When using active directory, group names can have backslashes when specified in the "domain account format". See here for more information:
"getent group" on Linux is capable of interpreting backslashes in group names when AD is configured. For example, the following command properly gets the information about the AD group:
However, the pam_user_map module does not seem to support this format at the moment. If /etc/security/user_map.conf contains a line like the following:
Then the module would throw an error like the following:
The same error is seen if only a single backslash is used in the group name. e.g.:
The workaround is to set a default domain in the system's AD configuration.