Winbind mapping without domain qualification

Matthew Mastracci matt at
Thu Apr 17 21:50:18 GMT 2003

It would be great to have a Winbind mode where the domain part was 
lopped off.  In smaller, single-domain shops it is often more convenient 
to log in without the DOMAIN+ prefix (assuming that + is the winbind 
separator).  Would it be possible to have a Winbind option that allowed 
an administrator to specify a default domain prefix?  This could allow 
those on the local domain of the Samba box to authenticate using the 
shorter form of their username (ie: matt instead of DOMAIN+matt) and 
those from other domains could still use the full OTHERDOMAIN+otheruser 
to get in.

I could provide a patch, but I'm just testing the waters to see if there 
are any issues that would prevent this from working, or other objections 
from the developer crowd.

Sample config:

   winbind default domain = SOMEDOMAIN   # set the default domain to 
SOMEDOMAIN, ie: assume a prefix of SOMEDOMAIN+ on all users
   winbind separator = +
   winbind cache time = 10
   template shell = /bin/bash
   template homedir = /home/users/%U
   winbind uid = 10000-20000
   winbind gid = 10000-20000


More information about the samba-technical mailing list