[Samba] winbind use default domain and alternative UPN Suffix. Samba as Domain Member.
Markus Jansen
jansen at schmitzmine.eu
Mon Nov 30 12:29:30 UTC 2020
Dear all,
I use Samba as Active Directory Member, my Domain is called something
like "ad.test.de" . I joined the domain and everything is running well.
To take advantage of the "winbind use default domain" - option, users
can login by "tim.altern" instead of "tim.altern at ad.test.de"
I set up an alternative UPN Suffix afterwards like "test.de" to benefit
from shorter more meaningful usernames like "tim.altern at test.de" at some
other services.
When I try to login to samba using just the username (without the domain
suffix, like tim.altern) it fails when the userPrincipalName is set up
using the alternative UPN suffix "@test.de", like "tim.altern at test.de" .
I assume winbind expect a user "tim.altern at ad.test.de", that does not
exists (the logfile indicates that ... "FAILED with error
NT_STATUS_NO_SUCH_USER").
I could provide more details (logfiles, etc) later, but I'm asking
myself if there is any way to make this work at all, login in without
the domain suffix and by using the alternative domain suffix in AD.
Thank you very much,
Markus
More information about the samba
mailing list