HEAD
	+ Bump debian compat
	+ Prevent to remove sync shares flag if module has unsaved changes
	+ Remove old code from ADC provision
8.0.0
	+ Set version to 8.0.0
	+ Set the minimal version of the libauthen-krb5-easy-perl package
	+ Update enable-module script
	+ Add initial-setup script
	+ Disable password expiration for the special DNS domain user
	+ Increase size of the username field in samba_access table. Fix #2131
	+ Prevent LDAP enumeration
	+ Add option to disable home share
	+ Disable usershare parameter by default
7.1.0
	+ Bump version number
7.0.3
    + Fix Samba full audit for logs module. Fix ZS-146 #2094
	+ Fix users email import. Fix ZS-159
	+ Check if mail is already in use in groups form. Fix ZS-39 #1975
	+ Disable the "Disable account" checkbox for critical system Users. Fix ZS-169
7.0.2
	+ Remove deprecated flag from ldbsearch
7.0.1
	+ Fix ADC join to an existent domain
	+ Fix config backup replacing legacy dns path in favor of bind-dns (fix #2025)
7.0.0
	+ Change default login shell under PAM to /usr/bin/bash
	+ Integrate Samba 4.11
6.2.0
	+ Set version number to 6.2.0
6.1.2
	+ Add enable/disable input vfs full_audit module feature for commercial edition
	+ Add "samba settings" tab to the FileSharing composite
6.1.1
	+ Add users and groups importer GUI feature for commercial edition
	+ Add users and groups exporter GUI feature for commercial edition
6.1
	+ Add users/groups import/export scripts to /usr/share/zentyal-samba. (fixes #1852)
	+ Add pagination to the tree view
	+ Do not try to listen on unconfigured network interfaces
6.0.1
	+ Add missing dynamic RPC ports in firewall rules
6.0
	+ Integration with RADIUS module
	+ Integrate Samba 4.7
	+ Fix group permissions when selecting "All domain users"
	+ Remove unused 1024 port from service list
	+ Add confkey to allow Administrator user in shares permissions for
	  backwards compatibility with Zentyal 3.0
5.1.2
	+ Enforce share directory creation if not exists, even if not tagged
	+ Enforce change of homeDrive for existing users
	+ Fix regression deleting share directory after removing ebox ACL
	+ Fix bug with shared state for shares and roaming profiles sync
5.1.1
	+ Add administrators also to write list in smb.conf
5.1
	+ Domain is now a menu item instead of a folder with just one subitem
	+ Add notice about GPO management in Domain section
	+ Set homeDrive, homeDirectory and profilePath attributes after
	  adding new users without need of explicit save change operation
	+ Remove no longer required zentyal user ACLs on share paths
	+ Comment field is now optional when adding a share
	+ Explicit set of valid users write/read/admin lists for share security
	  unless "unmanaged_acls = yes" is set in /etc/zentyal/samba.conf
	+ Check domain functional level <= 2008 R2 before joining
	+ Manage thumbnailPhotos from share in samba.conf and edit user
	  UI in commercial editions
	+ Do not allow to add OUs inside containers
	+ Allow to execute ad-migrate directly
	+ Disable expiration for Kerberos service accounts
	+ Add ZFS support for Samba Shares
	+ Avoid no such daemon error in zentyal.log when module not configured
5.0.10
	+ Integrate Samba 4.6
	+ Remove manipulation or resolv.conf in standalone DC provision
	  no longer required with the fix in zentyal-dns 5.0.3
	+ Different resolv.conf manipulation in ADC depending if we
	  are joining a Windows DC or a Zentyal one, always use
	  127.0.0.1 when the provision is finished
5.0.9
	+ Fix enable-quotas
5.0.8
	+ Depend on new Samba 4.5.8+dfsg-2 (fixes CVE-2017-7494)
5.0.7
	+ Add proper template shell and homedir in smb.conf
	+ Support for bridged mode in sambaInterfaces method
5.0.6
	+ Depend on new Samba 4.5.8
	+ Fix setting of ACLs for 'Domain Users' group
5.0.5
	+ Depend on new Samba 4.5.6
5.0.4
	+ Depend on new Samba 4.5.4
	+ Remove trigger that causes dpkg error on samba upgrade
5.0.3
	+ Fix wrong management of resolv.conf during ADC provision
	+ Fix provision when netbios name and hostname are different
5.0.2
	+ Apply ACLs recursively on background instead of blocking save changes
	+ Set noexpiry of administrator account only in DC mode, prevents
	  error when user exists with a different name like "administrador"
5.0.1
	+ Remove acl and user_xattr mount options related code as ext4 already
	  has them enabled by default
	+ Fix module restart in postinst
5.0
	+ Integrate Samba 4.5
	+ Remove perl bindings to use just samba upstream packages,
	  current sysvol sync also deprecated, workaround at
	  https://wiki.samba.org/index.php/Rsync_based_SysVol_replication_workaround
	  this affects also ad-migrate script, currently it will not sync GPOs
	+ Use winbind instead of sssd
	+ DNS updates now done via GSS-TSIG no longer require custom samba patch
	+ Remove deprecated scannedonly integration
	+ Adapt code to perl 5.22
	+ zentyal.set-uid-gid-numbers renamed to zentyal.samba-sync to include
	  more functionality in next versions
4.2.3
	+ Add cron to flush idmap cache to avoid auth issues
4.2.2
	+ Add systemQuota object class when setting user quota
	+ Added explicit check for full name in EBox::Samba::User::create
	+ Add systemQuota object class when setting user quota
4.2.1
	+ Remove External AD mode leftovers in menu when not configured
4.2
	+ Integrate Samba 4.3
4.1.5
	+ Added setup-user script
	+ Added GlusterFS as fs with acl and extended attributes by default
	+ Corrected check for value of listen_all config key
	+ Corrected name for default containers
	+ Added EBox::LdapUserBase::objectInDefaultContainer
	+ Added debug options to stub (commented)
4.1.4
	+ Configuration for openchange notifications with dovecot plugin
	+ Delete obsolete cron file when upgrading from 4.0
4.1.3
	+ Remove deprecated bridged mode condition
4.1.2
	+ Add integration with zentyal-antivirus
4.1.1
	+ Remove wrong Synchronization broken link in the menu
4.1
	+ Remove deprecated OpenChange notifications settings in smb.conf
	+ Disable administrator account expiration on provision
	+ Remove no longer supported cloud synchronization
	+ Remove no longer used External AD mode
	+ Remove the limited GPO support from the Zentyal UI
	+ Remove no longer supported antivirus integration
	+ Added support for quotas on extra FS
4.0.8
	+ Create roaming profile directory correctly when the
	  samAccountName has any space
4.0.7
	+ Added config keys to enable samba to listen only on internal
	  interfaces
	+ Better error when editing user with empty first or last name
	+ Allow restore backup when samba is not provisioned
	+ Set roaming profile for new users
4.0.6
	+ Remove deprecated sids-to-hide file and associated methods
	+ Fixed sort order of EBox::Samba::users method
	+ Adapted migration code from 3.2 to 4.0
	+ Added waitForLDAPObject to EBox::Module::LDAP
	+ Allow to manage Schema Admins group
	+ Add 'drs:max object sync' parameter to avoid replication error
	  after loading schemas
	+ Override smbd and nmbd daemons when migrating from 3.2
	+ Increased default max log size to 100 MB
	+ Backup and restore module's kerberos service password file
4.0.5
	+ Calling correctly to removeGroupShare from the CGI
	+ Fixed external AD keytab generation
	+ Enforce kerberos configuration in external AD mode
	+ Fixed typo in EBox::LDAP::ExternalAD::externalServicesPrincipals
	+ Added disable_uid_sync conf key to save resources when RSAT
	  or ADC mode is not used
	+ Migrate mailboxes when upgrading from Zentyal 3.2
4.0.4
	+ SysvolSync daemon now synchronize deleted GPOs.
	+ Fix sysvol replication broken in some environments.
	+ Forbid backup restore if the server has not the correct hostname
	+ Fix empty LDIF parsing loading DNS zones stored in LDB
4.0.3
	+ Nested OUs are properly shown in GPO Links tree
	+ Avoid notifying slaves while setting the password as it is does
	  by addUser called below
4.0.2
	+ Fix regression in showing the Administrator account
4.0.1
	+ A change in first or last name make DN to change
	+ Do not show administrator password in provision command
	+ Fix ADC mode from the wizard
4.0
	+ Re-enable user synchronization with Zentyal Cloud
	+ Proper notifications when a share is sync'ed with Zentyal Cloud
	+ Fix realUsers count to remove Administrator and Guest account from it
	+ Write broker configuration for mapiproxy server in openchange.conf
	+ Add daemon to check users and groups to have uidNumber and gidNumber
	+ Add confirmation when removing mail account via the edit user form
	+ Add hostname change confirmation dialog to wizard
	+ Fixed EBox::LDAPBase::lastModificationTime
	+ Join as additional domain controller on initial configuration wizard
	+ Name in Module Status is now "Domain Controller and File Sharing"
	+ Set version to 4.0
	+ Fix migration to preserve group type
	+ Do not complain about lack of ACL support with XFS filesystem
	+ Better error message when the root DSE is not found in external
	  AD mode
	+ Do not try to dump config backup if not provisioned
	+ Check samAccountName is unique in entire domain adding users and groups
	+ Ignore cloud-sync warnings from cron
	+ Check DN not exists on the same container creating contacts
	+ Add missing 'use EBox::LDAP::ExternalAD' to Samba.pm
	+ Improve save changes speed avoiding loop in postServiceHook if no changes
	  made to roaming profiles
	+ Implement nameserverAdded and nameserverDelete from NetworkObserver to
	  reset LDAP connection if name servers change in external AD mode
	+ Add dpkg trigger to restart module when samba package is upgraded
	+ Fix ad-migrate script mode check
	+ Adapted to changes in group mail account
	+ Show a warning on post save changes dialog if errors happend while
	  setting shares ACLs
	+ Do not check for acl and user_xattr filesystem options if filesystem is
	  btrfs
	+ Provision: Check domain netbios name is not equal to host netbios name
	+ Resolve schema master dns name and try to connect to all returned IP
	  addresses until success
	+ Skip schema extensions if module disabled
	+ Use bash as default shell
	+ Added external AD field to LDAP information model
	+ Allow unsafe chars on admin account to use for join a domain
	+ Improve the LDIF files parsing created by output of ldbsearch command
	+ Fixed problems with checking mail address duplicates
	+ Fixed bug which could delete the group mail account after a
	  group edit
	+ openchange.conf named properties config uses splitted params
	+ Added EBox::module::LDAP::_loadSchemasFiles
	+ Added EBox::Samba::LdapObject::hasObjectClass
	+ Hide the dns-hostname account after join a domain
	+ Remove mail account management logic from edit user form. This field
	  is now disabled when the mail module is installed, so account management
	  like create, rename or delete it must be done in the mail module user
	  addon
	+ Added code for migration from 3.4
	+ Instance groups using gid parameter is no longer allowed
3.5.2
	+ Fix sssd bug not finding users and groups
	+ Deprecate _schemasAdded redis key, checking if schema is extended in
	  module _regenConfig
	+ Fixed use of deprecated attributes uid and gid instantiating users and
	  groups
3.5.1
	+ Display correctly tree elements on external AD mode
	+ Fixed user creation when remove user from a group in the
	  EditGroup CGI
	+ The groups and groupsNotIn methods have now the same behaviour
	  for all EBox::Samba::OrganizationalPerson classes
	+ When removing a share the 'has files' check is not longer
	  dependent on ACLs
	+ Restored external AD mode
	+ Better errors in GPO models when losing parent row
	+ Catch error trying to add an already added or delete an already deleted
	  user to group
	+ Avoid warning flag on smart match experimental feature
3.5
	+ Setup roaming profiles for each user only when the setting changes
	  in the UI
	+ Remove duplicate entries from the custom shell list
	+ Hide krbtgt user in external AD mode
	+ EBox::Samba::DNS::Zone always return lowercase zone name
	+ Fix members of 'Domain Admins' group not able to delete items from
	  recycle bin
	+ Grant rwx rights to Domain guest and Everybody on guest shares
	+ Added new domainControllers() method
	+ Override daemons when migrating from previous versions
	+ Remove the use of method canonicalName for greater performance, use
	  object DNs instead
	  the end of the work loop
	+ Show Administrator account in the UI so it can be handled from Zentyal
	+ Merge zentyal-users and zentyal-samba in a single package
	+ Added EBox::Samba::User::hasValue to check if a certain value is present
	+ Do not duplicate cloud ops when REST call fails
	+ Use samba instead of slapd + heimdal
	+ Create a container CN=Groups when provisioning as DC
	+ Set gidNumber for new users to Domain Users to have NSS + PAM working
	+ Set gidNumber based on RID for new groups
	+ Set gidNumber to Domain Users and Domain Admin for NSS + PAM
	+ Change default group container to cn=Users as Windows does
	+ Include PAM + NSS services with SSSd to authenticate LDB users
	  in the system
	+ New EBox::Module::LDAP replacing EBox::LdapModule and using
	  EBox::Module::Service as base class, schemas are now loaded
	  in _regenConfig instead of manually in enableActions
	+ Display message when creating a user which username has more
	  than 20 characters
	+ Fixed error when editing user email address when mail module is
	  not installed
	+ Fix domain controllers shown on the computers OU in Manage model
	+ Using paged serch in EBox::Samba::users() method
	+ Added EBox::LDAPBase::pagedSearch method
	+ Added support for addon components when user is in a
	  non-standard OU
	+ Better control for edit user quota
	+ Sent zentyal-usercorner trigger on install / upgrade to restart it if
	  it's installed
	+ Avoid apparmor errors in trusty
	+ Set version to 3.5
	+ Fixed bug when altering mail address through the edit user form
	+ Better integration between mail addon and mail field
	+ Remove method canonicalName and use object DNs for greater performance
	+ Migrate previous configuration from 3.3 when upgrading
3.4
	+ Updated EBox::Samba::Model::Password to use
	  EBox::Usercorner::updateSessionPassword method and the new samba
	  location
	+ Stop changing users and contacts' cn field on object edition, allowed to
	  edit the displayName field, just as Windows does
	+ Disable OpenLDAP users sync in favor of Samba AD replication
	+ Avoid warning when checking whether we are in the usercorner
	+ Updated to use Plack / PSGI instead of mod_perl
	+ Updated to use the new haproxy API
	+ Use service instead of deprecated invoke-rc.d for init.d scripts
	+ Fixed soap.conf for apache 2.4
	+ Depend on apache2-utils, required to run htpasswd
	+ Set version to 3.4
	+ Add script to update the credentials when mode is external AD
	+ Added and used checkMailNotInUse method
	+ Updated cloud sync to ignore any change done in cloud to internal users
	  or groups
	+ Fixed EBox::CloudSync::Slave to sync uid and gid numbers on user update
	  and added unit tests for it
	+ Added EBox::Samba::Group::setInternal method
	+ Allow to use lazy flag with EBox::Samba::User::setInternal
	+ Added unit tests for cloud sync code
	+ Check available IP addresses when enable module
	+ Added lock to cloud-sync script
	+ Better integration of edit groups for mail group aliases
	+ Update group icon when type of group changes
	+ Implement _preModifyUser on LdapUserBase
	+ Throw exceptions on EBox::USers::LdapObject::get when entry not exists
	+ Fixed regression in LDAP info page for external AD mode
	+ Print slave-sync output to zentyal.log instead of stdout
	+ Fixed excesive restrictive validation of external AD password in wizard
3.3
	+ Forbid to create OUs inside Users, Groups or Computer OUs
	  because we not support them when Samba is enabled
	+ Forbid and print specific  error message when trying to put two
	  objects with the same CN in the same container
	+ Switch from Error to TryCatch for exception handling
	+ Remove useless warning when deleting a user or group with offer 2013
	+ Show system but not internal groups in user edition form
	+ Allow unsafe characters for user and password in external AD mode.
	+ Fixed bug in external AD connection. Reuse already estabished
	  external AD connection.
	+ The "sub ous" return the OUs hierarquically ordered
	+ Check for defined uidNumber and gidNumber creating users and groups
	+ Revert useless chown workaround
	+ Wait for the services before ending the start daemon action to prevent
	  its usage before being ready
	+ Better error handling when the default group is not found
	+ Fixed distribution group edition
	+ Add error, errorText and errorDescription methods to
	  EBox::Exceptions::LDAP
	+ Added missing EBox::Exceptions uses
	+ Better error handling when we get a LdapObject that doesn't exists
	+ Remove undefined warnings on users/group creation
	+ Fix 'Cannot connect to samba LDAP' error in manage model when samba
	  is installed but disabled
	+ Add missing use to EBox::Samba::LDAP::ExternalAD
	+ Force DNS restart when users mode changed
	+ Force service principals update on _postServiceHook in external AD mode
	+ Don't use slave cloud sync if not subscribed
	+ Adapted cloud sync to changes in user modules
	+ Added childrenObjectClass parameter to EBox::Samba::LdapObject::children
	+ userExists and groupExists discriminates between shown objects and
	  objects hid by SID
	+ Fixed wrong path in ExternalAD::connectWithKerberos
	+ Update names in tree view when either user or contact is edited
	+ Fixed wizard error when setting external AD mode
	+ Fixed EBox::Samba::groupDn method
	+ In contact edition do not store full name in cn but use
	  givenname and sn to get fullname.
	+ Use paginated search when getting children nodes in LdapObject
	+ UTF8 decode DN when retrieving it from a LDAP object
	+ Removed old migration code from 3.0 to 3.2
	+ Set version to 3.3
	+ Fixed cloud-sync script
3.2
	+ Set version to 3.2
	+ Add objectClass shadowAccount in 3.0 migration to fix disabled accounts
3.1.11
	+ Added migration code to be sure that we have all users added as members
	  of __USERS__ group on OpenLDAP.
	+ Fixed user creation to make all users belong to __USERS__ group
3.1.10
	+ Do not crash when deleting a group if LDB object does not exist
	+ Do not try to migrate from 3.0 if module is not configured
	+ Override daemons when migrating from 3.0
3.1.9
	+ Fix typo in setSecurityGroup when no GID is set yet
	+ Show group in slave as read-only
	+ Show in a slave when the user is not a member of any group
	+ Check email address for a group is done
	+ Add group dialog can now set the e-mail
	+ Master/Slave synchronisation works again
3.1.8
	+ Enable upgrade from 3.0 in initialSetup
	+ Fixed wrong calls to isSystem() in master-slave after API changes
	+ Fix regression trying to join slave after external AD changes
	+ Fix regression in slave host address after nginx integration
	+ Throw DataExists error when adding an OU which already exists
3.1.7
	+ Readded memberUid to the fields to index for SLAPD.
	+ Ignored members that are not valid perl objects to avoid undef entries
	  on EBox::Samba::Group::members method.
	+ Rewrites to share more code with samba module.
	+ Added 'mail' field on zentyalDistributionGroup schema.
	+ Added E-Mail field for Users and Groups when managing them from the UI.
	+ Changed E-Mail field to optional for Contacts.
	+ Updated master-slave sync to use the new User and Group fields.
	+ Look for ssl.cert instead of ssl.pem in Slave::soapClient()
	+ Changed description field to be always input text instead of textarea.
	+ Warn instead of throw exception if home directory already exists
	+ Forbid deletion of Domain Admins group
	+ Forbid deletion of Users, Groups and Computers OUs
	+ Filter also internal users and groups in membership comboboxes
	+ Hide Samba objects that should be shown only on Advance view mode
	+ Added support for disabled accounts
3.1.6
	+ Ignored samba module while (re)provisioning on __USERS__ group creation.
	+ Removed deprecated configuration file keys related with external AD
3.1.5
	+ Fixed EBox::Samba::LdapObject::canonicalName to propagate the flag to
	  get or ignore the root's namedContext canonical name.
	+ The Administrator user is hidden now using the samba module functionality
	  to hide SIDs instead of hardcoded in the code.
3.1.4
	+ Remove needReload notification for group addons
	+ When a new system user is created with uid 0 we also create its home.
	  This is required by Samba for the Administrator account.
	+ Added Net::LDAPBase::existsDN method
	+ Better error control on reprovision, do not clear the
	  reprovision flg on error
	+ Fixed code typo in slave setup
	+ Added menu icon
	+ Added new userCorner method to password model
	+ Usercorner uses the ldap_ro credentials to retrieve user DNs.
	+ preAdd callbacks get a second argument noting the parent when this
	  new object will be created.
	+ All LdapObject based objects will have the 'entryUUID' field available.
	+ Created an EBox::LDAPBase class to share code with the Samba's EBox::LDB
	  one.
	+ Reimplemented EBox::Samba::Group::members to retrieve the members of the
	  group directly instead of searching for the objects that are set as
	  members of the group.
	+ Avoid "cannot return outside of a subroutine" warning in cloud-sync
	+ Added foldable user and group add-ons to dialogs
	+ Replaced package breaks parameter with depends statement
	+ Fixed error in the baseName() method for an Ldap Object
	+ Fixed bug which make delete group dialog to show errors when
	  there was warnings
	+ Added a way to use Net::LDAP mock object for unit testing.
	+ Fixed cloud sync setup when user number is unlimited
	+ Fixed error in server master form when checking if
	  controls are editable
	+ Added a way to retrieve a group by its dn.
	+ New TreeView to manage users, groups and OUs
	+ Configuration key multiple_ous removed as this is now enabled by default
	+ Renamed namespace from UsersAndGroups to Users
	+ Added support for Contacts handling.
	+ Added support for external Active Directory authorization
3.1.3
	+ Renamed namespace from UsersAndGroups to Users
	+ Fixed maximum users check when not using cloud sync
3.1.2
	+ Remove deprecated backup domain methods
	+ Fixed password change in user corner when using samba
	+ Changed reload action to force-reload for nscd init.d daemon
3.1.1
	+ Fixed error message when trying to add a user above the edition maximum
	+ Migrated SOAP services to use Nginx for SSL.
3.1
	+ Updated to reflect the Apache -> WebAdmin rename.
	+ Removed 3.0.X migration code
	+ Added Pre-Depends on slapd to avoid problems with upgrades
	+ Depend on zentyal-core 3.1
3.0.18
	+ Check for already existent service principals before create them.
	  Required because squid and zarafa share the HTTP SPN
3.0.17
	+ Migration to remove leftover need_reprovision key in redis ro
	+ Retrieve global instance correctly in UsersSync
3.0.16
	+ Assure that we don't have a phantom need_reprovision key in
	  read-only tree
	+ Check for maximum number of users depending on the edition
	+ More frequent polling in EBox::Ldap::safeConnect() and
	  more explicit error when it fails
3.0.15
	+ Always mark as changed if it needs LDAP reprovision
	+ Fixed member removal operation for groups
3.0.14
	+ Tentative workaround against home directory chown bug
	+ Slave setup refactored to reuse common code with reprovision
	+ Reprovision LDAP for all LDAP based modules
	+ Don't try to update samba password in user corner when samba is
	  not configured
	+ Add operation arguments on LDAP error whenever is possible
	+ EBox::Samba::User::create() allows now an internal attribute
	+ Users marked as internal are not displayed on the interface
	+ New realUsers() method to filter only non-internal ones
3.0.13
	+ Search in user table now is standard instead of filter only for uid
	+ A bit more explicit text for EBox::Exceptions::LDAP
	+ Reload nscd also when creating new groups
3.0.12
	+ Fixed typo in exception class name in EBox::Ldap
	+ Added missing use statement in EBox::Users and
	  EBox::Samba::LDAPObject classes
3.0.11
	+ Dont loop through the group members when adding/removing members
	+ Added EBox::Exceptions::LDAP
	+ Allow unsafe characters in commentary field
	+ Better check for the incompatibility of Samba with master/slave
	+ Fix modules extending LdapUserBase not notified modifying groups
	+ Allow domain name change in System -> General reprovisioning LDAP db
	+ Depend on dns module to fix save changes order during reprovision
3.0.10
	+ Use less costly LDAP operations when adding or removing members
	  from a group
	+ Added EBox:Users::LdapObject::deleteValues method
	+ Faster custom row id filter for Users model
	+ Forbid user synchronization with other zentyals if samba is provisioned
	+ Display users groups in slave mode
	+ Avoided hang when the local host is wrongly used as master slave
	+ Ldap modules should do a slaveSetup when slave mode enabled
3.0.9
	+ Stop heimdal daemons on enableActions
	+ Fixed alphabetical order in listing of users and groups
3.0.8
	+ Filter in users table no longer matches LDAP dn
	+ Recover better of no-usercorner journal error in slave-sync
	+ Added read-only rootDn and password to LDAP settings screen
	+ Don't allow empty first name in CGIs for user
	  creation/modification. Otherwise you can get LDAP errors.
	+ Operator typo fix in EBox::UsersAndGroup::User::_checkQuota
3.0.7
	+ Fixed LdapObject::get() for list context
	+ Decode utf8 attributes from LDAP at LdapObject::get()
	+ Removed unused method _utf8Attrs
	+ Integration with Disaster Recovery service
	+ Include /home as disk usage facility
	+ Fix enable quotas without rebooting when module is enabled.
	+ Users and groups cannot longer share names because it is incompatible
	  with AD accounts
	+ Use upstart to manage heimdal daemons
	+ Increase the maximum UID number to avoid problems with samba integration
	+ Fixed bug in group creation which on error could call a method
	  in a undefined value
	+ Do not stop openldap daemon when dumping database
	+ Generate kerberos AES keys to be compatible with active directory in
	  W2k8 or higher functional levels
	+ Fixed user quota edition in slave server
	+ Update user password also in samba ldap when changed from user corner
	+ Update 'cn' attribute in cloud-sync
3.0.6
	+ Set userPassword attribute when setting kerberos keys for user
	+ Fixed delGroup operation on cloud slave
	+ Include exception message when there is an error notifying a slave
	+ Fix enable quotas without rebooting when module is enabled
	+ Delete syncjournal files when slave is removed
3.0.5
	+ Fixed reinstall script to stop samba module, otherwise new slapd
	  cannot start because the port is taken
	+ Sync password changes made from cloud to any slave
	+ When syncing, do not update ldap of unchanged entries
3.0.4
	+ Added missing use of UnwillingToPerform exception
	+ New methods on LdapUserBase (preAddUser, preAddUserFailed, preAddGroup
	  and preAddGroupFailed) to notify observers
3.0.3
	+ Setup Cloud slave on first save changes
	+ Synchronize uidNumber in master-slave
	+ Check master's REALM when adding a new slave
	+ Fixed some errors on RESTClient after API change
	+ Updated REST journaling behavior
	+ Do not show unavailable options in master select
	+ Added new EBox::Samba::newUserUidNumber() function
	+ Added check to assure that a no-ldap user has the same uid than
	  a new user
	+ Implement SysInfo::Observer to disallow host domain changes after the
	  kerberos realm has been initialized, and to update the LDAP base DN
	  if module is not yet configured
	+ Added LDAP index for ou attribute
	+ Always write slave-sync script
	+ Increase default quota value to 500MB
3.0.2
	+ Added clearCache() to LdapObject and force reload of krb5Keys
	+ Do not allow user corner password change on slaves
3.0.1
	+ Do not notify samba about users created while restoring backup. Samba
	  will restore its users from its own LDB backup.
3.0
	+ Write NSS config on enableService, modules depending on users may require
	  uid/gid numbers from LDAP
	+ Filter special kerberos and samba users out from the users list
	+ Added dns as restore depend
	+ Reviewed registration strings
2.3.17
	+ Do not translate the service principal names to upper case
	+ Set LDAP service as denined by default for internal networks
	+ Set the managed domain as read only as well as records
2.3.16
	+ Fixed PAM when kerberos is enabled
	+ Fixed addUser operation on slaves
	+ Catch exceptions thrown by notified modules adding LDAP users and groups
	  to rollback the operation and delete the object added prior to notification.
2.3.15
	+ Fixed password change at user corner
	+ Change KDC port to 8880 to preserve the classic default for user corner
2.3.14
	+ Ignore the LDAP error 'no attributes to update' on save
	+ Instantiate users by uid and groups by gid
	+ Change kerberos ports from 88/464 to 8888/8464. This avoid conflicts
	  and management logic of the heimdal daemons. Kerberos records are added
	  with lower priority over samba ones.
	+ Respect the optionality of the 'salt' field inside the kerberos keys
	  in the 'setKerberosKeys' funcion of the User class.
	+ Do not remove service principals when samba is enabled/disabled. Samba
	  will import the keys
	+ Add method to set the user kerberos keys
	+ Stop samba daemon if module is disabled to ensure that port 88 is free
	+ Initialize kerberos realm in lowercase to match the host domain
	+ User template account default options not longer shown in slave servers
	+ Added users filter by OU
2.3.13
	+ Better password policies for LDAP backend
	+ Added user synchronization with Zentyal Cloud
	+ Removed deprecated conf keys (password hashes selection)
	+ Sync kerberos hashes on master-slave
	+ Resolve slave hostname during registering
	+ Fixed framework changes related regression getting redis keys directly
2.3.12
	+ Ask for the host domain in the wizard instead of the old mode selector
	+ Fixed user name validation
2.3.11
	+ Remove deprecated reference to AD Sync in wizard
	+ Check to make sure that quota has been really assigned logs an error
	  instead of raising an exeception, because some file systems does not
	  support quotas
	+ Adapt lastUid and lastGid to the new API and make them compatible
	  with multiple OUs
2.3.10
	+ Use DataForm::ReadOnly::_content instead of acquirers in LdapInfo
	+ Delete obsolete daemons and attributes regarding old replication
	+ Better error control in _loadACLDirectory
	+ Adapted to new Model management framework
	+ Adapted Password type to new framework
	+ Added NTP as enable dependency
2.3.9
	+ Heimdal Kerberos integration for SSO features
	+ Better validation of user names and groups names. Better message
	  when this validation fails
	+ Added user() and group methods() to EBox::Users
	+ Added quota limit check
	+ Added backup domain for /home
	+ Adapted ldapvi to changes in port
	+ Setup master method can now take a custom password
2.3.8
	+ Restart apache after changing master configuration
	+ Removed all files + code cleaning
	+ Disable user editing in slaves
2.3.7
	+ New modifications() method to allow retrieving modifications made to
	  the LDAP object in the last call to 'save'
	+ Create users without password and set it after that, needed for samba4
	+ Removed auth_type warnings
2.3.6
	+ Use the new unified tableBody.mas instead of tableBodyWithoutActions.mas
2.3.5
	+ Packaging fixes for precise
2.3.4
	+ Updated Standard-Versions to 3.9.2
2.3.3
	+ New master-slave architecture
	+ Image in initial configuration wizard is shown again
2.3.2
	+ Added printableName to service and modified description
	+ Fixed executable permissions in src/scripts
	+ Added checks for small business subscription
	+ Bugfix: lastGid method was calling MINUID and SYSMINUID
	+ Reload nscd before trying to init users and groups
2.3.1
	+ Use Digest::SHA instead of Digest::SHA1 and remove libdigest-sha1-perl
	  dependency which no longer exists on precise
2.3
	+ Commented unused code in cleanUser method
	+ Replaced autotools with zbuildtools
2.2.5
	+ Bugfix: ad-sync can now populate groups with more than 1500 users
	+ Bugfix: do not allow adsync passwords longer than 16 chars to avoid
	  crash in pwdsync-server that keeps respawning
	+ Bugfix: mark apache as changed in enableActions to avoid problems adding
	  users before the new nsswitch conf is available for apache, also do not
	  allow to add users if module is not really enabled after save changes
	+ Make sure the default DN does not contains invalid characters
	+ Do not allow malformed LDAP DNs in Mode
2.2.4
	+ Make LDAP ready after enableActions restarting the service to
	  avoid problems when adding users or groups
	+ Fixed corruption when adding ldap attributes
	+ Also disable apparmor in ad-sync mode
	+ Renamed default adsync username from eboxadsync to adsyncuser
2.2.3
	+ Adapt pwdsync user and password offsets to the new hook implementation
	+ Always ignore ForeignSecurityPrincipals accounts in ad-sync
	+ Added more debug messages and improved existing ones in ad-sync
	+ Avoid warnings trying to get userPrincipalName in ad-sync
	+ Skip machine accounts in ad-sync
	+ Use paged queries in ad-sync
	+ Allow to specify custom DN to bind to Windows Server in ad-sync
	+ Ingore empty users in ad-sync
2.2.2
	+ Fixed validation of secret key length in ADSync Options model
	+ Removed useless validation of AD username in ADSync Options model
	+ Show different error when adding users from Windows with invalid chars
	+ Fixed bug managing slapd on ad-sync
2.2.1
	+ Do not enable ADSync to avoid launching daemon before configuration
	+ Also manage slapd daemon on ad-sync setups
	+ Avoid slave connection to incompatible masters
	+ Added quota change form on slaves
	+ Allowed '\' character in ad-sync username
2.1.14
	+ Fixed regression in usercorner link
2.1.13
	+ Moved apache soap configuration from setConf to enableActions
	+ Init slave users on enable (now home directories are created)
	+ Create LDAP indexes during slave enable
2.1.12
	+ Users::lastUid() now takes also into account non-ldap users
	+ Stop old ldap daemons in reinstall script, needed before changing mode
2.1.11
	+ Use a safer mode() implementation to avoid recursions with ModelManager
2.1.10
	+ Start slapd daemon when a module fails to connect
	+ Help in wizard is show again if no custom_prefix defined
2.1.9
	+ Hide help with link in wizard if custom_prefix defined
	+ Removed /zentyal prefix from URLs
	+ Disable autocompletion in user form
	+ Avoid duplicated restart during postinst
2.1.8
	+ Include quota schema in slaves LDAP (fixes replication)
	+ Do not stop slapd daemons after slave enable
	+ Fixed users and groups retrieval if module is disabled
	+ Manage slapd daemon in master mode
	+ Make the optional 'comment' field to also appear as optional on the UI
	+ Ignore users also in pwdsync-server, not only in the ad-sync script
2.1.7
	+ Set submenu items order for integration with the User Corner menu
	+ Avoid undefined dn warning
2.1.6
	+ Fix adsync mode check for zentyal-users cronjob
	+ Removed bad default value for adsync_dn option
	+ Update wizard pages with new order option
	+ Use Unix socket for LDAP connections on standalone and slave without PAM
2.1.5
	+ Manage zentyal-users cronjob with configuration keys for sync times
	  instead of debian/lucid/zentyal-users.cron.d and src/scripts/ad-sync.cron
	+ Configuration key to not to create homes (usefull on LDAP master servers)
	+ New ad-sync-info to show info of ADsync configuration
	+ Allow multiple BDC for ADsync mode with adsync_bdc confkey
	+ Add ADsync service by default and move port value to a confkey
	+ userInfo() tolerates missing quota LDAP attribute
	+ Added captiveportal to the list of modules in the reinstall script
2.1.4
	+ Moved redis_port_usercorner key to usercorner.conf in zentyal-usercorner
	+ Move users/conf/user-eboxlog.conf to usercorner/conf/usercorner-log.conf
2.1.3
	+ Fixed issues with html html attributes quotation
	+ Allow to specify a base DN to bind to AD
	+ Add locking to slave-sync to avoid spawn multiple instances in the
	  event of not being able to connect to a slave
	+ Do not modify users and groups in AD sync if attributes are not changed
	+ Wipe ignored users in AD sync
	+ Allow contacts synchronization in AD sync
	+ New checks in AD sync to avoid warnings
	+ Added update package list command to reinstall script
2.1.2
	+ Non-editable user fields in slaves no longer appear as editable inputs
	+ Numeric 0 is accepted as value for LDAP users attributes
	+ Minor fixes in default quota from user template
	+ Fixed error when writing ad-sync cron file
	+ Do not allow to create users if their home directory already exists
2.1.1
	+ Quotas are now included in users module
	+ System users don't require password
	+ Fixed bug that allowed to create LDAP users whith the same name
	  than users with UID 0 (like root)
2.1
	+ Separate usercorner module to the new zentyal-usercorner package
	+ Remove zentyal- prefix from rejoin-slave and ldapvi scripts
	+ Move /usr/share/ebox-usersandgroups/ebox-usersandgroups/reinstall
	  to /usr/share/zentyal-users/reinstall
	+ Show enableActions for master also in ad-slave mode
	+ Deleted obsolete migrations and use new initialSetup method
	+ Added locks to prevent overlapping in ad-sync script
	+ Fix slave failed operation string on slave hostname
	+ Replace /etc/ebox/80users.conf with /etc/zentyal/users.conf
	+ Added indexes for common LDAP attributes
	+ Replace /var/log/ebox-usercorner with /var/log/zentyal-usercorner
2.0.10
	+ Now the AD synchronization can be disabled at any moment and a
	  server with AD-slave mode can be master for other Zentyal slaves
	+ New /etc/ebox/ad-sync_ignore.users and ad-sync_ignore.groups files
	  to ignore users and groups in the AD synchronization process
	+ Improved zentyal-ldapvi script that works on slave servers
	+ Creates the default group if not exists during restore
	+ Added restore backup precheck to assure there are not conflicts between
	  system users and Zentyal LDAP users (currently only works for masters)
2.0.9
	+ Make sure to create the base directory for user homes before create them
	+ Reconnect to LDAP on backup restore
	+ Better log messages
	+ Save configuration files during restore
	+ Catch possible SIGPIPE on LDAP reconnect
2.0.8
	+ Fix Samba PDC on slaves
	+ Check for incompatibility between Samba PDC and PAM on slaves
	+ Optimize slave-sync script if there are no pending operations
	+ Remove useless call to mode() on slave-sync script (faster now)
	+ Replica LDAP listens in all interfaces
2.0.7
	+ Added index add mechanism to LdapModule
	+ Fixed NSS DN config in masters
2.0.6
	+ Added zentyal-rejoin-slave to rejoin a slave to its master
	+ Fixed NSS/PAM in slave machines
2.0.5
	+ Removed wrong hooks implementation
2.0.4
	+ Fixed infinite recursion when setting up some models on slave servers
	+ Added support for addUser/delUser hooks
2.0.3
	+ Allow LDAP users and groups up to 128 characters
	+ Show precondition message for user corner on slave servers
	+ Unconfigure ftp and zarafa in reinstall script
	+ Do not show adsync debug messages if debug is disabled in config
	+ Allow more than one dot in usernames
2.0.2
	+ Fixed master/slave synchronization issues
	+ Remove userjournal dir when removing a slave
	+ Added lock during module enable to avoid initialization problems
	+ Fixed AD slave synchronization task
2.0.1
	+ Fixed incorrect LDAP binding in some cases
2.0
	+ Fixed user journal dir creation on master
	+ Fixed failed login error on user corner
	+ Default login_shell under PAM Settings UI instead of 80users.conf
	+ Replaced /bin/false with /usr/sbin/nologin as default shell
1.5.10
	+ Some refactorizations centered in safer LDAP connections and defensive
	  code
1.5.9
	+ More info link added in wizard
1.5.8
	+ Zentyal rebrand
1.5.7
	+ Removed NSS in slave configurations
	+ Nasty bug page replaced by the new eBox error page
1.5.6
	+ Fixed user corner access problems with redis server
1.5.5
	+ LDAP master creation optimized and less error-prone
1.5.4
	+ Bug fix: adding a user name with spaces no longer fails
1.5.3
	+ Move NSS from ebox-samba to ebox-usersandgroups
	+ Home directories are under /home now
	+ New options to configure shell and home directory umask
	+ New setup wizard
1.5.2
	+ Bug fix: fixed dbus init for usercorner
1.5.1
	+ Bug fix: fixed nasty bug with the last version of openldap in lucid
	+ Bug fix: do not call processDir if there are no slaves in slave-sync
	+ Bug fix: ebox-usersandgroups-reinstall now unconfigures all ldap modules
	+ Bug fix: updateSchema() returns unless the schema to update is
	  available
	+ Bug fix: Set proper owner and permissions when updating a schema
	+ Bug fix: some problems with the AD synchronization solved
	+ Bug fix: userscorner title icon
	+ Bug fix: addUser() now checks if the user already exists as a
	  system user
	+ Removed deprecated executable 'import-from-ldif'
	+ Bug fix: addUser() now checks for password argument
	+ Bug fix: when restoring we use the new users DN to init users
1.5
	+ Bug fix: don't try to contact slaves from within a slave when groups
	  are updated
	+ Use built-in EBox::ThirdParty::Apache2::AuthCookie
1.4.2
	+ Bug fix: fix wrong migration number
1.4.1
	+ Bug fix: surround LDAP migration with a try/catch to make sure the rest
	  it is run
	+ Bug fix: do not allow \w with localized characters as LDAP schema does not
	  allow them for home directory attribute. (Closes #1713)
1.4
	+ Allow the master to pass extra parameters in SOAP calls to slaves
1.3.17
	+ Bug fix: Set style for login page in user corner
1.3.16
	+ Bug fix: keep menu open on LDAP Info
1.3.15
	+ Add support for ldaps
	+ Add support for slaves running Apache in ports different than 443
	+ Allow to remove slaves from slave list
	+ Added ebox-usersandgroups-reinstall to easily reset the LDAP mode
	+ Bug fix: issue with user deletion in French (Closes #1651)
	+ Bug fix: anonymous connection for getting DN is retried several
	  times, this fixes a bug when restoring configuration backup
1.3.14
	+ Synchronize all the users from the AD and not only from CN=Users
	+ Add operation name and username on updateGroup
	+ Add slave notification for group modify and delete
	+ Change button order to "Add" and "Add and Edit" in Add User
	  template. If users press return in the form it adds a new user
	  and stays on the same page.
1.3.13
	+ Usability enhancements: (Closes #1649)
		* Create a unique Users And Group Folder
		* Unify Add User/Edit User in a single page
		* Unify Add Group/Edit Group in a single page
		* Two buttons: "Add and Edit" and "Add"
		* Add breadcrumbs
	+ Add UserTemplate composite to configure default options that are used when
	  a new user is created
	+ Add defaultUserModel to LdapUserBase.pm
	+ Specify folder for SlaveInfo
	+ Add menu entry with information about LDAP including password
	+ Change enableActions to use the new LDAP default structure from Karmic
1.3.12
	+ Add EBox::Ldap::lastModificationTime to know when the master LDAP
	  database was modified for the last time
	+ Index uid and memberUid to avoid some warnings and improve performance,
	  plus remove some old code and fix some broken one in that part of the code
	+ Bugfix: disable edition of users and groups in ad-slave mode
	+ Don't allow modification of ldap password in Mode model if
	  it has been autogenerated by the eBox installer
	+ Add page title
	+ Separate the Windows AD options in a different model
	+ Fixed the warning of "Edit User" when there are no users in a slave
	+ Remove 'optional' from remote in Mode and also useless validateRow
1.3.10
	+ Use disableApparmorProfile from EBox::Module::Service twice.
	  First in enableActions. And also in setConf to avoid issues
	  if apparmor is installed after users is enabled.
1.3.9
	+ Bugfix: return empty array in usedFiles if it's not master mode
1.3.8
	+ Bugfix: fixed wrong disable of fields in selecting ad-slave in Mode model
1.3.7
	+ Synchronization with Windows Active Directory (#1443)
1.3.6
	+ Use anonymous bind to fetch dn
1.3.5
	+ Disable slapd apparmor profile in enableActions
	+ Reload nscd when adding users and groups
	+ Bugfix: backup bug report now works again
	+ Bugfix: slave-sync does not try to real journal dir when not
	  configured or in slave mode. Journal dir created on
	  master's setup.
1.3.0
	+ eBox LDAP architecture now supports a master-slave configuration
	+ bugfix: Update usercorner service when there is a change on the port number
1.1.30
	+ Added widget to manage group belonging from Edit User page
	+ Fixed backup/restore problem with paswords and given/last names
	+ Changed the way users are stored in LDAP, added givenName in addition
	  to sn, now cn=givenName+sn instead of cn=uid, this fixes a
	  incompatibility bug with eGroupware
	+ In the Edit User interface now Name and Last name are separate
	fields
	+ Usercorner web server certificate can be changed via the CA module
1.1.20
	+ New release
1.1.10
	+ Make slapd listen only on 127.0.0.1
1.1
	+ Added bind v2 compability needed by squid auth, slapd conf
	  regenerated and daemon restarted in postinst to commit possibles
	  changes in configuration
	+ Added group model
	+ Use the new ids() and row() API to optimize the management of hundreds of
	users
	+ Allow dashes in user and group names
	+ Initial release of UserCorner which allow users to change their password
	+ Store multiple password hashes and scrap clear text passwords
0.12.100
	+ Restore backup is more robust: inexistent users in a group are
	  ignored
	+ Make and restore backup more robust: removed slapd.conf
	  parameters in both slapadd and slapcat invokations, so we can use
	  the module with sldap with configuration in the directory itself
0.12.99
	+ New release
0.12.1
	+ Bugfix: Remove eBox system users when restoring backup. This solves
	  an issue restoring backups from 0.12
0.12
	+ Use the new EBox::Model::Row api
	+ Check if there is any added user and show a message
	  in case there isn't any.
	+ Restore users reading from ldiff and adding them through
	  eBox API
	+ Set password-hash in slapd.conf to make password changes from samba sync
	  the user password
0.11.101
	+ New release
0.11.100
	+ onInstall() functionality moved to migration script
	+ Fixed several typos
0.11.99
	+ Remove use of Apache::Singleton
0.11.3
	+ Check used uid's on every posixAccount object under dc=ebox,
	  instead of only under ou=Users,dc=ebox. This solves nasty issues
	  with Samba PDC when adding machines and creating users with
	  repeated uid
0.11.2
	+ Do not generate a new LDAP password if it already exists
0.11.1
	+ Fix issue with module naming which prevented backups from being
	restored
0.11
	+ Initial Ubuntu packaging
	+ bugfix. fix issue with module naming which prevented backups from being
	  restored
0.10.99
	+ Create pseudo-model to use the users table with Ajax
0.10
	+ Allow dots in user names
0.9.100
	+ New release
0.9.99
	+ Bugfix in EBox::Ldap
0.9.3
	+ New release
0.9.2
	+ New release
0.9.1
	+ Make OpenLDAP listen on internal interfaces
0.9
	+ Added Polish translation
	+ Added Aragonese translation
	+ Added Dutch translation
	+ Added German translation
0.8.99
	+ New release
0.8.1
	+ Minor workaround. Create slapd run directory in case it does not
	  exist
0.8
	+ Fix message
0.7.99
	+ Add extended backup support for LDAP
	+ Performance tuning to slapd
	+ Some minor code improvements
	+ Quota now allows unlimited space and i-nodes number
0.7.1
	+ Add delObjectclass (useful for ldap clean actions)
	+ Detect and recover when ldap connection is broken (#25)
	+ Make EBox::Ldap a singleton class
	+ Initial factoring
	+ Use of ebox-sudoers-friendly
0.7
	+ New public release
0.6
	+ Move to client
	+ API documented using naturaldocs
	+ Update install
	+ Update debian scripts
	+ Use new syntax to define ACLs for ldap
	+ Add function to create system users
	+ Move ldap db under ebox directory
0.5.2
	+ Fix some packaging issues
0.5.1
	+ Convert module to new menu system
0.5
	+ Initial release
