Comment 17 for bug 1819197

I'm trying to wrap my head around the terminology here, maybe you can help me.

sssd is making your domain users have a username of user@DOMAIN. That "DOMAIN" bit, however, is also the kerberos 5 realm, correct? And you have a different NFSv4 "domain"? So the name that the NFSv4 server sends over the wire (instead of a uid) is "user@DOMAIN@nfsv4domain"? Or, in other words, "user@REALM@nfsv4domain"?

I'm trying to determine if the second hunk of the patch is necessary, under what conditions. So far I only got it to run when I ran the libtest.c test program, from the libnfsidmap source code:

$ ./libtest andreas@lowtech andreas@LOWTECH
nfs4_gss_princ_to_ids: princ andreas@LOWTECH has uid 1000 gid 1000
nfs4_name_to_uid: name andreas@lowtech has uid 1000
nfs4_name_to_gid: name andreas@lowtech has gid 1000
 nfs4_gss_princ_to_grouplist: princ andreas@LOWTECH has gids 1000 4 24 27 30 46 108 109 125 127 129 999 132
nfs4_uid_to_name: uid 1000 has name andreas@lowtech
nfs4_gid_to_name: gid 1000 has name andreas@lowtech

But the princ parameter given to it us a normal principal name, with just one "@", so it doesn't matter if strstr() or strrchr() is used.