Greg Adams
2004-Oct-07 17:43 UTC
[Samba] samba 3 with ads not authenticating against ADS trusts
I've got a samba 3 ads domain member server that is not able to authenticate users in trusted domains of the ADS domain of which it is a member. Windows 2000 ADS PDC A trusts a Windows NT-4 domain B and a Windows 2000 ADS domain C Solaris 9 Samba 3.0.6 member server of ADS domain A If I use getent passwd on the Solaris 9 server, I get all the users in Domain A and B , but no in Domain C, same thing with getent group, wbinfo -u and wbinfo -g. So winbindd is not "seeing" the users and groups on one of the trusted domains... and if I try to map a share from a Windows XP client, using one of the users in the domain winbindd CAN "see", I'm getting errors in log.smbd. [2004/10/07 09:27:29, 0] auth/auth_util.c:make_server_info_info3(1122) make_server_info_info3: pdb_init_sam failed! [2004/10/07 09:27:29, 2] auth/auth.c:check_ntlm_password(312) check_ntlm_password: Authentication for user [domBuser] -> [domBuser] FAILED with error NT_STATUS_NO_SUCH_USER [2004/10/07 09:27:31, 2] smbd/server.c:exit_server(571) Closing connections domBuser is a member of the NT4 domain, domain B, which winbind lists in getent and wbinfo, but I can't map using those users. Any ideas? Greg Adams