Has anyone come up with a series of steps to successfully set up a trust with a Windows 2000 domain using AD? I have a Samba 3beta server set up as the PDC for a new domain(OPS). It's on the same physical network as the Windows domain (ADMIN). The W2K domain is an AD-based native domain. On that domain is a member server running NT4 Server and Exchange 5.5. I need to allow user access from the OPS domain to mail accounts on the Exchange box in the other domain. I don't need any kind of AD-like features or compatibility on the new OPS domain. The Samba server will provide all the Windows functionality necessary to a handful of clients. I've followed the recommendations in the beta configuration pdf document, but it only covers setting the trust up using NT4 User Manager. This won't work in the ADMIN domain, as the Exchange box is not a DC. I attempted to use the Domain tool on W2K server, but all I wind up with is a bunch of cryptic errors. The two domains can browse one another all day, but when I try to do specific things that require trusts (i.e., establish connections to the Exchange server for a mialbox in Outlook), I can't get it done. Any suggestions or advice would be welcome. Here's my smb.conf: # Global parameters [global] workgroup = OPS netbios name = JAGUAR server string = OPS Department Samba DC security = user passdb backend = smbpasswd,guest preferred master = yes domain master = yes local master = yes log level = 2 log file = /usr/local/samba/var/log.%m max log size = 50 logon path = \\%L\profiles\%U logon drive = u: domain logons = Yes os level = 99 dns proxy = No admin users = smith username map = /usr/local/samba/private/username.map logon script = login.bat passwd program = /usr/bin/passwd %u unix password sync = yes ; added 6/16/03 idmap uid = 10000-15000 idmap gid = 10000-15000 [homes] read only = No browseable = no create mask = 0600 directory mask = 0700 [profiles] path = /profiles read only = No create mask = 0600 directory mask = 0700 csc policy = disable [netlogon] path = /usr/local/samba/netlogon admin users = root write list = root @admins [shared] comment = Shared Files Directory path = /home/shared read only = no create mask = 0600 directory mask = 0700 browseable = yes [storage] comment = Server Storage Directory path = /storage read only = no create mask = 0600 directory mask = 0700 browseable = yes valid users = @admins write list = @admins