-Authentication Changes:
-o Changed the way smbd handles untrusted domain names given during user
- authentication
-
-Authentication Changes
-======================
-
-Previously, when Samba was a domain member and a client was connecting using an
-untrusted domain name, such as BOGUS\user smbd would remap the untrusted
-domain to the primary domain smbd was a member of and attempt authentication
-using that DOMAIN\user name. This differed from how a Windows member server
-would behave. Now, smbd will replace the BOGUS name with it's SAM name. In
-the case where smbd is acting as a PDC this will be DOMAIN\user. In the case
-where smbd is acting as a domain member server this will be WORKSTATION\user.
-Thus, smbd will never assume that an incoming user name which is not qualified
-with the same primary domain, is part of smbd's primary domain.
-
-While this behavior matches Windows, it may break some workflows which depended
-on smbd to always pass through bogus names to the DC for verification. A new
-parameter "map untrusted to domain" can be enabled to revert to the legacy
-behavior.