--- /dev/null
+From 4d187b353d77761d40b04b8451f7ebe11fc8fab8 Mon Sep 17 00:00:00 2001
+From: Andreas Schneider <asn@samba.org>
+Date: Tue, 31 Mar 2015 18:15:51 +0200
+Subject: [PATCH] PATCHSET24: s3-passdb: Fix 'force user' with winbind default
+ domain
+
+If we set 'winbind use default domain' and specify 'force user = user'
+without a domain name we fail to log in. In this case we need to try a
+lookup with the domain name.
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=11185
+
+Signed-off-by: Andreas Schneider <asn@samba.org>
+Reviewed-by: Jeremy Allison <jra@samba.org>
+
+(cherry picked from commit cd4442c7ac93e165862c9195a7c345472646aa59)
+---
+ source3/passdb/lookup_sid.c | 24 ++++++++++++++++++++++++
+ 1 file changed, 24 insertions(+)
+
+diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c
+index 64a181e..dcc2911 100644
+--- a/source3/passdb/lookup_sid.c
++++ b/source3/passdb/lookup_sid.c
+@@ -391,6 +391,30 @@ bool lookup_name_smbconf(TALLOC_CTX *mem_ctx,
+ ret_sid, ret_type);
+ }
+
++ /* Try with winbind default domain name. */
++ if (lp_winbind_use_default_domain()) {
++ bool ok;
++
++ qualified_name = talloc_asprintf(mem_ctx,
++ "%s\\%s",
++ lp_workgroup(),
++ full_name);
++ if (qualified_name == NULL) {
++ return false;
++ }
++
++ ok = lookup_name(mem_ctx,
++ qualified_name,
++ flags,
++ ret_domain,
++ ret_name,
++ ret_sid,
++ ret_type);
++ if (ok) {
++ return true;
++ }
++ }
++
+ /* Try with our own SAM name. */
+ qualified_name = talloc_asprintf(mem_ctx, "%s\\%s",
+ get_global_sam_name(),
+--
+2.1.0
+