[PATCH] Re: patch to add "winbind domain before username" parameter, and bugfix for handing of template homedir

[Andrew Bartlett]

On Sun, 2013-11-24 at 00:28 -0500, rick at microway.com wrote:
> Would adding a warning to the man page for this option that this shouldn't
> be used in multi-domain environment be sufficient?

Not really.  It should be using 'winbind use default domain' and we
don't want to muddy the waters on that parameter for it's main use
case. 

> I think there are plenty of single-domain environments that could benefit
> from this.

I do realise this, we just have to do it right. 

> Regarding the input/output matching.  I'm not exactly sure what you mean
> by this.  I'm trying to make the username match the unix norm as this is
> primarily a Linux shop. We only have 1 domain and I was hoping the new
> Samba 4 would allow me to do a single sign on for everyone now, easily. I
> have that mostly working so far, using this patch.

What I mean is that I see how this patch changes the output, but the
input routines (ie the getpwnam() handler) should also do the same
thing, expecting domain\username unless this parameter is set. 

> Is there something I could change to help meet your criteria?

Having this only operate for the default domain would be a good start. 

Andrew Bartlett
-- 
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba