Currently in smb_getpwnam() the NetBIOS domain name and the winbind separator
character is always added to the user name returned by Get_Pwnam_alloc() if it
does not contain the winbind separator character. As comments in the code
indicates this is done as a work around if 'winbind use default domain' is set
to yes in the samba configuration.
This make sense if the option is set because otherwise the domain information is
lost from the user name. But it causes errors if other services than winbind are
used for user lookup, e.g. sssd. sssd can handle different kind of fully
qualified user names as input, e.g. user@domain.name or DOM\user, but returns a
canonical name, by default user@domain.name.
While it would be possible to get around this issue with a special configuration
either on the sssd or samba side I think the cleaner solution is to use the work
around only if 'winbind use default domain' is set to yes which is what this
patch does.
Fix bug #9367 - Use work around for 'winbind use default domain' only if it is
set.
(cherry picked from commit
6c0b864654001046b8bbb585112e60a7e146cb2a)
(cherry picked from commit
de2c0f0d3d1217814fce840a5050741de3938e0f)
/* make sure we get the case of the username correct */
/* work around 'winbind use default domain = yes' */
- if ( !strchr_m( pw->pw_name, *lp_winbind_separator() ) ) {
+ if ( lp_winbind_use_default_domain() &&
+ !strchr_m( pw->pw_name, *lp_winbind_separator() ) ) {
char *domain;
/* split the domain and username into 2 strings */
git.samba.org / samba.git / commitdiff