[Samba] Authenticate using AD UPN name

Björn Ramberg bjoern.ramberg at gmail.com
Tue Feb 9 19:20:40 UTC 2016


I am running Ubuntu Trusty 14.04.3 with samba and winbind version
4.1.6-Ubuntu. Its run in a windows domain env which is running an AD on
2008 R2 servers.
I can login just fine with using the AD accounts sam name. However, the
question is now if all machines on the domain can use the AD UPN to login
instead of the sam. I have looked around a bit and found a few old posts
about this.

This post which is not that old to be fair:
https://lists.samba.org/archive/samba/2014-May/181561.html is pointing out
that very early in the authentication the domain\user is spilt up by
winbind and the UPN wouldn’t perhaps get mapped correctly.The post ends up
mentioning that it would be a development task. I have been looking around
in the change logs for later versions of samba, but couldn’t find anything
relating to UPN name.

So the more general question, is there anyone who has got this working
under any circumstances, logging in/authenticating with UPN through
winbind? Is it possible?

@Samba devs: Thanks for your tireless and awesome work with samba and

Kind regards,


More information about the samba mailing list