[Samba] Samba SSSD authentication via userPrincipalName does not work because samba claims that the username does not exist.

Nico Kadel-Garcia nkadel at gmail.com
Tue Oct 6 01:24:22 UTC 2020

On Mon, Oct 5, 2020 at 11:46 AM Rowland penny via samba
<samba at lists.samba.org> wrote:

> You cannot use sssd with Samba >= 4.8.0 even red-hat tells you this.

And sssd is *not* your friend if you do anything remotely
sophisticated. It's configuration tools erase any sophisticated setups
in sssd. For any even repotely sophisticated setup, I'll encourage you
to configure Keberos and LDAP more directly.

> On top of which, you should be able to authentication using a UPN:
> pi at raspberrypi:~ $ wbinfo -K SAMDOM\\rowland at samdom.example.com
> Enter SAMDOM\rowland at samdom.example.com's password:
> plaintext kerberos password authentication for
> [SAMDOM\rowland at samdom.example.com] succeeded (requesting cctype: FILE)
> credentials were put in: FILE:/tmp/krb5cc_1000
> Rowland
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list