2 files changed, 30 insertions, 9 deletions

diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 3dc0fdbe46..c474049617 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -926,21 +926,38 @@ static NTSTATUS fill_sam_account(TALLOC_CTX *mem_ctx,
 	fstring dom_user;
 	struct passwd *passwd;
 
-	fstr_sprintf(dom_user, "%s%s%s",
-		     domain, lp_winbind_separator(), username);
+	fstr_sprintf(dom_user, "%s%s%s", domain, lp_winbind_separator(), 
+		username);
 
 	passwd = Get_Pwnam(dom_user);
+	
+	if ( passwd ) {
+		char *p;
+		
+		/* make sure we get the case of the username correct */
+		/* work around 'winbind use default domain = yes' */
+		
+		p = strchr( passwd->pw_name, *lp_winbind_separator() );
+		if ( !p ) 
+			fstr_sprintf(dom_user, "%s%s%s", domain, 
+				lp_winbind_separator(), passwd->pw_name);
+		else 
+			fstrcpy( dom_user, passwd->pw_name );
+	}
+	else {
+		/* if the lookup for DOMAIN\username failed, try again 
+		   with just 'username'.  This is need for accessing the server
+		   as a trust user that actually maps to a local account */
 
-	/* if the lookup for DOMAIN\username failed, try again 
-	   with just 'username'.  This is need for accessing the server
-	   as a trust user that actually maps to a local account */
-
-	if ( !passwd ) {
 		fstrcpy( dom_user, username );
 		passwd = Get_Pwnam( dom_user );
+		
+		/* make sure we get the case of the username correct */
+		if ( passwd )
+			fstrcpy( dom_user, passwd->pw_name );
 	}
 
-	if (passwd == NULL)
+	if ( !passwd )
 		return NT_STATUS_NO_SUCH_USER;
 
 	*uid = passwd->pw_uid;
@@ -953,6 +970,9 @@ static NTSTATUS fill_sam_account(TALLOC_CTX *mem_ctx,
 	                                 --jerry              */
 	   
 	*found_username = talloc_strdup(mem_ctx, dom_user);
+	
+	DEBUG(5,("fill_sam_account: located username was [%s]\n",
+		*found_username));
 
 	return pdb_init_sam_pw(sam_account, passwd);
 }
diff --git a/source3/auth/auth_winbind.c b/source3/auth/auth_winbind.c
index d09987ba37..0e2820313e 100644
--- a/source3/auth/auth_winbind.c
+++ b/source3/auth/auth_winbind.c
@@ -76,7 +76,8 @@ static NTSTATUS check_winbind_security(const struct auth_context *auth_context,
 	}		
 
 	if (strequal(user_info->domain.str, get_global_sam_name())) {
-		DEBUG(3,("check_winbind_security: Not using winbind, requested domain was for this SAM.\n"));
+		DEBUG(3,("check_winbind_security: Not using winbind, requested domain [%s] was for this SAM.\n",
+			user_info->domain.str));
 		return NT_STATUS_NOT_IMPLEMENTED;
 	}