[Samba] Default domain other than joined domain of a domain member
e.blindauer at gmail.com
Sat Jun 30 11:52:39 UTC 2018
I had a workaround, but depend mostly of the software:
For my fileserver in subdomain, I used the backend "idmap_nss", and
configured nss to use ldap to find users, ldap server was the parent
domain, and kerberos on main domain to auth users (so don't use winbind
for auth or in nsswitch)
This is a very bad workaround, but it can perhaps fit your needs.
Le 30/06/2018 à 11:01, Andreas Hauffe via samba a écrit :
> is there a way to use "winbind use default domain = yes" with a trusted
> domain and not with the domain the domain member was joined?
> We have a child- or subdomain (sub.example.com) where all our computers
> are joined and most of the users are from the parent domain
> (example.com). So "sub" is the default domain and right now all users
> have to login with "example\username". This is a problem for some
> commercial software we are using, which do not work when a back slash is
> in the username. We can change the winbind separator to "+" but in this
> case users have to login with "example+username" in case of linux domain
> members and "example\username" in case of windows domain members. So it
> would be nice to be able to login with just the username in case of
> "example"-domain users.
More information about the samba