core

• Safer management of systemd daemons enabled/disabled status
• Use POST method when submitting forms in AJAX requests from dialogs
• NetWrappers::list_ifaces() now ignores invalid ones like bonding_masters
• Reimplement EBox::Validate::isIPInNetwork using NetAddr::IP
• Add libpam-cap dependency to avoid warnings in auth.log
• Avoid uninitialized comparison warnings in zentyal.log regarding EBox::Types::Service and EBox::Types::IPAddr
• Pass action to HTMLSetter templates so they can have a different behavior for add and edit
• Avoid errors when license file not exist in webadmin restart
• Services stop working and activation is required after trial expired
• Allow up to 12 dashboard widgets per section instead of 4
• Forbid creation of local administrator user if exists in samba
• Use EBox::Config::version for commercial repo URL
• Simplify _readTheme code and remove unnecessary zentyal.log noise
• Wait for redis-server ready in systemd service
• Add activate-license script to enter license key via CLI
• Avoid '/etc/localtime are the same file' errors using symlink
• New activation-pending mode prompting for valid trial code before login
• Update external links in dashboard
• Mask plaintext passwords in bug reports
• Show already validated license key in Server Edition model
• Handle error parsing license key in Server Edition model
• Display commercial edition license info in Server Edition
• Proper management of development/commercial repos
• Show warning in header when license or trial is expired
• Postinst script do not fail during upgrade from Zentyal 4.X
• Allow restore of configuration backups from Zentyal 4.X
• Provide transitional dummy package to zentyal-common
• Force nginx restart when webadmin port is changed
• Fix unknown column 'password' error with MySQL 5.7
• Fix webadmin stop taking more than 1 minute in uwsgi systemd unit
• Depend on patched libhtml-mason-perl to avoid $dir_path warning

antivirus

• Fix dashboard running state false negative
• Remove deprecated purge-module script
• Do not force execution of freshclam after restart as it takes a very long time to timeout when connection is not successful
• On-Access Scanning for Commercial editions

dhcp

• Supress annoying vendor-class-identifier warnings in zentyal.log
• Add TFTP functionality again
• Support for options 150 and 155 in commercial editions

dns

• Avoid adding same IP addresses in different domains
• Wait for 30 seconds instead of 5 for named listening
• Make sure 127.0.0.1 is used as resolver when launching nsupdate
• Fix bind9-resolvconf regression in 16.04
• Fix nsupdate REFUSED errors with reverse zones
• Fix samba provision when netbios name and hostname are different

ftp

• Adapt old ftp module from 3.4 to Ubuntu 16.04
• Use winbind for PAM auth instead of krb5
• Remove samba dependency

ips

• Adapt old ips module from 4.0 to Ubuntu 16.04
• Update suricata conf stub with default values from Ubuntu 16.04
• Improved daemon management and firewall integration
• Use NFQUEUE=0 by default, overrideable with ips_nfqueue confkey
• Remove deprecated logs consolidate and rules update code
• Remove deprecated 'Source' field in rules table

jabber

• Fix regression enabling STUN

mail

• Avoid Dashboard::Value errors in zentyal.log by adding missing use
• Fix fetchmail daemon status in dashboard widget
• Fix reading of attributes from LDAP backend
• Revert unnecessary previous changes in main.cf
• Explicit add of all virtual domains to mydestination in main.cf
• Remove compatibility_level postfix warning setting main.cf accordingly
• Add missing virtual_transport = dovecot in postfix main.cf
• Definitive fix for fetchmail problems with custom systemd daemon, as default init.d script seems broken
• Fix error when retrieve mail for external accounts is enabled

network

• Auto-mark gateway as default when adding the only one
• Optional ranges param added to Objects::Members::addresses()
• Add ip_vti to list of ifaces_to_ignore by default
• Fix brctl binary path
• Fix regression populating bridges list on iface configuration
• Fix failover-checker script
• Make DHCP hooks less error-prone and remove warnings
• Remove resolvconf workarounds in 5.0.2 and 5.0.3 now that proper fix is included in zentyal-dns 5.0.3
• Avoid save changes error also for any iface not present in /etc/network/interfaces, for example trunk ifaces, this is a regression on ifup behavior on Ubuntu 16.04
• Avoid errors also for ifdown when iface not present in file
• Fix error on save changes after configuring iface as non set
• Restore PPPoE, bridged mode, multigateway and failover from Zentyal 4.0
• Restore bonding support from Zentyal 4.0
• Migrate services and objects redis data when upgrading from 4.X
• Provide transitional dummy packages for services and objects
• Fix regression enforcing 127.0.0.1 as nameserver in ADC mode
• Make sure 127.0.0.1 is always used as nameserver with zentyal-samba
• Fix DHCP hooks

openvpn

• Use 2048 instead of 1024 for DH file

samba

• Domain is now a menu item instead of a folder with just one subitem
• Add notice about GPO management in Domain section
• Set homeDrive, homeDirectory and profilePath attributes after adding new users without need of explicit save change operation
• Remove no longer required zentyal user ACLs on share paths
• Comment field is now optional when adding a share
• Explicit set of valid users write/read/admin lists for share security unless "unmanaged_acls = yes" is set in /etc/zentyal/samba.conf
• Check domain functional level <= 2008 R2 before joining
• Manage thumbnailPhotos from share in samba.conf and edit user UI in commercial editions
• Do not allow to add OUs inside containers
• Allow to execute ad-migrate directly
• Disable expiration for Kerberos service accounts
• Add ZFS support for Samba Shares
• Remove manipulation or resolv.conf in standalone DC provision no longer required with the fix in zentyal-dns 5.0.3
• Different resolv.conf manipulation in ADC depending if we are joining a Windows DC or a Zentyal one, always use 127.0.0.1 when the provision is finished
• Fix enable-quotas
• Add proper template shell and homedir in smb.conf
• Support for bridged mode in sambaInterfaces method
• Fix setting of ACLs for 'Domain Users' group
• Remove trigger that causes dpkg error on samba upgrade
• Fix wrong management of resolv.conf during ADC provision
• Fix provision when netbios name and hostname are different
• Apply ACLs recursively on background instead of blocking save changes
• Set noexpiry of administrator account only in DC mode, prevents error when user exists with a different name like "administrador"
• Remove acl and user_xattr mount options related code as ext4 already has them enabled by default

software

• New installation slides
• Simplify auto-updater cron job (no fork, no pipe)
• Avoid ugly reload error after save changes in Software -> Config

sogo

• Integrate new SOGo 4.0
• Add warning about ActiveSync mailbox recommended size
• Allow to send mails using alias
• Better default settings of performance tuning when using ActiveSync
• Use IMAPS if IMAP is disabled in mail retrieval services
• Users of non-default Organizational Units now work

squid

• Use IP ranges in squid and dansguardian conf for very significant increase of performance when restarting the module
• Fix time period condition checking end minute
• Fix regression in transparent proxy mode with filter
• Fix dansguardian integration
• Block HTTPS by domain using firewall module for commercial editions