[SCM] Samba Shared Repository - branch v4-0-test updated

Andrew Bartlett abartlet at samba.org
Sun Jan 10 23:07:45 MST 2010

The branch, v4-0-test has been updated
       via  c41fb54... more WHATSNEW4
       via  1a76c80... This is Samba4 alpha11!
       via  4f6e9a0... release notes for Samba4 alpha11 (to be released this week)
       via  73422e7... Revert "s4:provision_users.ldif - Import all essential groups for Windows Server 2008 mode"
       via  3af84c1... Revert "s4:provision_users.ldif - Remove foreign security principal S-1-5-17 for now"
       via  306de30... Revert "s4:provision_users.ldif - Fix memberships regarding the denied password RODC replication group"
       via  aa45015... Revert "s4:provision_users.ldif - Add objects for IIS"
       via  d0123e0... s4-selftest: when a command fails show both normal and expanded command
       via  1eebdfd... s4-test: fixed make test without having done make install
       via  2cedefa... s4:upgradeprovision - fix up the script regarding linked attributes
       via  e0d6b097.. s4:upgradeprovision - Reformat comments
       via  601ea3a... s4:repl_meta_data - Transform a "1" into a "true" on a boolean variable
       via  91e2100... s4:provision_users.ldif - Add objects for IIS
       via  e72787f... s4:provision_self_join_modify.ldif - Point out that account "dns" is s4 specific
       via  9ee895f... s4:provision_users.ldif - Fix memberships regarding the denied password RODC replication group
       via  81a848b... s3: Remove some unused variables
       via  fd1b6bd... s3: Fix some nonempty blank lines
       via  86a73e6... s3: Use sid_check_is_domain instead of a direct sid_equal
       via  48251c3... s3: Use sid_check_is_in_our_domain instead of a direct sid_peek_check_rid
       via  3ea64e0... s3: Replace most calls to sid_append_rid() by sid_compose()
       via  50b7a32... s3: Remove unused samr_make_sam_obj_sd
       via  0815730... s3: Remove the typedef for "auth_serversupplied_info"
       via  9bb4766... s3: Remove the typedef for "auth_usersupplied_info"
       via  6f0e7b9... s3: Trim libnss_wins.so
       via  0f9268b... s3: Trim down some utilities a bit
       via  61dfd3d... s4:provision_users.ldif - Remove foreign security principal S-1-5-17 for now
       via  5c174c6... s4:provision_users.ldif - Import all essential groups for Windows Server 2008 mode
       via  a3e089d... s4-ldb: display security descriptors with correct SDL for known SIDs
       via  d5091a1... s4-dsdb: added samdb_domain_sid_cache_only()
       via  fd92db5... s3: Remove a pointless "else" branch from add_ccache_to_list()
       via  fc17573... s3: Slightly simplify winbindd_store_creds
       via  43c841b... s3: Fix a segfault in winbindd_dual_ccache_ntlm_auth()
       via  c03a101... s4-drs: instanceType is always sent, regardless of UDV values
       via  a894eea... s4-debug: lower the verbosity of a couple of common log messages
       via  93fefef... s4-samldb: fixed primaryGroupID when promoting a machine to a DC
       via  8a09dc1... s4-schema: fixed the SDDL for the schema root security descriptor
       via  45f49d0... s4-drs: add a local UDV entry even when no replUpToDateVector present on NC
       via  b37bec8... s4-drs: give DN of failed replication partition
       via  04e8237... s4-drs: base is_nc_prefix on instanceType
       via  67d8518... s4-drs: having no SPNs to change is not an error
       via  ba745a4... s4-drs: fixed writespn to ignore add/delete errors
       via  8c2d7ae... s4-dsdb: added samdb_ldb_val_case_cmp()
       via  acf33e0... s4-drs: moved the DsWriteAccountSpn call to its own file
       via  8ccedc3... s4-libnet: dsdb_wellknown_dn() in vampire code
       via  1158c13... s4-drs: need to set the getncchanges extended_ret on success too
       via  7010fad... s4-drs: calculate and send a uptodateness_vector with replication requests
       via  39730ac... s4-drs: be less verbose when we filter objects by UDV
       via  349f7ba... s4-drs: added filtering by udv in getncchanges
       via  b0090d0... s4-idl: give a enum for attribute cn and a 'NONE' attribute
       via  9e6eb22... s4-drs: fixed the NC in the getncchanges RID alloc reply
       via  273a4d9... s4-debug: removed debug_ctx(). It didn't catch on :-)
       via  651ddb7... s4-messaging: remove only usage of debug_ctx()
       via  6a36799... s4-messaging: fixed a memory leak in messaging_path()
       via  196cb6b... s4-drs: fixed usage of ldb_dn_new()
       via  39a4e2a... s4-ldb: validate the type of the ldb argument to ldb_dn_new()
       via  7eee8e0... Fix comment
       via  d7713d1... Re-fix bug 5202 - cannot change ACLs on writable file with "dos filemode=yes"
       via  fca0c4d... s4:provision_self_join.ldif - Adapt comment after implementation of distributed RIDs
       via  0588f34... s4-kdc: Migrate tcp connections to tsocket.
       via  42c34cd... s4:kdc: use LIBSAMBA_TSOCKET
       via  d97562b... s4:kdc: the ->process function returns "bool"
       via  bbaec01... libcli/util: add tstream_read_pdu_blob_send/recv
       via  1bc9530... s3-time: fix build warnings after we moved to shared time functions.
       via  9bdd3d6... s3-docs: mention -K option in pdbedit manpage.
       via  8d87c0a... s4-drs: added two more SPNs in addentry
       via  ad11deb... s4-schema: fixes for W2K8-R2 schema
       via  ebec499... s4-schema: added msDS-NcType to schema container
       via  ce21151... s4-schema: fixed attributes of aggregate schema
       via  38909a4... s4-schema: switch to W2K8-R2 schema
       via  d371b0e... s4-schema: added adminDisplayName and adminDescription
       via  c93a182... s4-schema: added some debug for bad attributes
       via  9d296e6... s4-provision: added W2K8-R2 schema as provided by WSPP
       via  5ccf8ae... s4-samba3samtest: we need to force netbios name as well
       via  dde2b66... s4-samba3sid: fixed error returns when res->count != 1 and oom
       via  9aed099... s4-samba3samtest: force workgroup so the domain is right
       via  f68c43e... s4-samba3sid: the sambaNextRid attribute is actually the previous RID
       via  d6f92db... s4-samba3sam: use samba3sid module
       via  dd61336... s4-dsdb: added a samba3sid module
       via  66f161d... s4-acl: fixed acl.py test to use correct ldif
       via  81c0b01... s4-secdesc: fixed the sec_descriptor.py test
       via  43a815c... s4-samba3samtest: use system credentials for creating users
       via  8b8bb15... s4-dsdb: fixed const misuse in acl module
       via  baa8793... s4-dsdb: use dsdb_module_am_system() in acl module
       via  595fad2... s4-dsdb: allow specification of a SID if we are system
       via  f118f54... s4-dsdb: added dsdb_module_am_system()
       via  d22a9e5... s4-dsdb: squash some unknown structure warnings
       via  5d6032e... s4-partition: fixed selection of partitions on exact match
       via  59f314d... s4-scripting: we need to use a base search for the NTDS GUID
       via  501dd4a... s4:dsdb/repl: convert dreplsrv_op_pull_source_send/recv to tevent_req
       via  278d2f7... s4-smbd: setup the default event contexts for other process models
       via  5803253... s4-drs: we need to wrap extended operations in transactions
       via  2d10f3a... s4-dsdb: poke the RID Manager when completely out of RIDs too
       via  a65823e... s4-dsdb: ensure we will in all the attributes for RID Set
       via  308a479... s4-dsdb: added DSDB_FLAG_TOP_MODULE
       via  5f36f03... s4-dsdb: no longer need special invocationID handling for standalone servers
       via  a7fffe8... s4-provision: do a self join for all server types
       via  f6cf895... s4-schema: added generic attributeID conversion functions
       via  f7517e6... s4-schema: added dsdb_attribute_by_lDAPDisplayName_ldb_val
       via  cd65ce8... s4-schema: make ldb_val to string comparison safer with nul termination
       via  ff968e4... s4-idl: regenerate DRS IDL
       via  4c7bf05... s4-idl: added some more wellknown attributeIDs
       via  3352e5d... s4/dsdb_schema: Load msDS-IntId value separately when loading from LDB
       via  2523811... Revert "s4-schema: Set ATTID in schema cache from "msDS-IntId""
       via  6247a13... s4/schema: Do not assign msDS-IntId value if LDB_CONTROL_RELAX_OID is passed
       via  73838b3... s4-libnet: better error messages in libnet_vampire.c
       via  9871f52... s4/dsdb_schema: use msDS-IntId value for attribute look-up
       via  a44ae10... s4/dsdb_schema: fetch msDS-IntId value during SCHEMA replication
       via  a7b3891... s4/dsdb_schema: GET_UINT32_DS() macro to use supplied default value instead of 0
       via  f7756c8... s4-partition: don't ignore errors from other modules
       via  9672a3d... s4-devel: a useful script to setup bin/ and st/ as tmpfs filesystems
       via  1f25d0a... s4-provision: re-open sam.ldb after creating the schema
       via  42f0bda... s4-provision: RID 1000 is consumed by the machine account
       via  fdf12a6... s4-ldb: improve error handling in indexing code
       via  c4fa4d1... s4-dsdb: improve error messages in schema and pdc_fsmo modules
       via  ac5d426... s4-drs: added some debug messages
       via  dcbba58... s4-event: added s4_event_context_set_default()
       via  f254091... s4-dsdb: added support for DRSUAPI_EXOP_FSMO_RID_ALLOC
       via  b1f97b7... s4-dsdb: added an extended operation for allocating a new RID pool
       via  2590b77... s4-repl: implement MSG_DREPL_ALLOCATE_RID
       via  cc7967b... s4-repl: allow for callbacks when a repl operation completes
       via  7a40cac... s4-dsdb: the dsdb ldb modules now need messagiing
       via  dc11414... s4-dsdb: send a message to the drepl task when we need another RID pool
       via  805ab0e... s4-messaging: added a new msg type MSG_DREPL_ALLOCATE_RID
       via  19e515a... s4-repl: added request for RID allocation in drepl task
       via  8cd2bed... s4-dsdb: added dsdb_find_guid_attr_by_dn()
       via  37340d5... s4-ridalloc: copy with missing rIDNextRid and rIDAllocationPool
       via  45550f8... s4-dsdb: added dsdb_module_set_integer()
       via  c12b9ab... s4-dsdb: clarify who is responsible for each attribute
       via  dd8cb3c... s4-dsdb: fixed usage of rIDAllocationPool and rIDPreviousAllocationPool
       via  5136438... s4-dsdb: implement refresh of RID Set pool for a local RID Manager
       via  53d10d1... s4-provision: don't hard wire the creation of the RID Set object
       via  1053ce5... s4-dsdb: implement creation of the RID Set object
       via  439ee5a... s4-dsdb: use dsdb_next_callback()
       via  d0bd6e7... s4-dsdb: added dsdb_next_callback()
       via  e6f14ac... s4-dsdb: added dsdb_module_constrainted_update_integer()
       via  f240110... s4-dsdb: added dsdb_module_reference_dn()
       via  f137f93... s4-dsdb: added dsdb_module_add()
       via  fcfb5d7... s4-provision: allow provision modifies to add records
       via  226460d... s4-dsdb: move the RID allocation logic into ridalloc.c
       via  7f90a05... s4-samldb: use RID Set to allocate user/group RIDs
       via  5eb3b91... s4-provision: the DC object itself needs a fixed objectSID
       via  2bad107... s4-dsdb: added samdb_rid_set_dn()
       via  a136249... s4-provision: added an initial RID Set
       via  bd6d0e9... s4-ldb: added nice ldif display of 64 bit ranges for RIDs
       via  fbc3a0f... s4-dsdb: added samdb_reference_dn()
       via  c915bd8... linked_attributes: Fix missing dependency on util.
       via  339afda... testprogs: add support for "print" option in win32 spoolss torture test.
       via  9185fd0... testprogs: pass down architecture in spoolss test.
       via  487a03a... testprogs: add win32 spoolss testsuite.
       via  57be1d0... s4 torture: Add RAW-OPEN-NTCREATEDIR to test error checking for open directories as files
       via  34f0cff... s3 torture: Prevent smbcli segfault when running smbtorture3 against an smbd with security=share
       via  dc68982... s3:auth: don't update the bad pw count if pw is among last 2 history entries
       via  46111dc... s3:auth:check_sam_security: introduce a bool var to control pad_pw_count incrementation
       via  017ccd0... s3:passdb: store the plain nt passwords hashes in history, not salted md5
       via  667b6f3... s3:smbd:password_in_history: treat entry with 0 salt as 0 + plain nt hash
       via  801edec... s3: Remove some code that has become unnecessary
       via  c1ca000... s3-docs: fix eventlogadm manpage typo.
       via  8289b46... s3: Lock down some srvsvc calls according to what w2k3 seems to do
       via  7248873... s3:auth:check_sam_security: improve calling and logging of pdb_update_sam_account
       via  5ad1b7e... s3:auth:check_sam_security: fix a leading tab/ws mixup
       via  970317c... s3:auth:check_sam_security: create (and use) a common exit point
       via  de4fb80... s3:auth:check_sam_security: null out sampass after it has been stolen.
       via  3634859... s3:auth:sam_password_ok: take username, acct_ctrl and nt/lm hashes, not sampass
       via  c0f404a... s3:auth: use data_blob_null instead of data_blob(NULL, 0) in sam_password_ok()
       via  0172587... s3:auth:sam_password_ok: fix allocation of a data blob.
       via  7ac18c7... s3:auth:sam_password_ok: enhance readability (imho) by adding some pointers
       via  b5fcb34... s3:check_sam_security: untangle assignment from statement
       via  53a1ed9... s3: Factor password_in_history() out of check_passwd_history()
       via  be05d71... Simplify E_md5hash a bit
       via  5e2fc28... s3: Simplify pdb_set_plaintext_passwd: pwhistory==NULL can not happen anymore
       via  2a11f3b... s3: Simplify pdb_set_plaintext_passwd: pwHistLen==0 was checked above
       via  ec0998a... s3: Add a paranoia check to pdb_set_plaintext_passwd()
       via  a3f5222... s3: Simplify pdb_set_plaintext_passwd() by removing a redundant condition
       via  7633837... s3: Simplify pdb_set_plaintext_passwd: memcpy deals fine with 0 bytes
       via  864ed92... s3: Simplify pdb_set_plaintext_passwd by using talloc_zero_array
       via  e729025... s3: Make use of talloc_array in pdb_set_plaintext_passwd()
       via  7ba0064... s3: Simplify pdb_set_plaintext_passwd() a bit
       via  ca6c1cd... s3: Simplify pdb_set_plaintext_passwd() slightly
       via  3d83949... s3: Fix a typo
       via  147a2c0... s3: Avoid a memset(, 0, ) call
       via  2fad148... s3:pdb_set_pw_history: free the old history before setting the new.
       via  71e3de6... s3:pdb_ldap:init_sam_from_ldap: untangle an assignment from the check
       via  71a40d7... s4/torture: fix small bug in lock test
       via  655bdb1... s4/torture: add more lock cancellation tests
       via  f5729db... s3:lib/time: remove TIME_T_MIN/MAX defines
       via  571ee54... lib/util: move TIME_T_MIN/MAX defines into header file
       via  b3e065e... Ñ•3:lib/time: replace make_dos_ and put_dos_ functions with those from lib/util/
       via  c5f24c3... s3:lib/time: remoce null_mtime() - use null_time()
       via  c1c7b6c... s3:lib/time: remove unused nt_time_equals
       via  d5995ee... Second part of the fix for bug #7020 - smbd using 2G memory.
       via  3dbe860... s4-smbtorture: add test_ChangeID to RPC-SPOOLSS.
       via  7568f49... s4-smbtorture: add test_SetPrinter to RPC-SPOOLSS.
       via  0457cf9... s4-smbtorture: refactor test_GetPrinter in RPC-SPOOLSS.
       via  e172b21... Ñ•3:configure: use gettimeofday check from lib/util/
       via  350db0b... vfs_commit: print warning when no fsync support is there
       via  c01f443... tdb: fix standalone 'make installdocs'
       via  0a3a6bb... tdb: create symbol links to shared libraries see https://bugzilla.samba.org/show_bug.cgi?id=6991 for details
       via  eff6022... talloc: create symbol links to shared libraries see https://bugzilla.samba.org/show_bug.cgi?id=6991 for details
       via  f408d58... tevent: create symbol links to shared libraries see https://bugzilla.samba.org/show_bug.cgi?id=6991 for details
       via  a2044b9... s4: Fix result check for getaddrinfo()
       via  f6bd654... Fix bug #7020 - smbd using 2G memory.
       via  a08a0ff... s4:SAMLDB LDB module - Fix trailing whitespaces
       via  77ce33c... s4:SAMLDB LDB module - Rework to allow checks for wrong "defaultObjectCategory" attributes
       via  c051008... s4:schema_load.c - Typo
       via  bbf9885... s4:ldap_schema.py - add an additional check for validity of "defaultObjectCategory"
       via  d8ca002... s4:ldap_schema.py - Move generated attributes check
       via  d06fb8e0.. s3: List trusted domains from wcache when domain is offline.
       via  133638c... s3: Make winbindd_cache.c aware of domain offline to avoid unnecessary backend query.
       via  36493bf... s3: Fix infinite loop in NCACN_IP_TCP asa there is no timeout. Assume lsa_pipe_tcp is ok but network is down, then send request is ok, but select() on writeable fds loops forever since there is no response.
       via  da41f23... s3 net: Fix up a share type translation and translate some more strings
       via  9a9d737... s3 net: Add a few missing gettext calls.
       via  2a66db8... Fix the merged build. Probably not strictly correct but allows us to "make test". Jeremy.
       via  f04e10f... s4:dsdb/repl: convert dreplsrv_out_drsuapi_send/recv to tevent_req
       via  1525e59... blackbox/test_export_keytab.sh: correctly remove temporary files
       via  5df8b33... blackbox/test_export_keytab.sh: use VALGRIND for samba4kinit
       via  a06e5cd... s4: Happy New Year 2010
       via  2ed51fb... s3: Happy New Year 2010
       via  283a73c... s3: Trim down smbcontrol a bit
       via  ac5b090... s3: Fix a shadowed variable warning
       via  675d5fe... s3: Fix an uninitialized variable warning
       via  37ac16a... s3: Convert cli_ulogoff to the async API
       via  99f2924... s3: Convert cli_tdis to the async API
       via  41a5149... s3: Slightly simplify winbindd_dual_ccache_ntlm_auth
       via  e2f361d... s3: Fix some nonempty blank lines
       via  6ada1f2... libwbclient: Remove a pointless check
       via  6edfbbd... s3: Remove some unused code
       via  2d75aa0... s3: Convert cli_sesssetup_ntlmssp to the async API
       via  3f25fb5... s3: NT_STATUS_MORE_PROCESSING_REQUIRED is a valid sesssetup return value
       via  a321dd9... s3: Convert cli_session_setup_kerberos to the async API
       via  063900a... s3: Fix a typo
       via  a66341b... s3: simplify find_root_domain, find_our_domain() never fails
       via  133f023... s3: Use global_sid_Builtin in find_builtin_domain
       via  92345f4... s3: Avoid adding a domain twice
       via  22a4a00... s3: Make free_domain_list() static
       via  583d192... s3: Adapt sid_dup_talloc to README.Coding
       via  d05e17f... s3: Introduce domain_is_forest_root() helper function
       via  5047548... s4-dsdb: force REVISION_ADS for new and updated ACLs in dsdb
       via  e809b72... s4-drs: don't give an error on repsTo delete if add is also specified
       via  0bc902a... s4-sddl: DRS replication needs REVISION_ADS for SDs
       via  a214ebc... ldb: Fix the standalone ldb build.
       via  fef3c91... libreplace: some systems don't have memmem()
       via  00b39c7... s4-dsdb: switched to using RMD_FLAGS instead of DELETED in extended DNs
       via  cced567... s4-kcc: added a preiodic task to remove deleted objects
       via  08bad38... s4-dsdb: fixed several memory leaks
       via  031460b... s4-dsdb: fixed samdb_create_foreign_security_principal() to use the wellknown GUID
       via  335af02... s4-ldb: fixed valgrind error: ares can be freed by callback
       via  8eaed07... s4-dsdb: make sure 'whenChanged' is set on modify
       via  9819d28... s4-dsdb: added dsdb_tombstone_lifetime()
       via  23eb9f4... s4-dsdb: allow system to remove deleted objects
       via  1c5a268... s4-ldaptest: need to use MessageElement for modify messages
       via  e410a91... s4-ldb: show an error string, as well as error message
       via  4eecfc8... s4-drs: make sure the DNs we put in the db have a extended GUID
       via  6628588... s4-dsdb: added dsdb_set_extended_dn_guid()
       via  98d94cc... s4-ldbtest: fixed message element in modify
       via  81e8a18... s4-ldb: allow modules to override error return values
       via  302dcd0... s4-ldbmodify: show the error code as well as error string
       via  1ab5020... s4-ldb: declate ldb_val_to_time()
       via  53e86ac... s4-ldb: use safe length limited conversions for int64 and time
       via  708ad42... s4-dsdb: use safe length limiting in string->integer conversion
       via  c306179... s4-dsdb: use ldb_val_to_time() instead of ldb_string_to_time()
       via  baae6ef... s4-ldb: added ldb_val_to_time()
       via  e3cf818... s4-drs: sort linked attributes
       via  d48237d... s4-drs: re-resolve the DN in linked attribute processing
       via  5dd6e08... s4-drs: use dsdb_module_rename()
       via  38160de... s4-drs: use dsdb linked attribute parse functions
       via  5e52c71... s4-dsdb: added parse functions for DRS linked attribute blobs
       via  a81dd03... s4-drs: set flag to indicate that we do support linked attributes
       via  36f8ece... s4-ldb: show the error code as well as errstr
       via  db3f0e8... s4-dsdb: fixed valgrind error in replmd modify
       via  9f053d4... s4-drs: don't try to remove backlinks directly
       via  0bf7f95... s4-drs: isRecycled only exists in FL W2K8-R2
       via  5305032... s4-drs: use DSDB_FLAG_OWN_MODULE
       via  9572535... s4-drs: update comment to refect only forward link in this fn
       via  5b31cb2... s4-drs: fixed typo for uSNCreated
       via  7a39340... s4-drs: use dsdb_module_guid_by_dn()
       via  e3054ce... s4-drs: cope better with NULL GUIDS from DRS
       via  2e11448... s4-drs: give an error message in repl_meta_data if we don't get a partition control
       via  0d5d7f5... s4-drs: treat a zero GUID as not present in replmd_add_fix_la
       via  0c2afdd... s4-drs: update highwatermark after successfully encoding the object
       via  ff6dd4a... s4-drs: send all linked attributes at the end of a replication cycle
       via  5bf257f... s4-drs: use the extended linearized form for DRS replication
       via  7653f56... s4-drs: implemented sorting functions based on replication flags
       via  701148b... s4-drs: we are doing the sorting for getncchanges in the app code now
       via  cb00e44... s4-drs: give a reason when an AddEntry commit fails
       via  9f02898... s4-schema: don't fill in the extended DN with a zero GUID
       via  d4853fe... sd-schema: order DRS classes on the wire in reverse order
       via  ca5c3a0... s4-dsdb: added DSDB_FLAG_OWN_MODULE
       via  e1ffcfc... s4-ldb: added ldb_module_get_ops()
       via  dd33a22... s4-dsdb: use a common method for finding a link pair
       via  340d7e8... s4-drs: fixed the UDV return in getncchanges
       via  bcc952d... s4-drs: some useful debugging options for getncchanges
       via  bf8ccd2... s4-dsdb: fill in the correct version number of links that come over DRS
       via  5dcb903... s4-dsdb: move checking for single valued links to samba modules
       via  3c1259f... s4-dsdb: added dsdb_check_single_valued_link()
       via  225bcfa... s4-drs: handle mixtures of old and new style links in getncchanges
       via  64802c5... s4-dsdb: added dsdb_dn_is_upgraded_link_val()
       via  b34db08... s4-ldb: use the RELAX control to disable single value checking on replace
       via  26ec526... s4-dsdb: auto-upgrade w2k formatted linked attributes when modified
       via  fde3f64... s4-drs: added linked attribute replication to getncchanges
       via  beba977... s4-dsdb: ask for REVEAL_INTERNALS in getncchanges
       via  809bcfc... s4-dsdb: minor cleanup in DRS replicated objects code
       via  4dbcab4... s4-dsdb: store full meta data from DRS for linked attributes
       via  312ef9d... s4-dsdb: add REVEAL_INTERNALS in the search for linked_attributes
       via  b1db66a... s4-dsdb: allow the component name to be specified in dsdb_get_extended_dn_guid()
       via  f1b6484... s4-dsdb: split RMD_USN into RMD_LOCAL_USN and RMD_ORIGINATING_USN
       via  e4a6f5c... s4-dsdb: handle links with no backlinks in replmd_delete
       via  5eefff9... s4-dsdb: simplify the linked_attributes module
       via  e9699e9... s4-dsdb: do the rename after the modify in replmd_delete
       via  2b5cd3d... s4-dsdb: some backlinks can be processed immediately
       via  3fe9244... s4-dsdb: remove linked_attributes_add
       via  9e96ae8... s4-dsdb: add linked attributes meta_data handling to replmd_add
       via  348bcfc... s4-dsdb: added replmd_delete, based on Eduardos work
       via  5964acf... s4-dsdb: the linked_attributes module no longer handles deletes
       via  bd5678f... s4-dsdb: repl_meta_data now replaces objectguid in all cases
       via  3199e02... s4-dsdb: add a comment on the use of ldb_rename()
       via  c071af3... s4-dsdb: linked_attributes_modify no longer handles modifies
       via  3b05606... s4-dsdb: added support for backlinks in repl_meta_data
       via  dee6b6f... s4-dsdb: implemeneted replmd_modify_la_replace()
       via  d5020e3... s4-dsdb: add a TODO item for linked attributes in extended_dn_out
       via  41c3c97... s4-dsdb: add support for storing linked attribute meta data in extended DNs
       via  9085499... heimdal_build: Explicitly specify 'YES' when enabling external libraries.
       via  0c29640... s4/build: Indicate whether Samba4 is being built against the system Heimdal.
       via  de94857... s4-net: fixed finddcs to use empty SID instead of NULL sid (NDR error)
       via  9d6411d... s4-testpasswords: fixed CONFIG and quoting
       via  3239872... s4-net: fixed pwsettings command
       via  dbd7a62... py/security: Add test for dom_sid.split.
       via  66f81d1... samba: Fix whitespace, remove pointless 'pass' statement.
       via  ea5af6e... pyldb: Add dom_sid.split in favor of less powerful dom_sid_to_rid().
       via  7effe2d... net: Support 'super' commands implemented in Python.
       via  9e5ef91... net: Move 'newuser' to 'net newuser'
       via  73594c2... net: Fix tests and documentation of setexpiry.
       via  345b25d... net: Move setexpiry to 'net setexpiry'
       via  b531696... net: Move 'setpassword' to 'net setpassword'.
       via  552e656... net: Allow Python commands to return None instead of 0.
       via  797977a... blackbox.passwords: Use convenience variable for net.
       via  18d2213... Fix commands in password tests.
       via  31cc963... net: Allow python subcommands to provide commands that are not recognized by net itself.
       via  3a271a8... Prevent NULL dereference if group has no members
       via  1aed373... s4:lib/registry/util.c - Reintroduce "FIXME"s
       via  b0dd364... net: Add some German translation
       via  d5cbfbb... s4:ntlmssp: remove mem_ctx from check_password() callback to match s3
       via  f31d144... s4:ntlmssp_server: always call ntlmssp_server_postauth() and decide there if it's a noop
       via  994d34b... s4:ntlmssp_server: don't use a mem_ctx for ntlmssp_server_auth()
       via  3f04b60... s4:ntlmssp_server: don't use mem_ctx in auth_ntlmssp_check_password()
       via  7d4692f... s4:ntlmssp_server: clear session key in ntlmssp_server_preauth()
       via  dea4560... s4:ntlmssp: use data_blob_null in ntlmssp_server_auth()
       via  60b9434... s4:ntlmssp_server: remove unused variable
       via  a8e61ac... s4:auth/ntlmssp: let get_challenge() return a NTSTATUS and fill a stack buffer
       via  c9b6ad2... s3:ntlmssp: change get_challange() to return NTSTATUS
       via  fbb59b2... dsdb: Fix dependencies when building against system ldb.
       via  94454ad... net: Make arguments available to python commands as sys.argv.
       via  588b3e6... python: When updating sys.path to include the Samba python path, avoid throwing away the changes made by site.py.
       via  e2c4d82... s4/net: Allow options before arguments for Python commands.
       via  433f58f... s4/net: Pass all arguments through to the Python commands.
       via  e60a40e... s4/net: Add domainlevel subcommand.
       via  027f6ad... s4/net: Use d_printf consistently when reporting errors.
       via  732a763... Use CommandError exception to deal with problems during net commands.
       via  eaf4a9a... s4/net: Make pwsettings a net subcommand.
       via  8c19cd2... netcmd: Add some basic tests.
       via  9e603dfb.. s4/net: Support parsing arguments in Python commands.
       via  9b1a210... net: Support usage/help of subcommands implemented in Python.
       via  c064549... net: Support implementing subcommands in python.
       via  8b68349... s4:auth: add auth_get_server_info_principal() prototype to auth.h
       via  27349a6... s4:auth: make auth_challenge_may_be_modified() public
       via  af25fb5... s4:auth: remove autogenerated auth/ntlm/auth_proto.h
       via  4afb211... s3:ntlmssp: remove unused p24 variable from ntlmssp_sign_init()
       via  9d5f41c... s3:ntlmssp: move some indentation in ntlmssp_sign.c
       via  05f7a86... s3:ntlmssp: remove unused ntlmssp_stored_response()
       via  7cff7d9... s3:ntlmssp: remove unused ref_count from ntlmssp_state
       via  e78558a... s3:ntlmssp: fix whitespace in ntlmssp.h
       via  5541a91... s3:ntlmssp: fix spelling
       via  5ff127b... s3:ntlmssp: rename NTLM_MESSAGE_TYPE into ntlmssp_message_type
       via  8ab6279... s4:ntlmssp: fix whitespaces in ntlmssp.h
       via  e5fbff0... s3: Check for lp_winbind_trusted_domains_only in wb_gettoken()
       via  c0289d6... s3: Move a lp_winbind_trusted_domains_only() check to wb_getgrsid()
       via  b8fcba9... s3: Pass netr_DomainTrustList instead of names and sids through (*trusted_domains)
       via  0aa8946... s3: Simplify winbindd_ads.c:trusted_domains()
       via  2c49678... s3: Remove some unused code
       via  d53cfb7... s3: Simplify winbindd_list_trusted_domains() slightly
       via  2daa084... s3: Simplify "setup_domain_child" slightly
       via  72d9359... python: Remove sys.path line rather than updating it when installing to python system path.
       via  ff0f8bd... s3:winbind Make the normal client exit message a bit more understandable
       via  0a6a13d... s3: Fix a typo found by Matthias Dieter Wallnöfer <mdw at samba.org> -- thanks :-)
       via  7e66145... s3: Fix a bogus uninitialized variable warning
       via  634d084... s3: Replace IS_DOMAIN_OFFLINE by a function
       via  50e5f9d... s3: Fix some nonempty blank lines
       via  03617df... s3: winbindd_cli_state->getgrent_state is no longer used
       via  b911a7b... s3: getgrent_state has been replaced by grent_state
       via  ef453c6... py_net/libnet: Remove C++-style comments, add more error checking, move initialization of dcerpc subsystem to libnet.
       via  33699bb... s4-libnet: Simple test for net.SetPassword() python binding
       via  20c7c27... s4-libnet: Python binding for libnet_SetPassword()
       via  f03e88f... s4-net: Fix 'talloc_free with references ...' error
       via  078482a... s4:auth: change auth_check_password_send/recv to tevent_req
       via  577857d... s4:gensec: change gensec_update_send/recv to tevent_req
       via  5126b52... s4:kdc: use the remote and local address from the stream_connection struct
       via  500f55c... s4:smbd: hold tsocket_addresses on the stream_connection
       via  4e2da42... s4:smb_server: fix mixing socket_address and tsocket_address
       via  d3ee0f0... s4:lib/socket: add socket_get_{remote|local}_addr() to get a tsocket_address instead of a socket_address
       via  445baf5... s4:lib/socket: add helpers functions to convert between socket_address and tsocket_address
       via  17c804a... tsocket: only copy the specific part of sockaddr*
       via  4784c8c... tsocket: allow AF_UNIX sockaddrs smaller than sizeof(sockaddr_un)
       via  9620791... s3: Remove unused delete_negative_conn_cache()
       via  ffab1a2... s3: Remove unused flush_negative_conn_cache()
       via  53bf5f0... s3: Remove some unnecessary variables from libsmb/conn_cache.c
       via  a3f43e3... s3: Fix a comment in conn_cache.c
       via  0421098... s3: Fix a 64-bit error
       via  daecb74... s3: Remove some pointless SMB_ASSERTs
       via  56f9d18... s3: Remove some pointless casts
       via  6dcbb84... Attempt to fix one of the last two bugs with the full Windows ACL support.
       via  3d85b1e... The posix acl version of set_nt_acl() could set the stat_ex struct in the fsp->fsp_name pointer incorrectly for a directory.
       via  67d1af4... s4:cleanups More trailing spaces and tabs
       via  da27d4e... s4:cleanups remove trailing spaces and tabs
       via  29a8467... doc: update mount.cifs man page with nounix option
       via  7e8b042... s4:ldb Fix declaration in the middle of the code
       via  4cc0bb7... s4: Fix the build
       via  8dc636a... s4: tests controls parsing and using for ldbadd/ldbedit/ldbmodify
       via  3bd4f67... s4: make ldbadd/ldbmodify/ldbdelete really use the --controls switch
       via  5aa0d97... s3: wbinfo --ping-dc is not cacheable
       via  6dc924f... s3: Remove some unused code
       via  40d4c31... s3: Remove unused sendto_child()
       via  475d296... s3-net: use generated krb5.conf in 'net ads testjoin'
       via  3b40ec8... s3-docs: mention -M option and remove nonexisting -G option in pdbedit manpage.
       via  802e932... s3:ntlmssp: only include ntlmssp.h where actually needed
       via  5b37cd2... s3:ntlmssp: remove the typedef NTLMSSP_STATE
       via  dee35f7... s3:ntlmssp: move to C99 integer types in ntlmssp.h
       via  9b36fa0... s3:ntlmssp: rename enum NTLMSSP_ROLE into enum ntlmssp_role
       via  ba2cfce... libcli/auth Make gd's NDR NTLMSSP parsers helpers common
       via  47bee67... s3: Restore correct timeouts for SMB requests
       via  528c150... s3: Remove a pointless else branch
       via  b6f446c... s3: Move smb_splice_chain to smbd/process.c, its only user
       via  585900d... s4:gensec Don't give a warning when Windows client connects with NTLM
       via  0809696... s4:auth Change 'get_challenge' API to be more like Samba3
       via  383369e... s4:auth generate the prototype file in the right place
       via  551ea65... Samba4 and LDB requires talloc 2.0.1
       via  100168d... Fix bug reported in mangle_hash code (no bugid yet).
       via  fd5350d... s4 torture: Add RAW-OPLOCK-EXCLUSIVE7 which is similar to BATCH19
       via  43a8b49... s4 torture: Update raw oplock to use win7 as the baseline for rename oplock break behavior
       via  c33988c... s4 torture: Be more permissive with share modes for oplock testing
       via  fd0c3a2... s4 torture: Do a better job of closing open files in RAW-OPLOCK.
       via  2a9c227... param: Fix build on systems without ldb installed.
       via  5b9e98a... provision/pyldb: Avoid linking in static python ldb module.
       via  1d9a243... ldb_wrap: Fix compilation when using system ldb.
       via  0110990... tdb: Also build and install tdb manpages from standalone tdb.
       via  8b278e6... tdb: Fix formatting of API check file.
       via  c8e6279... Fix initialisation of TypeObject samba.param.LoadparmService.
       via  9b6b01a... s3:winbind: Add a lower-cost alternative to wbinfo -t: wbinfo --ping-dc
       via  2308ec7... s3:winbindd: Fix a brown paper bag bug in wbinfo -t ...
       via  74deee3... Rename reply_doserror() -> reply_force_doserror().
       via  642101a... Remove all calls to reply_doserror - turn them into correct reply_nterror calls. Next rename reply_doserror -> reply_force_doserror and plumb in when NT_STATUS_DOS is used. Jeremy.
       via  714c60e... Rename 282 -> ERReasnotsupported. Jeremy.
       via  9a7bed7... s3-docs: mention long and undocumented option names in rpcclient manpage.
       via  308e1b5... s3-docs: mention long and undocumented option names in smbcacls manpage.
       via  71a5aef... s3-docs: mention long and undocumented option names in smbclient manpage.
       via  6ffa5df... s3-docs: mention -O, --stdout in smbget manpage.
       via  f868672... s3-docs: mention long option names in smbtree manpage.
       via  722a330... s3-docs: mention long and undocumented option names in pdbedit manpage.
       via  0d41278... s3-docs: mention all long option names in samba.entities file.
       via  d9ca148... s3-docs: not working for SuSE anymore...
       via  e7468fb... s3: Shrink winbindd_proto.h a bit
       via  e1bf189... s3: Fix some nonempty blank lines
       via  d534a5b... s3: Remove unused get_sam_group_entries
       via  0a130da... s3: Remove unused winbindd_dual_getsidaliases
       via  66bcae6... s3: Remove an unused struct definition
       via  9568c76... s3: Remove unused winbindd_dual_getuserdomgroups
       via  958fdaf... s3: Remove unused winbindd_dual_getdcname
       via  4f434e0... s3: Remove unused winbindd_dual_lookupname
       via  74b1a02... s3: Remove unused winbindd_dual_lookupsid
       via  c25d9ad... s3: Remove unused winbindd_dual_userinfo
       via  a8875c5... s3: Remove some unused dual functions
       via  4b84d75... s3: Remove unused do_async
       via  3f98c2c... s3: Remove unused winbindd_gid2sid_async
       via  93bcc34... s3: Remove unused winbindd_uid2sid_async
       via  fb77442... s3: Remove unused winbindd_sid2gid_async
       via  d40edae... s3: Remove unused winbindd_sid2uid_async
       via  dfd876e... s3: Remove unused do_async_domain
       via  2591a52... s3: Remove unused query_user_async
       via  5156fa8... s3: Remove unused winbindd_getsidaliases_async
       via  0c3e3b7... s3: Remove unused winbindd_lookupname_async
       via  ebcb28c... s3: Remove unused winbindd_lookupsid_async
       via  0c36259... s4-schema: fixed the sorting of schema attributes
       via  ec7dc6a... s4-torture: update uuid_compare test for new behaviour
       via  ad35153... s4-drs: Implement constraints on ATTID values in prefixMap
       via  911cefd... s4-tort: Test handling of different ATTID values in prefixMap interface.
       via  35b8808... Adapted acl module to skip checks if as_system control is provided.
       via  9f6c818... s4-drs: Save prefix map using LDB_CONTROL_AS_SYSTEM control
       via  7685bbb... s4-dsdb-util: Execute ldb_request using LDB_CONTROL_AS_SYSTEM
       via  11e2c57... s4-dsdb-util: Utility function to process ldb_request in transaction
       via  516316b... s4-schema: Implement msDS-IntId attribute generation
       via  a409c0f... s4-schema: Constraints on msDS-IntId attribute
       via  4e8ad28... s4-schema: Set ATTID in schema cache from "msDS-IntId"
       via  14bac3a... Revert "s4-drs: cope with bogus empty attributes from w2k8-r2"
       via  ee48f58... s4-tort: Tests for "msDS-IntId" attribute implemented
       via  c113be8... s4-tort: Move Schema tests from ldap.py into separate module
       via  d9606d6... s4-drs: Fix bug - prefixMap is not updated when adding new OIDs.
       via  03a1451... s4-drstest: Don't remove temp LDB so it can be reviewed if necessary
       via  452fc0d... s4-repl: give a reason why the prepare commit failed
       via  92d75a4... s4-kcc: don't crash with a NULL ntds connection list
       via  60acce5... s4-repl: only try to replicate for NCs that we are a master for
       via  87f28cc... s4-torture: another unsigned comparison bug
       via  ec74ffa... s4-schema: a unsigned comparison bug in the schema code
       via  d370810... s4-drs: another two unsigned comparison bugs
       via  a106fef... librpc: fixed the GUID_compare() function
       via  2a4a159... s4-repl: lower debug level of a common message
       via  47560bf... s4-dsdb: don't use a non-constant format string for a printf format
       via  a070119... s4-dsdb: added DSDB_MODIFY_RELAX flag to the dsdb_module_*() calls
       via  9d56f65... s4-dsdb: added dsdb_get_extended_dn_uint64()
       via  e89a2db... s4-dsdb: use varargs expression in dsdb_module_search()
       via  2c88ffb... s4-dsdb: added two new dsdb_get_extended_dn_*() helper functions
       via  dbda2c2... s4-provision: added a note about where invocationIDs come from
       via  882768c... s4-dsdb: give us an invocationID when in standalone mode
       via  1b5389a... s3: Fix an error case in cli_negprot
       via  4b7a6b1... tevent: prefix types and defined with tevent_ and TEVENT_
       via  590f7c2... Output %p as unsigned in snprintf replacement.
       via  fcbe8f0... s4:kdc: setup the local and remote tsocket_address at accept time
       via  4dc958c... s4:kdc: convert UDP based communication to tdgram_context
       via  32861b9... Actually explain the twisty paths of tortured logic behind reply_doserror(), reply_nterror(), and reply_nterror(NT_STATUS_DOS()).
       via  0dd8c8a... reply_doserror() doesn't force DOS errors on the wire.
       via  69d26d2... reply_force_nterror() is not used anywhere. Remove it. Jeremy.
       via  daa561d... s4 torture: Add test to show archive bit behavior with directories
       via  9b86923... s4 torture: Fix RAW-STREAMS-DELETE to pass against samba3
       via  ea365af... Added freeing a successful req so it doesnt croud the ldb context
       via  39616c0... Added oid for AS_SYSTEM control, used to bypass access checks for system operations.
       via  72d68ac... s3-docs: mention pam_winbind.conf(5) manpage in pam_winbind(8) manpage.
       via  7481667... s3-docs: add new pam_winbind.conf(5) manpage.
       via  19cdcde... s4-dsdb: stop warnings about unknown struct GUID in prototypes
       via  cb841c3... s4-ldb: fixed a valgrind error in ldbtest
       via  5d7805b... s4-dsdb: greatly simplify the subtree_delete module
       via  b3c69e7... s4-dsdb: declare ldb_dn_update_components()
       via  82bf0d8... s4-dsdb: added ldb_dn_update_components()
       via  db76e65... s4-dsdb: fixed the sort in dsdb_find_nc_root()
       via  f392ae5... s4-ldb: display msDS-OptionalFeatureGUID as a GUID
       via  811b405... s4-scripts: add a enablerecyclebin script
       via  20869a0... s4-ldb: canonicalise the message on ldb_add
       via  7cb858e... s4-dsdb: Add a test for adding, deleting, and appending a posixAccount objectClass to a user
       via  0806006... s4-dsdb: fix handling of AUX classes in objectclass_sort
       via  8b88925... s4-dsdb: return an error if samAccountName is not specified when creating a user.
       via  d99084f... s4-dsdb: Move get_last_structural class from descriptor.c to util.c
       via  2ad086e... s4-dsdb: Add a check to prevent acl_modify from debuging a NULL message
       via  027cba6... Return NULL in strlower_talloc if src is NULL
       via  c3d1e5c... s4:provision Give a more useful error message in guess_names
       via  0c1ff3b... Always map EMFILE to ERRDOS, ERRnofids, *NOT* NT_STATUS_TOO_MANY_OPENED_FILES. This is what W2KR3 does for NTCreateX and openX calls. May be the correct fix for bug 6837 - "Too many open files" when trying to access large number of files. Jeremy.
       via  f8ab38a... Vector correctly through reply_openerror() (which uses the same logic). Jeremy.
       via  cfbf62d... s4 torture: RAW-STREAMS-NAMES Make sure the create time of the streams are different from the base file
       via  c3582f9... s4 torture: Add RAW-STREAMS-RENAME3 to show error when trying to overwrite a stream with an open handle
       via  f8bb5a6... s4 torture: Parameterize streams delete behavior rather than commenting out the check.
       via  f02206d... s4 torture: RAW-STREAMS-CREATEDISP Use a normal deny mode
       via  5c13a90... s4 torture: close handle instead of using exit
       via  fbf4923... Update default with correct value. Add a note about Win7 behavior here. Jeremy.
       via  159c1b8... Fix bug #6939 - mangling method = hash breaks long filenames.
       via  bbec305... s4:"samdb_set_password" - remove delete instructions
       via  dc4c411... s4-smbtorture: skip GetAliasMembership against s4.
       via  c0883fb... Fixed incorrect checking of PRINCIPAL_SELF permissions.
       via  619ad0c... s4-smbtorture: add a samr_GetAliasMembership test to RPC-SAMR.
       via  a23084e... tdbtool: avoid using c++ reserved words.
       via  eb7ff92... s3: Run RPC-SAMBA3-GETALIASMEMBERSHIP-0 in make test
       via  1d0f364... s4:dsdb/common/util - make NTTIME attribute wrappers use a "const" message
       via  e3ee8ff... s3: Fix bug 6992, make test for getgrouplist cacheable
       via  a9689bb... s4-smbtorture: fix smbtorture after setprinter IDL fixes.
       via  31cf2b0... s3-spoolss: fix rpcclient after setprinter IDL fixes.
       via  be95cb6... spoolss: more mork on SetPrinterInfo() levels.
       via  0708b2a... s4-ntvfs: check if pvfs is NULL in pvfs_logoff
       via  fae70e1... s4:gensec: allow clearing local and remote address by passing NULL
       via  c457d54... s4-gensec: Remove obsolete socket_address vars and fns.
       via  1e54888... s4-gensec: Replace gensec_get_peer_addr with new tsocket based fn.
       via  ac2d31e... s4-gensec: Replace gensec_set_peer_addr with new tsocket based fn.
       via  8ca8804... s4-gensec: Replace gensec_get_my_addr with new tsocket based fn.
       via  226a9db... s4-gensec: Replace gensec_set_my_addr() with new tsocket based fn.
       via  743e636... s4-gensec: Added remote and local setter/getter using tsocket.
       via  8f4d4a6... Final part of the fix for 6837 - "Too many open files" when trying to access large number of files
       via  b8c87c4... Add helpful debug of DACL for errors on ACL access. Jeremy.
       via  64e588f... spoolss: add spoolss_DriverInfo7.
       via  d9f9322... s3-pdbedit: allow to call "pdbedit -N description -u user" without specifiyng "-r".
       via  8d3fc23... s4-dsdb: also mark the relax control non-critical when done
       via  558a386... s4-dsdb: it is a better pattern to mark a control as done than remove it
       via  41e403a... s4-dsdb: when the SD_FLAGS control is set, don't remove nTSecurityDescriptor
       via  934bb28... s4-dsdb: don't actually remove the sd_flags control, just mark it non-critical
       via  9955756... s4-ldb: show the OID of any unhandled critical controls
       via  f8320b3... s4-ldb: fixed a transaction error on prepare_commit
       via  e14c728... s4-ldb: added --show-deactivated-link command line option
       via  f9302f9... ldap: give a debug error when we don't know a control
       via  6c21255... s4-dsdb: added dsdb_get_deleted_objects_dn()
       via  3c1f18c... s4-dsdb: added dsdb_find_nc_root()
       via  7d0fdca... s4-dsdb: added dsdb_wellknown_dn()
       via  b7a74ac... libds: added GUIDs for wellknown AD objects
       via  8a74633... s4-dsdb: added a dsdb_module_rename() call
       via  9fa1f96... s4-dsdb: added dsdb_module_modify()
       via  4b970c0... s4-dsdb: fixed dsdb_module_dn_by_guid()
       via  cd4574f... s4-dsdb: dsdb_flags should be unsigned
       via  57b10b6... s4-dsdb: rename dsdb_module_search_handle_flags to dsdb_request_add_controls
       via  9515926... s4-dsdb: added dsdb_module_dn_by_guid()
       via  32995e8... s4-dsdb: use dsdb_dn_is_deleted_val()
       via  152f415... s4-dsdb: added dsdb_dn_is_deleted_val()
       via  d31b636... s4-ntvfs: try to fix bug 6989
       via  e22e336... s4:drsuapi/getncchanges.c - Update the list of operational attributes
       via  e831e3e... Ensure dos_mode can return FILE_ATTRIBUTE_NORMAL, then filter the returned attributes by protocol level.
       via  308b50a... s4-smbtorture: run GetPrinterDriver2 tests against each printer's driver.
       via  1a43d86... s4:prog_guide4.txt: remove obsolete comments
       via  a88b288... s4: Fixed the programming guide to reflect the current tree.
       via  b55d076... s4-kdc: Migrate to tsocket_address.
       via  a5bdab8... tsocket: Fixed tsocket_guide.txt asciidoc syntax.
       via  e33ae22... tsocket: Fixed documentation for tsocket_address_bsd_sockaddr().
       via  ab04dd3... tsocket: Fixed typo in LGPL header.
       via  edbf2ca... tsocket: add tsocket_address_bsd_sockaddr() and tsocket_address_bsd_from_sockaddr()
       via  4a19ada... smbtorture4: Add rpc-samba3-getaliasmembership-0
       via  20bcdf8... s3: Fix _samr_GetAliasMembership for results with 0 rids
       via  4330efe... Removed ldb_modify_ctrl from ldb, implemented as a static in ldap_backend.
       via  b85f6f6... s4 torture: Add new RAW-SEARCH test to explore strange max count behavior
       via  8ba02d9... s4 torture: Update RAW-QFILEINFO to only test info levels that are supported by the server
       via  5930f77... s4 torture: Convert RAW-OPEN to suite form
       via  d732fb4... s4 torture: Add SHARE_DELETE to create_directory_handle
       via  7f95686... Fix release script to work with recent git versions
       via  f346079... s4:tls: fix the build on Solaris
       via  4deaa84... Fixed a problem with duplicate values of allowedAttributesEffective.
       via  ef5508b... s4: rename res/res2 to something more explicit
       via  d2ec67e... s4: upgradeprovision handle renaming and knownobjects
       via  fb85977... s4: upgradeprovision rename also when there is a mismatch on the case of name attribute
       via  3357319... s4: reorder action to permit old provision to be correctly upgraded
       via  f871de7... s4:provision - Remap conflicting thumbnailPhoto and thumbnailLogo OID's.
       via  0d10efe... s3: Allow up to 20480 entries in LookupSids, as mandated by the official IDL
       via  9260396... s4-dsdb: added REVEAL_INTERNALS flag to dsdb_module_search_handle_flags()
       via  7f6b524... s4-devel: support vampire_ad.sh with no initial smb.conf
       via  b11b227... s4-loadparm: call reload_charcnv() also for a missing smb.conf
       via  7f16da7... s4-dsdb: return a zero guid on error in samdb_result_guid()
       via  bb00941... heimdal: work around differences between GNU and XSI strerror_r()
       via  665e57f... s4-dsdb: use the reveal control to hide/show extended DN components
       via  e3c2309... s4-ldb: added new ldb_dn extended components for linked attributes
       via  0d76df9... s4-ldb: added a function to filter extended components of a ldb_dn
       via  725e25a... s4-ldb: added a new "reveal" control
       via  56b90ac... s4-ldb: sort the linearized extended DN by component name
       via  a3b7e84... librpc/ndr: avoid comparison_fn_t to fix the openchange build on solaris
       via  6bc29ec... add ignore for autogenrated files as they are not used by s3
       via  155bdea... torture: add new tests for dfsblobs
       via  8f8613d... idl: introduce new file: dfsblobs.idl
       via  05effef... librpc/ndr: add missing prototypes for relative_short functions
       via  e316624... spoolss: fix spoolss_PrinterData size calculation.
       via  5ae61cf... spoolss: trivial fix for spoolss_FormInfo2 IDL.
       via  801fbd0... s4-smbtorture: check whether a returned buffer size is a multiple of 4 in RPC-SPOOLSS.
       via  f740bdc... s3:docs: Fix 'make manpages3'.
       via  f8c34c4... s4:"samdb_set_password_sid" - clean up created objects correctly
       via  1788abb... s4:operational LDB module - cosmetic - reorder an attribute list
       via  24a398b... s3: Fix a very embarrassing build failure
       via  678f2ca... pidl: Introduce new dirrective: relative_short
       via  f0054da... librpc/ndr: add support for relative_short pointers
       via  5767b1d... s4:utils/oLschema2ldif.c - remove (now) unused variables
       via  c69b9b7... s3:docs: document ldap deref
       via  5dd86c7... s3:loadparm:  Change the "ldap deref" value "defualt" to "auto".
       via  31321ac... s4:libnet/libnet_become_dc - Fix a small glitch in "becomeDC_drsuapi1_add_entry_send"
       via  f3205d3... s3: add prototype to fix the build
       via  31202a9... s3-selftest: enable RPC-SAMBA3-WINREG.
       via  c2618d2... s3-rpcclient: allow to set offered size for enumkey command.
       via  dc71d1c... s4-smbtorture: add more spoolss_EnumPrinterKey tests for local NDR test.
       via  e92b034... s3: make own defines for ldap deref types
       via  6683644... s3: add LDAP Alias Dereferencing support
       via  835e7d6... spoolss: remove unused spoolss_StringArray2.
       via  ce33967... s4-smbtorture: fix and extend enum printerkey test.
       via  f20effc... s3-spoolss: fix enumprinter key client and server.
       via  fa413d1... s3: re-run make samba3-idl.
       via  0ecb7f6... spoolss: use spoolss_KeyNames in spoolss_EnumPrinterKey.
       via  cf25614... spoolss: add spoolss_KeyNames union.
       via  0604c69... s3:packaging: Fix version detection.
       via  56b754e... Implementation of sDRightsEffective, allowedAttributesEffective and allowedChildClassesEffective.
       via  85e79a2... s3:packaging: Fix source dir.
       via  b5011ba... s3:packaging: Fix typo in comment.
       via  c59372b... s4-ldb: fixed 2 bugs in ldb_dn_set_extended_component()
       via  62dc7f6... s4-libcli: GUID_from_ndr_blob() is strict about the blob size
       via  c7c97b6... s4-schema: use GUID_to_ndr_blob()
       via  d35b7d0... s4-schema: use binsearch.h
       via  71943e8... util: added binsearch.h for binary array searches
       via  261ba40... s4-dsdb: use GUID_to_ndr_blob()
       via  215cc5a... s4-ldb: use GUID_to_ndr_blob()
       via  9822286... s4-libnet: use GUID_to_ndr_blob()
       via  b4ea96e... s4-libcli: use GUID_to_ndr_blob()
       via  33cbe9c... s4-server: use GUID_to_ndr_blob() in cldap and smb servers
       via  1b20002... libcli: use GUID_to_ndr_blob()
       via  d035a60... s3-ldb: use GUID_to_ndr_blob()
       via  3ce800d... libndr: added a GUID_to_ndr_blob() helper function
       via  2493776... s4-ldb: simplify ldif handlers using new GUID functions
       via  d337cef... s4-dsdb: simplify samdb_result_guid()
       via  56b887e... s4-dsdb: simplify linked attributes code using GUID functions
       via  81bc561... s4-dsdb: simplify schema code using new GUID functions
       via  f01ea8b... s4-smb2: use new GUID function in smb2 negprot
       via  498f2b8... s4-libcli: use new GUID functions in libcli
       via  08e8988... s4-dsdb: use GUID_from_ndr_blob() to create dsdb_get_extended_dn_guid()
       via  effff54... librpc: split out a separate GUID_from_ndr_blob() function
       via  d2f13dd... s4-smbtorture: enhance spoolss_EnumPrinterKey torture test.
       via  c7e3a2d... s3: check for PAM_RADIO_TYPE.
       via  b386c33... s3: Fix build on non-linux platform.
       via  bfbccbb... WHATSNEW4: Samba 3.0 is not up-to-date.
       via  0fca76e... s4-dsdb: added dsdb_functional_level() helper function
       via  732c701... s4-drs: ensure we fill in ncRoot_dn in getncchanges
       via  16eb25b... s4-drs: use parentGUID attribute in getncchanges
       via  4bb2958... s4-ldb: fixed nested searches inside ldb modules
       via  e5a478d... s4-ldb: added a missing ltdb_unlock_read()
       via  3397671... s4-dsdb: use dsdb_module_search_dn in repl_meta_data
       via  707cd30... s4-dsdb: fixed steal of parentGUID for empty msg
       via  f772329... s3: Give the user a chance to change password when password will expire soon.
       via  fd58556... s3: keep subsecond times on cross-filesystem moves and don't follow links
       via  b617466... s3:configure: check for lutimes, futimes and futimens
       via  bd11ec4... Merge commit 'origin/master' into abartlet-devel
       via  1853098... s4: On the way to alpha11
       via  3609c74... s3:doc: make dos filetimes description less contradictory
       via  0d53ce7... s3: make sys_posix_fallocate more generic
       via  e14fb8f... s3-spoolss: use SPOOLSS_ARCHITECTURE_ALL in driver enum server code.
       via  fb3b098... spoolss: add more spoolss architectures to IDL.
      from  100e249... This is alpha10


- Log -----------------------------------------------------------------
commit c41fb54cb7a1f647e239e4479e8603633685781e
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Mon Jan 11 16:35:28 2010 +1100

    more WHATSNEW4

commit 1a76c80466bf877a806c1c220b41e0ed37d92ed7
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Mon Jan 11 14:57:55 2010 +1100

    This is Samba4 alpha11!

commit 4f6e9a0bf7f4cdd63ed4c95da3a914a85737d8a9
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Mon Jan 11 12:00:34 2010 +1100

    release notes for Samba4 alpha11 (to be released this week)


Summary of changes:
 .gitignore                                         |    6 +-
 WHATSNEW4.txt                                      |   37 +-
 docs-xml/build/DTD/samba.entities                  |   20 +-
 docs-xml/manpages-3/eventlogadm.8.xml              |    2 +-
 docs-xml/manpages-3/mount.cifs.8.xml               |   54 +-
 docs-xml/manpages-3/pam_winbind.8.xml              |    6 +-
 docs-xml/manpages-3/pam_winbind.conf.5.xml         |  190 +
 docs-xml/manpages-3/pdbedit.8.xml                  |  175 +-
 docs-xml/manpages-3/rpcclient.1.xml                |   11 +-
 docs-xml/manpages-3/smbcacls.1.xml                 |   28 +-
 docs-xml/manpages-3/smbclient.1.xml                |   28 +-
 docs-xml/manpages-3/smbget.1.xml                   |    8 +-
 docs-xml/manpages-3/smbtree.1.xml                  |    6 +-
 docs-xml/manpages-3/tdbbackup.8.xml                |    2 +-
 docs-xml/manpages-3/tdbdump.8.xml                  |    2 +-
 docs-xml/manpages-3/tdbtool.8.xml                  |    2 +-
 docs-xml/smbdotconf/ldap/ldapderef.xml             |   21 +
 docs-xml/smbdotconf/misc/dosfiletimes.xml          |    8 +-
 docs-xml/smbdotconf/tuning/maxopenfiles.xml        |   21 +-
 lib/replace/libreplace.m4                          |    2 +
 lib/replace/replace.c                              |   23 +
 lib/replace/replace.h                              |    6 +
 lib/replace/snprintf.c                             |    1 +
 lib/replace/test/testsuite.c                       |   37 +
 lib/talloc/script/release-script.sh                |    2 +-
 lib/talloc/talloc.mk                               |    5 +
 lib/tdb/Makefile.in                                |    7 +-
 lib/tdb/configure.ac                               |    7 +
 lib/tdb/include/tdb.h                              |    2 +-
 .../tdb/manpages}/tdbbackup.8.xml                  |    0 
 .../manpages-3 => lib/tdb/manpages}/tdbdump.8.xml  |    0 
 .../manpages-3 => lib/tdb/manpages}/tdbtool.8.xml  |    0 
 lib/tdb/tdb.mk                                     |   19 +-
 lib/tdb/tdb.signatures                             |    2 +-
 lib/tdb/tools/tdbtool.c                            |    4 +-
 lib/tevent/tevent.mk                               |    4 +
 lib/tevent/tevent_signal.c                         |   76 +-
 lib/tsocket/tsocket.c                              |    2 +-
 lib/tsocket/tsocket.h                              |   17 +-
 lib/tsocket/tsocket_bsd.c                          |   68 +-
 lib/tsocket/tsocket_guide.txt                      |  317 +-
 lib/tsocket/tsocket_helpers.c                      |    2 +-
 lib/tsocket/tsocket_internal.h                     |    2 +-
 lib/util/binsearch.h                               |   68 +
 lib/util/charset/util_unistr.c                     |    4 +
 lib/util/debug.h                                   |    4 -
 lib/util/time.c                                    |   14 -
 lib/util/time.h                                    |   14 +
 libcli/auth/ntlmssp_ndr.c                          |  145 +
 {source3/libsmb => libcli/auth}/ntlmssp_ndr.h      |    0 
 libcli/auth/smbencrypt.c                           |    8 +-
 libcli/ldap/ldap_message.c                         |    2 +
 libcli/ldap/ldap_ndr.c                             |    7 +-
 libcli/util/tstream.c                              |  167 +
 libcli/util/tstream.h                              |   79 +
 libds/common/flags.h                               |   13 +
 librpc/gen_ndr/cli_spoolss.c                       |    9 +-
 librpc/gen_ndr/cli_spoolss.h                       |    6 +-
 librpc/gen_ndr/drsuapi.h                           |   12 +-
 librpc/gen_ndr/lsa.h                               |    4 +-
 librpc/gen_ndr/ndr_drsuapi.c                       |    5 +
 librpc/gen_ndr/ndr_lsa.c                           |    4 +-
 librpc/gen_ndr/ndr_spoolss.c                       |  532 +-
 librpc/gen_ndr/ndr_spoolss.h                       |   11 +-
 librpc/gen_ndr/spoolss.h                           |   48 +-
 librpc/gen_ndr/srv_spoolss.c                       |   15 +-
 librpc/idl/dfsblobs.idl                            |  116 +
 librpc/idl/drsuapi.idl                             |    7 +-
 librpc/idl/lsa.idl                                 |    4 +-
 librpc/idl/spoolss.idl                             |   50 +-
 librpc/ndr/libndr.h                                |    7 +-
 librpc/ndr/ndr.c                                   |   42 +
 librpc/ndr/ndr_basic.c                             |   12 +
 librpc/ndr/ndr_spoolss_buf.c                       |   73 +-
 librpc/ndr/ndr_spoolss_buf.h                       |    4 +-
 librpc/ndr/uuid.c                                  |   65 +-
 nsswitch/libwbclient/wbc_pam.c                     |   45 +
 nsswitch/libwbclient/wbc_util.c                    |    2 +-
 nsswitch/libwbclient/wbclient.h                    |   14 +
 nsswitch/pam_winbind.c                             |  126 +-
 nsswitch/wbinfo.c                                  |   34 +
 nsswitch/winbind_struct_protocol.h                 |    4 +-
 packaging/RHEL/makerpms.git.sh                     |    6 +-
 packaging/RHEL/makerpms.sh.tmpl                    |    2 +-
 pidl/lib/Parse/Pidl/Compat.pm                      |    4 +
 pidl/lib/Parse/Pidl/NDR.pm                         |    3 +
 pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm           |   17 +-
 prog_guide4.txt                                    |   63 +-
 selftest/selftest.pl                               |   13 +
 source3/Makefile.in                                |   35 +-
 source3/auth/auth_builtin.c                        |   12 +-
 source3/auth/auth_compat.c                         |   10 +-
 source3/auth/auth_domain.c                         |   12 +-
 source3/auth/auth_netlogond.c                      |    6 +-
 source3/auth/auth_ntlmssp.c                        |    8 +-
 source3/auth/auth_sam.c                            |  215 +-
 source3/auth/auth_script.c                         |    4 +-
 source3/auth/auth_server.c                         |    4 +-
 source3/auth/auth_unix.c                           |    4 +-
 source3/auth/auth_util.c                           |   64 +-
 source3/auth/auth_wbc.c                            |    4 +-
 source3/auth/auth_winbind.c                        |    4 +-
 source3/configure.in                               |   51 +-
 source3/groupdb/mapping.c                          |    3 +-
 source3/include/async_smb.h                        |    5 -
 source3/include/auth.h                             |   10 +-
 source3/include/client.h                           |    4 +-
 source3/include/includes.h                         |    4 +-
 source3/include/local.h                            |   24 +-
 source3/include/ntlmssp.h                          |   34 +-
 source3/include/proto.h                            |  108 +-
 source3/include/smb.h                              |    2 +-
 source3/include/smb_macros.h                       |    3 +-
 source3/lib/ldb/samba/ldif_handlers.c              |    3 +-
 source3/lib/smbldap.c                              |   11 +
 source3/lib/system.c                               |    8 +-
 source3/lib/time.c                                 |  124 +-
 source3/lib/util_seaccess.c                        |   40 -
 source3/lib/util_sid.c                             |   17 +-
 source3/libads/sasl.c                              |    1 +
 source3/libnet/libnet_samsync_passdb.c             |   15 +-
 source3/librpc/gen_ndr/cli_wbint.c                 |  130 +
 source3/librpc/gen_ndr/cli_wbint.h                 |    8 +
 source3/librpc/gen_ndr/ndr_wbint.c                 |   51 +-
 source3/librpc/gen_ndr/ndr_wbint.h                 |   11 +-
 source3/librpc/gen_ndr/srv_wbint.c                 |   80 +
 source3/librpc/gen_ndr/srv_wbint.h                 |    2 +
 source3/librpc/gen_ndr/wbint.h                     |    8 +
 source3/librpc/idl/wbint.idl                       |    3 +
 source3/libsmb/async_smb.c                         |  219 +-
 source3/libsmb/cliconnect.c                        |  950 +-
 source3/libsmb/clidfs.c                            |    6 +-
 source3/libsmb/clifsinfo.c                         |    1 +
 source3/libsmb/conncache.c                         |   82 +-
 source3/libsmb/errormap.c                          |    6 +-
 source3/libsmb/libsmb_cache.c                      |    4 +-
 source3/libsmb/ntlmssp.c                           |   88 +-
 source3/libsmb/ntlmssp_ndr.c                       |  145 -
 source3/libsmb/ntlmssp_sign.c                      |   57 +-
 source3/libsmb/samlogon_cache.c                    |    6 +-
 source3/libsmb/smb_seal.c                          |    5 +-
 source3/locale/net/de.po                           | 2070 ++--
 source3/modules/vfs_acl_common.c                   |  106 +
 source3/modules/vfs_commit.c                       |    2 +
 source3/modules/vfs_default.c                      |   47 +-
 source3/param/loadparm.c                           |   26 +
 source3/passdb/lookup_sid.c                        |   21 +-
 source3/passdb/passdb.c                            |    3 +-
 source3/passdb/pdb_compat.c                        |   10 +-
 source3/passdb/pdb_get_set.c                       |  141 +-
 source3/passdb/pdb_interface.c                     |    3 +-
 source3/passdb/pdb_ldap.c                          |    6 +-
 source3/passdb/util_unixsids.c                     |   26 +-
 source3/passdb/util_wellknown.c                    |    4 +-
 source3/printing/nt_printing.c                     |    4 +-
 source3/rpc_client/cli_netlogon.c                  |    7 -
 source3/rpc_client/cli_pipe.c                      |   29 +-
 source3/rpc_client/cli_spoolss.c                   |    7 +-
 source3/rpc_client/ndr.c                           |   15 +
 source3/rpc_client/rpc_transport_np.c              |   12 +
 source3/rpc_client/rpc_transport_smbd.c            |   10 +
 source3/rpc_client/rpc_transport_sock.c            |   53 +
 source3/rpc_server/srv_lsa_nt.c                    |    3 +-
 source3/rpc_server/srv_netlog_nt.c                 |    4 +-
 source3/rpc_server/srv_pipe.c                      |    1 +
 source3/rpc_server/srv_pipe_hnd.c                  |    7 +
 source3/rpc_server/srv_samr_nt.c                   |   25 +-
 source3/rpc_server/srv_spoolss_nt.c                |   15 +-
 source3/rpc_server/srv_srvsvc_nt.c                 |   21 +
 source3/rpcclient/cmd_spoolss.c                    |   17 +-
 source3/script/tests/test_posix_s3.sh              |    3 +-
 source3/smbd/chgpasswd.c                           |   87 +-
 source3/smbd/dir.c                                 |    8 -
 source3/smbd/dosmode.c                             |   28 +-
 source3/smbd/error.c                               |   50 +-
 source3/smbd/lanman.c                              |    2 +-
 source3/smbd/mangle_hash.c                         |   14 +-
 source3/smbd/message.c                             |    8 +-
 source3/smbd/nttrans.c                             |   91 +-
 source3/smbd/open.c                                |   12 +-
 source3/smbd/password.c                            |    2 +-
 source3/smbd/pipes.c                               |   24 +-
 source3/smbd/posix_acls.c                          |   25 +-
 source3/smbd/process.c                             |  186 +-
 source3/smbd/quotas.c                              |    4 +-
 source3/smbd/reply.c                               |  121 +-
 source3/smbd/seal.c                                |    1 +
 source3/smbd/sesssetup.c                           |   13 +-
 source3/smbd/smb2_sesssetup.c                      |    1 +
 source3/smbd/trans2.c                              |   49 +-
 source3/torture/torture.c                          |   41 +-
 source3/utils/net_ads.c                            |    4 +
 source3/utils/net_groupmap.c                       |    9 +-
 source3/utils/net_help.c                           |    4 +-
 source3/utils/net_rpc.c                            |   17 +-
 source3/utils/net_util.c                           |    8 +-
 source3/utils/ntlm_auth.c                          |   81 +-
 source3/utils/pdbedit.c                            |    9 +-
 source3/winbindd/idmap_hash/idmap_hash.c           |    3 +-
 source3/winbindd/idmap_tdb.c                       |    3 +-
 source3/winbindd/wb_getgrsid.c                     |   11 +
 source3/winbindd/wb_gettoken.c                     |    7 +
 source3/winbindd/wb_sid2gid.c                      |    2 +-
 source3/winbindd/wb_sid2uid.c                      |    2 +-
 source3/winbindd/winbindd.c                        |   17 +-
 source3/winbindd/winbindd.h                        |   23 +-
 source3/winbindd/winbindd_ads.c                    |  236 +-
 source3/winbindd/winbindd_async.c                  |  549 -
 source3/winbindd/winbindd_cache.c                  |  474 +-
 source3/winbindd/winbindd_ccache_access.c          |   35 +-
 source3/winbindd/winbindd_check_machine_acct.c     |    2 +-
 source3/winbindd/winbindd_cm.c                     |    3 +-
 source3/winbindd/winbindd_cred_cache.c             |   13 +-
 source3/winbindd/winbindd_creds.c                  |   12 +-
 source3/winbindd/winbindd_domain.c                 |   30 -
 source3/winbindd/winbindd_dual.c                   |   94 +-
 source3/winbindd/winbindd_dual_srv.c               |   48 +
 source3/winbindd/winbindd_getgrnam.c               |   23 +-
 source3/winbindd/winbindd_getgroups.c              |   24 -
 source3/winbindd/winbindd_group.c                  |  284 -
 source3/winbindd/winbindd_idmap.c                  |  321 -
 source3/winbindd/winbindd_misc.c                   |  192 +-
 source3/winbindd/winbindd_pam.c                    |    4 +-
 source3/winbindd/winbindd_passdb.c                 |   72 +-
 source3/winbindd/winbindd_ping_dc.c                |   96 +
 source3/winbindd/winbindd_proto.h                  |  169 +-
 source3/winbindd/winbindd_reconnect.c              |   12 +-
 source3/winbindd/winbindd_rpc.c                    |   76 +-
 source3/winbindd/winbindd_user.c                   |   73 -
 source3/winbindd/winbindd_util.c                   |  138 +-
 source4/Makefile                                   |    2 +-
 source4/VERSION                                    |    2 +-
 source4/auth/auth.h                                |   25 +-
 source4/auth/credentials/config.mk                 |    2 +-
 source4/auth/gensec/config.mk                      |    2 +-
 source4/auth/gensec/cyrus_sasl.c                   |   25 +-
 source4/auth/gensec/gensec.c                       |  218 +-
 source4/auth/gensec/gensec.h                       |   35 +-
 source4/auth/gensec/gensec_krb5.c                  |   41 +-
 source4/auth/ntlm/auth.c                           |  271 +-
 source4/auth/ntlm/auth_proto.h                     |   50 -
 source4/auth/ntlm/auth_server.c                    |    7 +-
 source4/auth/ntlm/auth_unix.c                      |    6 +-
 source4/auth/ntlm/auth_util.c                      |   12 +-
 source4/auth/ntlm/auth_winbind.c                   |    6 +-
 source4/auth/ntlm/config.mk                        |    6 +-
 source4/auth/ntlmssp/ntlmssp.h                     |   34 +-
 source4/auth/ntlmssp/ntlmssp_server.c              |  106 +-
 source4/auth/ntlmssp/ntlmssp_sign.c                |   31 +-
 source4/build/smb_build/summary.pm                 |    1 +
 source4/cldap_server/netlogon.c                    |   12 +-
 source4/dsdb/common/dsdb_dn.c                      |   69 +
 source4/dsdb/common/dsdb_dn.h                      |    5 +
 source4/dsdb/common/util.c                         |  638 +-
 source4/dsdb/config.mk                             |    8 +-
 source4/dsdb/kcc/kcc_connection.c                  |    6 +-
 source4/dsdb/kcc/kcc_deleted.c                     |  156 +
 source4/dsdb/kcc/kcc_periodic.c                    |    5 +
 source4/dsdb/kcc/kcc_service.h                     |    2 +
 source4/dsdb/repl/drepl_notify.c                   |   20 +-
 source4/dsdb/repl/drepl_out_helpers.c              |  533 +-
 source4/dsdb/repl/drepl_out_pull.c                 |   63 +-
 source4/dsdb/repl/drepl_partitions.c               |   87 +-
 source4/dsdb/repl/drepl_periodic.c                 |    2 +
 source4/dsdb/repl/drepl_ridalloc.c                 |  282 +
 source4/dsdb/repl/drepl_service.c                  |    1 +
 source4/dsdb/repl/drepl_service.h                  |   11 +-
 source4/dsdb/repl/replicated_objects.c             |   29 +-
 source4/dsdb/samdb/ldb_modules/acl.c               |  769 +-
 source4/dsdb/samdb/ldb_modules/config.mk           |   38 +-
 source4/dsdb/samdb/ldb_modules/descriptor.c        |   57 +-
 source4/dsdb/samdb/ldb_modules/extended_dn_in.c    |    5 +
 source4/dsdb/samdb/ldb_modules/extended_dn_out.c   |   74 +-
 source4/dsdb/samdb/ldb_modules/extended_dn_store.c |    4 +-
 source4/dsdb/samdb/ldb_modules/instancetype.c      |    3 +-
 source4/dsdb/samdb/ldb_modules/kludge_acl.c        |    5 +-
 source4/dsdb/samdb/ldb_modules/lazy_commit.c       |   16 +-
 source4/dsdb/samdb/ldb_modules/linked_attributes.c | 1272 +--
 source4/dsdb/samdb/ldb_modules/objectclass.c       |  279 +-
 source4/dsdb/samdb/ldb_modules/operational.c       |   57 +-
 source4/dsdb/samdb/ldb_modules/partition.c         |   12 +-
 source4/dsdb/samdb/ldb_modules/password_hash.c     |   13 +-
 source4/dsdb/samdb/ldb_modules/pdc_fsmo.c          |    4 +-
 source4/dsdb/samdb/ldb_modules/repl_meta_data.c    | 1818 ++-
 source4/dsdb/samdb/ldb_modules/ridalloc.c          |  646 +
 source4/dsdb/samdb/ldb_modules/rootdse.c           |    5 +-
 source4/dsdb/samdb/ldb_modules/samba3sid.c         |  197 +
 source4/dsdb/samdb/ldb_modules/samba_dsdb.c        |   21 +-
 source4/dsdb/samdb/ldb_modules/samldb.c            |  836 +-
 source4/dsdb/samdb/ldb_modules/schema_data.c       |  180 +-
 source4/dsdb/samdb/ldb_modules/schema_load.c       |   10 +-
 source4/dsdb/samdb/ldb_modules/show_deleted.c      |   11 +-
 source4/dsdb/samdb/ldb_modules/simple_ldap_map.c   |   22 +-
 source4/dsdb/samdb/ldb_modules/subtree_delete.c    |  137 +-
 source4/dsdb/samdb/ldb_modules/tests/samba3sam.py  |   17 +-
 source4/dsdb/samdb/ldb_modules/util.c              |  452 +-
 source4/dsdb/samdb/ldb_modules/util.h              |   10 +
 source4/dsdb/samdb/samdb.h                         |    8 +
 source4/dsdb/schema/prefixmap.h                    |   11 +
 source4/dsdb/schema/schema.h                       |    1 +
 source4/dsdb/schema/schema_init.c                  |   53 +-
 source4/dsdb/schema/schema_prefixmap.c             |   24 +
 source4/dsdb/schema/schema_query.c                 |  113 +-
 source4/dsdb/schema/schema_set.c                   |   20 +-
 source4/dsdb/schema/schema_syntax.c                |  282 +-
 source4/heimdal/lib/krb5/fcache.c                  |   12 +-
 source4/heimdal_build/external.m4                  |    8 +-
 source4/kdc/config.mk                              |    3 +-
 source4/kdc/hdb-samba4.c                           |  241 +-
 source4/kdc/hdb-samba4.h                           |    8 +-
 source4/kdc/kdc.c                                  |  708 +-
 source4/kdc/kdc.h                                  |   18 +-
 source4/kdc/kpasswdd.c                             |  225 +-
 source4/kdc/pac-glue.c                             |   30 +-
 source4/kdc/pac-glue.h                             |    6 +-
 source4/ldap_server/ldap_backend.c                 |   46 +-
 source4/lib/events/events.h                        |    1 +
 source4/lib/events/tevent_s4.c                     |   15 +-
 source4/lib/ldb-samba/ldif_handlers.c              |  225 +-
 source4/lib/ldb-samba/ldif_handlers.h              |    1 +
 source4/lib/ldb/common/attrib_handlers.c           |   61 +-
 source4/lib/ldb/common/ldb.c                       |   30 +-
 source4/lib/ldb/common/ldb_controls.c              |   27 +
 source4/lib/ldb/common/ldb_dn.c                    |   75 +-
 source4/lib/ldb/common/ldb_modules.c               |   10 +-
 source4/lib/ldb/common/ldb_msg.c                   |   27 +
 source4/lib/ldb/config.mk                          |   13 +
 source4/lib/ldb/external/libtalloc.m4              |    2 +-
 source4/lib/ldb/include/ldb.h                      |   41 +-
 source4/lib/ldb/include/ldb_module.h               |    1 +
 source4/lib/ldb/ldb.mk                             |   28 +-
 source4/lib/ldb/ldb_tdb/ldb_cache.c                |    2 +-
 source4/lib/ldb/ldb_tdb/ldb_index.c                |   36 +-
 source4/lib/ldb/ldb_tdb/ldb_search.c               |    1 +
 source4/lib/ldb/ldb_tdb/ldb_tdb.c                  |   48 +-
 source4/lib/ldb/ldb_tdb/ldb_tdb.h                  |    3 +-
 source4/lib/ldb/pyldb.c                            |    4 +-
 source4/lib/ldb/pyldb.h                            |    1 -
 source4/lib/ldb/tests/python/acl.py                |   46 +-
 source4/lib/ldb/tests/python/ldap.py               |  190 +-
 source4/lib/ldb/tests/python/ldap_schema.py        |  525 +
 source4/lib/ldb/tests/python/sec_descriptor.py     |  229 +-
 source4/lib/ldb/tests/sample_module.c              |   30 +-
 source4/lib/ldb/tests/test-controls.sh             |   46 +
 source4/lib/ldb/tests/test-tdb.sh                  |    2 +
 source4/lib/ldb/tools/cmdline.c                    |   22 +-
 source4/lib/ldb/tools/config.mk                    |   13 +
 source4/lib/ldb/tools/ldbadd.c                     |   14 +-
 source4/lib/ldb/tools/ldbdel.c                     |   25 +-
 source4/lib/ldb/tools/ldbmodify.c                  |   17 +-
 source4/lib/ldb/tools/ldbtest.c                    |    2 +
 source4/lib/ldb/tools/ldbutil.c                    |  149 +
 source4/lib/ldb/tools/ldbutil.h                    |   41 +
 source4/lib/ldb_wrap.c                             |    2 +-
 source4/lib/messaging/messaging.c                  |   17 +-
 source4/lib/messaging/messaging.h                  |    1 +
 source4/lib/registry/util.c                        |    2 +
 source4/lib/socket/config.mk                       |    2 +-
 source4/lib/socket/socket.c                        |   72 +
 source4/lib/socket/socket.h                        |    7 +
 source4/lib/tls/config.m4                          |    3 +
 source4/libcli/config.mk                           |    5 +
 source4/libcli/finddcs.c                           |    3 +
 source4/libcli/raw/rawfsinfo.c                     |   12 +-
 source4/libcli/raw/rawrequest.c                    |   26 +-
 source4/libcli/resolve/dns_ex.c                    |   17 +-
 source4/libcli/security/access_check.c             |   15 +-
 source4/libcli/security/sddl.c                     |    2 +-
 source4/libcli/security/tests/bindings.py          |   11 +-
 source4/libcli/smb2/negprot.c                      |   13 +-
 source4/libnet/libnet.c                            |    3 +
 source4/libnet/libnet_become_dc.c                  |   84 +-
 source4/libnet/libnet_passwd.c                     |    8 +-
 source4/libnet/libnet_samsync_ldb.c                |   10 +-
 source4/libnet/libnet_vampire.c                    |    4 +-
 source4/libnet/py_net.c                            |   78 +-
 source4/librpc/config.mk                           |    7 +-
 source4/librpc/ndr/py_security.c                   |   36 +
 source4/min_versions.m4                            |    2 +-
 source4/ntvfs/posix/pvfs_open.c                    |    5 +
 source4/ntvfs/posix/pvfs_wait.c                    |    4 +-
 source4/param/config.mk                            |    2 +-
 source4/param/loadparm.c                           |    4 +
 source4/param/provision.c                          |   31 +-
 source4/param/pyparam.c                            |    3 +
 source4/param/tests/bindings.py                    |   10 +-
 source4/rpc_server/config.mk                       |    1 +
 source4/rpc_server/drsuapi/addentry.c              |   48 +-
 source4/rpc_server/drsuapi/dcesrv_drsuapi.c        |   82 +-
 source4/rpc_server/drsuapi/dcesrv_drsuapi.h        |    3 +-
 source4/rpc_server/drsuapi/drsutil.c               |   22 +-
 source4/rpc_server/drsuapi/getncchanges.c          |  696 +-
 source4/rpc_server/drsuapi/updaterefs.c            |    4 +-
 source4/rpc_server/drsuapi/writespn.c              |  145 +
 source4/script/installmisc.sh                      |   42 +-
 source4/scripting/bin/enablerecyclebin             |   54 +
 source4/scripting/bin/setup_dns.sh                 |    2 +-
 source4/scripting/bin/upgradeprovision             |  285 +-
 source4/scripting/devel/drs/vampire_ad.sh          |    5 +-
 source4/scripting/devel/tmpfs.sh                   |   13 +
 source4/scripting/python/modules.c                 |   43 +-
 source4/scripting/python/modules.h                 |    2 +-
 source4/scripting/python/pyglue.c                  |   23 -
 source4/scripting/python/samba/__init__.py         |   67 +-
 source4/scripting/python/samba/getopt.py           |   14 +-
 source4/scripting/python/samba/ms_schema.py        |    2 +
 source4/scripting/python/samba/netcmd/__init__.py  |  145 +
 .../scripting/python/samba/netcmd/domainlevel.py   |  229 +
 .../scripting/python/samba/netcmd/enableaccount.py |   65 +
 source4/scripting/python/samba/netcmd/newuser.py   |   70 +
 .../scripting/python/samba/netcmd/pwsettings.py    |  190 +
 source4/scripting/python/samba/netcmd/setexpiry.py |   72 +
 .../scripting/python/samba/netcmd/setpassword.py   |   77 +
 source4/scripting/python/samba/provision.py        |   61 +-
 source4/scripting/python/samba/schema.py           |   28 +-
 source4/scripting/python/samba/tests/netcmd.py     |   34 +
 source4/selftest/tests.sh                          |    2 +
 .../ad-schema/MS-AD_Schema_2K8_R2_Attributes.txt   |16060 ++++++++++++++++++++
 .../ad-schema/MS-AD_Schema_2K8_R2_Classes.txt      | 3577 +++++
 source4/setup/aggregate_schema.ldif                |    2 +
 source4/setup/domainlevel                          |  250 -
 source4/setup/enableaccount                        |   65 -
 source4/setup/newuser                              |   69 -
 source4/setup/provision.ldif                       |    2 +-
 source4/setup/provision_schema_basedn.ldif         |    1 +
 source4/setup/provision_self_join.ldif             |   20 +-
 source4/setup/provision_self_join_modify.ldif      |   15 +
 source4/setup/pwsettings                           |  198 -
 source4/setup/schema-map-fedora-ds-1.0             |    5 +
 source4/setup/schema_samba4.ldif                   |    4 +
 source4/setup/setexpiry                            |   72 -
 source4/setup/setpassword                          |   74 -
 source4/setup/tests/blackbox_newuser.sh            |   11 +-
 source4/setup/tests/blackbox_setpassword.sh        |   10 +-
 source4/smb_server/blob.c                          |   10 +-
 source4/smb_server/smb/negprot.c                   |    5 +-
 source4/smb_server/smb/sesssetup.c                 |   74 +-
 source4/smb_server/smb2/negprot.c                  |   10 +-
 source4/smb_server/smb2/sesssetup.c                |   17 +-
 source4/smbd/config.mk                             |    2 +-
 source4/smbd/process_prefork.c                     |    8 +-
 source4/smbd/process_single.c                      |    2 +-
 source4/smbd/process_standard.c                    |    6 +
 source4/smbd/server.c                              |    5 +-
 source4/smbd/service_stream.c                      |   32 +-
 source4/smbd/service_stream.h                      |    3 +
 source4/torture/config.mk                          |    2 +-
 source4/torture/drs/unit/prefixmap_tests.c         |   45 +-
 source4/torture/libnet/python/samr-test.py         |   62 +
 source4/torture/ndr/README                         |    4 +
 source4/torture/ndr/dfsblob.c                      |   50 +
 source4/torture/ndr/ndr.c                          |   14 +-
 source4/torture/ndr/spoolss.c                      |   14 +
 source4/torture/raw/lock.c                         |   98 +-
 source4/torture/raw/open.c                         |  366 +-
 source4/torture/raw/oplock.c                       |  265 +-
 source4/torture/raw/qfileinfo.c                    |   35 +-
 source4/torture/raw/raw.c                          |    2 +-
 source4/torture/raw/rename.c                       |    2 +-
 source4/torture/raw/search.c                       |   75 +
 source4/torture/raw/setfileinfo.c                  |  153 +
 source4/torture/raw/streams.c                      |  129 +-
 source4/torture/rpc/rpc.c                          |    2 +
 source4/torture/rpc/samba3rpc.c                    |   60 +
 source4/torture/rpc/samr.c                         |   51 +
 source4/torture/rpc/spoolss.c                      |  499 +-
 source4/torture/rpc/spoolss_win.c                  |   12 +-
 source4/torture/util_smb.c                         |    2 +-
 source4/utils/net/net.c                            |  178 +-
 source4/utils/oLschema2ldif.c                      |    2 -
 testprogs/blackbox/test_export_keytab.sh           |    8 +-
 testprogs/blackbox/test_kinit.sh                   |    2 +-
 testprogs/blackbox/test_passwords.sh               |   45 +-
 testprogs/win32/spoolss/Makefile                   |   40 +
 testprogs/win32/spoolss/Makefile.mingw             |   23 +
 testprogs/win32/spoolss/README                     |    1 +
 testprogs/win32/spoolss/error.c                    |  115 +
 testprogs/win32/spoolss/error.h                    |   36 +
 testprogs/win32/spoolss/printlib.c                 |  608 +
 testprogs/win32/spoolss/printlib_proto.h           |   46 +
 testprogs/win32/spoolss/spoolss.c                  |  784 +
 testprogs/win32/spoolss/spoolss.h                  |   51 +
 testprogs/win32/spoolss/string.h                   |   15 +
 testprogs/win32/spoolss/torture.c                  |  106 +
 testprogs/win32/spoolss/torture.h                  |   91 +
 testprogs/win32/spoolss/torture_proto.h            |   32 +
 486 files changed, 42317 insertions(+), 11517 deletions(-)
 create mode 100644 docs-xml/manpages-3/pam_winbind.conf.5.xml
 create mode 100644 docs-xml/smbdotconf/ldap/ldapderef.xml
 copy {docs-xml/manpages-3 => lib/tdb/manpages}/tdbbackup.8.xml (100%)
 copy {docs-xml/manpages-3 => lib/tdb/manpages}/tdbdump.8.xml (100%)
 copy {docs-xml/manpages-3 => lib/tdb/manpages}/tdbtool.8.xml (100%)
 create mode 100644 lib/util/binsearch.h
 create mode 100644 libcli/auth/ntlmssp_ndr.c
 rename {source3/libsmb => libcli/auth}/ntlmssp_ndr.h (100%)
 create mode 100644 libcli/util/tstream.c
 create mode 100644 libcli/util/tstream.h
 create mode 100644 librpc/idl/dfsblobs.idl
 delete mode 100644 source3/libsmb/ntlmssp_ndr.c
 create mode 100644 source3/winbindd/winbindd_ping_dc.c
 delete mode 100644 source3/winbindd/winbindd_user.c
 delete mode 100644 source4/auth/ntlm/auth_proto.h
 create mode 100644 source4/dsdb/kcc/kcc_deleted.c
 create mode 100644 source4/dsdb/repl/drepl_ridalloc.c
 create mode 100644 source4/dsdb/samdb/ldb_modules/ridalloc.c
 create mode 100644 source4/dsdb/samdb/ldb_modules/samba3sid.c
 create mode 100755 source4/lib/ldb/tests/python/ldap_schema.py
 create mode 100755 source4/lib/ldb/tests/test-controls.sh
 create mode 100644 source4/lib/ldb/tools/ldbutil.c
 create mode 100644 source4/lib/ldb/tools/ldbutil.h
 create mode 100644 source4/rpc_server/drsuapi/writespn.c
 create mode 100755 source4/scripting/bin/enablerecyclebin
 create mode 100755 source4/scripting/devel/tmpfs.sh
 create mode 100644 source4/scripting/python/samba/netcmd/__init__.py
 create mode 100644 source4/scripting/python/samba/netcmd/domainlevel.py
 create mode 100755 source4/scripting/python/samba/netcmd/enableaccount.py
 create mode 100755 source4/scripting/python/samba/netcmd/newuser.py
 create mode 100644 source4/scripting/python/samba/netcmd/pwsettings.py
 create mode 100644 source4/scripting/python/samba/netcmd/setexpiry.py
 create mode 100644 source4/scripting/python/samba/netcmd/setpassword.py
 create mode 100644 source4/scripting/python/samba/tests/netcmd.py
 create mode 100644 source4/setup/ad-schema/MS-AD_Schema_2K8_R2_Attributes.txt
 create mode 100644 source4/setup/ad-schema/MS-AD_Schema_2K8_R2_Classes.txt
 delete mode 100755 source4/setup/domainlevel
 delete mode 100755 source4/setup/enableaccount
 delete mode 100755 source4/setup/newuser
 delete mode 100755 source4/setup/pwsettings
 delete mode 100755 source4/setup/setexpiry
 delete mode 100755 source4/setup/setpassword
 create mode 100644 source4/torture/libnet/python/samr-test.py
 create mode 100644 source4/torture/ndr/README
 create mode 100644 source4/torture/ndr/dfsblob.c
 create mode 100644 testprogs/win32/spoolss/Makefile
 create mode 100644 testprogs/win32/spoolss/Makefile.mingw
 create mode 100644 testprogs/win32/spoolss/README
 create mode 100644 testprogs/win32/spoolss/error.c
 create mode 100644 testprogs/win32/spoolss/error.h
 create mode 100644 testprogs/win32/spoolss/printlib.c
 create mode 100644 testprogs/win32/spoolss/printlib_proto.h
 create mode 100644 testprogs/win32/spoolss/spoolss.c
 create mode 100644 testprogs/win32/spoolss/spoolss.h
 create mode 100644 testprogs/win32/spoolss/string.h
 create mode 100644 testprogs/win32/spoolss/torture.c
 create mode 100644 testprogs/win32/spoolss/torture.h
 create mode 100644 testprogs/win32/spoolss/torture_proto.h

Changeset truncated at 500 lines:

diff --git a/.gitignore b/.gitignore
index 13dd2d8..4f93726 100644
--- a/.gitignore
+++ b/.gitignore
@@ -77,6 +77,10 @@ source3/lib/netapi/examples/Makefile
@@ -115,7 +119,7 @@ source3/samba4-data.mk
diff --git a/WHATSNEW4.txt b/WHATSNEW4.txt
index 75e2482..b4c6e7d 100644
--- a/WHATSNEW4.txt
+++ b/WHATSNEW4.txt
@@ -1,25 +1,25 @@
-What's new in Samba 4 alpha10
+What's new in Samba 4 alpha11
 Samba 4 is the ambitious next version of the Samba suite that is being
-developed in parallel to the stable 3.0 series. The main emphasis in
+developed in parallel to the stable 3.x series. The main emphasis in
 this branch is support for the Active Directory logon protocols used
 by Windows 2000 and above.
-Samba4 alpha10 follows on from the alpha release series we have been
+Samba4 alpha11 follows on from the alpha release series we have been
 publishing since September 2007
-Samba4 alpha10 is not a final Samba release.  That is more a reference
+Samba4 alpha11 is not a final Samba release.  That is more a reference
 to Samba4's lack of the features we expect you will need than a
 statement of code quality, but clearly it hasn't seen a broad
 deployment yet.  If you were to upgrade Samba3 (or indeed Windows) to
 Samba4, you would find many things work, but that other key features
 you may have relied on simply are not there yet.
-For example, while Samba 3.0 is an excellent member of a Active
+For example, while Samba 3 is an excellent member of a Active
 Directory domain, Samba4 is happier as a domain controller, and it is
 in this role where it has seen deployment into production.
@@ -62,12 +62,29 @@ working on modules to map between AD-like behaviours and this backend.
 We are aiming for Samba 4 to be powerful frontend to large
-Alpha9 was released last week, but in the time since the release we
-have found and fixed an important segfault, and improved the
-experimental DRS replication. 
+Since the alpha10 release, we have fixed a number of serious bugs in
+the implementation of AD-compatible 'Directory Replication Services'.
+We can now join an AD domain as a read-write DC
+Importantly, since alpha10, the following serious issues were
+ - We now allocate RID values safely (previous implementations would
+ add users and groups without regard to allocated RID pools, possibly
+ creating duplicates)
+ - In previous Samba4 versions, a failure to 'prepare' a transaction
+ would silently commit the transaction. 
+Any deployments of Samba4 before this alpha are very strongly
+encouraged to upgrade.  Assistance may be found in the
+upgradeprovision script, and the advice of the Samba Team should be
+sought to determine the impact of these issues in your particular
+Our progress on DRS is being tracked in the Samba wiki:
@@ -103,7 +120,7 @@ KNOWN ISSUES
   since it's completely experimental!
 - ACL are not set by default on shares created by the provision.
-  Work is underway on this subject and it should be fixed in Alpha10.
+  Work is underway on this subject and it should be fixed in Alpha12.
diff --git a/docs-xml/build/DTD/samba.entities b/docs-xml/build/DTD/samba.entities
index 2e924d4..4ad65ca 100644
--- a/docs-xml/build/DTD/samba.entities
+++ b/docs-xml/build/DTD/samba.entities
@@ -50,8 +50,8 @@
 <!ENTITY person.gd '
-	<orgname>SuSE</orgname>
-	<address><email>gd at suse.de</email></address>
+	<orgname>Samba Team</orgname>
+	<address><email>gd at samba.org</email></address>
 <!ENTITY author.gd '<author>&person.gd;</author>'>
@@ -214,7 +214,7 @@ in the &smb.conf; file.</para>
 <!ENTITY stdarg.configfile '
-<term>-s &lt;configuration file&gt;</term>
+<term>-s|--configfile &lt;configuration file&gt;</term>
 <listitem><para>The file specified contains the 
 configuration details required by the server.  The 
 information in this file includes server-specific
@@ -227,7 +227,7 @@ compile time.</para></listitem>
 <!ENTITY stdarg.version '
 <listitem><para>Prints the program version number.
@@ -249,7 +249,7 @@ log.smbd, etc...). The log file is never removed by the client.
 <!ENTITY stdarg.resolve.order '
-<term>-R &lt;name resolve order&gt;</term> 
+<term>-R|--name-resolve &lt;name resolve order&gt;</term>
 <listitem><para>This option is used to determine what naming 
 services and in what order to resolve 
 host names to IP addresses. The option takes a space-separated 
@@ -307,7 +307,7 @@ resolution methods will be attempted in this order. </para></listitem>
 <!ENTITY stdarg.netbios.name '
-<term>-n &lt;primary NetBIOS name&gt;</term>
+<term>-n|--netbiosname &lt;primary NetBIOS name&gt;</term>
 <listitem><para>This option allows you to override
 the NetBIOS name that Samba uses for itself. This is identical
 to setting the <smbconfoption><name>netbios name</name></smbconfoption> parameter in the &smb.conf; file. 
@@ -318,7 +318,7 @@ line setting will take precedence over settings in
 <!ENTITY stdarg.scope '
-<term>-i &lt;scope&gt;</term>
+<term>-i|--scope &lt;scope&gt;</term>
 <listitem><para>This specifies a NetBIOS scope that
 <command>nmblookup</command> will use to communicate with when
 generating NetBIOS names. For details on the use of NetBIOS
@@ -340,7 +340,7 @@ SAM (as opposed to the Domain SAM). </para></listitem>
 <!ENTITY stdarg.socket.options '
-<term>-O socket options</term>
+<term>-O|--socket-options socket options</term>
 <listitem><para>TCP socket options to set on the client
 socket. See the socket options parameter in
 the &smb.conf; manual page for the list of valid
@@ -357,7 +357,7 @@ options. </para></listitem>
 <!ENTITY stdarg.nopass '
 <listitem><para>If specified, this parameter suppresses the normal
 password prompt from the client to the user. This is useful when
 accessing a service that does not require a password. </para>
@@ -420,7 +420,7 @@ access from unwanted users. </para></listitem>
 <!ENTITY stdarg.kerberos '
 Try to authenticate with kerberos. Only useful in
 an Active Directory environment.
diff --git a/docs-xml/manpages-3/eventlogadm.8.xml b/docs-xml/manpages-3/eventlogadm.8.xml
index 4c399a3..c104120 100644
--- a/docs-xml/manpages-3/eventlogadm.8.xml
+++ b/docs-xml/manpages-3/eventlogadm.8.xml
@@ -111,7 +111,7 @@
-		<literal>write</literal>
+		<literal>dump</literal>
diff --git a/docs-xml/manpages-3/mount.cifs.8.xml b/docs-xml/manpages-3/mount.cifs.8.xml
index 372b477..d930600 100644
--- a/docs-xml/manpages-3/mount.cifs.8.xml
+++ b/docs-xml/manpages-3/mount.cifs.8.xml
@@ -477,12 +477,35 @@ permissions in memory that can't be stored on the server. This information can d
-                <listitem><para>client generates inode numbers (rather than using the actual one
-                from the server) by default.
+		<listitem>
+		<para>
+			Client generates inode numbers (rather than
+		using the actual one from the server) by default.
+		</para>
+		<para>
+			See section <emphasis>INODE NUMBERS</emphasis> for
+		more information.
+		<term>nounix</term>
+		<listitem>
+		<para>
+			Disable the CIFS Unix Extensions for this mount. This
+		can be useful in order to turn off multiple settings at once.
+		This includes POSIX acls, POSIX locks, POSIX paths, symlink
+		support and retrieving uids/gids/mode from the server. This
+		can also be useful to work around a bug in a server that
+		supports Unix Extensions.
+		</para>
+		<para>
+		See section <emphasis>INODE NUMBERS</emphasis> for
+		more information.
+		</para> </listitem>
+        </varlistentry>
+        <varlistentry>
                 <listitem><para>(default) Do not allow getfattr/setfattr to get/set xattrs, even if server would support it otherwise. </para></listitem>
@@ -533,6 +556,33 @@ permissions in memory that can't be stored on the server. This information can d
+	<title>INODE NUMBERS</title>
+	<para>
+		When Unix Extensions are enabled, we use the actual inode
+	number provided by the server in response to the POSIX calls as an
+	inode number.
+	</para>
+	<para>
+		When Unix Extensions are disabled and "serverino" mount option
+	is enabled there is no way to get the server inode number. The
+	client typically maps the server-assigned "UniqueID" onto an inode
+	number.
+	</para>
+	<para>
+		Note that the UniqueID is a different value from the server
+	inode number. The UniqueID value is unique over the scope of the entire
+	server and is often greater than 2 power 32. This value often makes
+	programs that are not compiled with LFS (Large File Support), to
+	trigger a glibc EOVERFLOW error as this won't fit in the target
+	structure field. It is strongly recommended to compile your programs
+	with LFS support (i.e. with -D_FILE_OFFSET_BITS=64) to prevent this
+	problem. You can also use "noserverino" mount option to generate inode
+	numbers smaller than 2 power 32 on the client. But you may not be able
+	to detect hardlinks properly.
+	</para>
 	<para> The core CIFS protocol does not provide unix ownership
diff --git a/docs-xml/manpages-3/pam_winbind.8.xml b/docs-xml/manpages-3/pam_winbind.8.xml
index f8c4375..14f4e70 100644
--- a/docs-xml/manpages-3/pam_winbind.8.xml
+++ b/docs-xml/manpages-3/pam_winbind.8.xml
@@ -62,7 +62,9 @@
 		file situated at
 		<filename>/etc/security/pam_winbind.conf</filename>. Options
 		from the PAM configuration file take precedence to those from
-		the configuration file.
+		the configuration file. See
+		<citerefentry><refentrytitle>pam_winbind.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+		for further details.
@@ -231,6 +233,8 @@
 	<title>SEE ALSO</title>
+	<refentrytitle>pam_winbind.conf</refentrytitle>
+	<manvolnum>5</manvolnum></citerefentry>, <citerefentry>
 	<manvolnum>1</manvolnum></citerefentry>, <citerefentry>
diff --git a/docs-xml/manpages-3/pam_winbind.conf.5.xml b/docs-xml/manpages-3/pam_winbind.conf.5.xml
new file mode 100644
index 0000000..113515c
--- /dev/null
+++ b/docs-xml/manpages-3/pam_winbind.conf.5.xml
@@ -0,0 +1,190 @@
+<?xml version="1.0" encoding="iso-8859-1"?>
+<!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
+<refentry id="pam_winbind.conf.5">
+	<refentrytitle>pam_winbind.conf</refentrytitle>
+	<manvolnum>5</manvolnum>
+	<refmiscinfo class="source">Samba</refmiscinfo>
+	<refmiscinfo class="manual">5</refmiscinfo>
+	<refmiscinfo class="version">3.6</refmiscinfo>
+	<refname>pam_winbind.conf</refname>
+	<refpurpose>Configuration file of PAM module for Winbind</refpurpose>
+	<title>DESCRIPTION</title>
+	<para>This configuration file is part of the <citerefentry><refentrytitle>samba</refentrytitle>
+	<manvolnum>7</manvolnum></citerefentry> suite.</para>
+	<para>
+	pam_winbind.conf is the configuration file for the pam_winbind PAM
+	module. See
+	<citerefentry><refentrytitle>pam_winbind</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+	for further details.
+	</para>
+	<title>SYNOPSIS</title>
+	<para>
+		The pam_winbind.conf configuration file is a classic ini-style
+		configuration file. There is only one section (global) where
+		various options are defined.
+	</para>
+	<title>OPTIONS</title>
+	<para>
+		pam_winbind supports several options which can either be set in
+		the PAM configuration files or in the pam_winbind configuration
+		file situated at
+		<filename>/etc/security/pam_winbind.conf</filename>. Options
+		from the PAM configuration file take precedence to those from
+		the pam_winbind.conf configuration file.
+		<variablelist>
+		<varlistentry>
+		<term>debug = yes|no</term>
+		<listitem><para>Gives debugging output to syslog. Defaults to "no".</para></listitem>
+		</varlistentry>
+		<varlistentry>
+		<term>debug_state = yes|no</term>
+		<listitem><para>Gives detailed PAM state debugging output to syslog. Defaults to "no".</para></listitem>
+		</varlistentry>
+		<varlistentry>
+		<term>require_membership_of = [SID or NAME]</term>
+		<listitem><para>
+		If this option is set, pam_winbind will only succeed if the user is a member of the given SID or NAME. A SID
+		can be either a group-SID, an alias-SID or even an user-SID. It is also possible to give a NAME instead of the
+		SID. That name must have the form: <parameter>MYDOMAIN\\mygroup</parameter> or
+		<parameter>MYDOMAIN\\myuser</parameter>.  pam_winbind will, in that case, lookup the SID internally. Note that
+		NAME may not contain any spaces. It is thus recommended to only use SIDs. You can verify the list of SIDs a
+		user is a member of with <command>wbinfo --user-sids=SID</command>. This setting is empty by default.
+		</para></listitem>
+		</varlistentry>
+		<varlistentry>
+		<term>try_first_pass = yes|no</term>
+		<listitem><para>
+		By default, pam_winbind tries to get the authentication token from a previous module. If no token is available
+		it asks the user for the old password. With this option, pam_winbind aborts with an error if no authentication
+		token from a previous module is available. If a primary password is not valid, PAM will prompt for a password.
+		Default to "no".
+		</para></listitem>
+		</varlistentry>
+		<varlistentry>
+		<term>krb5_auth = yes|no</term>
+		<listitem><para>
+		pam_winbind can authenticate using Kerberos when winbindd is
+		talking to an Active Directory domain controller. Kerberos
+		authentication must be enabled with this parameter. When
+		Kerberos authentication can not succeed (e.g. due to clock
+		skew), winbindd will fallback to samlogon authentication over
+		MSRPC. When this parameter is used in conjunction with
+		<parameter>winbind refresh tickets</parameter>, winbind will
+		keep your Ticket Granting Ticket (TGT) uptodate by refreshing
+		it whenever necessary. Defaults to "no".
+		</para></listitem>
+		</varlistentry>
+		<varlistentry>
+		<term>krb5_ccache_type = [type]</term>
+		<listitem><para>
+		When pam_winbind is configured to try kerberos authentication
+		by enabling the <parameter>krb5_auth</parameter> option, it can
+		store the retrieved Ticket Granting Ticket (TGT) in a
+		credential cache. The type of credential cache can be set with
+		this option. Currently the only supported value is:
+		<parameter>FILE</parameter>. In that case a credential cache in
+		the form of /tmp/krb5cc_UID will be created, where UID is
+		replaced with the numeric user id.  Leave empty to just do
+		kerberos authentication without having a ticket cache after the
+		logon has succeeded. This setting is empty by default.
+		</para></listitem>
+		</varlistentry>
+		<varlistentry>
+		<term>cached_login = yes|no</term>
+		<listitem><para>
+		Winbind allows to logon using cached credentials when <parameter>winbind offline logon</parameter> is enabled. To use this feature from the PAM module this option must be set. Defaults to "no".
+		</para></listitem>
+		</varlistentry>
+		<varlistentry>
+		<term>silent = yes|no</term>
+		<listitem><para>
+		Do not emit any messages. Defaults to "no".
+		</para></listitem>
+		</varlistentry>
+		<varlistentry>
+		<term>mkhomedir = yes|no</term>
+		<listitem><para>
+		Create homedirectory for a user on-the-fly, option is valid in
+		PAM session block. Defaults to "no".
+		</para></listitem>
+		</varlistentry>
+		<varlistentry>
+		<term>warn_pwd_expire = days</term>
+		<listitem><para>
+		Defines number of days before pam_winbind starts to warn about passwords that are
+		going to expire. Defaults to 14 days.
+		</para></listitem>
+		</varlistentry>
+		</variablelist>
+	</para>
+	<title>SEE ALSO</title>
+	<para><citerefentry>
+	<refentrytitle>pam_winbind</refentrytitle>
+	<manvolnum>8</manvolnum></citerefentry>, <citerefentry>
+	<refentrytitle>wbinfo</refentrytitle>
+	<manvolnum>1</manvolnum></citerefentry>, <citerefentry>
+	<refentrytitle>winbindd</refentrytitle>
+	<manvolnum>8</manvolnum></citerefentry>, <citerefentry>
+	<refentrytitle>smb.conf</refentrytitle>
+	<manvolnum>5</manvolnum></citerefentry></para>
+	<title>VERSION</title>
+	<para>This man page is correct for version 3 of Samba.</para>
+	<title>AUTHOR</title>
+	<para>
+	The original Samba software and related utilities were created by Andrew Tridgell. Samba is now developed by
+	the Samba Team as an Open Source project similar to the way the Linux kernel is developed.
+	</para>
+	<para>This manpage was written by Jelmer Vernooij and Guenther Deschner.</para>
diff --git a/docs-xml/manpages-3/pdbedit.8.xml b/docs-xml/manpages-3/pdbedit.8.xml
index d0ea811..2be49a1 100644

Samba Shared Repository

More information about the samba-cvs mailing list