In V.2.1, members of administrative Windows groups were mapped to SYSDBA by default. From V.2.5 forward, SYSDBA mapping is controlled on per-database basis using the new SQL command

ALTER ROLE RDB$ADMIN SET/DROP AUTO ADMIN MAPPING

For more details, refer to the chapter on Security.

In V.2.1, where support for Windows trusted authentication was introduced, the default authentication method applied was mixed, i.e., the DPB or SPB would accept either native Firebird logins or trusted user logins. Thus, he Authentication parameter in firebird.conf showed mixed as the default.

From V.2.5 forward, the default is native. To have mixed or trusted, it is now necessary to configure this parameter specifically.

Tracker reference CORE-2376)