This mode of server operation involves the Samba machine being made a member
of a domain security context. This means by definition that all user
authentication will be done from a centrally defined authentication regime.
The authentication regime may come from an NT3/4-style (old domain technology)
server, or it may be provided from an Active Directory server (ADS) running on
MS Windows 2000 or later.
Of course it should be clear that the authentication backend itself could be
from any distributed directory architecture server that is supported by Samba.
This can be LDAP (from OpenLDAP), or Sun's iPlanet, or Novell e-Directory
Server, and so on.