Hey, I am running Ubuntu Trusty 14.04.3 with samba and winbind version 4.1.6-Ubuntu. Its run in a windows domain env which is running an AD on 2008 R2 servers. I can login just fine with using the AD accounts sam name. However, the question is now if all machines on the domain can use the AD UPN to login instead of the sam. I have looked around a bit and found a few old posts about this. This post which is not that old to be fair: https://lists.samba.org/archive/samba/2014-May/181561.html is pointing out that very early in the authentication the domain\user is spilt up by winbind and the UPN wouldn’t perhaps get mapped correctly.The post ends up mentioning that it would be a development task. I have been looking around in the change logs for later versions of samba, but couldn’t find anything relating to UPN name. So the more general question, is there anyone who has got this working under any circumstances, logging in/authenticating with UPN through winbind? Is it possible? @Samba devs: Thanks for your tireless and awesome work with samba and winbind. Kind regards, Björn
Hi, By "logging in/authenticating with UPN through winbind" you are speaking about using UPN on Linux or UNIX clients when these clients are generating local users from AD using winbind? Kindly regards, mathias 2016-02-09 20:20 GMT+01:00 Björn Ramberg <bjoern.ramberg at gmail.com>:> Hey, > > I am running Ubuntu Trusty 14.04.3 with samba and winbind version > 4.1.6-Ubuntu. Its run in a windows domain env which is running an AD on > 2008 R2 servers. > I can login just fine with using the AD accounts sam name. However, the > question is now if all machines on the domain can use the AD UPN to login > instead of the sam. I have looked around a bit and found a few old posts > about this. > > This post which is not that old to be fair: > https://lists.samba.org/archive/samba/2014-May/181561.html is pointing out > that very early in the authentication the domain\user is spilt up by > winbind and the UPN wouldn’t perhaps get mapped correctly.The post ends up > mentioning that it would be a development task. I have been looking around > in the change logs for later versions of samba, but couldn’t find anything > relating to UPN name. > > So the more general question, is there anyone who has got this working > under any circumstances, logging in/authenticating with UPN through > winbind? Is it possible? > > @Samba devs: Thanks for your tireless and awesome work with samba and > winbind. > > Kind regards, > > Björn > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
Hi, Thanks for answering. Yes, the linux machines are joined to the domain through samba and are using the AD accounts on their linux clients to logon and authenticate through winbind. Using the AD accounts samid to logon is just fine, the question is if its possible to use the UPN instead of the samid to login. Kind regards, Björn On Wed, Feb 10, 2016 at 2:33 PM mathias dufresne <infractory at gmail.com> wrote:> Hi, > > By "logging in/authenticating with UPN through winbind" you are speaking > about using UPN on Linux or UNIX clients when these clients are generating > local users from AD using winbind? > > Kindly regards, > > mathias > > 2016-02-09 20:20 GMT+01:00 Björn Ramberg <bjoern.ramberg at gmail.com>: > >> Hey, >> >> I am running Ubuntu Trusty 14.04.3 with samba and winbind version >> 4.1.6-Ubuntu. Its run in a windows domain env which is running an AD on >> 2008 R2 servers. >> I can login just fine with using the AD accounts sam name. However, the >> question is now if all machines on the domain can use the AD UPN to login >> instead of the sam. I have looked around a bit and found a few old posts >> about this. >> >> This post which is not that old to be fair: >> https://lists.samba.org/archive/samba/2014-May/181561.html is pointing >> out >> that very early in the authentication the domain\user is spilt up by >> winbind and the UPN wouldn’t perhaps get mapped correctly.The post ends up >> mentioning that it would be a development task. I have been looking around >> in the change logs for later versions of samba, but couldn’t find anything >> relating to UPN name. >> >> So the more general question, is there anyone who has got this working >> under any circumstances, logging in/authenticating with UPN through >> winbind? Is it possible? >> >> @Samba devs: Thanks for your tireless and awesome work with samba and >> winbind. >> >> Kind regards, >> >> Björn >> > -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba >> >