It's been a long journey, bear with me. we have multiple domains, that have interdomain trusts in separate forests.
I can successfully authenticate via "wbinfo -A A\\userA" and "wbinfo -A B\\userB"; same with -K. The host is joined do AD "A". UserA can authenticate successfully and get a shell. However I desire B\\UserB to also be able to login as well. However, I can only have users from domain A login, and even then, if and only if I have "winbind use default domain = true". However it would seem that "winbind use default domain = false" is required to do what I desire. However, I can't seem to get PAM to deal with the domain portion of the string. ie "A\\" of "A\\UserA" or "B\\" of "B\\UserB" Anyone out doing this already? How do I get PAM to strip the DOMAIN portion or winbind to strip it prior to passing it to PAM? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
