Web lists-archives.com

Re: [Samba] Default domain other than joined domain of a domain member




I had a workaround, but depend mostly of the software:
For my fileserver in subdomain, I used the backend "idmap_nss", and configured nss to use ldap to find users, ldap server was the parent domain, and kerberos on main domain to auth users (so don't use winbind for auth or in nsswitch)

This is a very bad workaround, but it can perhaps fit your needs.

Emmanuel

Le 30/06/2018 à 11:01, Andreas Hauffe via samba a écrit :
Hi,

is there a way to use "winbind use default domain = yes" with a trusted domain and not with the domain the domain member was joined?

We have a child- or subdomain (sub.example.com) where all our computers are joined and most of the users are from the parent domain (example.com). So "sub" is the default domain and right now all users have to login with "example\username". This is a problem for some commercial software we are using, which do not work when a back slash is in the username. We can change the winbind separator to "+" but in this case users have to login with "example+username" in case of linux domain members and "example\username" in case of windows domain members. So it would be nice to be able to login with just the username in case of "example"-domain users.





--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba