Does Samba support UPN authentication using NTLM?
hemanth.thummala at nutanix.com
Tue Aug 30 23:34:51 UTC 2016
We are using samba 4.3.11 stack as a member server. We could see that authentication for UPN(user at domain) formats failing with STATUS NO SUCH USER. Looking at the code, we are not actually converting the UPN to DOMAIN\USER format before contacting the DC. Whereas UPN access works fine with Kerberos auth.
What I understood is that NTLM doesn’t support UPN format. We might want to convert the user format(to DOMAIN\user) before checking with DC which we are not doing currently. I would like to know if there is any plan to support this in future.
On the other hand, I could see that smbclient works with UPN format. Looks like we are converting the name format here to DOMAIN\user. I couldn’t trace out the place where we do this conversion. If we could do the conversion here, can't we use the same thing in winbindd as well?
More information about the samba-technical