diff --git a/source/auth/auth_util.c b/source/auth/auth_util.c
index 24b05a5..808fb96 100644
--- a/source/auth/auth_util.c
+++ b/source/auth/auth_util.c
@@ -867,6 +867,27 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
 		*found_username = talloc_strdup(mem_ctx,
 						pdb_get_username(sam_acct));
 
+		/* We must always assign the *uid. */
+		if (sam_acct->unix_pw == NULL) {
+			struct passwd *pwd = getpwnam_alloc(sam_acct, *found_username );
+			if (!pwd) {
+				DEBUG(10, ("getpwnam_alloc failed for %s\n",
+					*found_username));
+				DEBUGADD(1, ("Fall back to unix user %s\n",
+					*found_username));
+				goto unix_user;
+			}
+			result = samu_set_unix(sam_acct, pwd );
+			if (!NT_STATUS_IS_OK(result)) {
+				DEBUG(10, ("samu_set_unix failed for %s\n",
+					*found_username));
+				DEBUGADD(1, ("Fall back to unix user %s\n",
+					*found_username));
+				goto unix_user;
+			}
+		}
+		*uid = sam_acct->unix_pw->pw_uid;
+
 	} else 	if (sid_check_is_in_unix_users(&user_sid)) {
 
 		/* This is a unix user not in passdb. We need to ask nss
@@ -883,7 +904,7 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
 	unix_user:
 
 		if (!sid_to_uid(&user_sid, uid)) {
-			DEBUG(1, ("sid_to_uid for %s (%s) failed\n",
+			DEBUG(1, ("unix_user case, sid_to_uid for %s (%s) failed\n",
 				  username, sid_string_dbg(&user_sid)));
 			goto done;
 		}
@@ -937,6 +958,13 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
 
 		uint32 dummy;
 
+		/* We must always assign the *uid. */
+		if (!sid_to_uid(&user_sid, uid)) {
+			DEBUG(1, ("winbindd case, sid_to_uid for %s (%s) failed\n",
+				  username, sid_string_dbg(&user_sid)));
+			goto done;
+		}
+
 		num_group_sids = 1;
 		group_sids = TALLOC_ARRAY(tmp_ctx, DOM_SID, num_group_sids);
 		if (group_sids == NULL) {