Auth via ADS: using userPrincipalName as username (ref bug #1909)

Gerald (Jerry) Carter jerry at samba.org
Wed Jan 5 16:47:18 GMT 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Marc Lanctot wrote:

| a) check the usernames to see if they passed in a UPN or a
| sAMAccountName, if a UPN do a few ADS ldap queries, and convert the
| corresponding entered UPN to its sAMAccountName. Then proceed through
| the winbind logic using the mapped username. This requires no
| significant changes to the winbind logic.

I forget....Is the goal to be able to logon using pam_winbindd
and the user's UPN ?  I'm leaning towards (a) if you can do that.
Less intrusive.








cheers, jerry
- ---------------------------------------------------------------------
Alleviating the pain of Windows(tm)      ------- http://www.samba.org
GnuPG Key                ----- http://www.plainjoe.org/gpg_public.asc
"If we're adding to the noise, turn off this song"--Switchfoot (2003)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFB3BoWIR7qMdg1EfYRAhTMAKCk/JVBp2StLZf38Rv6Ymz9S5aQGQCeMs6p
1HfGiXCizoRICIWSMJz6MWA=
=k0YB
-----END PGP SIGNATURE-----


More information about the samba-technical mailing list