Currently in smb_getpwnam() the NetBIOS domain name and the winbind separator character is always added to the user name returned by Get_Pwnam_alloc() if it does not contain the winbind separator character. As comments in the code indicates this is done as a work around if 'winbind use default domain' is set to yes in the samba configuration. This make sense if the option is set because otherwise the domain information is lost from the user name. But it causes errors if other services than winbind are used for user lookup, e.g. sssd. sssd can handle different kind of fully qualified user names as input, e.g. user@domain.name or DOM\user, but returns a canonical name, by default user@domain.name. While it would be possible to get around this issue with a special configuration either on the sssd or samba side I think the cleaner solution is to use the work around only if 'winbind use default domain' is set to yes which is what this patch does.
Created attachment 8164 [details] Patch for the ticket
Comment on attachment 8164 [details] Patch for the ticket Looks good to me.
Comment on attachment 8164 [details] Patch for the ticket Yes, looks good to me too.
Pushed to autobuild. Karolin please add to v4-0-test.
Pushed to autobuild-v4-0-test.
Pushed to v4-0-test. Closing out bug report. Thanks!
Karolin, could you please add the patch to v3-6-test too. It applies cleanly. Thanks!
Pushed to v3-6-test. Closing out bug report. Thanks!