[Samba] Default domain other than joined domain of a domain member

[Blindauer Emmanuel]

I had a workaround, but depend mostly of the software:
For my fileserver in subdomain, I used the backend "idmap_nss", and 
configured nss to use ldap to find users, ldap server was the parent 
domain, and kerberos on main domain to auth users (so don't use winbind 
for auth or in nsswitch)

This is a very bad workaround, but it can perhaps fit your needs.

Emmanuel

Le 30/06/2018 à 11:01, Andreas Hauffe via samba a écrit :
> Hi,
> 
> is there a way to use "winbind use default domain = yes" with a trusted 
> domain and not with the domain the domain member was joined?
> 
> We have a child- or subdomain (sub.example.com) where all our computers 
> are joined and most of the users are from the parent domain 
> (example.com). So "sub" is the default domain and right now all users 
> have to login with "example\username". This is a problem for some 
> commercial software we are using, which do not work when a back slash is 
> in the username. We can change the winbind separator to "+" but in this 
> case users have to login with "example+username" in case of linux domain 
> members and "example\username" in case of windows domain members. So it 
> would be nice to be able to login with just the username in case of 
> "example"-domain users.
> 
> 
>