Bug 12851 - 'winbind normalize names' doesn't work for users
'winbind normalize names' doesn't work for users
Status: ASSIGNED
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Winbind
4.6.0
All All
: P5 normal
: ---
Assigned To: Andreas Schneider
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-06-20 08:44 UTC by Andreas Schneider
Modified: 2017-12-01 16:41 UTC (History)
3 users (show)

See Also:


Attachments
patch for 4.6 (2.51 KB, patch)
2017-06-21 08:30 UTC, Andreas Schneider
asn: review? (vl)
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Andreas Schneider 2017-06-20 08:44:55 UTC
If the option ''winbind normalize names' is set, we do not normalize usernames in wb_getpwsid().

$ getent passwd EARTH+alice_one
EARTH+alice one:*:100001106:100000513:Alice One:/home/EARTH/alice one:/bin/bash

Patch will follow.
Comment 1 Andreas Schneider 2017-06-21 08:30:55 UTC
Created attachment 13299 [details]
patch for 4.6
Comment 2 Ralph Böhme 2017-12-01 16:21:02 UTC
This adds a call to find_domain_from_name_noinit() which may cause auth failures with users from domains that are not in the list of trusted domains.

Commit 1ce165a7335 in master changes this to only call find_domain_from_name_noinit() if "winbind normalize names" is enabled (default to off), so somewhat relieves the situation.