[Samba] Why isn't "<Domain>\<User>' = to <User> on PDC? Isn't it supposed to be?

Linda Walsh samba at tlinx.org
Mon Aug 1 05:49:09 MDT 2011

When I access my PDC, via a unix service,
from a Domain client with a domain login,
the PDC attempts to validate <Domain>\<User> against the the
authentication DB, but on a mounted file system,

a user on the PDC = '<domain>\<user>' ... (which is what
I thought it should be).

But if I use 'ssh <Pdc>',
it authenticates as user 'Domain\User'

Now I hacked around this for myself, by adding an entry to the /etc/passwd
that dups my PDC usr, except prefixes it with the Domain name.

in /etc/passwd:
   linda:x:1001:201:linda at localhost:/home/me:/bin/bash
   Domain\linda:x:1001:201:linda at Domain:/home/me:/bin/bash
But that just seems 'wrong'....
Shouldn't pam_winbind, in the pam stack be 'Domain' & PDC aware?
Or would that just be an RFE??

How do others deal with the above issues?  Or is something
'handling' them (i.e. doing the mapping?)

Note, that
	"wbinfo -u"
	"wbinfo --domain=DOMAIN -u"

return identical lists.

so why isn't pam_winbind treating DOMAIN\USER as USER?

More information about the samba mailing list