. It is
-freely distributed with source code, and has high-quality support.
-Over a hundred specialist support companies worldwide offer commercial
-support for Samba, which is also supported by copious Internet 
-resources and a mailing list with ten thousand subscribers.
-<p>
-Samba is developed by a team of international developers, in the same
-manner as the Linux operating system, and is shipped as standard with
-most versions of Linux.
-<p>
-With many hundreds of thousands of installed systems around the world, 
-Samba is making it possible for many kinds of systems to share files 
-that have been incompatible until now.
-<p>
-Samba implements the Common Internet Filesystem protocol, the Internet
-Engineering Task Force draft protocol for extending SMB to the Internet.
-Samba keeps pace with CIFS developments. See
-<p>
-<a href="http://anu.samba.org/cifs">http://anu.samba.org/cifs</a>.
-<p>
-Samba runs on UNIX (tm) and near clones from over 30 vendors, besides
-IBM MVS (tm), Digital Equipment VMS (tm), Stratos VOS (tm), all versions 
-of IBM OS/2 Warp (tm), Novell Netware (tm), Amiga OS (tm) and others. 
-Most corporate data servers are supported, besides countless small 
-networks running less powerful operating systems.
-<p>
-Windows NT, Windows 95, Linux, OS/2 Warp, Windows for Workgroups come
-with SMB network file systems by default. Windows 3.1, DOS, AIX and
-others
-have equivalent add-ons. Different SMB clients have different extensions
-and
-different bugs. Samba goes to great lengths to accommodate all clients
-that
-are in use.
-<p>
-<p>
-<h3>More Information and Downloading</h3>
-
-<p>
-<p>
-For more information on Samba see 
-<p>
-        <a href="http://samba.org/">http://samba.org/</a>
-<p>
-Demand for Samba is very high. For a faster download and to minimize
-Internet traffic over the period following this release, please use a
-Samba mirror site. The list of mirror sites is contained in
-<p>
-        <a href="ftp://samba.org/pub/samba/MIRRORS.txt">ftp://samba.org/pub/samba/MIRRORS.txt</a>. 
-<p>
-The official master ftp location is
-<p>
-        <a href="ftp://samba.org/pub/samba/samba-latest.tar.gz">ftp://samba.org/pub/samba/samba-latest.tar.gz</a>
-<p>
-Some of the products mentioned in this document are registered
-trademarks of other companies. The <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a> address
-referred to in this release should not be used for general enquiries or
-support requests. See the web pages for information about the general
-Samba mailing list and a listing of commercial support providers.
-<p>
-<h3>Thanks</h3>
-
-<p>
-This release of Samba was made possible with the generous help of the
-following companies :
-<p>
-<ul>
-<li>Aquasoft Pty Ltd.       : <a href="http://www.aquasoft.com.au">http://www.aquasoft.com.au</a>
-<li>Digital Equipment Corp. : <a href="http://www.digital.com">http://www.digital.com</a>
-<li>NEC Technologies (UK)   : <a href="http://www.nec.com">http://www.nec.com</a>
-<li> Red Hat Software.       : <a href="http://www.redhat.com">http://www.redhat.com</a>
-<li> Silicon Graphics, Inc.  : <a href="http://www.sgi.com">http://www.sgi.com</a>
-<li> Sun Microsystems, Inc.  : <a href="http://www.sun.com">http://www.sun.com</a>
-<li> Whistle Communications  : <a href="http://www.whistle.com">http://www.whistle.com</a>
-</ul>
-
-<p>
-Please note that this does not imply endorsement of Samba by the above
-named companies.
-<p>
-<p>
-<h3>Samba Team members</h3>
-
-<p>
-The Samba Team are :
-<p>
-<ul>
-<li> Jeremy Allison  - Whistle Communications
-<li> Paul Ashton     -
-<li> Paul Blackman   - University of Canberra
-<li> John Blair      - University of Alabama
-<li> Dave Fenwick    - Asset Software
-<li> Chris Hertel    - University of Minnisota
-<li> Simon Hyde      -
-<li> Peter Kelly     - ETS
-<li> Luke Leighton   - Creative Programmer, Developer and Consultant
-<li> Eckert Meyer    - Technical University of Braunschweig
-<li> Richard Sharpe  - NS Computer Software
-<li> Dan Shearer     - University of South Australia
-<li> John Terpstra   - Aquasoft Pty Ltd.
-<li> Andrew Tridgell - Australian National University
-<li> Volker Lendeke  - Service Network, GmbH.
-</ul>
-<p>
-<h3>Copying</h3>
-
-<p>
-Unrestricted reproduction rights of this press release are granted, so
-long as it remains clear that: 
-<p>
-<ul>
-<li> Samba is copyright by the Samba Team, 1992-1997
-<li> Samba is made available freely under the widely-used 
-      GNU public license. A copy of this is at 
-                <a href="ftp://samba.org/pub/samba/COPYING">ftp://samba.org/pub/samba/COPYING</a>
-<li> This license encourages commercial use and modification. The
-only restriction is that all source code incorporating Samba
-must always be freely available
-<li> The contact for all issues related to intellectual
-property rights for Samba is <a
-href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-</ul>
-
-<HR size=4>
-<a href="samba.html">SAMBA Web Pages</a> maintained by <A HREF="http://lake.canberra.edu.au/pwb/pwbhome.html"><I>Paul Blackman</I></A>,
- <img src="images/mailto.gif"> <I>ictinus@lake.canberra.edu.au</I>
-<BR> SAMBA created by <I>Andrew Tridgell</I>, <img src="images/mailto.gif"> <A HREF="mailto:samba-bugs@samba.org"><I>samba-bugs@samba.org</I></A>
-<br><font size=-3><i>All trademarks are the sole property of their respective owners.</font><br>
-</BODY>
-</HTML>
-
-
-
diff --git a/whatsnew/samba1.9.18.html b/whatsnew/samba1.9.18.html
deleted file mode 100755
index 3481f4c..0000000
--- a/whatsnew/samba1.9.18.html
+++ /dev/null
@@ -1,235 +0,0 @@
-<HTML><HEAD><TITLE>Samba - 1.9.18 released</TITLE></HEAD>
-<BODY background="images/back.gif">
-<p align=center>
-<a href="samba.html"><IMG border=0 SRC="images/sambaani64.gif" ALT="****  SAMBA Web Pages  ****"></a>
-<HR size=4 width=75% align=center>
-<h3>The Samba Team are pleased to announce Samba 1.9.18.</h3>
-<pre>
-This is a new major stable release and contains new functionality
-It is recommended that all production server systems upgrade to
-this release.
-
-The release may be downloaded from the URL :
-<a href="ftp://samba.org/pub/samba/samba-1.9.18.tar.gz">ftp://samba.org/pub/samba/samba-1.9.18.tar.gz</a>
-The release notes follow.
-
-Regards,
-
-	Samba Team.
-
-------------------------------------------------------------
-          WHATS NEW IN 1.9.18 - January 7th 1998.
-          =======================================
-
-This is the latest stable release of Samba. This is the
-version that all production Samba servers should be running
-for all current bug-fixes.
-
-This release contains several major changes and much re-written
-code.
-
-The main changes are :
-
-1). Oplock support now operational.
------------------------------------
-
-Samba now supports 'exclusive' and 'batch' oplocks.
-These are an advanced networked file system feature
-that allows clients to obtain a exclusive use of a
-file. This allows a client to cache any changes it
-makes locally, and greatly improves performance.
-
-Windows NT has this feature and prior to this
-release this was one of the reasons Windows NT
-could be faster in some situations. Samba has
-now been benchmarked as out performing Windows
-NT on equivalently priced hardware.
-
-The oplock code in Samba has been extensively
-tested and is believed to be completely stable.
-
-Please report any problems to the samba-bugs alias.
-
-2). NetBIOS name daemon re-written.
------------------------------------
-
-The old nmbd that has caused some users problems
-has now been completely re-written and now is
-much easier to maintain and add changes to.
-
-Changes include support for multi-homed hosts
-in the same way as an NT Server with multiple
-IP interfaces behaves (registers with the WINS
-server as a multi-homed name type), and also
-support for multi-homed name registration in
-the Samba WINS server. Another added feature
-is robustness in the face of WINS server failure,
-nmbd will now keep trying to contact the WINS
-server until it is successful, in the same
-way as an NT Server.
-
-Also in this release is an implementation
-of the Lanman announce protocol used by
-OS/2 clients. Thanks to Jacco de Leeuw for
-this code.
-
-3). New Internationalization support.
--------------------------------------
-
-With this release Samba no longer needs to be
-separately compiled for Japanese (Kanji) support,
-the same binary will serve both Kanji and non-Kanji
-clients.
-
-A new method of dynamically loading client code pages
-has been added to allow the case insensitivity to
-be done dependent on the code page of the client.
-
-Note that Samba still will only handle one client
-code page at a time. This will be fixed when
-Samba is fully UNICODE enabled.
-
-Please see the new man page for make_smbcodepage
-for details on adding additional client code page
-support.
-
-4). New Printing support.
--------------------------
-
-An implementation of the Windows 95 automatic printer
-driver installation has been added to smbd. To use this
-new feature please read the document:
-
-docs/PRINTER_DRIVER.txt
-
-Thanks to Jean-Francois Micouleau, and also Herb Lewis
-of Silicon Graphics for this new code.
-
-Printer support on System V systems (notably Solaris)
-has been improved with the addition of code generously
-donated by Norm Jacobs of Sun Microsystems. Sun have
-also made a Solaris SPARC workstation available to the
-Samba Team to aid in their porting efforts.
-
-
-Changed code.
--------------
-
-Samba no longer needs the libdes library to support
-encrypted passwords. Samba now contains a restricted
-version of DES that can only be used for authentication
-purposes (to comply with the USA export encryption
-regulations and to allow USA Mirror sites to carry
-Samba source code). The 'encrypt passwords' parameter
-may now be used without recompiling.
-
-Much of the internals of Samba has been re-structured
-to support the oplock and Domain controller changes.
-
-Samba now contains an implementation of share modes
-using System V shared memory as well as the mmap()
-based code. This was done to allow the 'FAST_SHARE_MODES'
-to be used on more systems (especially HPUX 9.x) that
-have System V shared memory, but not the mmap() call.
-
-The System V shared memory code is used by default on
-many systems as it has benchmarked as faster on many
-systems.
-
-The Automount code has been slightly re-shuffled, such
-that the home directory (and profile location) can be
-specified by \\%N\homes and \\%N\homes\profiles
-respectively, which are the defaults for these values.
-If -DAUTOMOUNT is enabled, then %N is the server
-component of the user's NIS auto.home entry.  Obviously,
-you will need to be running Samba on the user's home
-server as well as the one they just logged in on.
-
-The RPC Domain code has been moved into a separate directory
-rpc_pipe/, and a LGPL License issued specifically for code
-in this directory.  This is so that people can use this
-code in other projects.
-
-Missing feature.
-----------------
-
-One feature that we wanted to get into this release
-that was not possible due to the re-write of the nmbd
-code was the scalability features in the Samba WINS server.
-This feature is now tentatively scheduled for the next
-release (1.9.19). Apologies to anyone who was hoping
-for this feature to be included. The nmbd re-write
-will make it much easier to add such things in future.
-
-New parameters in smb.conf.
----------------------------
-
-New Global parameters.
-----------------------
-
-Documented in the smb.conf man pages :
-
-	"bind interfaces only"
-
-        "lm announce"
-        "lm interval"
-
-	"logon drive"
-	"logon home"
-
-        "min wins ttl"
-        "max wins ttl"
-
-	"username level"
-
-New Share level parameters.
----------------------------
-
-Documented in the smb.conf man pages :
-
-	"delete veto files"
-	"oplocks"
-
-Nascent web interface for configuration.
-----------------------------------------
-
-source/wsmbconf.c is a cgi-bin program for editing smb.conf. It can
-also be run standalone. This is in a very early stage of development.
-
-Debugging support.
-------------------
-
-smbd and nmbd will now modify their debug log level when
-they receive a USR1 signal (increase debug level by one)
-and USR2 signal (decrease debug level by one). This has
-been added to aid administrators track down faults that
-only occur after long periods of time, or transiently.
-
-Reporting bugs.
----------------
-
-If you have problems, or think you have found a
-bug please email a report to :
-
-	<a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-Please state the version number of Samba that
-you are running, and *full details* of the steps
-we need to reproduce the problem.
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-	The Samba Team.
-</pre>
-<HR size=4>
-<a href="samba.html">SAMBA Web Pages</a> maintained by <A HREF="http://lake.canberra.edu.au/pwb/pwbhome.html"><I>Paul Blackman</I></A>,
- <img src="images/mailto.gif"> <I>ictinus@lake.canberra.edu.au</I>
-<BR> SAMBA created by <I>Andrew Tridgell</I>, <img src="images/mailto.gif"> <A HREF="mailto:samba-bugs@samba.org"><I>samba-bugs@samba.org</I></A>
-<br><font size=-3><i>All trademarks are the sole property of their respective owners.</font><br>
-</BODY>
-</HTML>
-
-
-
diff --git a/whatsnew/samba1.9.18alpha1.html b/whatsnew/samba1.9.18alpha1.html
deleted file mode 100755
index b69ac27..0000000
--- a/whatsnew/samba1.9.18alpha1.html
+++ /dev/null
@@ -1,76 +0,0 @@
-<HTML><HEAD><TITLE>Samba: New Alpha release - 1.9.18alpha1</TITLE></HEAD>
-<BODY background="images/back.gif">
-<p align=center>
-<a href="samba.html"><IMG border=0 SRC="images/sambaani64.gif" ALT="****  SAMBA Web Pages  ****"></a>
-<HR size=4 width=75% align=center>
-
-<H3>
-The Samba Team have just released a new alpha version of
-Samba - 1.9.18alpha1
-</H3>
-<pre>
-This version is not intended for general production use. It is
-instead a snapshot of what we are working on for the next major
-release.
-
-If you are a production site then we recommend you instead use the
-1.9.17 series, the latest of which is 1.9.17p3. We will be releasing
-1.9.17p4 very shortly.
-
-There is quite a bit of new stuff in 1.9.18alpha1. Not all of it has
-had a lot of testing (which is why we are doing an alpha release! we
-need some victims to test this code)
-
-We expect to be releasing quite a few more 1.9.18alpha releases over
-the next few weeks, particularly as the NT domain logon support
-develops. 
-
-Please report problems with this release to
-<a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>. Make sure you make it clear exactly what
-version you are running. Don't just say "the latest alpha" as that
-could change by the time you press the send key.
-
-New stuff
----------
-
-- fully integrated password encryption support. You now don't need to
-use a separate DES library, all the necessary code is built in (in
-such a way that it does not come within ITAR restrictions). Encryption
-is always compiled in (no compile time option) but you can
-enable/disable it in smb.conf
-
-- oplock support. Oplocks are a way for SMB clients to do safe client
-side cacheing. This can make many things speed up a lot. This is on by
-default. You can disable it on a per-share basis.
-
-- preliminary NT domain logon support. This is still very
-experimental. You need to compile with NTDOMAIN=1 to use it. Luke will
-probably post some instructions on how to set it up. If you enable
-this then you may find that lots of things break (browsing from NT
-workstations for example)
-
-- lots of new parsing, list-handling etc code from Chris
-
-- several bug fixes (which will also be in the 1.9.17p4 release). For
-example, the "freeze on logout" bug is fixed.
-
-- lots of other minor changes, too numerous to list here (see the cvs
-logs for full details)
-
-
-Hmmm, anything else to mention? Oh yes, you can get it from:
-
-<a href="ftp://samba.org/pub/samba/alpha/">ftp://samba.org/pub/samba/alpha/</a>
-
-Regards,
-
-	The Samba Team.
-</pre>
-
-<HR size=4>
-<a href="samba.html">SAMBA Web Pages</a> maintained by <A HREF="http://lake.canberra.edu.au/pwb/pwbhome.html"><I>Paul Blackman</I></A>,
- <img src="images/mailto.gif"> <I>samba-bugs@samba.org</I>
-<BR> SAMBA created by <I>Andrew Tridgell</I>, <img src="images/mailto.gif"> <A HREF="mailto:samba-bugs@samba.org"><I>samba-bugs@samba.org</I></A>
-<br><font size=-3><i>All trademarks are the sole property of their respective owners.</font><br>
-</BODY>
-</HTML>
diff --git a/whatsnew/samba1.9.18alpha11.html b/whatsnew/samba1.9.18alpha11.html
deleted file mode 100755
index 6af5617..0000000
--- a/whatsnew/samba1.9.18alpha11.html
+++ /dev/null
@@ -1,18 +0,0 @@
-<HTML><HEAD><TITLE>Samba - 1.9.18alpha11 released</TITLE></HEAD>
-<BODY background="images/back.gif">
-<p align=center>
-<a href="samba.html"><IMG border=0 SRC="images/sambaani64.gif" ALT="****  SAMBA Web Pages  ****"></a>
-<HR size=4 width=75% align=center>
-<h3>Samba 1.9.18alpha11 is now available</h3>
-
-<a href="ftp://samba.org/pub/samba/alpha/samba-1.9.18alpha11.tar.gz">ftp://samba.org/pub/samba/alpha/samba-1.9.18alpha11.tar.gz</a>
-
-<p>For those of you following the rapid releases of the 1.9.18alpha series, don't forget you don't have to wait for announcements to make sure you've got the latest. Just check out the alpha directory of the ftp site:
-<br><a href="ftp://samba.org/pub/samba/alpha/">ftp://samba.org/pub/samba/alpha/</a>
-<HR size=4>
-<a href="samba.html">SAMBA Web Pages</a> maintained by <A HREF="http://lake.canberra.edu.au/pwb/pwbhome.html"><I>Paul Blackman</I></A>,
- <img src="images/mailto.gif"> <I>ictinus@lake.canberra.edu.au</I>
-<BR> SAMBA created by <I>Andrew Tridgell</I>, <img src="images/mailto.gif"> <A HREF="mailto:samba-bugs@samba.org"><I>samba-bugs@samba.org</I></A>
-<br><font size=-3><i>All trademarks are the sole property of their respective owners.</font><br>
-</BODY>
-</HTML>
diff --git a/whatsnew/samba1.9.18alpha12.html b/whatsnew/samba1.9.18alpha12.html
deleted file mode 100755
index bdfcf3a..0000000
--- a/whatsnew/samba1.9.18alpha12.html
+++ /dev/null
@@ -1,18 +0,0 @@
-<HTML><HEAD><TITLE>Samba - 1.9.18alpha12 released</TITLE></HEAD>
-<BODY background="images/back.gif">
-<p align=center>
-<a href="samba.html"><IMG border=0 SRC="images/sambaani64.gif" ALT="****  SAMBA Web Pages  ****"></a>
-<HR size=4 width=75% align=center>
-<h3>Samba 1.9.18alpha12 is now available</h3>
-
-<a href="ftp://samba.org/pub/samba/alpha/samba-1.9.18alpha12.tar.gz">ftp://samba.org/pub/samba/alpha/samba-1.9.18alpha12.tar.gz</a>
-
-<p>For those of you following the rapid releases of the 1.9.18alpha series, don't forget you don't have to wait for announcements to make sure you've got the latest. Just check out the alpha directory of the ftp site:
-<br><a href="ftp://samba.org/pub/samba/alpha/">ftp://samba.org/pub/samba/alpha/</a>
-<HR size=4>
-<a href="samba.html">SAMBA Web Pages</a> maintained by <A HREF="http://lake.canberra.edu.au/pwb/pwbhome.html"><I>Paul Blackman</I></A>,
- <img src="images/mailto.gif"> <I>ictinus@lake.canberra.edu.au</I>
-<BR> SAMBA created by <I>Andrew Tridgell</I>, <img src="images/mailto.gif"> <A HREF="mailto:samba-bugs@samba.org"><I>samba-bugs@samba.org</I></A>
-<br><font size=-3><i>All trademarks are the sole property of their respective owners.</font><br>
-</BODY>
-</HTML>
diff --git a/whatsnew/samba1.9.18alpha13.html b/whatsnew/samba1.9.18alpha13.html
deleted file mode 100755
index 0159fa1..0000000
--- a/whatsnew/samba1.9.18alpha13.html
+++ /dev/null
@@ -1,235 +0,0 @@
-<HTML><HEAD><TITLE>Samba - 1.9.18alpha12 released</TITLE></HEAD>
-<BODY background="images/back.gif">
-<p align=center>
-<a href="samba.html"><IMG border=0 SRC="images/sambaani64.gif" ALT="****  SAMBA Web Pages  ****"></a>
-<HR size=4 width=75% align=center>
-<h3>The Samba Team are pleased to announce Samba 1.9.18alpha13.</h3>
-
-<pre>
-This code release is very close to what we hope will become
-the 1.9.18 official release. Because of this, we would
-encourage as many people as possible to download and test
-this new release on their particular systems, in order to
-ensure as stable an official release as possible.
-
-Please bear in mind that this is still an alpha release
-and it is not recommended to run this code on a production
-server system.
-
-This release is available from :
-
-<a href="ftp://samba.org/pub/samba/alpha/samba-1.9.18alpha13.tar.gz">ftp://samba.org/pub/samba/alpha/samba-1.9.18alpha13.tar.gz</a>
-
-Please report any bugs to <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-Here are the release notes
-
---------------------------------------------------------------
-          WHATS NEW IN 1.9.18alpha13 Dec 15th 1997
-          ========================================
-
-This is NOT a production release of Samba code.
-For production servers please run Samba 1.9.17p4
-or later releases in the 1.9.17 series.
-
-In this release (1.9.18alpha13) the Domain controller
-code should not be turned on. The Domain controller
-code stream is now being developed in a separate code
-development branch. To participate in this important
-work, send an email to :
-
-<a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-to get instructions on how to gain access to
-the latest Domain controller code.
-
-This release contains three major changes to the
-1.9.17 series and much re-written code.
-
-The main changes are :
-
-1). Oplock support now operational.
------------------------------------
-
-Samba now supports 'exclusive' and 'batch' oplocks.
-These are an advanced networked file system feature
-that allows clients to obtain a exclusive use of a
-file. This allows a client to cache any changes it
-makes locally, and greatly improves performance.
-
-Windows NT has this feature and prior to this
-release this was one of the reasons Windows NT
-could be faster in some situations. Samba has
-now been benchmarked as out-performing Windows
-NT on equivalently priced hardware.
-
-The oplock code in Samba has been extensively
-tested and is believed to be completely stable.
-
-Please report any problems to the samba-bugs alias.
-
-2). NetBIOS name daemon re-written.
------------------------------------
-
-The old nmbd that has caused some users problems
-has now been completely re-written and now is
-much easier to maintain and add changes to.
-
-Changes include support for multi-homed hosts
-in the same way as an NT Server with multiple
-IP interfaces behaves (registers with the WINS
-server as a multi-homed name type), and also
-support for multi-homed name registration in
-the Samba WINS server. Another added feature
-is robustness in the face of WINS server failure,
-nmbd will now keep trying to contact the WINS
-server until it is successful, in the same
-way as an NT Server.
-
-Also in this release is an implementation
-of the Lanman announce protocol used by
-OS/2 clients. Thanks to Jacco de Leeuw for
-this code.
-
-3). New Internationalization support.
--------------------------------------
-
-With this release Samba no longer needs to be
-separately compiled for Japanese (Kanji) support,
-the same binary will serve both Kanji and non-Kanji
-clients.
-
-A new method of dynamically loading client code pages
-has been added to allow the case insensitivity to
-be done dependent on the code page of the client.
-
-Note that Samba still will only handle one client
-code page at a time. This will be fixed when
-Samba is fully UNICODE enabled.
-
-Please see the new man page for make_smbcodepage
-for details on adding additional client code page
-support.
-
-
-Changed code.
--------------
-
-Samba no longer needs the libdes library to support
-encrypted passwords. Samba now contains a restricted
-version of DES that can only be used for authentication
-purposes (to comply with the USA export encryption
-regulations and to allow USA Mirror sites to carry
-Samba source code). The 'encrypt passwords' parameter
-may now be used without recompiling.
-
-Much of the internals of Samba has been re-structured
-to support the oplock and Domain controller changes.
-
-An implementation of the Windows 95 automatic printer
-driver installation has been added to smbd. To use this
-new feature please read the document:
-
-docs/PRINTER_DRIVER.txt
-
-Thanks to Jean-Francois Micouleau for this new code.
-
-Printer support on System V systems (notably Solaris)
-has been improved with the addition of code generously
-donated by Norm Jacobs of Sun Microsystems. Sun have
-also made a Solaris SPARC workstation available to the
-Samba Team to aid in their porting efforts.
-
-Samba now contains an implementation of share modes
-using System V shared memory as well as the mmap()
-based code. This was done to allow the 'FAST_SHARE_MODES'
-to be used on more systems (especially HPUX 9.x) that
-have System V shared memory, but not the mmap() call.
-
-The System V shared memory code is used by default on
-many systems as it has benchmarked as faster on many
-systems.
-
-The Automount code has been slightly re-shuffled, such
-that the home directory (and profile location) can be
-specified by \\%N\homes and \\%N\homes\profiles
-respectively, which are the defaults for these values.
-If -DAUTOMOUNT is enabled, then %N is the server
-component of the user's NIS auto.home entry.  Obviously,
-you will need to be running Samba on the user's home
-server as well as the one they just logged in on.
-
-The RPC Domain code has been moved into a separate directory
-rpc_pipe/, and a LGPL License issued specifically for code
-in this directory.  This is so that people can use this
-code in other projects.
-
-Missing feature.
-----------------
-
-One feature that we wanted to get into this release
-that was not possible due to the re-write of the nmbd
-code was the scalability features in the Samba WINS server.
-This feature is now tentatively scheduled for the next
-release (1.9.19). Apologies to anyone who was hoping
-for this feature to be included. The nmbd re-write
-will make it much easier to add such things in future.
-
-New parameters in smb.conf.
----------------------------
-
-New Global parameters.
-----------------------
-
-Documented in the smb.conf man pages :
-
-	"bind interfaces only"
-
-        "lm announce"
-        "lm interval"
-
-	"logon drive"
-	"logon home"
-
-        "min wins ttl"
-        "max wins ttl"
-
-	"username level"
-
-New Share level parameters.
----------------------------
-
-Documented in the smb.conf man pages :
-
-	"delete veto files"
-	"oplocks"
-
-
-Reporting bugs.
----------------
-
-If you have problems, or think you have found a
-bug please email a report to :
-
-	<a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-Please state the version number of Samba that
-you are running, and *full details* of the steps
-we need to reproduce the problem.
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-	The Samba Team.
-</pre>
-<hr>
-<p>For those of you following the rapid releases of the 1.9.18alpha series, don't forget you don't have to wait for announcements to make sure you've got the latest. Just check out the alpha directory of the ftp site:
-<br><a href="ftp://samba.org/pub/samba/alpha/">ftp://samba.org/pub/samba/alpha/</a>
-<HR size=4>
-<a href="samba.html">SAMBA Web Pages</a> maintained by <A HREF="http://lake.canberra.edu.au/pwb/pwbhome.html"><I>Paul Blackman</I></A>,
- <img src="images/mailto.gif"> <I>ictinus@lake.canberra.edu.au</I>
-<BR> SAMBA created by <I>Andrew Tridgell</I>, <img src="images/mailto.gif"> <A HREF="mailto:samba-bugs@samba.org"><I>samba-bugs@samba.org</I></A>
-<br><font size=-3><i>All trademarks are the sole property of their respective owners.</font><br>
-</BODY>
-</HTML>
diff --git a/whatsnew/samba1.9.18alpha14.html b/whatsnew/samba1.9.18alpha14.html
deleted file mode 100755
index 7166965..0000000
--- a/whatsnew/samba1.9.18alpha14.html
+++ /dev/null
@@ -1,248 +0,0 @@
-<HTML><HEAD><TITLE>Samba - 1.9.18alpha12 released</TITLE></HEAD>
-<BODY background="images/back.gif">
-<p align=center>
-<a href="samba.html"><IMG border=0 SRC="images/sambaani64.gif" ALT="****  SAMBA Web Pages  ****"></a>
-<HR size=4 width=75% align=center>
-<h3>The Samba Team are pleased to announce Samba 1.9.18alpha14.</h3>
-<pre>
-It is hoped that this will be the last alpha release before
-the 1.9.18 official release. Because of this, we would
-encourage as many people as possible to download and test
-this new release on their particular systems, in order to
-ensure as stable an official release as possible.
-
-Please bear in mind that this is still an alpha release
-and it is not recommended to run this code on a production
-server system.
-
-This release is available from :
-
-<a href="ftp://samba.org/pub/samba/alpha/samba-1.9.18alpha14.tar.gz">ftp://samba.org/pub/samba/alpha/samba-1.9.18alpha14.tar.gz</a>
-
-Please report any bugs to <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-Here are the release notes
-
---------------------------------------------------------------
-          WHATS NEW IN 1.9.18alpha14 Dec 23rd 1997
-          ========================================
-
-This is NOT a production release of Samba code.
-For production servers please run Samba 1.9.17p5
-or later releases in the 1.9.17 series.
-
-In this release (1.9.18alpha14) the Domain controller
-code should not be turned on. The Domain controller
-code stream is now being developed in a separate code
-development branch. To participate in this important
-work, read the instructions on how to get the source
-code for the BRANCH_NTDOM Samba branch in the document
-
-docs/CVS_ACCESS.txt
-
-available in this Samba release.
-
-This release contains three major changes to the
-1.9.17 series and much re-written code.
-
-The main changes are :
-
-1). Oplock support now operational.
------------------------------------
-
-Samba now supports 'exclusive' and 'batch' oplocks.
-These are an advanced networked file system feature
-that allows clients to obtain a exclusive use of a
-file. This allows a client to cache any changes it
-makes locally, and greatly improves performance.
-
-Windows NT has this feature and prior to this
-release this was one of the reasons Windows NT
-could be faster in some situations. Samba has
-now been benchmarked as out performing Windows
-NT on equivalently priced hardware.
-
-The oplock code in Samba has been extensively
-tested and is believed to be completely stable.
-
-Please report any problems to the samba-bugs alias.
-
-2). NetBIOS name daemon re-written.
------------------------------------
-
-The old nmbd that has caused some users problems
-has now been completely re-written and now is
-much easier to maintain and add changes to.
-
-Changes include support for multi-homed hosts
-in the same way as an NT Server with multiple
-IP interfaces behaves (registers with the WINS
-server as a multi-homed name type), and also
-support for multi-homed name registration in
-the Samba WINS server. Another added feature
-is robustness in the face of WINS server failure,
-nmbd will now keep trying to contact the WINS
-server until it is successful, in the same
-way as an NT Server.
-
-Also in this release is an implementation
-of the Lanman announce protocol used by
-OS/2 clients. Thanks to Jacco de Leeuw for
-this code.
-
-3). New Internationalization support.
--------------------------------------
-
-With this release Samba no longer needs to be
-separately compiled for Japanese (Kanji) support,
-the same binary will serve both Kanji and non-Kanji
-clients.
-
-A new method of dynamically loading client code pages
-has been added to allow the case insensitivity to
-be done dependent on the code page of the client.
-
-Note that Samba still will only handle one client
-code page at a time. This will be fixed when
-Samba is fully UNICODE enabled.
-
-Please see the new man page for make_smbcodepage
-for details on adding additional client code page
-support.
-
-
-Changed code.
--------------
-
-Samba no longer needs the libdes library to support
-encrypted passwords. Samba now contains a restricted
-version of DES that can only be used for authentication
-purposes (to comply with the USA export encryption
-regulations and to allow USA Mirror sites to carry
-Samba source code). The 'encrypt passwords' parameter
-may now be used without recompiling.
-
-Much of the internals of Samba has been re-structured
-to support the oplock and Domain controller changes.
-
-An implementation of the Windows 95 automatic printer
-driver installation has been added to smbd. To use this
-new feature please read the document:
-
-docs/PRINTER_DRIVER.txt
-
-Thanks to Jean-Francois Micouleau for this new code.
-
-Printer support on System V systems (notably Solaris)
-has been improved with the addition of code generously
-donated by Norm Jacobs of Sun Microsystems. Sun have
-also made a Solaris SPARC workstation available to the
-Samba Team to aid in their porting efforts.
-
-Samba now contains an implementation of share modes
-using System V shared memory as well as the mmap()
-based code. This was done to allow the 'FAST_SHARE_MODES'
-to be used on more systems (especially HPUX 9.x) that
-have System V shared memory, but not the mmap() call.
-
-The System V shared memory code is used by default on
-many systems as it has benchmarked as faster on many
-systems.
-
-The Automount code has been slightly re-shuffled, such
-that the home directory (and profile location) can be
-specified by \\%N\homes and \\%N\homes\profiles
-respectively, which are the defaults for these values.
-If -DAUTOMOUNT is enabled, then %N is the server
-component of the user's NIS auto.home entry.  Obviously,
-you will need to be running Samba on the user's home
-server as well as the one they just logged in on.
-
-The RPC Domain code has been moved into a separate directory
-rpc_pipe/, and a LGPL License issued specifically for code
-in this directory.  This is so that people can use this
-code in other projects.
-
-Missing feature.
-----------------
-
-One feature that we wanted to get into this release
-that was not possible due to the re-write of the nmbd
-code was the scalability features in the Samba WINS server.
-This feature is now tentatively scheduled for the next
-release (1.9.19). Apologies to anyone who was hoping
-for this feature to be included. The nmbd re-write
-will make it much easier to add such things in future.
-
-New parameters in smb.conf.
----------------------------
-
-New Global parameters.
-----------------------
-
-Documented in the smb.conf man pages :
-
-	"bind interfaces only"
-
-        "lm announce"
-        "lm interval"
-
-	"logon drive"
-	"logon home"
-
-        "min wins ttl"
-        "max wins ttl"
-
-	"username level"
-
-New Share level parameters.
----------------------------
-
-Documented in the smb.conf man pages :
-
-	"delete veto files"
-	"oplocks"
-
-Nascent web interface for configuration.
-----------------------------------------
-
-source/wsmbconf.c is a cgi-bin program for editing smb.conf. It can
-also be run standalone. This is in a very early stage of development.
-
-Debugging support.
-------------------
-
-smbd and nmbd will now modify their debug log level when
-they receive a USR1 signal (increase debug level by one)
-and USR2 signal (decrease debug level by one). This has
-been added to aid administrators track down faults that
-only occur after long periods of time, or transiently.
-
-Reporting bugs.
----------------
-
-If you have problems, or think you have found a
-bug please email a report to :
-
-	<a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-Please state the version number of Samba that
-you are running, and *full details* of the steps
-we need to reproduce the problem.
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-	The Samba Team.
-</pre>
-<hr>
-<p>For those of you following the rapid releases of the 1.9.18alpha series, don't forget you don't have to wait for announcements to make sure you've got the latest. Just check out the alpha directory of the ftp site:
-<br><a href="ftp://samba.org/pub/samba/alpha/">ftp://samba.org/pub/samba/alpha/</a>
-<HR size=4>
-<a href="samba.html">SAMBA Web Pages</a> maintained by <A HREF="http://lake.canberra.edu.au/pwb/pwbhome.html"><I>Paul Blackman</I></A>,
- <img src="images/mailto.gif"> <I>ictinus@lake.canberra.edu.au</I>
-<BR> SAMBA created by <I>Andrew Tridgell</I>, <img src="images/mailto.gif"> <A HREF="mailto:samba-bugs@samba.org"><I>samba-bugs@samba.org</I></A>
-<br><font size=-3><i>All trademarks are the sole property of their respective owners.</font><br>
-</BODY>
-</HTML>
diff --git a/whatsnew/samba1.9.18alpha3.html b/whatsnew/samba1.9.18alpha3.html
deleted file mode 100755
index afe81ec..0000000
--- a/whatsnew/samba1.9.18alpha3.html
+++ /dev/null
@@ -1,196 +0,0 @@
-<HTML><HEAD><TITLE>Samba: New Alpha release - 1.9.18alpha3</TITLE></HEAD>
-<BODY background="images/back.gif">
-<p align=center>
-<a href="samba.html"><IMG border=0 SRC="images/sambaani64.gif" ALT="****  SAMBA Web Pages  ****"></a>
-<HR size=4 width=75% align=center>
-
-<H3>
-The Samba Team are pleased to announce Samba 1.9.18alpha3.
-</H3>
-<pre>
-This release is being made as alpha3, as an
-incorrect alpha2 was temporarily available from
-the Samba ftp site. As we have no way of knowing
-if some people downloaded this incorrect release
-the safest course seemed to be to increment the
-alpha release number as we wish there to be no
-confusion between releases.
-
-This release is available from :
-
-<a href="ftp://samba.org/pub/samba/alpha/samba-1.9.18alpha3.tar.gz">ftp://samba.org/pub/samba/alpha/samba-1.9.18alpha3.tar.gz</a>
-
-Please report any bugs to <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-Without further ado, here are the release notes
-
--------------------------------------------------------
-
-          WHATS NEW IN 1.9.18alpha3 Oct 21st 1997
-          =======================================
-
-This is NOT a production release of Samba code.
-For production servers please run Samba 1.9.17p4
-or later releases in the 1.9.17 series.
-
-This release is being made as alpha3, as an
-incorrect alpha2 was temporarily available from
-the Samba ftp site. As we have no way of knowing
-if some people downloaded this incorrect release
-the safest course seemed to be to increment the
-alpha release number as we wish there to be no
-confusion between releases.
-
-This release contains some experimental features and
-changes and is being made available so people can
-test and provide feedback and patches for ongoing
-Samba development.
-
-Please note that only the Domain controler code
-is truly experimental. The other changes have
-been extensively tested and are of the same
-quality as normal Samba alpha releases. The
-Domain controler code is disabled in the Makefile
-by default and is being made available to Samba
-programmers in the interests of advancing a 
-public implementation of this important protocol.
-
-This release contains three major changes to the 
-1.9.17 series and much re-written code.
-
-The main changes are :
-
-1). Oplock support now operational.
------------------------------------
-
-Samba now supports 'exclusive' and 'batch' oplocks.
-These are an advanced networked file system feature
-that allows clients to obtain a exclusive use of a 
-file. This allows a client to cache any changes it
-makes locally, and greatly improves performance.
-
-Windows NT has this feature and prior to this
-release this was one of the reasons Windows NT
-could be faster in some situations.
-
-The oplock code in Samba has been extensively
-tested and is believed to be completely stable.
-
-Please report any problems to the samba-bugs alias.
-
-2). Experimental Domain controler code.
----------------------------------------
-
-Samba now contains a *VERY* experimental
-implementation of part of the Windows NT
-4.x Domain Controler specification, as
-published by Paul Ashton (now a Samba Team
-member). This code is not enabled in the
-Makefile by default, and to work on this 
-code you must read the file :
-
-   docs/NTDOMAIN.txt
-
-Please note that as this code is not complete.
-It is being made available as part of this
-release to allow interested parties to contribute
-and help the Samba Team in implementing this
-important feature.
-
-Please do not expect to be able to replace your
-NT Domain Controlers with Samba until this code
-is finished, tested and an announcement is made.
-
-At present the Domain Controler code is for 
-programmers and people interested in Microsoft 
-protocols only.
-
-3). New Internationalization support.
--------------------------------------
-
-With this release Samba no longer needs to be
-separately compiled for Japanese (Kanji) support,
-the same binary will serve both Kanji and non-Kanji
-clients.
-
-A new method of dynamically loading client code pages
-has been added to allow the case insensitivity to
-be done dependent on the code page of the client.
-
-Note that Samba still will only handle one client
-code page at a time. This will be fixed when
-Samba is fully UNICODE enabled.
-
-Please see the new man page for make_smbcodepage
-for details on adding additional client code page
-support.
-
-Changed code.
--------------
-
-Samba no longer needs the libdes library to support
-encrypted passwords. Samba now contains a restricted
-version of DES that can only be used for authentication
-purposes (to comply with the USA export encryption
-regulations and to allow USA Mirror sites to carry
-Samba source code). The 'encrypt passwords' parameter
-may now be used without recompiling.
-
-Much of the internals of Samba has been re-structured
-to support the oplock and Domain controler changes.
-
-New parameters in smb.conf.
----------------------------
-
-New Global parameters.
-----------------------
-
-Documented in the smb.con man pages :
-
-"bind interfaces only"
-"username level"
-
-Not yet documented in the smb.conf man page, please 
-read docs/NTDOMAIN.txt for information on the next 
-parameters.
-
-"domain sid"
-"domain groups"
-"logon drive"
-"logon home"
-
-New Share level parameters.
----------------------------
-
-Documented in the smb.con man pages :
-
-"delete veto files"
-"oplocks"
-
-
-Reporting bugs.
----------------
-
-If you have problems, or think you have found a
-bug please email a report to :
-
-<a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-Stating the version number of Samba that you
-are running, and *full details* of the steps
-we need to reproduce the problem.
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-	The Samba Team.
-</pre>
-
-<HR size=4>
-<a href="samba.html">SAMBA Web Pages</a> maintained by <A HREF="http://lake.canberra.edu.au/pwb/pwbhome.html"><I>Paul Blackman</I></A>,
- <img src="images/mailto.gif"> <I>samba-bugs@samba.org</I>
-<BR> SAMBA created by <I>Andrew Tridgell</I>, <img src="images/mailto.gif"> <A HREF="mailto:samba-bugs@samba.org"><I>samba-bugs@samba.org</I></A>
-<br><font size=-3><i>All trademarks are the sole property of their respective owners.</font><br>
-</BODY>
-</HTML>
diff --git a/whatsnew/samba1.9.18p1.html b/whatsnew/samba1.9.18p1.html
deleted file mode 100755
index fd3ec36..0000000
--- a/whatsnew/samba1.9.18p1.html
+++ /dev/null
@@ -1,267 +0,0 @@
-<HTML><HEAD><TITLE>Samba: New Patch Release - 1.9.18p1</TITLE></HEAD>
-<BODY background="images/back.gif">
-<p align=center>
-<a href="samba.html"><IMG border=0 SRC="images/sambaani64.gif" ALT="****  SAMBA Web Pages  ****"></a>
-<HR size=4 width=75% align=center>
-
-<H3>
-The Samba Team are pleased to announce Samba 1.9.18p1.
-</H3>
-<pre>
-It may be fetched via ftp from :
-
-<a href="ftp://samba.org/pub/samba/samba-1.9.18p1.tar.gz">ftp://samba.org/pub/samba/samba-1.9.18p1.tar.gz</a>
-
-This is a bugfix release, designed to address issues
-that users have reported with the 1.9.18 major release.
-
-Due to an oplock problem in 1.9.18 (fixed in this 
-release) that could cause data loss in certain 
-circumstances, it is recommended that all 1.9.18 
-users upgrade to 1.9.18p1.
-
-The release notes follow.
-
-Please report all problems to :
-
-<a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-Regards,
-
-	The Samba Team.
-
---------------release notes------------------------------
-
-          WHATS NEW IN 1.9.18p1 - January 12th 1998.
-          ==========================================
-
-This is the latest stable release of Samba. This is the
-version that all production Samba servers should be running
-for all current bug-fixes.
-
-Bugfixes added since 1.9.18
----------------------------
-
-1). Fix for oplock-break problem. If an open crossed
-with an oplock break on the wire it was possible for the 
-same fnum to be re-used. This caused a rare but fatal
-problem.
-2). Fix for adding printers to Windows NT 4.x. Now
-return correct "no space error" when buffer of zero 
-given.
-3). Fix for nmbd core dumps when running on architectures
-that cannot access structures on non-aligned boundaries
-(sparc, alpha etc).
-4). Compiler warnings in nmbd fixed.
-5). Makefile updated for Linux 2.0 versions (new smbmount
-commands should only be compiled for 2.1.x kernels).
-6). Addition of a timestamp to attack warning messages.
-
-Changes in 1.9.18.
-------------------
-
-This release contains several major changes and much re-written 
-code.
-
-The main changes are :
-
-1). Oplock support now operational.
------------------------------------
-
-Samba now supports 'exclusive' and 'batch' oplocks.
-These are an advanced networked file system feature
-that allows clients to obtain a exclusive use of a 
-file. This allows a client to cache any changes it
-makes locally, and greatly improves performance.
-
-Windows NT has this feature and prior to this
-release this was one of the reasons Windows NT
-could be faster in some situations. Samba has
-now been benchmarked as out performing Windows
-NT on equivalently priced hardware.
-
-The oplock code in Samba has been extensively
-tested and is believed to be completely stable.
-
-Please report any problems to the samba-bugs alias.
-
-2). NetBIOS name daemon re-written.
------------------------------------
-
-The old nmbd that has caused some users problems
-has now been completely re-written and now is
-much easier to maintain and add changes to.
-
-Changes include support for multi-homed hosts
-in the same way as an NT Server with multiple
-IP interfaces behaves (registers with the WINS
-server as a multi-homed name type), and also
-support for multi-homed name registration in
-the Samba WINS server. Another added feature
-is robustness in the face of WINS server failure,
-nmbd will now keep trying to contact the WINS 
-server until it is successful, in the same
-way as an NT Server.
-
-Also in this release is an implementation
-of the Lanman announce protocol used by
-OS/2 clients. Thanks to Jacco de Leeuw for 
-this code.
-
-3). New Internationalization support.
--------------------------------------
-
-With this release Samba no longer needs to be
-separately compiled for Japanese (Kanji) support,
-the same binary will serve both Kanji and non-Kanji
-clients.
-
-A new method of dynamically loading client code pages
-has been added to allow the case insensitivity to
-be done dependent on the code page of the client.
-
-Note that Samba still will only handle one client
-code page at a time. This will be fixed when
-Samba is fully UNICODE enabled.
-
-Please see the new man page for make_smbcodepage
-for details on adding additional client code page
-support.
-
-4). New Printing support.
--------------------------
-
-An implementation of the Windows 95 automatic printer
-driver installation has been added to smbd. To use this
-new feature please read the document:
-
-docs/PRINTER_DRIVER.txt
-
-Thanks to Jean-Francois Micouleau, and also Herb Lewis
-of Silicon Graphics for this new code.
-
-Printer support on System V systems (notably Solaris)
-has been improved with the addition of code generously
-donated by Norm Jacobs of Sun Microsystems. Sun have
-also made a Solaris SPARC workstation available to the
-Samba Team to aid in their porting efforts.
-
-
-Changed code.
--------------
-
-Samba no longer needs the libdes library to support
-encrypted passwords. Samba now contains a restricted
-version of DES that can only be used for authentication
-purposes (to comply with the USA export encryption
-regulations and to allow USA Mirror sites to carry
-Samba source code). The 'encrypt passwords' parameter
-may now be used without recompiling.
-
-Much of the internals of Samba has been re-structured
-to support the oplock and Domain controller changes.
-
-Samba now contains an implementation of share modes
-using System V shared memory as well as the mmap()
-based code. This was done to allow the 'FAST_SHARE_MODES'
-to be used on more systems (especially HPUX 9.x) that
-have System V shared memory, but not the mmap() call.
-
-The System V shared memory code is used by default on
-many systems as it has benchmarked as faster on many
-systems.
-
-The Automount code has been slightly re-shuffled, such
-that the home directory (and profile location) can be
-specified by \\%N\homes and \\%N\homes\profiles
-respectively, which are the defaults for these values.
-If -DAUTOMOUNT is enabled, then %N is the server
-component of the user's NIS auto.home entry.  Obviously,
-you will need to be running Samba on the user's home
-server as well as the one they just logged in on.
-
-The RPC Domain code has been moved into a separate directory
-rpc_pipe/, and a LGPL License issued specifically for code
-in this directory.  This is so that people can use this
-code in other projects.
-
-Missing feature.
-----------------
-
-One feature that we wanted to get into this release
-that was not possible due to the re-write of the nmbd
-code was the scalability features in the Samba WINS server.
-This feature is now tentatively scheduled for the next
-release (1.9.19). Apologies to anyone who was hoping
-for this feature to be included. The nmbd re-write
-will make it much easier to add such things in future.
-
-New parameters in smb.conf.
----------------------------
-
-New Global parameters.
-----------------------
-
-Documented in the smb.conf man pages :
-
-	"bind interfaces only"
-
-        "lm announce"
-        "lm interval"
-
-	"logon drive"
-	"logon home"
-
-        "min wins ttl"
-        "max wins ttl"
-
-	"username level"
-
-New Share level parameters.
----------------------------
-
-Documented in the smb.conf man pages :
-
-	"delete veto files"
-	"oplocks"
-
-Nascent web interface for configuration.
-----------------------------------------
-
-source/wsmbconf.c is a cgi-bin program for editing smb.conf. It can
-also be run standalone. This is in a very early stage of development.
-
-Debugging support.
-------------------
-
-smbd and nmbd will now modify their debug log level when
-they receive a USR1 signal (increase debug level by one)
-and USR2 signal (decrease debug level by one). This has
-been added to aid administrators track down faults that
-only occur after long periods of time, or transiently.
-
-Reporting bugs.
----------------
-
-If you have problems, or think you have found a
-bug please email a report to :
-
-	<a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-Please state the version number of Samba that
-you are running, and *full details* of the steps
-we need to reproduce the problem.
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-	The Samba Team.
-</pre>
-<HR size=4>
-<a href="samba.html">SAMBA Web Pages</a> maintained by <A HREF="http://lake.canberra.edu.au/pwb/pwbhome.html"><I>Paul Blackman</I></A>,
- <img src="images/mailto.gif"> <I>samba-bugs@samba.org</I>
-<BR> SAMBA created by <I>Andrew Tridgell</I>, <img src="images/mailto.gif"> <A HREF="mailto:samba-bugs@samba.org"><I>samba-bugs@samba.org</I></A>
-<br><font size=-3><i>All trademarks are the sole property of their respective owners.</font><br>
-</BODY>
-</HTML>
diff --git a/whatsnew/samba1.9.18p10.html b/whatsnew/samba1.9.18p10.html
deleted file mode 100755
index b070291..0000000
--- a/whatsnew/samba1.9.18p10.html
+++ /dev/null
@@ -1,215 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>The Samba Team are pleased to announce Samba&nbsp;1.9.18p10</H2>
-
-<p>
-<pre>
-Note that the 1.9.18p9 code was not distributed due to a
-problem discovered during the final QA testing phase. However,
-in order not to allow any confusion about versions the Samba
-Team are upping the patch revision number to ensure we can
-identify a particular release of code exactly.
-
-It may be fetched via ftp from :
-
-<a href="ftp://samba.org/pub/samba/samba-1.9.18p10.tar.gz">ftp://samba.org/pub/samba/samba-1.9.18p10.tar.gz</a>
-
-Binary packages are available immediately for this release
-for the folowing systems :
-
-Bull
-Debian Linux
-Digital UNIX
-OSF
-SuSE Linux - release 5.2
-RedHat Linux - release 5.1 for Intel and Alpha architectures.
-Sinix
-Solaris - release 2.51 for Intel and Sparc architectures.
-
-Binary packages for other systems will be made available
-within a short time. A separate announcement will be made
-for the release of these packages.
-
-Offers of binary Samba packages for various systems are
-welcome and should be sent to samba-bugs@samba.org.
-
-It is intended that this be the final release of the 1.9.18
-series of Samba code (security bugfixes notwithstanding, of
-course). A new major release, known as Samba-2, will be made
-available in alpha form shortly.
-
-If you have problems, or think you have found a bug please email
-a report to :
-
-        <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-As always, all bugs are our responsibility.
-
-Without further ado, here are the release notes.
-
-Regards,
-
-        The Samba Team.
-
---------------------------------------------------------
-          WHATS NEW IN 1.9.18p10 - August 24th 1998.
-          ==========================================
-
-This is the latest stable release of Samba. This is the
-version that all production Samba servers should be running
-for all current bug-fixes.
-
-Note that the 1.9.18p9 code was not distributed due to a (rare)
-crash bug discovered during the final QA testing phase. However,
-in order not to allow any confusion about versions the Samba
-Team are upping the patch revision number to ensure we can
-identify a particular release of code exactly.
-
-Note that most Samba Team effort is now going into working on the
-next major release which should contain some Windows NT Domain
-features. It is intended that any future work on the 1.9.18 series
-be security critical only bug fixes.
-
-An announcement will be made when the first alpha release of the next
-Samba series is available.
-
-There are several new parameters for smb.conf
-as well as a number of significant documentation updates.
-
-New parameters in 1.9.18p10.
-----------------------------
-
-strict sync
------------
-
-This is a new per-share parameter, added due to some problems
-in the Windows 98 explorer. The Windows 98 explorer seems to
-always set the bit that causes writes to be synchronised to disk
-before continuing. This *kills* performance for copying of large
-files, and is almost certainly not what was intended (many
-windows programs don't know the difference between flush and
-sync). This new parameter is set to off by default and in
-this setting means that Samba will now ignore the sync bit
-in SMB requests. To regain the old behaviour set:
-
-"strict sync = on" in the [global] section of the smb.conf.
-
-ole locking compatibility
--------------------------
-
-This global parameter allows administrators who are confident in
-the abilities of their UNIX nfs locking daemon to turn off
-the mapping of OLE generated byte range locks that Samba does
-to prevent nfs locking daemons from crashing. This parameter
-is set to on by default (ie. the same behavior as previous
-Samba versions).
-
-queuepause command
-------------------
-
-This printer share specific parameter is part of the new print
-queue pausing code donated by Dirk DeWachter. This parameter
-specifies the UNIX command to run to pause a given print queue.
-See the smb.conf man page for details.
-
-queueresume command
-------------------
-
-This printer share specific parameter is part of the new print
-queue pausing code donated by Dirk DeWachter. This parameter
-specifies the UNIX command to run to resume a given print queue.
-See the smb.conf man page for details.
-
-Deprecated parameter - networkstation user login
-------------------------------------------------
-
-The default of the "networkstation user login" parameter has
-now changed from true to false, as new code in Samba protects
-smbd from the Windows NT bug this parameter was introduced
-to fix. This parameter is now deprecated and will be removed
-in a future Samba release.
-
-Deprecated parameter - domain controller
-----------------------------------------
-
-The meaning of this parameter changed in a previous Samba release
-from a string to a boolean (yes/no) value. It is currently not used
-within the Samba source and should be removed from all current smb.conf
-files. It is left behind for compatibility reasons.
-
-Bugfixes added since 1.9.18p8
------------------------------
-
-1). Fixed bug that could cause password changing code to coredump
-2). Fixed bug with client using incorrect WORKGROUP on startup.
-3). Added print queue pausing code from Dirk.DeWachter@rug.ac.be
-    (see "queuepause command" and "queueresume command" above).
-4). "strict sync" parameter added (see above).
-5). "ole locking compatibility" parameter added (see above).
-6). Several changes to file byte range locking code to allow
-    clients to correctly request exclusive and shared locks.
-7). Fixed race condition in browser code that starts a new election
-    if we need one - previously we could have failed to register the
-    name we needed to participate in the election.
-8). Fixed accidental overwrite of buffer that could cause nmbd crash.
-9). Fixed small memory leak in WINS server code when rejecting a
-    registration.
-10). Fix 'recursion desired' flag when sending queries from nmbd
-     WINS server.
-11). Make sure we're using the correct version number in browser
-     elections.
-12). Fixed stupid bug I introduced in 1.9.18p8 that sent the username
-     mapped user name to the password server in "security=server" mode.
-13). Fixed filename translation bug where pathnames were going through
-     the dos to unix conversion function twice.
-14). Fix from klausr@ITAP.Physik.Uni-Stuttgart.De to stop smbd's that
-     only write a few log entries from growing the log without bound.
-15). Fix from branko.cibej@hermes.si to not reload the parameter file
-     in the SIGHUP handler.
-16). Added '-U' for remote user name to smbpasswd to allow normal users
-     to change their password on an NT server if their UNIX username
-     is different.
-17). Fixed map username bug where username would only be mapped
-     once.
-18). Fix from <Thomas.Hepper@icem.de> to strip mount options in
-     an automount home map.
-19). Fixed bug in scanning directories where if a mangled name was
-     returned as a resume key the 'find next' would fail. Thanks to
-     Zoltan Palmai <ZSPA@chevron.com> for finding that one.
-20). Fix from John Blair to allow smbclient to 'put' from standard
-     input.
-21). Fix to go back to unix wildcard semantics for 'veto files' and 'hidden
-     files' parameters.
-22). Fix for Kanji characters in wildcards.
-23). Fix to stop file descriptor leak on failure in password change code.
-24). Fix to cause nmbd to re-install SIGPIPE handler.
-
-Documentation Updates.
-----------------------
-The following documentation files have been updated or created. Users
-are advised to check the following files for anything that may affect
-or help site configuration.
-
-1) smb.conf.5 (updated)
-2) BROWSING_Config.txt (new)
-3) DOMAIN_CONTROL.txt (updated)
-4) BROWSING.txt (updated)
-5) Recent-FAQs.txt (new)
-6) UNIX_SECURITY.txt (updated)
-7) UNIX_INSTALL.txt (updated)
-8) Printing.txt (updated)
-9) DIAGNOSIS.txt (updated)
-
-
-If you have problems, or think you have found a bug please email
-a report to :
-
-        <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-        The Samba Team.
-</pre>
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba1.9.18p2.html b/whatsnew/samba1.9.18p2.html
deleted file mode 100755
index 0c37ff1..0000000
--- a/whatsnew/samba1.9.18p2.html
+++ /dev/null
@@ -1,303 +0,0 @@
-<HTML><HEAD><TITLE>Samba: New Patch Release - 1.9.18p2</TITLE></HEAD>
-<BODY background="images/back.gif">
-<p align=center>
-<a href="samba.html"><IMG border=0 SRC="images/sambaani64.gif" ALT="****  SAMBA Web Pages  ****"></a>
-<HR size=4 width=75% align=center>
-
-<H3>
-The Samba Team are pleased to announce Samba 1.9.18p2.
-</H3>
-<pre>
-It may be fetched via ftp from :
-
-<a href="ftp://samba.org/pub/samba/samba-1.9.18p2.tar.gz">ftp://samba.org/pub/samba/samba-1.9.18p2.tar.gz</a>
-
-This is a bugfix release, designed to address issues
-that users have reported with the 1.9.18p1 release.
-
-Due to an oplock deadlock problem in 1.9.18p1 (fixed 
-in this release) that could cause out of control smbd 
-processes under heavy load, it is recommended that all 
-1.9.18 and 1.9.18p1 users upgrade to 1.9.18p2.
-
-An official Linux rpm release of this version will
-be made on Friday 30th January (USA Pacific time).
-
-The release notes follow.
-
-Please report all problems to :
-
-<a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-Regards,
-
-        The Samba Team.
-
---------------release notes------------------------------
-
-          WHATS NEW IN 1.9.18p2 - January 26th 1998.
-          ==========================================
-
-This is the latest stable release of Samba. This is the
-version that all production Samba servers should be running
-for all current bug-fixes.
-
-Bugfixes added since 1.9.18p1
------------------------------
-
-1). A deadlock condition in the oplock code has been found
-and fixed. This occured under heavy load at large sites. Several
-of the sites who reported the original problem have now been 
-testing the code in this (1.9.18p2) release for a week now with
-no problems (previously the problem occurred within 3-6 hours).
-(Thanks to Peter Crawshaw of Mount Allison University for
-his great help in tracking down this bug).
-2). Fix for a share level security problem that caused 
-'valid users' not to work correctly.
-3). Addition of Russian code page support.
-4). Fix to the password changing code (thanks to Randy Boring
-at Thursby Software Systems for this).
-5). More fixes to the Windows 95 printer driver support
-code from Herb Lewis at SGI.
-6). Two NetBIOS over TCP source name type fixes in nmbd.
-7). Memory leak in the dynamic loading of services in an
-smb.conf file fixed.
-8). LPRng parsing code fix.
-9). Fix to try and return a 'best guess' of create time
-under UNIX (which doens't store such a file attribute).
-10). Added parameters to samba/examples/smb.conf.default file :
-Remote announce, Remote browse sync, username map, filename
-case preservation and sensitivity options.
-11). Reply to trans2 calls now aligns all parameters and
-data on 4 byte boundary.
-12). Fixed SIGTERM bug where nmbd would hang on exit.
-13). Fixed WINS server bug to allow spaces in WINS names.
-
-Bugfixes added since 1.9.18
----------------------------
-
-1). Fix for oplock-break problem. If an open crossed
-with an oplock break on the wire it was possible for the 
-same fnum to be re-used. This caused a rare but fatal
-problem.
-2). Fix for adding printers to Windows NT 4.x. Now
-return correct "no space error" when buffer of zero 
-given.
-3). Fix for nmbd core dumps when running on architectures
-that cannot access structures on non-aligned boundaries
-(sparc, alpha etc).
-4). Compiler warnings in nmbd fixed.
-5). Makefile updated for Linux 2.0 versions (new smbmount
-commands should only be compiled for 2.1.x kernels).
-6). Addition of a timestamp to attack warning messages.
-
-Changes in 1.9.18.
-------------------
-
-This release contains several major changes and much re-written 
-code.
-
-The main changes are :
-
-1). Oplock support now operational.
------------------------------------
-
-Samba now supports 'exclusive' and 'batch' oplocks.
-These are an advanced networked file system feature
-that allows clients to obtain a exclusive use of a 
-file. This allows a client to cache any changes it
-makes locally, and greatly improves performance.
-
-Windows NT has this feature and prior to this
-release this was one of the reasons Windows NT
-could be faster in some situations. Samba has
-now been benchmarked as out performing Windows
-NT on equivalently priced hardware.
-
-The oplock code in Samba has been extensively
-tested and is believed to be completely stable.
-
-Please report any problems to the samba-bugs alias.
-
-2). NetBIOS name daemon re-written.
------------------------------------
-
-The old nmbd that has caused some users problems
-has now been completely re-written and now is
-much easier to maintain and add changes to.
-
-Changes include support for multi-homed hosts
-in the same way as an NT Server with multiple
-IP interfaces behaves (registers with the WINS
-server as a multi-homed name type), and also
-support for multi-homed name registration in
-the Samba WINS server. Another added feature
-is robustness in the face of WINS server failure,
-nmbd will now keep trying to contact the WINS 
-server until it is successful, in the same
-way as an NT Server.
-
-Also in this release is an implementation
-of the Lanman announce protocol used by
-OS/2 clients. Thanks to Jacco de Leeuw for 
-this code.
-
-3). New Internationalization support.
--------------------------------------
-
-With this release Samba no longer needs to be
-separately compiled for Japanese (Kanji) support,
-the same binary will serve both Kanji and non-Kanji
-clients.
-
-A new method of dynamically loading client code pages
-has been added to allow the case insensitivity to
-be done dependent on the code page of the client.
-
-Note that Samba still will only handle one client
-code page at a time. This will be fixed when
-Samba is fully UNICODE enabled.
-
-Please see the new man page for make_smbcodepage
-for details on adding additional client code page
-support.
-
-4). New Printing support.
--------------------------
-
-An implementation of the Windows 95 automatic printer
-driver installation has been added to smbd. To use this
-new feature please read the document:
-
-docs/PRINTER_DRIVER.txt
-
-Thanks to Jean-Francois Micouleau, and also Herb Lewis
-of Silicon Graphics for this new code.
-
-Printer support on System V systems (notably Solaris)
-has been improved with the addition of code generously
-donated by Norm Jacobs of Sun Microsystems. Sun have
-also made a Solaris SPARC workstation available to the
-Samba Team to aid in their porting efforts.
-
-
-Changed code.
--------------
-
-Samba no longer needs the libdes library to support
-encrypted passwords. Samba now contains a restricted
-version of DES that can only be used for authentication
-purposes (to comply with the USA export encryption
-regulations and to allow USA Mirror sites to carry
-Samba source code). The 'encrypt passwords' parameter
-may now be used without recompiling.
-
-Much of the internals of Samba has been re-structured
-to support the oplock and Domain controller changes.
-
-Samba now contains an implementation of share modes
-using System V shared memory as well as the mmap()
-based code. This was done to allow the 'FAST_SHARE_MODES'
-to be used on more systems (especially HPUX 9.x) that
-have System V shared memory, but not the mmap() call.
-
-The System V shared memory code is used by default on
-many systems as it has benchmarked as faster on many
-systems.
-
-The Automount code has been slightly re-shuffled, such
-that the home directory (and profile location) can be
-specified by \\%N\homes and \\%N\homes\profiles
-respectively, which are the defaults for these values.
-If -DAUTOMOUNT is enabled, then %N is the server
-component of the user's NIS auto.home entry.  Obviously,
-you will need to be running Samba on the user's home
-server as well as the one they just logged in on.
-
-The RPC Domain code has been moved into a separate directory
-rpc_pipe/, and a LGPL License issued specifically for code
-in this directory.  This is so that people can use this
-code in other projects.
-
-Missing feature.
-----------------
-
-One feature that we wanted to get into this release
-that was not possible due to the re-write of the nmbd
-code was the scalability features in the Samba WINS server.
-This feature is now tentatively scheduled for the next
-release (1.9.19). Apologies to anyone who was hoping
-for this feature to be included. The nmbd re-write
-will make it much easier to add such things in future.
-
-New parameters in smb.conf.
----------------------------
-
-New Global parameters.
-----------------------
-
-Documented in the smb.conf man pages :
-
-	"bind interfaces only"
-
-        "lm announce"
-        "lm interval"
-
-	"logon drive"
-	"logon home"
-
-        "min wins ttl"
-        "max wins ttl"
-
-	"username level"
-
-New Share level parameters.
----------------------------
-
-Documented in the smb.conf man pages :
-
-	"delete veto files"
-	"oplocks"
-
-Nascent web interface for configuration.
-----------------------------------------
-
-source/wsmbconf.c is a cgi-bin program for editing smb.conf. It can
-also be run standalone. This is in a very early stage of development.
-
-Debugging support.
-------------------
-
-smbd and nmbd will now modify their debug log level when
-they receive a USR1 signal (increase debug level by one)
-and USR2 signal (decrease debug level by one). This has
-been added to aid administrators track down faults that
-only occur after long periods of time, or transiently.
-
-Reporting bugs.
----------------
-
-If you have problems, or think you have found a
-bug please email a report to :
-
-	<a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-Please state the version number of Samba that
-you are running, and *full details* of the steps
-we need to reproduce the problem.
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-	The Samba Team.
-
------------------end release notes----------------
-</pre>
-<HR size=4>
-<a href="samba.html">SAMBA Web Pages</a> maintained by <A HREF="http://lake.canberra.edu.au/pwb/pwbhome.html"><I>Paul Blackman</I></A>,
- <img src="images/mailto.gif"> <I>samba-bugs@samba.org</I>
-<BR> SAMBA created by <I>Andrew Tridgell</I>, <img src="images/mailto.gif"> <A HREF="mailto:samba-bugs@samba.org"><I>samba-bugs@samba.org</I></A>
-<br><font size=-3><i>All trademarks are the sole property of their respective owners.</font><br>
-</BODY>
-</HTML>
diff --git a/whatsnew/samba1.9.18p3.html b/whatsnew/samba1.9.18p3.html
deleted file mode 100755
index ae8f945..0000000
--- a/whatsnew/samba1.9.18p3.html
+++ /dev/null
@@ -1,393 +0,0 @@
-<HTML><HEAD><TITLE>Samba: New Patch Release - 1.9.18p3</TITLE></HEAD>
-<BODY background="images/back.gif">
-<p align=center>
-<a href="samba.html"><IMG border=0 SRC="images/sambaani64.gif" ALT="****  SAMBA Web Pages  ****"></a>
-<HR size=4 width=75% align=center>
-
-<H3>
-The Samba Team are pleased to announce Samba 1.9.18p3.
-</H3>
-<pre>
-It may be fetched via ftp from :
-
-<a href="ftp://samba.org/pub/samba/samba-1.9.18p3.tar.gz">ftp://samba.org/pub/samba/samba-1.9.18p3.tar.gz</a>
-
-This is a bugfix release, designed to address issues
-that users have reported with the 1.9.18p2 release.
-
-Defects fixed include using Samba with Visual C++ 
-(the 'file changed' dialog defect), running out of 
-file handles when using oplocks, and a packet 
-padding ambiguity that could cause Windows 95 to 
-hang on some rare occasions. For the full list of 
-changes please see the release notes below.
-
-Binary packages are also available for the following
-operating systems :
-
-Caldera Linux.
---------------
-<a href="ftp://samba.org/pub/samba/Binary_Packages/caldera">ftp://samba.org/pub/samba/Binary_Packages/caldera</a>
-
-Red Hat Linux 4.2 Intel, 5.0 Intel and Alpha.
----------------------------------------------
-<a href="ftp://samba.org/pub/samba/Binary_Packages/redhat">ftp://samba.org/pub/samba/Binary_Packages/redhat</a>
-
-Slackware Linux.
-----------------
-<a href="ftp://samba.org/pub/samba/Binary_Packages/Slackware">ftp://samba.org/pub/samba/Binary_Packages/Slackware</a>
-
-SGI IRIX.
----------
-<a href="ftp://samba.org/pub/samba/Binary_Packages/IRIX">ftp://samba.org/pub/samba/Binary_Packages/IRIX</a>
-
-Digital Unix OSF1 alpha.
-------------------------
-<a href="ftp://samba.org/pub/samba/Binary_Packages/DigitalUnix">ftp://samba.org/pub/samba/Binary_Packages/DigitalUnix</a>
-
-
-The Samba Team is preparing to issue a CD distribution of each 
-stable release of the Samba SMB server. Contributions under
-Free Software licenses would be very welcome. Please read the
-full text of the announcement at :
-
-<a href="/samba/sambacd.html">http://samba.org/samba/sambacd.html</a>
-
-Here are the release notes. Remember, all bugs
-are our responsibility - please report them
-to <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>.
-
-Regards,
-
-	The Samba Team.
-
--------------------------------------------------------------
-
-          WHATS NEW IN 1.9.18p3 - February 18th 1998.
-          ===========================================
-
-This is the latest stable release of Samba. This is the
-version that all production Samba servers should be running
-for all current bug-fixes.
-
-New Parameters
---------------
-
-Two new paramters were added - these are :
-
-In the [global] section of smb.conf :
-
-networkstation user login
-
-This code (submitted by Rob Nielsen) allows the code many people 
-were having problems with that queries an NT password server to 
-be turned off at runtime rather than compile time. Please see the 
-documentation in the smb.conf manual page for details. This is a 
-security option - it must only be turned off after checks have been
-made to ensure that your NT password server does not suffer from the
-bug this code was meant to protect against !
-
-In the [global] or services section of smb.conf :
-
-dos filetime resolution
-
-Setting this paramter to true fixes the problem that people using 
-Microsoft Visual C++ and Samba 1.9.18 were having with files being 
-reported as changed. Please see the documentation in the smb.conf 
-manual page for details.
-
-Bugfixes added since 1.9.18p2
------------------------------
-
-1). Fix to cause oplocked files to be broken when open
-file table is full before giving up and reporting 'too
-many open files'. This fix seems to help many applications
-on Win95.
-2). Fix to stop extra files being closed in user logoff
-code.
-3). Fix to stop padded packet being returned on
-trans2 call. This bug could cause Windows 95 to freeze
-on some (rare) occasions.
-4). Added fix for Visual C++ filetime changes (see above).
-5). Made security check code an option (see above).
-6). Fixed printer job enumeration in smbclient.
-7). Re-added code into smbclient that causes it to do NetBIOS
-broadcast name lookups (as it used to in 1.9.17).
-8). Fixed code dump bug in smbtar.
-9). Fixed mapping code between Appletalk and Kanji filenames.
-10). Tuned shared memory size based on open file table size.
-11). Made nmbd log file names consistant with smbd.
-12). Fixed nmbd problem where packet queues could grow
-without bound when connection to WINS server was down.
-13). Fix for DCE login code.
-14). Fix for system V printing to remove extra space
-in printer name.
-15). Patch to add a new substitution paramter (%p) in
-a service patchname. Adds NIS home path (see the man page
-on smb.conf for details). Patch from Julian Field.
-16). Fix to stop smbpassword code from failing when
-parsing invalid uid fields.
-17). Made volume serial number constant based on machine
-and service name.
-18). Added expand environment variables code from Branko 
-Cibej. See the man page on smb.conf for details.
-19). Fixed warnings in change_lanman_password code.
-
-
-Bugfixes added since 1.9.18p1
------------------------------
-
-1). A deadlock condition in the oplock code has been found
-and fixed. This occured under heavy load at large sites. Several
-of the sites who reported the original problem have now been 
-testing the code in this (1.9.18p2) release for a week now with
-no problems (previously the problem occurred within 3-6 hours).
-(Thanks to Peter Crawshaw of Mount Allison University for
-his great help in tracking down this bug).
-2). Fix for a share level security problem that caused 
-'valid users' not to work correctly.
-3). Addition of Russian code page support.
-4). Fix to the password changing code (thanks to Randy Boring
-at Thursby Software Systems for this).
-5). More fixes to the Windows 95 printer driver support
-code from Herb Lewis at SGI.
-6). Two NetBIOS over TCP source name type fixes in nmbd.
-7). Memory leak in the dynamic loading of services in an
-smb.conf file fixed.
-8). LPRng parsing code fix.
-9). Fix to try and return a 'best guess' of create time
-under UNIX (which doens't store such a file attribute).
-10). Added parameters to samba/examples/smb.conf.default file :
-Remote announce, Remote browse sync, username map, filename
-case preservation and sensitivity options.
-11). Reply to trans2 calls now aligns all parameters and
-data on 4 byte boundary.
-12). Fixed SIGTERM bug where nmbd would hang on exit.
-13). Fixed WINS server bug to allow spaces in WINS names.
-
-Bugfixes added since 1.9.18
----------------------------
-
-1). Fix for oplock-break problem. If an open crossed
-with an oplock break on the wire it was possible for the 
-same fnum to be re-used. This caused a rare but fatal
-problem.
-2). Fix for adding printers to Windows NT 4.x. Now
-return correct "no space error" when buffer of zero 
-given.
-3). Fix for nmbd core dumps when running on architectures
-that cannot access structures on non-aligned boundaries
-(sparc, alpha etc).
-4). Compiler warnings in nmbd fixed.
-5). Makefile updated for Linux 2.0 versions (new smbmount
-commands should only be compiled for 2.1.x kernels).
-6). Addition of a timestamp to attack warning messages.
-
-Changes in 1.9.18.
-------------------
-
-This release contains several major changes and much re-written 
-code.
-
-The main changes are :
-
-1). Oplock support now operational.
------------------------------------
-
-Samba now supports 'exclusive' and 'batch' oplocks.
-These are an advanced networked file system feature
-that allows clients to obtain a exclusive use of a 
-file. This allows a client to cache any changes it
-makes locally, and greatly improves performance.
-
-Windows NT has this feature and prior to this
-release this was one of the reasons Windows NT
-could be faster in some situations. Samba has
-now been benchmarked as out performing Windows
-NT on equivalently priced hardware.
-
-The oplock code in Samba has been extensively
-tested and is believed to be completely stable.
-
-Please report any problems to the samba-bugs alias.
-
-2). NetBIOS name daemon re-written.
------------------------------------
-
-The old nmbd that has caused some users problems
-has now been completely re-written and now is
-much easier to maintain and add changes to.
-
-Changes include support for multi-homed hosts
-in the same way as an NT Server with multiple
-IP interfaces behaves (registers with the WINS
-server as a multi-homed name type), and also
-support for multi-homed name registration in
-the Samba WINS server. Another added feature
-is robustness in the face of WINS server failure,
-nmbd will now keep trying to contact the WINS 
-server until it is successful, in the same
-way as an NT Server.
-
-Also in this release is an implementation
-of the Lanman announce protocol used by
-OS/2 clients. Thanks to Jacco de Leeuw for 
-this code.
-
-3). New Internationalization support.
--------------------------------------
-
-With this release Samba no longer needs to be
-separately compiled for Japanese (Kanji) support,
-the same binary will serve both Kanji and non-Kanji
-clients.
-
-A new method of dynamically loading client code pages
-has been added to allow the case insensitivity to
-be done dependent on the code page of the client.
-
-Note that Samba still will only handle one client
-code page at a time. This will be fixed when
-Samba is fully UNICODE enabled.
-
-Please see the new man page for make_smbcodepage
-for details on adding additional client code page
-support.
-
-4). New Printing support.
--------------------------
-
-An implementation of the Windows 95 automatic printer
-driver installation has been added to smbd. To use this
-new feature please read the document:
-
-docs/PRINTER_DRIVER.txt
-
-Thanks to Jean-Francois Micouleau, and also Herb Lewis
-of Silicon Graphics for this new code.
-
-Printer support on System V systems (notably Solaris)
-has been improved with the addition of code generously
-donated by Norm Jacobs of Sun Microsystems. Sun have
-also made a Solaris SPARC workstation available to the
-Samba Team to aid in their porting efforts.
-
-
-Changed code.
--------------
-
-Samba no longer needs the libdes library to support
-encrypted passwords. Samba now contains a restricted
-version of DES that can only be used for authentication
-purposes (to comply with the USA export encryption
-regulations and to allow USA Mirror sites to carry
-Samba source code). The 'encrypt passwords' parameter
-may now be used without recompiling.
-
-Much of the internals of Samba has been re-structured
-to support the oplock and Domain controller changes.
-
-Samba now contains an implementation of share modes
-using System V shared memory as well as the mmap()
-based code. This was done to allow the 'FAST_SHARE_MODES'
-to be used on more systems (especially HPUX 9.x) that
-have System V shared memory, but not the mmap() call.
-
-The System V shared memory code is used by default on
-many systems as it has benchmarked as faster on many
-systems.
-
-The Automount code has been slightly re-shuffled, such
-that the home directory (and profile location) can be
-specified by \\%N\homes and \\%N\homes\profiles
-respectively, which are the defaults for these values.
-If -DAUTOMOUNT is enabled, then %N is the server
-component of the user's NIS auto.home entry.  Obviously,
-you will need to be running Samba on the user's home
-server as well as the one they just logged in on.
-
-The RPC Domain code has been moved into a separate directory
-rpc_pipe/, and a LGPL License issued specifically for code
-in this directory.  This is so that people can use this
-code in other projects.
-
-Missing feature.
-----------------
-
-One feature that we wanted to get into this release
-that was not possible due to the re-write of the nmbd
-code was the scalability features in the Samba WINS server.
-This feature is now tentatively scheduled for the next
-release (1.9.19). Apologies to anyone who was hoping
-for this feature to be included. The nmbd re-write
-will make it much easier to add such things in future.
-
-New parameters in smb.conf.
----------------------------
-
-New Global parameters.
-----------------------
-
-Documented in the smb.conf man pages :
-
-	"bind interfaces only"
-
-        "lm announce"
-        "lm interval"
-
-	"logon drive"
-	"logon home"
-
-        "min wins ttl"
-        "max wins ttl"
-
-	"username level"
-
-New Share level parameters.
----------------------------
-
-Documented in the smb.conf man pages :
-
-	"delete veto files"
-	"oplocks"
-
-Nascent web interface for configuration.
-----------------------------------------
-
-source/wsmbconf.c is a cgi-bin program for editing smb.conf. It can
-also be run standalone. This is in a very early stage of development.
-
-Debugging support.
-------------------
-
-smbd and nmbd will now modify their debug log level when
-they receive a USR1 signal (increase debug level by one)
-and USR2 signal (decrease debug level by one). This has
-been added to aid administrators track down faults that
-only occur after long periods of time, or transiently.
-
-Reporting bugs.
----------------
-
-If you have problems, or think you have found a
-bug please email a report to :
-
-	<a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-Please state the version number of Samba that
-you are running, and *full details* of the steps
-we need to reproduce the problem.
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-	The Samba Team.
-</pre>
-<HR size=4>
-<a href="samba.html">SAMBA Web Pages</a> maintained by <A HREF="http://lake.canberra.edu.au/pwb/pwbhome.html"><I>Paul Blackman</I></A>,
- <img src="images/mailto.gif"> <I>samba-bugs@samba.org</I>
-<BR> SAMBA created by <I>Andrew Tridgell</I>, <img src="images/mailto.gif"> <A HREF="mailto:samba-bugs@samba.org"><I>samba-bugs@samba.org</I></A>
-<br><font size=-3><i>All trademarks are the sole property of their respective owners.</font><br>
-</BODY>
-</HTML>
diff --git a/whatsnew/samba1.9.18p4.html b/whatsnew/samba1.9.18p4.html
deleted file mode 100755
index e00a670..0000000
--- a/whatsnew/samba1.9.18p4.html
+++ /dev/null
@@ -1,540 +0,0 @@
-<HTML><HEAD><TITLE>Samba: New Patch Release - 1.9.18p4</TITLE></HEAD>
-<BODY background="images/back.gif">
-<p align=center>
-<a href="samba.html"><IMG border=0 SRC="images/sambaani64.gif" ALT="****  SAMBA Web Pages  ****"></a>
-<HR size=4 width=75% align=center>
-
-<H3>
-The Samba Team are pleased to announce Samba 1.9.18p4.
-</H3>
-<pre>
-The Samba Team are pleased to announce Samba 1.9.18p4.
-
-It may be fetched via ftp from :
-
-<a href="ftp://samba.org/pub/samba/samba-1.9.18p4.tar.gz">ftp://samba.org/pub/samba/samba-1.9.18p4.tar.gz</a>
-
-This is a bugfix release, designed to address issues
-that users have reported with the 1.9.18p3 release.
-
-There is some new functionality, described below.
-
-Password Changing.
-------------------
-
-Samba now supports Windows 95 clients changing both
-their SMB and UNIX passwords. Samba must be set up
-with encrypted passwords for this to work correctly.
-See the file docs/ENCRYPTION.txt and the list of
-new parameters in the release notes below for details.
-
-Samba can also now change Windows NT user passwords from
-a UNIX machine. Read the documentation of the command
-smbpasswd for details on how to change an NT user
-password from a UNIX machine with Samba installed.
-
-Name Resolution Order.
-----------------------
-
-Samba now supports a administrator defined name
-resolution order. This includes using WINS, broadcast,
-local lmhosts and DNS lookups to resolve host names.
-All the relevent Samba tools have been upgraded to
-use the selected name resolution mechanisms when
-resolving host names. Name resolution can now be 
-changed to use only the defined methods, in the
-defined order. By default Samba 1.9.18p4 uses the 
-same name lookup mechanisms in the same order as 
-Samba 1.9.18p3.
-
-Korean and Traditional Chinese Character support.
--------------------------------------------------
-
-Samba has been changed to allow easier multibyte
-character support. As a result the multibyte support
-has been extended from Japanese to include Korean
-Hangul and Traditional Chinese.
-
-Binary Packages
----------------
-
-Binary packages are also available for the following
-operating systems :
-
-Caldera Linux.
---------------
-<a href="ftp://samba.org/pub/samba/Binary_Packages/caldera">ftp://samba.org/pub/samba/Binary_Packages/caldera</a>
-
-Red Hat Linux 4.2 Intel, 5.0 Intel and Alpha.
----------------------------------------------
-<a href="ftp://samba.org/pub/samba/Binary_Packages/redhat">ftp://samba.org/pub/samba/Binary_Packages/redhat</a>
-
-SGI IRIX.
----------
-<a href="ftp://samba.org/pub/samba/Binary_Packages/IRIX">ftp://samba.org/pub/samba/Binary_Packages/IRIX</a>
-
-Digital Unix OSF1 alpha.
-------------------------
-<a href="ftp://samba.org/pub/samba/Binary_Packages/DigitalUnix">ftp://samba.org/pub/samba/Binary_Packages/DigitalUnix</a>
-
-Here are the release notes. Remember, all bugs
-are our responsibility - please report them
-to <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>.
-
-Regards,
-
-        The Samba Team.
-
--------------------------------------------------------------
-          WHATS NEW IN 1.9.18p4 - March 27th 1998.
-          ===========================================
-
-This is the latest stable release of Samba. This is the
-version that all production Samba servers should be running
-for all current bug-fixes.
-
-Note that most Samba Team effort is now going into working on the
-next major release which should contain some Windows NT Domain 
-features. It is intended that any future work on the 1.9.18 series
-be maintenance only fixes.
-
-An announcement will be made when the first alpha release of the next
-Samba series is available.
-
-Added features in 1.9.18p4
---------------------------
-
-Changing passwords now supported
---------------------------------
-
-Samba now supports changing the SMB password from a Windows 95 client,
-using the standard Windows 95 password changing dialog. Note that by
-default
-this changes the SMB password, not the UNIX password (Samba must be set
-up
-with encrypted passwords in order to support this).
-
-The smbpasswd program has been re-written to take advantage of this
-feature, and now has no need to be a setuid root program, thus
-eliminating
-a potential security hole. As a side effect of this change smbpasswd
-can now be used on a UNIX machine to change users passwords on an NT
-machine.
-
-The new password changing code can also synchronize a users UNIX
-password at the same time a SMB password is being changed, if Samba
-is compiled with password changing enabled, and the new parameter
-'unix password sync' is set to True. By default this is off, as
-it allows the password change program to be called as root, which
-may be considered a security problem at some sites.
-
-Name resolution order now user selectable
------------------------------------------
-
-The resolution of NetBIOS names into IP addresses can be done in
-several different ways (broadcast, lmhosts, DNS lookup, WINS). 
-Previous versions of Samba were inconsistant in which commands
-used which methods to look up IP addresses from a name. New in
-this version is a parameter (name resolve order, mentioned in
-the new parameters list below) that allows administrators to
-select the methods of name resolution, and the order in which
-such methods are applied. All Samba utilities have been changed
-to use the new name to IP address name resolution code and
-so this can be controlled from a central place.
-
-Expanded multi-byte character support
--------------------------------------
-
-In previous versions of Samba, Kanji (Japanese) character 
-support was treated as a special case, making it the only
-multi-byte character set natively supported in Samba. New
-code has been added to generalize the multi-byte codepage
-support, with the effect that other multibyte codepage support
-can be easily added. The new codepages that this version
-ships with are Korean Hangul and Traditional Chinese.
-
-New Parameters in 1.9.18p4
---------------------------
-
-name resolve order = lmhosts wins hosts bcast
-
-This parameter allows control over the order in which netbios name to
-IP Address resolution is attempted. Any method NOT specified will be
-excluded from the name resolution process. If this parameter is not
-specified then the above default order will be observed - this is
-consistent with prior releases. See the smb.conf and smbclient man
-pages for full details. See the above text for the announcement on
-this feature.
-
-fake directory create times
-
-This parameter is a compatibility option for software developers
-using Microsoft NMAKE make tool, saving files onto a Samba share.
-Setting this parameter to true causes Samba to lie to the client
-about the creation time of a directory, so NMAKE commands don't
-re-compile every file.
-
-unix password sync
-
-This parameter is set to False by default. When set to True, it
-causes Samba to attempt to synchronize the users UNIX password
-when a user is changing their SMB password. This causes the
-password change program to be run as root (as the new password
-change code has no access to the plaintext of the old password).
-Because of this, it is set off by default to allow sites to
-set their own security policy regarding UNIX and SMB password
-synchronization.
-
-This parameter has no effect if Samba has been compiled without
-password changing enabled.
-
-Changed compile-time default in 1.9.18p4
-----------------------------------------
-
-The maximum length of a printer share name has now been increased to 15
-characters - the same as file share names. Any one who needs to revert
-back
-to 8 character printer share name support can do so by adjusting the
-#define
-in local.h.
-
-Bugfixes added since 1.9.18p3
------------------------------
-
-1). Fix for nmbd leaving the child nmbd running when doing DNS
-lookups as a WINS server.
-2). Fix core dump in smbd when acting as a logon server with 
-security=share.
-3). Workaround for a bug in FTP OnNet software NBT implementation.
-It does a broadcast name release for WORKGROUP&lt;0&gt; and WORKGROUP&lt;1e&gt;
-names and don't set the group bit.
-4). Ensure all the NetBIOS aliases are added to all the known 
-interfaces on nmbd initialization.
-5). Fix bug in multiple query name responses print code.
-6). Fix to send out mailslot reply on correct interface.
-7). Fix retranmission queue to scan WINS server subnet so
-nmbd retransmits queries needed when acting as a WINS server.
-Thanks to Andrey Alekseyev &lt;<a href="mailto:fetch@muffin.arcadia.spb.ru">fetch@muffin.arcadia.spb.ru</a>&gt; for
-spotting this one.
-8). Send host announcement to correct 0x1d name rather than
-0x1e name.
-9). Fix for WINS server when returning multi-homed record,
-was returning one garbage IP address.
-10). Fix for Thursby Software's 'Dave' client - ensure
-that a vuid of zero is always returned for them when in
-share level security (the spec say's it shouldn't matter,
-but it was causing them grief).
-11). Added KRB4 authentication code.
-12). Fix to allow max printer name to be 15 characters (see above).
-13). Fix for name mangling cache bug - cache wasn't being
-used in some cases.
-14). Fix for RH5.0 broken system V shared memory include
-files.
-15). Fix for broken redirector use of resume keys between
-deletes in a directory. Samba now returns zero as resume
-keys (as does NT) and uses the resume filename instead.
-16). Fix for systems that have a broken implementation
-of isalnum() - was causing gethostbyname to fail.
-17). Fix for 'hide files' bug not working correctly (bug
-in is_in_path function - fix from Steven Hartland 
-&lt;<a href="mailto:steven_hartland@pa.press.net">steven_hartland@pa.press.net</a>&gt;.
-18). Fixed bug in smbclient where debug log level on the
-command line was being overridden by the log level in smb.conf.
-19). Fixed bug in USE_MMAP code where client sending
-a silly offset to readraw could cause a smbd core dump.
-
-Bugfixes added since 1.9.18p2
------------------------------
-
-1). Fix to cause oplocked files to be broken when open
-file table is full before giving up and reporting 'too
-many open files'. This fix seems to help many applications
-on Win95.
-2). Fix to stop extra files being closed in user logoff
-code.
-3). Fix to stop padded packet being returned on
-trans2 call. This bug could cause Windows 95 to freeze
-on some (rare) occasions.
-4). Added fix for Visual C++ filetime changes (see above).
-5). Made security check code an option (see above).
-6). Fixed printer job enumeration in smbclient.
-7). Re-added code into smbclient that causes it to do NetBIOS
-broadcast name lookups (as it used to in 1.9.17).
-8). Fixed code dump bug in smbtar.
-9). Fixed mapping code between Appletalk and Kanji filenames.
-10). Tuned shared memory size based on open file table size.
-11). Made nmbd log file names consistant with smbd.
-12). Fixed nmbd problem where packet queues could grow
-without bound when connection to WINS server was down.
-13). Fix for DCE login code.
-14). Fix for system V printing to remove extra space
-in printer name.
-15). Patch to add a new substitution paramter (%p) in
-a service patchname. Adds NIS home path (see the man page
-on smb.conf for details). Patch from Julian Field.
-16). Fix to stop smbpassword code from failing when
-parsing invalid uid fields.
-17). Made volume serial number constant based on machine
-and service name.
-18). Added expand environment variables code from Branko 
-Cibej. See the man page on smb.conf for details.
-19). Fixed warnings in change_lanman_password code.
-
-
-Bugfixes added since 1.9.18p1
------------------------------
-
-1). A deadlock condition in the oplock code has been found
-and fixed. This occured under heavy load at large sites. Several
-of the sites who reported the original problem have now been 
-testing the code in this (1.9.18p2) release for a week now with
-no problems (previously the problem occurred within 3-6 hours).
-(Thanks to Peter Crawshaw of Mount Allison University for
-his great help in tracking down this bug).
-2). Fix for a share level security problem that caused 
-'valid users' not to work correctly.
-3). Addition of Russian code page support.
-4). Fix to the password changing code (thanks to Randy Boring
-at Thursby Software Systems for this).
-5). More fixes to the Windows 95 printer driver support
-code from Herb Lewis at SGI.
-6). Two NetBIOS over TCP source name type fixes in nmbd.
-7). Memory leak in the dynamic loading of services in an
-smb.conf file fixed.
-8). LPRng parsing code fix.
-9). Fix to try and return a 'best guess' of create time
-under UNIX (which doens't store such a file attribute).
-10). Added parameters to samba/examples/smb.conf.default file :
-Remote announce, Remote browse sync, username map, filename
-case preservation and sensitivity options.
-11). Reply to trans2 calls now aligns all parameters and
-data on 4 byte boundary.
-12). Fixed SIGTERM bug where nmbd would hang on exit.
-13). Fixed WINS server bug to allow spaces in WINS names.
-
-Bugfixes added since 1.9.18
----------------------------
-
-1). Fix for oplock-break problem. If an open crossed
-with an oplock break on the wire it was possible for the 
-same fnum to be re-used. This caused a rare but fatal
-problem.
-2). Fix for adding printers to Windows NT 4.x. Now
-return correct "no space error" when buffer of zero 
-given.
-3). Fix for nmbd core dumps when running on architectures
-that cannot access structures on non-aligned boundaries
-(sparc, alpha etc).
-4). Compiler warnings in nmbd fixed.
-5). Makefile updated for Linux 2.0 versions (new smbmount
-commands should only be compiled for 2.1.x kernels).
-6). Addition of a timestamp to attack warning messages.
-
-Changes in 1.9.18.
-------------------
-
-This release contains several major changes and much re-written 
-code.
-
-The main changes are :
-
-1). Oplock support now operational.
------------------------------------
-
-Samba now supports 'exclusive' and 'batch' oplocks.
-These are an advanced networked file system feature
-that allows clients to obtain a exclusive use of a 
-file. This allows a client to cache any changes it
-makes locally, and greatly improves performance.
-
-Windows NT has this feature and prior to this
-release this was one of the reasons Windows NT
-could be faster in some situations. Samba has
-now been benchmarked as out performing Windows
-NT on equivalently priced hardware.
-
-The oplock code in Samba has been extensively
-tested and is believed to be completely stable.
-
-Please report any problems to the samba-bugs alias.
-
-2). NetBIOS name daemon re-written.
------------------------------------
-
-The old nmbd that has caused some users problems
-has now been completely re-written and now is
-much easier to maintain and add changes to.
-
-Changes include support for multi-homed hosts
-in the same way as an NT Server with multiple
-IP interfaces behaves (registers with the WINS
-server as a multi-homed name type), and also
-support for multi-homed name registration in
-the Samba WINS server. Another added feature
-is robustness in the face of WINS server failure,
-nmbd will now keep trying to contact the WINS 
-server until it is successful, in the same
-way as an NT Server.
-
-Also in this release is an implementation
-of the Lanman announce protocol used by
-OS/2 clients. Thanks to Jacco de Leeuw for 
-this code.
-
-3). New Internationalization support.
--------------------------------------
-
-With this release Samba no longer needs to be
-separately compiled for Japanese (Kanji) support,
-the same binary will serve both Kanji and non-Kanji
-clients.
-
-A new method of dynamically loading client code pages
-has been added to allow the case insensitivity to
-be done dependent on the code page of the client.
-
-Note that Samba still will only handle one client
-code page at a time. This will be fixed when
-Samba is fully UNICODE enabled.
-
-Please see the new man page for make_smbcodepage
-for details on adding additional client code page
-support.
-
-4). New Printing support.
--------------------------
-
-An implementation of the Windows 95 automatic printer
-driver installation has been added to smbd. To use this
-new feature please read the document:
-
-docs/PRINTER_DRIVER.txt
-
-Thanks to Jean-Francois Micouleau, and also Herb Lewis
-of Silicon Graphics for this new code.
-
-Printer support on System V systems (notably Solaris)
-has been improved with the addition of code generously
-donated by Norm Jacobs of Sun Microsystems. Sun have
-also made a Solaris SPARC workstation available to the
-Samba Team to aid in their porting efforts.
-
-
-Changed code.
--------------
-
-Samba no longer needs the libdes library to support
-encrypted passwords. Samba now contains a restricted
-version of DES that can only be used for authentication
-purposes (to comply with the USA export encryption
-regulations and to allow USA Mirror sites to carry
-Samba source code). The 'encrypt passwords' parameter
-may now be used without recompiling.
-
-Much of the internals of Samba has been re-structured
-to support the oplock and Domain controller changes.
-
-Samba now contains an implementation of share modes
-using System V shared memory as well as the mmap()
-based code. This was done to allow the 'FAST_SHARE_MODES'
-to be used on more systems (especially HPUX 9.x) that
-have System V shared memory, but not the mmap() call.
-
-The System V shared memory code is used by default on
-many systems as it has benchmarked as faster on many
-systems.
-
-The Automount code has been slightly re-shuffled, such
-that the home directory (and profile location) can be
-specified by \\%N\homes and \\%N\homes\profiles
-respectively, which are the defaults for these values.
-If -DAUTOMOUNT is enabled, then %N is the server
-component of the user's NIS auto.home entry.  Obviously,
-you will need to be running Samba on the user's home
-server as well as the one they just logged in on.
-
-The RPC Domain code has been moved into a separate directory
-rpc_pipe/, and a LGPL License issued specifically for code
-in this directory.  This is so that people can use this
-code in other projects.
-
-Missing feature.
-----------------
-
-One feature that we wanted to get into this release
-that was not possible due to the re-write of the nmbd
-code was the scalability features in the Samba WINS server.
-This feature is now tentatively scheduled for the next
-release (1.9.19). Apologies to anyone who was hoping
-for this feature to be included. The nmbd re-write
-will make it much easier to add such things in future.
-
-New parameters in smb.conf.
----------------------------
-
-New Global parameters.
-----------------------
-
-Documented in the smb.conf man pages :
-
-	"bind interfaces only"
-
-        "lm announce"
-        "lm interval"
-
-	"logon drive"
-	"logon home"
-
-        "min wins ttl"
-        "max wins ttl"
-
-	"username level"
-
-New Share level parameters.
----------------------------
-
-Documented in the smb.conf man pages :
-
-	"delete veto files"
-	"oplocks"
-
-Nascent web interface for configuration.
-----------------------------------------
-
-source/wsmbconf.c is a cgi-bin program for editing smb.conf. It can
-also be run standalone. This is in a very early stage of development.
-
-Debugging support.
-------------------
-
-smbd and nmbd will now modify their debug log level when
-they receive a USR1 signal (increase debug level by one)
-and USR2 signal (decrease debug level by one). This has
-been added to aid administrators track down faults that
-only occur after long periods of time, or transiently.
-
-Reporting bugs.
----------------
-
-If you have problems, or think you have found a
-bug please email a report to :
-
-	<a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-Please state the version number of Samba that
-you are running, and *full details* of the steps
-we need to reproduce the problem.
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-	The Samba Team.
-</pre>
-<HR size=4>
-<a href="samba.html">SAMBA Web Pages</a> maintained by <A HREF="http://lake.canberra.edu.au/pwb/pwbhome.html"><I>Paul Blackman</I></A>,
- <img src="images/mailto.gif"> <I>samba-bugs@samba.org</I>
-<BR> SAMBA created by <I>Andrew Tridgell</I>, <img src="images/mailto.gif"> <A HREF="mailto:samba-bugs@samba.org"><I>samba-bugs@samba.org</I></A>
-<br><font size=-3><i>All trademarks are the sole property of their respective owners.</font><br>
-</BODY>
-</HTML>
diff --git a/whatsnew/samba1.9.18p5.html b/whatsnew/samba1.9.18p5.html
deleted file mode 100755
index 1ee4997..0000000
--- a/whatsnew/samba1.9.18p5.html
+++ /dev/null
@@ -1,629 +0,0 @@
-<HTML><HEAD><TITLE>Samba: New Patch Release - 1.9.18p5</TITLE></HEAD>
-<BODY background="images/back.gif">
-<p align=center>
-<a href="samba.html"><IMG border=0 SRC="images/sambaani64.gif" ALT="****  SAMBA Web Pages  ****"></a>
-<HR size=4 width=75% align=center>
-<H3>
-The Samba Team are pleased to announce Samba 1.9.18p5.
-</H3>
-<pre>
-It may be fetched via ftp from :
-
-<a href="ftp://samba.org/pub/samba/samba-1.9.18p5.tar.gz">ftp://samba.org/pub/samba/samba-1.9.18p5.tar.gz</a>
-
-This is a bugfix release, designed to address issues
-that users have reported with the 1.9.18p4 release.
-It is intended that the next Samba release will be an
-alpha of Samba 1.9.19, which will contain significant
-new functionality for integrating Samba into a Windows
-NT Domain environment.
-
-There is some new functionality in this release,
-described below.
-
-Encrypted Password Migration Support.
--------------------------------------
-
-This code, donated by Bruce Tenison, allows sites that
-currently are using plaintext password authentication
-against a UNIX password database to migrate to encrypted
-SMB authentication by collecting users passwords as they
-log in, and updating a smbpasswd file with passwords
-deemed correct when checked against the UNIX password
-database. This allows a Samba administrator to set up
-a smbpasswd file and allow it to be updated as users
-log in, until all users encrypted passwords have been
-collected, and then turn Samba over to encrypted password
-support without disruption to the users or forcing them
-to re-enter all their passwords at changeover time.
-Details on this are in the release notes below.
-
-Improved smbtar support.
-------------------------
-
-The changes to smbtar by Richard Sharpe of the Samba Team
-were funded by Canon Information Systems Research Australia
-(CISRA). The Samba Team would like to thank Canon Information
-Systems Research Australia for their funding this effort, as
-such sponsorship advances the Samba project significantly.
-
-Simplified Chinese Character support added. 
--------------------------------------------
-
-Samba now supports the Simplified Chinese codepage (936)
-as well as Japanese, Korean, and Traditional Chinese
-codepages.
-
-Binary Packages
----------------
-
-Binary packages are being prepared and will be available
-under the following ftp address by the end of the day,
-Monday May 11th 1998.
-
-<a href="ftp://samba.org/pub/samba/Binary_Packages/">ftp://samba.org/pub/samba/Binary_Packages/</a>
-
-Here are the release notes. Remember, all bugs
-are our responsibility - please report them
-to <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>.
-
-Regards,
-
-        The Samba Team.
-
--------------------------------------------------------------
-          WHATS NEW IN 1.9.18p5 - May 8th 1998.
-          =====================================
-
-This is the latest stable release of Samba. This is the
-version that all production Samba servers should be running
-for all current bug-fixes.
-
-Note that most Samba Team effort is now going into working on the
-next major release which should contain some Windows NT Domain 
-features. It is intended that any future work on the 1.9.18 series
-be maintenance only fixes.
-
-An announcement will be made when the first alpha release of the next
-Samba series is available.
-
-Added features in 1.9.18p5
---------------------------
-
-New parameters
---------------
-
-passwd chat debug
-
-This parameter is to allow Samba administrators to debug their password
-chat scripts more easily when they have "unix password sync" set. It is
-provided as a debugging convenience only and should be enabled only when
-debugging. Full documentation is in the smb.conf man page.
-
-update encrypted
-
-The code for this parameter was kindly donated by Bruce Tenison.
-If this parameter is set to "yes" (it defaults to "no") and an smbpasswd
-file exists containing all the valid users of a Samba system but
-no encrypted passwords (ie. the Lanman hash and NT hash entries in
-the file are set to "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"), then as
-users log in with plaintext passwords that are matched against  
-their UNIX password entries, their plaintext passwords will be  
-hashed and entered into the smbpasswd file. After all the users
-have successfully logged in using unencrypted passwords, the
-smbpasswd file will have the Lanman and NT hashes of these users
-UNIX passwords correctly stored. At that point the administrator
-can convert Samba to use encrypted passwords (and configure the
-Windows 95 and NT clients to send only encrypted passwords) and
-migrate to an encrypted setup without having to ask users to re-enter
-all their passwords explicitly. Note that to use this option the
-"encrypt passwords" parameter must be set to "no" when this option
-is set to "yes". See the smb.conf man page for up to date information 
-on this parameter.
-
-Updates to smbtar
------------------
-
-The following changes were developed by Richard Sharpe for Canon
-Information
-Systems Research Australia (CISRA). The Samba Team would like to thank
-Canon Information Systems Research Australia for their funding this
-effort, as such sponsorship advances the Samba project significantly.
-
-  1. Restore can now restore files with long file names
-  2. Save now saves directory information so that we can restore
-     directory creation times
-  3. tar now accepts both UNIX path names and DOS path names.
-
-New document in docs/ directory
--------------------------------
-
-A new document, PROFILES.txt has been added to the docs/ directory.
-This is still a work in progress (currently consisting of a series 
-of email exchanges) and will be updated over the coming releases.
-The document covers the task of getting roving profiles to work with
-a Samba server with Windows 95 and Windows NT clients.
-
-Bugfixes added since 1.9.18p4
------------------------------
-
-1). Samba should now compile cleanly with the gcc -Wstrict-prototypes
-option.
-2). New code page 852 tranlation table created by Petr Hubeny.
-3). New "update encrypted" parameter (described above).
-4). New "passwd chat debug" parameter (described above).
-5). Updates to smbtar (described above).
-6). Fix to do correct null session connections from nmbd and smbd.
-7). Synchronous open flag is now honoured.
-8). security=server now logs out correctly.
-9). Fix to stop long printer job listings causing Win95 and smbd to
-spin the CPU &amp; network.
-10). Multibyte character fix that prevented the "character set"
-parameter
-working in 1.9.18p4.
-11). Fix for problems with security=share and the [homes] share.
-12). NIS+ patch to get home directory info.
-13). Added FTRUNCATE_NEEDS_ROOT define for systems with broken
-ftruncate()
-call.
-14). Fix for nmbd not allowing log append mode.
-15). Fix for nmbd as a WINS server doing a name query after a WACK with
-the 'recursion desired' bit set - this would cause problems if directed
-at a machine running a WINS server.
-16). Correctly ignore "become backup browser" requests, rather than
-logging them as a problem.
-17). Use compressed names correctly as requested by RFC1002.
-18). Workaround for bug where NT allows a guest logon and 
-doesn't set the guest bit (in security=server mode).
-19). Added SOFTQ print type.
-20). Free filename on file close (long standing small memory leak fix).
-21). Fix for lp_defaultservice() getting overwritten by rotating string
-buffers.
-22). Print time in international, rather than USA, format.
-23). Fix to queue a trans2 open request when oplock break pending.
-24). Added Simplified Chinese codepage (936).
-25). Fixed expansion bug with %U, %G when multiple sessionsetups done
-in security &gt; SHARE mode.
-26). Change to DEC enhanced mode security code to allow the same
-binary to work when in enhanced and basic security mode. This change
-affects
-all systems that define OSF1_ENH_SEC at compile time.
-
-Previous release notes for 1.9.18p4 follow.
-=========================================================================
-
-Added features in 1.9.18p4
---------------------------
-
-Changing passwords now supported
---------------------------------
-
-Samba now supports changing the SMB password from a Windows 95 client,
-using the standard Windows 95 password changing dialog. Note that by
-default this changes the SMB password, not the UNIX password (Samba
-must be set up with encrypted passwords in order to support this).
-
-The smbpasswd program has been re-written to take advantage of this
-feature, and now has no need to be a setuid root program, thus
-eliminating
-a potential security hole. As a side effect of this change smbpasswd
-can now be used on a UNIX machine to change users passwords on an NT
-machine.
-
-The new password changing code can also synchronize a users UNIX
-password at the same time a SMB password is being changed, if Samba
-is compiled with password changing enabled, and the new parameter
-'unix password sync' is set to True. By default this is off, as
-it allows the password change program to be called as root, which
-may be considered a security problem at some sites.
-
-Name resolution order now user selectable
------------------------------------------
-
-The resolution of NetBIOS names into IP addresses can be done in
-several different ways (broadcast, lmhosts, DNS lookup, WINS). 
-Previous versions of Samba were inconsistant in which commands
-used which methods to look up IP addresses from a name. New in
-this version is a parameter (name resolve order, mentioned in
-the new parameters list below) that allows administrators to
-select the methods of name resolution, and the order in which
-such methods are applied. All Samba utilities have been changed
-to use the new name to IP address name resolution code and
-so this can be controlled from a central place.
-
-Expanded multi-byte character support
--------------------------------------
-
-In previous versions of Samba, Kanji (Japanese) character 
-support was treated as a special case, making it the only
-multi-byte character set natively supported in Samba. New
-code has been added to generalize the multi-byte codepage
-support, with the effect that other multibyte codepage support
-can be easily added. The new codepages that this version
-ships with are Korean Hangul and Traditional Chinese.
-
-New Parameters in 1.9.18p4
---------------------------
-
-name resolve order = lmhosts wins hosts bcast
-
-This parameter allows control over the order in which netbios name to
-IP Address resolution is attempted. Any method NOT specified will be
-excluded from the name resolution process. If this parameter is not
-specified then the above default order will be observed - this is
-consistent with prior releases. See the smb.conf and smbclient man
-pages for full details. See the above text for the announcement on
-this feature.
-
-fake directory create times
-
-This parameter is a compatibility option for software developers
-using Microsoft NMAKE make tool, saving files onto a Samba share.
-Setting this parameter to true causes Samba to lie to the client
-about the creation time of a directory, so NMAKE commands don't
-re-compile every file.
-
-unix password sync
-
-This parameter is set to False by default. When set to True, it
-causes Samba to attempt to synchronize the users UNIX password
-when a user is changing their SMB password. This causes the
-password change program to be run as root (as the new password
-change code has no access to the plaintext of the old password).
-Because of this, it is set off by default to allow sites to
-set their own security policy regarding UNIX and SMB password
-synchronization.
-
-This parameter has no effect if Samba has been compiled without
-password changing enabled.
-
-Changed compile-time default in 1.9.18p4
-----------------------------------------
-
-The maximum length of a printer share name has now been increased to 15
-characters - the same as file share names. Any one who needs to revert
-back
-to 8 character printer share name support can do so by adjusting the
-#define
-in local.h.
-
-Bugfixes added since 1.9.18p3
------------------------------
-
-1). Fix for nmbd leaving the child nmbd running when doing DNS
-lookups as a WINS server.
-2). Fix core dump in smbd when acting as a logon server with 
-security=share.
-3). Workaround for a bug in FTP OnNet software NBT implementation.
-It does a broadcast name release for WORKGROUP&lt;0&gt; and WORKGROUP&lt;1e&gt;
-names and don't set the group bit.
-4). Ensure all the NetBIOS aliases are added to all the known 
-interfaces on nmbd initialization.
-5). Fix bug in multiple query name responses print code.
-6). Fix to send out mailslot reply on correct interface.
-7). Fix retranmission queue to scan WINS server subnet so
-nmbd retransmits queries needed when acting as a WINS server.
-Thanks to Andrey Alekseyev &lt;<a href="mailto:fetch@muffin.arcadia.spb.ru">fetch@muffin.arcadia.spb.ru</a>&gt; for
-spotting this one.
-8). Send host announcement to correct 0x1d name rather than
-0x1e name.
-9). Fix for WINS server when returning multi-homed record,
-was returning one garbage IP address.
-10). Fix for Thursby Software's 'Dave' client - ensure
-that a vuid of zero is always returned for them when in
-share level security (the spec say's it shouldn't matter,
-but it was causing them grief).
-11). Added KRB4 authentication code.
-12). Fix to allow max printer name to be 15 characters (see above).
-13). Fix for name mangling cache bug - cache wasn't being
-used in some cases.
-14). Fix for RH5.0 broken system V shared memory include
-files.
-15). Fix for broken redirector use of resume keys between
-deletes in a directory. Samba now returns zero as resume
-keys (as does NT) and uses the resume filename instead.
-16). Fix for systems that have a broken implementation
-of isalnum() - was causing gethostbyname to fail.
-17). Fix for 'hide files' bug not working correctly (bug
-in is_in_path function - fix from Steven Hartland 
-&lt;<a href="mailto:steven_hartland@pa.press.net">steven_hartland@pa.press.net</a>&gt;.
-18). Fixed bug in smbclient where debug log level on the
-command line was being overridden by the log level in smb.conf.
-19). Fixed bug in USE_MMAP code where client sending
-a silly offset to readraw could cause a smbd core dump.
-
-Bugfixes added since 1.9.18p2
------------------------------
-
-1). Fix to cause oplocked files to be broken when open
-file table is full before giving up and reporting 'too
-many open files'. This fix seems to help many applications
-on Win95.
-2). Fix to stop extra files being closed in user logoff
-code.
-3). Fix to stop padded packet being returned on
-trans2 call. This bug could cause Windows 95 to freeze
-on some (rare) occasions.
-4). Added fix for Visual C++ filetime changes (see above).
-5). Made security check code an option (see above).
-6). Fixed printer job enumeration in smbclient.
-7). Re-added code into smbclient that causes it to do NetBIOS
-broadcast name lookups (as it used to in 1.9.17).
-8). Fixed code dump bug in smbtar.
-9). Fixed mapping code between Appletalk and Kanji filenames.
-10). Tuned shared memory size based on open file table size.
-11). Made nmbd log file names consistant with smbd.
-12). Fixed nmbd problem where packet queues could grow
-without bound when connection to WINS server was down.
-13). Fix for DCE login code.
-14). Fix for system V printing to remove extra space
-in printer name.
-15). Patch to add a new substitution paramter (%p) in
-a service patchname. Adds NIS home path (see the man page
-on smb.conf for details). Patch from Julian Field.
-16). Fix to stop smbpassword code from failing when
-parsing invalid uid fields.
-17). Made volume serial number constant based on machine
-and service name.
-18). Added expand environment variables code from Branko 
-Cibej. See the man page on smb.conf for details.
-19). Fixed warnings in change_lanman_password code.
-
-
-Bugfixes added since 1.9.18p1
------------------------------
-
-1). A deadlock condition in the oplock code has been found
-and fixed. This occured under heavy load at large sites. Several
-of the sites who reported the original problem have now been 
-testing the code in this (1.9.18p2) release for a week now with
-no problems (previously the problem occurred within 3-6 hours).
-(Thanks to Peter Crawshaw of Mount Allison University for
-his great help in tracking down this bug).
-2). Fix for a share level security problem that caused 
-'valid users' not to work correctly.
-3). Addition of Russian code page support.
-4). Fix to the password changing code (thanks to Randy Boring
-at Thursby Software Systems for this).
-5). More fixes to the Windows 95 printer driver support
-code from Herb Lewis at SGI.
-6). Two NetBIOS over TCP source name type fixes in nmbd.
-7). Memory leak in the dynamic loading of services in an
-smb.conf file fixed.
-8). LPRng parsing code fix.
-9). Fix to try and return a 'best guess' of create time
-under UNIX (which doens't store such a file attribute).
-10). Added parameters to samba/examples/smb.conf.default file :
-Remote announce, Remote browse sync, username map, filename
-case preservation and sensitivity options.
-11). Reply to trans2 calls now aligns all parameters and
-data on 4 byte boundary.
-12). Fixed SIGTERM bug where nmbd would hang on exit.
-13). Fixed WINS server bug to allow spaces in WINS names.
-
-Bugfixes added since 1.9.18
----------------------------
-
-1). Fix for oplock-break problem. If an open crossed
-with an oplock break on the wire it was possible for the 
-same fnum to be re-used. This caused a rare but fatal
-problem.
-2). Fix for adding printers to Windows NT 4.x. Now
-return correct "no space error" when buffer of zero 
-given.
-3). Fix for nmbd core dumps when running on architectures
-that cannot access structures on non-aligned boundaries
-(sparc, alpha etc).
-4). Compiler warnings in nmbd fixed.
-5). Makefile updated for Linux 2.0 versions (new smbmount
-commands should only be compiled for 2.1.x kernels).
-6). Addition of a timestamp to attack warning messages.
-
-Changes in 1.9.18.
-------------------
-
-This release contains several major changes and much re-written 
-code.
-
-The main changes are :
-
-1). Oplock support now operational.
------------------------------------
-
-Samba now supports 'exclusive' and 'batch' oplocks.
-These are an advanced networked file system feature
-that allows clients to obtain a exclusive use of a 
-file. This allows a client to cache any changes it
-makes locally, and greatly improves performance.
-
-Windows NT has this feature and prior to this
-release this was one of the reasons Windows NT
-could be faster in some situations. Samba has
-now been benchmarked as out performing Windows
-NT on equivalently priced hardware.
-
-The oplock code in Samba has been extensively
-tested and is believed to be completely stable.
-
-Please report any problems to the samba-bugs alias.
-
-2). NetBIOS name daemon re-written.
------------------------------------
-
-The old nmbd that has caused some users problems
-has now been completely re-written and now is
-much easier to maintain and add changes to.
-
-Changes include support for multi-homed hosts
-in the same way as an NT Server with multiple
-IP interfaces behaves (registers with the WINS
-server as a multi-homed name type), and also
-support for multi-homed name registration in
-the Samba WINS server. Another added feature
-is robustness in the face of WINS server failure,
-nmbd will now keep trying to contact the WINS 
-server until it is successful, in the same
-way as an NT Server.
-
-Also in this release is an implementation
-of the Lanman announce protocol used by
-OS/2 clients. Thanks to Jacco de Leeuw for 
-this code.
-
-3). New Internationalization support.
--------------------------------------
-
-With this release Samba no longer needs to be
-separately compiled for Japanese (Kanji) support,
-the same binary will serve both Kanji and non-Kanji
-clients.
-
-A new method of dynamically loading client code pages
-has been added to allow the case insensitivity to
-be done dependent on the code page of the client.
-
-Note that Samba still will only handle one client
-code page at a time. This will be fixed when
-Samba is fully UNICODE enabled.
-
-Please see the new man page for make_smbcodepage
-for details on adding additional client code page
-support.
-
-4). New Printing support.
--------------------------
-
-An implementation of the Windows 95 automatic printer
-driver installation has been added to smbd. To use this
-new feature please read the document:
-
-docs/PRINTER_DRIVER.txt
-
-Thanks to Jean-Francois Micouleau, and also Herb Lewis
-of Silicon Graphics for this new code.
-
-Printer support on System V systems (notably Solaris)
-has been improved with the addition of code generously
-donated by Norm Jacobs of Sun Microsystems. Sun have
-also made a Solaris SPARC workstation available to the
-Samba Team to aid in their porting efforts.
-
-
-Changed code.
--------------
-
-Samba no longer needs the libdes library to support
-encrypted passwords. Samba now contains a restricted
-version of DES that can only be used for authentication
-purposes (to comply with the USA export encryption
-regulations and to allow USA Mirror sites to carry
-Samba source code). The 'encrypt passwords' parameter
-may now be used without recompiling.
-
-Much of the internals of Samba has been re-structured
-to support the oplock and Domain controller changes.
-
-Samba now contains an implementation of share modes
-using System V shared memory as well as the mmap()
-based code. This was done to allow the 'FAST_SHARE_MODES'
-to be used on more systems (especially HPUX 9.x) that
-have System V shared memory, but not the mmap() call.
-
-The System V shared memory code is used by default on
-many systems as it has benchmarked as faster on many
-systems.
-
-The Automount code has been slightly re-shuffled, such
-that the home directory (and profile location) can be
-specified by \\%N\homes and \\%N\homes\profiles
-respectively, which are the defaults for these values.
-If -DAUTOMOUNT is enabled, then %N is the server
-component of the user's NIS auto.home entry.  Obviously,
-you will need to be running Samba on the user's home
-server as well as the one they just logged in on.
-
-The RPC Domain code has been moved into a separate directory
-rpc_pipe/, and a LGPL License issued specifically for code
-in this directory.  This is so that people can use this
-code in other projects.
-
-Missing feature.
-----------------
-
-One feature that we wanted to get into this release
-that was not possible due to the re-write of the nmbd
-code was the scalability features in the Samba WINS server.
-This feature is now tentatively scheduled for the next
-release (1.9.19). Apologies to anyone who was hoping
-for this feature to be included. The nmbd re-write
-will make it much easier to add such things in future.
-
-New parameters in smb.conf.
----------------------------
-
-New Global parameters.
-----------------------
-
-Documented in the smb.conf man pages :
-
-        "bind interfaces only"
-
-        "lm announce"
-        "lm interval"
-
-        "logon drive"
-        "logon home"
-
-        "min wins ttl"
-        "max wins ttl"
-
-        "username level"
-
-New Share level parameters.
----------------------------
-
-Documented in the smb.conf man pages :
-
-        "delete veto files"
-        "oplocks"
-
-Nascent web interface for configuration.
-----------------------------------------
-
-source/wsmbconf.c is a cgi-bin program for editing smb.conf. It can
-also be run standalone. This is in a very early stage of development.
-
-Debugging support.
-------------------
-
-smbd and nmbd will now modify their debug log level when
-they receive a USR1 signal (increase debug level by one)
-and USR2 signal (decrease debug level by one). This has
-been added to aid administrators track down faults that
-only occur after long periods of time, or transiently.
-
-Reporting bugs.
----------------
-
-If you have problems, or think you have found a
-bug please email a report to :
-
-        <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-Please state the version number of Samba that
-you are running, and *full details* of the steps
-we need to reproduce the problem.
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-        The Samba Team.
-</pre>
-<HR size=4>
-<a href="samba.html">SAMBA Web Pages</a> maintained by <A HREF="http://lake.canberra.edu.au/pwb/pwbhome.html"><I>Paul Blackman</I></A>,
- <img src="images/mailto.gif"> <I>samba-bugs@samba.org</I>
-<BR> SAMBA created by <I>Andrew Tridgell</I>, <img src="images/mailto.gif"> <A HREF="mailto:samba-bugs@samba.org"><I>samba-bugs@samba.org</I></A>
-<br><font size=-3><i>All trademarks are the sole property of their respective owners.</font><br>
-</BODY>
-</HTML>
diff --git a/whatsnew/samba1.9.18p6.html b/whatsnew/samba1.9.18p6.html
deleted file mode 100755
index 5c23cde..0000000
--- a/whatsnew/samba1.9.18p6.html
+++ /dev/null
@@ -1,94 +0,0 @@
-<HTML><HEAD><TITLE>Samba: New Security Patch Release - 1.9.18p6</TITLE></HEAD>
-<BODY background="images/back.gif">
-<p align=center>
-<a href="samba.html"><IMG border=0 SRC="images/sambaani64.gif" ALT="****  SAMBA Web Pages  ****"></a>
-<HR size=4 width=75% align=center>
-<H3>
-Announcing Samba1.9.18p6 and more :^)
-</H3>
-<pre>
-<b>[A message from Andrew Tridgell]</b>
-I've just released version 1.9.18p6 of Samba.
-
-This release is in response to a potential security hole pointed out
-by Drago on BugTraq. The security hole involed a buffer overflow in
-the filename handling in reply_*()
-
-It is not at all clear that the security hole is actually
-exploitable. The existing code that checks for buffer overflows in
-Samba does catch the proposed exploit as posted to BugTraq but we
-considered it a grave enough risk that an immediate patch release is
-warranted. Note that if the hole is exploitable then it will only be
-possible to exploit it if the attacker already has write access to the
-exported filesystem.
-
-It is highly recommended that everyone upgrade to version 1.9.18p6 of
-Samba to avoid any possible exposure to this security hole.
-
-The new release is available from <a href="ftp://samba.org/pub/samba/">ftp://samba.org/pub/samba/</a>
-
-Cheers, Andrew
-
-<b>[And a message from Jerrimy Allison]</b>
-Hi all,
-
-        Over the weekend (isn't it always :-), someone
-on the BugTraq list posted an analysis (not exploit code)
-of a potential buffer overrun in Samba, that has been
-present in all versions (including 1.9.18p5). As Andrew
-Tridgell was working over the weekend he quickly produced
-a fix for this (it was a problem with code using sprintf)
-and released it as 1.9.18p6 on Sunday, May 11th.
-
-Please note that there is no published root exploit for this
-problem, other than a denial of service (which is still very
-serious).
-
-Unfortunately, in the haste to fix the problem he used
-a non-POSIX api, memalign(), in code to simulate the
-snprintf() call that sprintf was replaced with. This and
-some of the fix code has caused compile problems on some
-UNIX systems.
-
-In order to fix these compile problems on as wide a
-range of systems as possible, I'd appreciate it if
-people could send me the man pages for the following
-functions on their systems.
-
-These functions are :
-
-vsnprintf
-getpagesize
-sysconf
-memalign
-mprotect
-valloc
-
-People with the following systems need not send man
-pages, as the Samba Team already has access to these
-and we will check ourselves :
-
-SGI IRIX (all versions).
-Sun Solaris (versions 2.4 or above).
-Linux (all versions)
-FreeBSD (all versions)
-
-When sending the man pages please remember to mention
-what system these pages are for : eg. HPUX 10.x, HPUX 9.x
-SunOS 4.x etc.
-
-Please send the man pages to <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-Thanks in advance,
-
-	Jeremy Allison,
-	Samba Team.
-
-</pre>
-<HR size=4>
-<a href="samba.html">SAMBA Web Pages</a> maintained by <A HREF="http://lake.canberra.edu.au/pwb/pwbhome.html"><I>Paul Blackman</I></A>,
- <img src="images/mailto.gif"> <I>samba-bugs@samba.org</I>
-<BR> SAMBA created by <I>Andrew Tridgell</I>, <img src="images/mailto.gif"> <A HREF="mailto:samba-bugs@samba.org"><I>samba-bugs@samba.org</I></A>
-<br><font size=-3><i>All trademarks are the sole property of their respective owners.</font><br>
-</BODY>
-</HTML>
diff --git a/whatsnew/samba1.9.18p7.html b/whatsnew/samba1.9.18p7.html
deleted file mode 100755
index 61446bd..0000000
--- a/whatsnew/samba1.9.18p7.html
+++ /dev/null
@@ -1,85 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-<pre>
-It may be fetched via ftp from :
-
-<a href="ftp://samba.org/pub/samba/samba-1.9.18p7.tar.gz">ftp://samba.org/pub/samba/samba-1.9.18p7.tar.gz</a>
-
-This release is a security patch fix for a security hole
-reported on BugTraq by Drago. No exploit code was 
-published with the report, so no immediate 'canned' 
-exploit was available to an attacker
-
-The security hole may have allowed authenticated users to
-subvert security on the server by overflowing a buffer in
-a filename rename operation. 
-
-It is as yet undetermined whether the security hole is 
-actually exploitable because of existing buffer overflow
-checks in Samba and the limitations on available characters
-in filenames on UNIX systems but the Samba Team considered the
-threat of a possible security hole enough to warrant a patch
-release.
-
-The previous release 1.9.18p6, which was intended to fix the
-security hole, has compile problems on several platforms, and
-should not be used.
-
-It is recommended that all sites assume that the security hole
-is exploitable and upgrade to version 1.9.18p7 of Samba.
-
-An extensive security review has taken place on the code
-in this release, and all code that has potential for a
-buffer overflow attack has been replaced with bounds checking
-equivalent code. As always, extra checking over the code
-for potential security problems is very welcome.
-
-Binary packages will be made available for this release,
-once feedback has shown this release fixes the exploit.
-Offets of binary Samba packages for various systems are 
-welcome and should be sent to <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>.
-
-Without further ado, here are the release notes.
-
-Regards,
-
-	The Samba Team.
-
----------------------------------------------------------------------
-
-          WHATS NEW IN 1.9.18p7 - May 12th 1998.
-          ======================================
-
-This is the latest stable release of Samba. This is the
-version that all production Samba servers should be running
-for all current bug-fixes.
-
-This release is a security hole patch fix for a security hole reported
-on BugTraq by Drago. The security hole may have allowed authenticated
-users to subvert security on the server by overflowing a buffer in a
-filename rename operation. It is as yet undetermined whether the
-security hole is actually exploitable because of existing buffer
-overflow checks in Samba and the limitations on available characters
-in filenames but the Samba Team considered the threat of a possible
-security hole enough to warrant an immediate patch release.
-
-It is highly recommended that all sites assume that the security hole
-is exploitable and upgrade to version 1.9.18p7 of Samba.
-
-The previous release 1.9.18p6, which was intended to fix the
-security hole, has compile problems on several platforms, and
-should not be used.
-
-If you have problems, or think you have found a bug please email 
-a report to :
-
-        <a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-        The Samba Team. 
-</pre>
-
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba1.9.18p8.html b/whatsnew/samba1.9.18p8.html
deleted file mode 100755
index 15f52a8..0000000
--- a/whatsnew/samba1.9.18p8.html
+++ /dev/null
@@ -1,103 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-<pre>
-It may be fetched via ftp from :
-
-<a href="ftp://samba.org/pub/samba/samba-1.9.18p8.tar.gz">ftp://samba.org/pub/samba/samba-1.9.18p8.tar.gz</a>
-
-Binary packages will be made available for this release
-within a short time. A separate announcement will be made
-for the release of these packages.
-
-Offers of binary Samba packages for various systems are 
-welcome and should be sent to <a
-href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-If you have problems, or think you have found a bug please email 
-a report to :
-
-
-<a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-
-As always, all bugs are our responsibility.
-Without further ado, here are the release notes.
-
-
-Regards,
-
-The Samba Team.
-
-
----------------------------------------------------------------------
-WHATS NEW IN 1.9.18p8 - June 12th 1998.
-======================================
-
-
-This is the latest stable release of Samba. This is the
-version that all production Samba servers should be running
-for all current bug-fixes.
-
-
-Note that most Samba Team effort is now going into working on the
-next major release which should contain some Windows NT Domain 
-features. It is intended that any future work on the 1.9.18 series
-be maintenance only fixes.
-
-
-An announcement will be made when the first alpha release of the next
-Samba series is available.
-
-
-Bugfixes added since 1.9.18p7
------------------------------
-<ol>
-<li>Fixed bug so Samba returns ERROR_MORE_DATA for long share
-lists that won't fit in the data buffer given by the client.
-<li>Made mapping of Windows to UNIX usernames only occur once per
-name.
-<li>Cause changing of SMB password to fail if UNIX pasword change
-fails and unix password sync is set.
-<li>Ensure the Samba names are added to the remote broadcast subnet
-to allow NT workstations to do a directed broadcast node status
-query (they seem to want to do this for some reason).
-<li>Fixed HPUX10 Trusted systems bigcrypt password authentication
-call.
-<li>Ensure smbd doesn't crash if 'account disabled' set in smbpasswd
-file.
-<li>Ensured 'revalidate' parameter is only checked if we're in share
-level security.
-<li>Ensure that password lengths are sanity checked even if in server
-level security.
-<li>Fix bug with multi-user NT systems where a file currently open by
-one user could always be opened by another.
-<li>Ensure we save the current user info and restore it correctly
-whilst in the oplock break state.
-<li>Added some simple sanity checks to testparam.
-<li>Added timezone sanity checks.
-<li>Re-wrote wildcard handling for trans2 calls. Wildcard matching
-now seems to be *identical* to NT (as far as I can tell).
-<li>Added facility for user list code to be explicit about checking
-UNIX group database or NIS netgroup list. Updated smb.conf 
-detailing this.
-<li>Fixed bug in multibyte character handling when parsing a pathname.
-<li>Fixed file descriptor leak in client code.
-<li>Fixed QSORT_CAST compile bugs on many systems.
-<li>Added codepages 737 (Greek) and 861 (Icelandic).
-</ol>
-
-If you have problems, or think you have found a bug please email 
-a report to :
-
-
-<a href="mailto:samba-bugs@samba.org">samba-bugs@samba.org</a>
-
-
-As always, all bugs are our responsibility.
-
-Regards,
-
-The Samba Team. 
-</pre>
-
-<!--#include virtual="/samba/footer.html" -->
diff --git a/whatsnew/samba2.0.press.html b/whatsnew/samba2.0.press.html
deleted file mode 100755
index a453014..0000000
--- a/whatsnew/samba2.0.press.html
+++ /dev/null
@@ -1,138 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-<CENTER>
-<P><B><U><FONT SIZE=5>Samba Team Releases Samba 2.0</FONT></U></B></P>
-<P><B><U><FONT SIZE=5>World's Fastest Windows Server Software</FONT></U>
-</B></P>
-</CENTER>
-<P></P>
-<P>Canberra, Australia,  January 1999. The Samba Team is pleased to announce
-Samba 2.0, a major new release of the award winning Open Source UNIX&#174;
-file and print server suite for Microsoft Windows &#174; clients.</P>
-<P></P>
-<P><U><FONT SIZE=4>World's Fastest Windows File Server</FONT></U></P>
-<P>Samba 2.0 has been benchmarked using the Ziff-Davis NetBench &#174;
-benchmarking suite as the world's fastest Windows server, achieving 193
-megabits per second file serving performance on a Silicon Graphics Origin 200
-&#174; server with 60 Windows clients.</P>
-<P></P>
-<P><U><FONT SIZE=4>Integration into Windows NT Domains</FONT></U></P>
-<P>Samba 2.0 features the first non-Microsoft implementation of the Windows NT
-Domain authentication protocols, allowing a Samba 2.0 server to be seamlessly
-integrated into an existing Windows NT Domain. Samba 2.0 is free from client
-license fees and is the perfect way to add additional high performance Windows
-file servers using existing UNIX or low cost Linux&#174; machines.</P>
-<P></P>
-<P><U><FONT SIZE=4>New Easy to use Administration</FONT></U></P>
-<P>Samba 2.0 features the Samba Web Administration Tool (SWAT) allowing a
-Samba 2.0 server to be easily administered via any Web browser from any
-client. SWAT features an integrated help system and the ability to change user
-passwords on any Samba or Microsoft Windows NT &#174; server.</P>
-<P></P>
-<P><U><FONT SIZE=4>Award Winning UNIX and Windows Integration</FONT></U>
-</P>
-<P>Samba won the Windows NT Systems Magazine 1998 &quot;Exceptional Products
-in Systems Management&quot; award for Unix Connectivity Tools. In the January
-1999 awards issue Samba received the following praise :</P>
-<P></P>
-<P>&quot;Samba is solid, well documented, and feature rich. It is proof that
-commercial quality software can be had for free.&quot;</P>
-<P></P>
-<P><U><FONT SIZE=4>The Leading Choice for Windows Connectivity</FONT></U>
-</P>
-<P>Samba has been adopted by Silicon Graphics &#174; as a supported product,
-Samba for IRIX. Silicon Graphics said of Samba :</P>
-<P></P>
-<P>&quot;Samba for IRIX provides the best combination of features,
-performance, and data integrity among the available software solutions for
-serving files via the SMB/CIFS protocol from UNIX.&quot;</P>
-<P></P>
-<P>Samba is also the leading choice of &quot;Thin Server&quot; vendors, who
-integrate Samba in their products to provide file service to Windows desktops.
-Samba is used by leading vendors such as Cobalt Networks Inc. in their Cobalt
-Qube &#174;  microserver, Whistle Communications &#174; in their Whistle
-InterJet &#174; Internet connectivity solution, Corel Computer Corp. &#174; in
-their NetWinder &#174; GS server, and by Realm Information Technologies &#174;
-in their REALM &#174; Universal Server product. Realm Information Technologies
-said of Samba :</P>
-<P></P>
-<P>&quot;REALM chose SAMBA for numerous reasons: it was Open Source, very well
-supported, easily available and cost effective. Little did we know that we
-were getting incredible performance and stability. Our choice of SAMBA
-provides our customers with file services that are some of the fastest
-available on the market today.&quot;</P>
-<P></P>
-<P><U><FONT SIZE=4>Open Source Robustness and Flexibility</FONT></U></P>
-<P>As an Open Source product, Samba 2.0 comes with the complete source code to
-all components of the software. This leads to the legendary Open Source
-software stability and complete customer flexibility demanded in today's high
-availability file serving environments. In addition, Samba 2.0 is commercially
-supported by a worldwide list of corporations and consultants, competing to
-provide the customer with world class customer support. A listing of support
-options is available at <A HREF="http://www.samba.org"> www.samba.org </A></P>
-<P></P>
-<P><U><FONT SIZE=4>Year 2000 Compliant</FONT></U></P>
-<P>Samba 2.0 is fully Y2K compliant.</P>
-<P></P>
-<P><U><FONT SIZE=4>Customer Testimonials</FONT></U></P>
-<P>Here's what some of our customers have to say about Samba.</P>
-<P></P>
-<P>Daniel Petzen of Ericsson Microwave Systems (a wholly owned subsidiary of
-Ericsson) writes :</P>
-<P></P>
-<P>We've been running Samba for about a year and a half. We have approximately
-700 simultaneous users on 5 UNIX servers serving different NT domains. On our
-main domain Samba-server we have approximately 500 users and more than 900
-connections during the main part of working hours. The server (a Sun E450) is
-humming along with an average workload of 0.15. None of the servers have ever
-crashed or failed to function properly due to Samba. Needless to say: We're
-quite, <U>quite</U> impressed over here. Thank you for a wonderful program.
-</P>
-<P></P>
-<P>Dr. Curtis J. Hoff, President, Hoff and Associates, Inc., says :</P>
-<P></P>
-<P>&quot;Samba is the critical component enabling Hoff and Associates to
-successfully migrate from an all Unix environment to a mixed NT workstation /
-Unix compute server environment.  Ease of use, performance, robustness and, of
-course, cost are some of Samba's many strengths.&quot;</P>
-<P></P>
-<P>David Wolf, President, Computer Planet, says :</P>
-<P></P>
-<P>&quot;As RedHat's only Hardware Partner in Canada, we rely on Samba to
-provide us with stable, secure, fast and error free communications between our
-exclusive line of Linux servers and our customer's legacy Windows systems.
-Samba is perhaps the finest product we have encountered in a long, long time.
-It does what it says it does--in fact, it works better and faster than the
-native Windows NT file sharing capabilities!&quot; </P>
-<P></P>
-<P>Chris Peck, Computer Systems Engineer and Tripp Parks, Student Network Student Engineer, 
-College of William &amp; Mary, Williamsburg, VA say :</P>
-<P></P>
-<P>&quot;The College of William and Mary began testing Samba in the Spring of
-1998.  Our test worked out so well that we decided to implement it throughout
-the campus in time for the Fall semester of 1998. The combination of Unix and
-Samba has more than met our goals of providing an extremely flexible and
-robust environment.  We are currently using Samba to serve 10755 users on 2800
-client machines.&quot;</P>
-<P></P>
-<P> <U><FONT SIZE=4>Getting Samba 2.0</FONT></U></P>
-<P>Samba 2.0 is available now from the Samba Web site and all worldwide mirrors.
-</P>
-<P><A HREF="http://www.samba.org"> www.samba.org </A></P>
-<P>Samba 2.0 is fully portable, POSIX compliant software that runs on a
-variety of UNIX and UNIX-like systems including AIX &#174;, DG/UX &#174;,
-FreeBSD, HPUX&#174;, IRIX &#174;, Linux&#174;,  SCO OpenServer &#174;, Solaris
-&#174;, and UnixWare &#174;.</P>
-<P></P>
-<P><U><FONT SIZE=4>About the Samba Team</FONT></U></P>
-<P>The Samba Team is a worldwide group of computer professionals working
-together via the Internet to produce the highest quality Open Source Windows
-protocol (SMB/CIFS) server software. They may be contacted at the email
-address : <A HREF="mailto:samba-bugs@samba.org"> samba-bugs@samba.org.</A></P>
-<P></P>
-<CENTER>
-<P><B><U><FONT SIZE=5>Samba - &quot;Opening Windows to a Wider World&quot;
-</FONT></U></B></P>
-</CENTER>
-<!--#include virtual="/samba/footer.html" -->
-
diff --git a/whatsnew/samba2.2.press.html b/whatsnew/samba2.2.press.html
deleted file mode 100755
index ee8ec67..0000000
--- a/whatsnew/samba2.2.press.html
+++ /dev/null
@@ -1,106 +0,0 @@
-<HTML>
-<HEAD>
-<TITLE>Samba 2.2.0 - Powering the next generation of Network Attached Storage</TITLE>
-<!--Created by Applixware HTML Author, Release 5.00 (1315) on Tue Apr 17 13:55:57 2001-->
-<!--Ax:WP:DocVar:HTMLOriginalPath@:"/home/jeremy/docs/samba-2.2.0release.html"-->
-</HEAD>
-<BODY BGCOLOR="#fefefe">
-<CENTER>
-<P><B><U><FONT SIZE=6>Samba 2.2.0 - Powering the next generation of Network
-Attached Storage.</FONT></U></B></P>
-</CENTER>
-<P></P>
-<P><U><FONT SIZE=4>17 April 2001.</FONT></U></P>
-<P></P>
-<P><FONT SIZE=4>The Samba Team is proud to announce a new major release of
-Samba, version 2.2.0. This release includes significant feature enhancements
-for Samba, and sets the standard for UNIX&#174; and Microsoft Windows&#174; integration.</FONT></P>
-<P></P>
-<P><FONT SIZE=5>Enhancements include :</FONT></P>
-<P></P>
-<P><FONT SIZE=4><FONT FACE="symbol"><B>o</B>&#9;</FONT>Integration of server
-terminated leases (Windows &quot;oplocks&quot;) with UNIX NFS sharing (Linux
-2.4 kernel and IRIX only). Complete data and locking integrity when sharing
-files between UNIX and Windows.</FONT></P>
-<P></P>
-<P><FONT SIZE=4><FONT FACE="symbol"><B>o</B>&#9;</FONT>Ability to act as an
-authentication source for Windows 2000&#174; and Windows NT&#174; clients,
-allowing savings on the purchase of Microsoft&#174; Client Access Licenses.</FONT></P>
-<P></P>
-<P><FONT SIZE=4><FONT FACE="symbol"><B>o</B>&#9;</FONT>Full support for the
-automatic downloading of Windows 2000 and Windows NT printer drivers,
-providing the first full implementation of the Windows NT point-and-print
-functionality independent of Microsoft code.</FONT></P>
-<P></P>
-<P><FONT SIZE=4><FONT FACE="symbol"><B>o</B>&#9;</FONT>Unification of Windows
-2000 and Windows NT Access control lists (ACLs) with UNIX Access control
-lists. Allow Windows clients to directly manipulate UNIX Access control
-entries as though they were Windows ACLs.</FONT></P>
-<P></P>
-<P><FONT SIZE=4><FONT FACE="symbol"><B>o</B>&#9;</FONT>Single sign-on
-integration using the winbind server (available separately). Allow UNIX
-servers to use Windows 2000 and Windows NT Domain controllers as a user and
-group account server. Manage all user and group accounts from a single source.</FONT></P>
-<P></P>
-<P><FONT SIZE=4><FONT FACE="symbol"><B>o</B>&#9;</FONT>Microsoft Distributed
-File System&#174; (DFS) support. Samba 2.2.0 can act as a DFS server in a
-Microsoft network.</FONT></P>
-<P></P>
-<P><FONT SIZE=4><FONT FACE="symbol"><B>o</B>&#9;</FONT>Share level security
-setting. Allow security on Samba shares to be set by Microsoft client tools.</FONT></P>
-<P></P>
-<P><FONT SIZE=4><FONT FACE="symbol"><B>o</B>&#9;</FONT>Many other feature
-enhancements and bug fixes.</FONT></P>
-<P></P>
-<P><U><FONT SIZE=5>About Samba</FONT></U></P>
-<P></P>
-<P><FONT SIZE=4>Samba is an Open Source/Free Software implementation of the
-Microsoft CIFS/SMB protocols for UNIX systems. In development for ten years,
-Samba is considered to be the reference implementation of the CIFS/SMB
-protocol for UNIX systems. Samba test tools are used by all the CIFS/SMB
-vendors to test and fix their protocol implementations.</FONT></P>
-<P></P>
-<P><FONT SIZE=4>Samba is currently used in Network attached storage (NAS) and
-other products from the following vendors (Note: this does not imply
-endorsement by these vendors, please contact the vendor marketing departments
-separately for comments).</FONT></P>
-<P></P>
-<P><FONT SIZE=4>IBM&#174;, SGI&#174; (Samba for IRIX), Sun Microsystems
-&#174;(Cobalt Qube), Hewlett Packard&#174; (CIFS/9000), VERITAS&#174;, VA
-Linux Systems&#174;, REALM Information Technologies &#174;, Network
-Concierge&#174;,  Procom &#174; and many others.</FONT></P>
-<P></P>
-<P><FONT SIZE=4>In addition, Samba is shipped as a standard part of
-Linux&#174; offerings from Linux vendors such as Red Hat&#174;, Caldera&#174;,
-SuSE&#174;, Mandrake&#174;, TurboLinux &#174; and others.</FONT></P>
-<P></P>
-<P><FONT SIZE=4>Samba is being used worldwide to solve the problem of
-integrating hetrogeneous networks by corporations such as Agilent Technologies
-&#174;,  CISCO Systems &#174;, and many others in addition to educational
-establishments and individuals</FONT></P>
-<P></P>
-<P><FONT SIZE=4>Best of all Samba is an Open Source/Free software project,
-available under the GNU GPL license meaning that source code for Samba is
-freely available for anyone to modify and customize.</FONT></P>
-<P></P>
-<P><FONT SIZE=4>Code from the Samba Team and individuals around the world has
-been integrated and tested to create Samba. In addition the following
-corporations have made significant donations of code, effort, testing
-facilities and support to make this release possible :</FONT></P>
-<P></P>
-<P><FONT SIZE=4>Linuxcare (now TurboLinux), VA Linux Systems, Caldera, SGI,
-Hewlett Packard, VERITAS, IBM.</FONT></P>
-<P></P>
-<P><FONT SIZE=4>This new release may be downloaded from our Web site at :</FONT></P>
-<P></P>
-<P><A HREF="http://www.samba.org">http://www.samba.org</A></P>
-<P></P>
-<P>For press enquiries about this release please contact either Jeremy Allison (<A HREF="mailto:jra@samba.org">jra@samba.org</A>),
-Andrew Tridgell (<A HREF="mailto:tridge@samba.org">tridge@samba.org</A>) or
-John Terpstra (<A HREF="mailto:jht@samba.org">jht@samba.org</A>).</P>
-<CENTER>
-<P><FONT SIZE=5>Samba - the <B><I>SOURCE</I></B>  for Windows Networking !</FONT></P>
-</CENTER>
-<P></P>
-</BODY>
-</HTML>
diff --git a/whatsnew/sgi-sponsor.html b/whatsnew/sgi-sponsor.html
deleted file mode 100755
index 10a0574..0000000
--- a/whatsnew/sgi-sponsor.html
+++ /dev/null
@@ -1,39 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-<H2 align="center">SGI Sponsors samba.org</H2>
-
-Continuing their generous support of the Samba project, <a
-href="http://www.sgi.com/">Silicon Graphics</a> has announced that
-they will be sponsoring the bandwidth costs of <a
-href="http://www.samba.org">www.samba.org</a>.<p>
-
-Up till now the network costs for the central server of the Samba
-project have been borne by the <a
-href="http://cs.anu.edu.au/">Department of Computer Science</a> at the
-<a href="http://www.anu.edu.au">Australian National University</a> but
-the increasing popularity of Samba has pushed these network costs
-beyond what the departments budget can sustain, despite the recent
-addition of a large number of <a href="http://www.samba.org">mirror
-sites</a>.  Silicon Graphics has kindly offered to take on the network
-costs of the main site.<p>
-
-This sponsorship is a continuation of the commitment that SGI has made
-to the Samba project and open source development projects in
-general. The hardware behind <a
-href="http://www.samba.org">www.samba.org</a> is a Silicon Graphics <a
-href="http://www.sgi.com/origin/">Origin 200</a> server donated in
-1997 and still going strong. SGI also employs Jeremy Allison, a key
-Samba Team member, to work on the development of Samba. Earlier this
-year SGI announced its support of Samba as a <a
-href="http://www.sgi.com/software/samba/index.html">commercial
-product</a>.<p>
-
-The Samba Team sees this sort of sponsorship as a very important part
-of the future development of open source software efforts. When
-industry works together with the open source community the results can
-be <a
-href="http://www.zdnet.com/products/stories/reviews/0,4161,394079,00.html">very
-impressive</a>.
-
-<!--#include virtual="/samba/footer.html" -->
-
diff --git a/whatsnew/sunbench.html b/whatsnew/sunbench.html
deleted file mode 100755
index ee6bd03..0000000
--- a/whatsnew/sunbench.html
+++ /dev/null
@@ -1,14 +0,0 @@
-<!--#include virtual="/samba/header.html" -->
-
-   <H2>Samba on Sun E450 reported to be 231.954 Mbits/Sec.</H2>
-
-<p>
-In a statement given to the Samba Team,
-<a href="http://www.sun.com">A testing Lab within Sun Microsystems</a> says :
-</p>
-<p>
-&quot;We have measured Netbench performance of Samba on Solaris 2.6 on an E450
-at 231.954 Mbits/Sec.  While not officially supported by Sun, Samba has been found by many
-of Sun's customers to be a high quality, acceptable solution.&quot;
-</p>
-<!--#include virtual="/samba/footer.html" -->
-- 
2.34.1