Is it possible to create an auth_to_local rule to change usernames to uppercase? The /L option works for lower, but /U does not work for upper. Principal names come as "myusername@MYREALM.COM". I need "MYUSERNAME".
Unfortunately, user IDs coming from AD's sAMAccountName are in all uppercase. I'd prefer to convert them to lower, but haven't figured that out. nslcd, samba and winbind are being used.
Just to be clear, the reason for this is that user id's on this system are uppercase names (e.g. "JJONES") because they are being synchronized from AD with sAMAccontName which is all uppercase. If I could use a pam module or other method to convert to lowercase I would, but I am not aware of such a module.
I don't think that's supported, I only see convert to lower case in the code:
You should really try to convert all to lower case or use another AD attribute. You never see people use uppercase and you risk becoming the only one 🙂
Do an ldapsearch and see what other attributes you could use, you don't have to use sAMAccountName.
For pam, you can use pam_regex: http://puszcza.gnu.org.ua/software/pam-modules/manual/html_chapter/regex.html
nslcd.conf has an ignorecase setting
Thanks, @Alexandru Anghel I totally agree about making linux accounts all lowercase, but hit a wall on it. I saw the pam_regex module but was unable to locate it on my system and could not figure out where to get that package.
We did find another attribute mailAlias with lowercase, but that is not a good long-term attribute to use, although it may work temporarily. We may look at changing to SSSD instead.
Indeed, if you can, SSSD is the way to go. pam_regex needs to be compiled.
Had the same issue and SSSD solved it with the 'case_sensitive = false' option.
Best of luck!