Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jun 23 10:46:22 UTC 2021 on sn-devel-184
winbindd:
--log-stdout -> --debug-stdout
+Scanning of trusted domains and enterpise principals
+----------------------------------------------------
+
+As an artifact from the NT4 times, we still scanned the list of trusted domains
+on winbindd startup. This is wrong as we never can get a full picture in Active
+Directory. It is time to change the default value to No. Also with this change
+we always use enterprise principals for Kerberos so that the DC will be able
+to redirect ticket requests to the right DC. This is e.g needed for one way
+trusts. The options `winbind use krb5 enterprise principals` and
+`winbind scan trusted domains` will be deprecated in one of the next releases.
+
REMOVED FEATURES
================