[Samba] password validation

[Beast]

Hello,

when using "security = server" and "encrypt passwords = yes" , 
user is validate using secret.tdb, password server or /etc/password?
i have create diferrent password for all three above (but same username),
it seems it can use all of password.

i'm using samba 2.2.7, it seems the default value for "encrypt passwords"
is "yes" (which is "no" in smb.conf man pages), is it correct?

TIA.