This is samba bug : https://bugzilla.samba.org/show_bug.cgi?id=12375 ( fixed in 4.5.2 ) https://bugzilla.samba.org/show_bug.cgi?id=12492 ( undecided/failty config/setup ) ( i agree with this one. ) Now whats really allowed... Active Directory user and group names can contain all Unicode characters except for the following characters: * Forward slash (/) * Backward slash (\) * Left square bracket ([) * Right square bracket (]) * Colon (:) * Semicolon (;) * Vertical bar (|) * Equal sign (=) * Plus sign (+) * Asterisk (*) * Question mark (?) * Left angle bracket (<) * Right angle bracket (>) * Double quote (") * At symbol (@) An "at" symbol (@) is not allowed unless it is used to specify the domain. For example, u...@mydomain.com is allowed. user@n...@mydomain.com is not allowed. resulting in username@ is not allowed. Because its username@UPN https://msdn.microsoft.com/en-us/library/windows/desktop/aa380525(v=vs.85).aspx The @ is seen as separator. @André Janna You can deploy AD, and in some time you "sort of" have to. NT4.0 domain support wont last forever, and sorry, but the sooner the better. I suggest have a look here : https://wiki.samba.org/index.php/Migrating_a_Samba_NT4_Domain_to_Samba_AD_(Classic_Upgrade) but beware, if you username@ as usernames you wil end up with some errors. Setup a test environment and try. If you run in to problems, join the samba list and ask you question there. IMO, not a bug, error in setup. I suggest, close bug. Greetz, Louis
