Red Hat Bugzilla – Bug 848407
for domain security model of Winbind accounts, allow use of domain FQDN and derive short name out of it
Last modified: 2016-08-11 07:08:05 EDT
Description of problem:
for domain security model of Winbind accounts, allow use of domain FQDN and derive short name out of it.
1) FQDN is a canonical domain name
2) FQDN allows to get DC address from SRV records (will file separate bug)
3) dot "." should not be used for new NetBIOS domain names since Server 2003 
4) dot "." is disallowed character for DNS domain names 
based on 3) and 4) it is safe to assume that domains names with dots are dns domain names and NetBIOS domain name used by the field/option is
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. when configuring rhel to authenticate against AD, use FQDN of the AD domain in "Winbind Domain" field (or --smbworkgroup option)
rhel can't authenticate
* authconfig should do 's/$\([^.]\+\)\..*/\1/' (aka feed samba-winbind with part of the domain name from the beginning of the string to leftmost dot).
* rhel should be able to get auth information (aka getenv user@domain should be sucessfull)
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated
in the current release, Red Hat is unable to address this
request at this time.
Red Hat invites you to ask your support representative to
propose this request, if appropriate, in the next release of
Red Hat Enterprise Linux.
I am sorry but we are not going to implement this feature in RHEL-6.