[Samba] winbind use default domain and alternative UPN Suffix. Samba as Domain Member.

Markus Jansen jansen at schmitzmine.eu
Wed Dec 9 14:22:31 UTC 2020

Thanks Rowland, that makes things more clearly to me!

Am 03.12.20 um 16:47 schrieb Rowland penny via samba:
> On 03/12/2020 14:34, Markus Jansen wrote:
>> Thanks so much for the quick reply.
>> Maybe I should make my issue clearer. I want to use the UPN for login,
>> because the sAMAccountName's limitation of 20 characters leads to cut
>> off usernnames like "Maria Antunes-Mariotes" -> maria.antunes-mariot . I
>> want to users to use their full firstname.lastname without '@test.de'
>> for login purposes, i.e. maria.antunes-mariotes. The UPN is
>> maria.antunes-mariotes at test.de . Is that even possible?
> You seem to be conflating the UPN with the sAMAccountName, whilst they
> both can be used to login, they can be different. As you say, the
> sAMAccountName is limited to 20 characters, but the UPN can be longer.
> The UPN consists of a prefix and suffix joined with an '@' sign, the
> prefix can be a long name and the suffix is a dns domain (though it
> doesn't have to be the AD domain) i.e. it looks like an email address.
> Lets take an example, the user Fred Bloggs is a user in the
> SAMDOM.EXAMPLE.COM realm, his sAMAccountName is 'fred', but his UPN
> could be 'fred at samdom.example.com' or 'fred.bloggs at samdom.example.com'
> or 'fred.bloggs at gmail.com' or anything that looks like an email address.
> He will be to log in using his sAMAccountName or UPN, but he cannot
> log in using the UPN prefix.
> Rowland
Markus Jansen
Christian Schmitz EDV
System and Networkadministration
Tel.:   0049 (0) 1520 2851228

More information about the samba mailing list