Hello, I'm trying to query one of my remote domains for users via "wbinfo -u --domain=EUROPE" and receiving "Error looking up domain users". I have been successfully able to look up users in multiple domains i.e. "wbinfo -u --domain=UK". My current domain is called NTDOMAIN in which I have my Ubuntu Dapper (6.06) box, running winbind 3.0.22-1ubuntu3.1 and samba 3.0.22-1ubuntu3.1. NTDOMAIN is hosted on a NT4 SP6a PDC, EUROPE is a Windows Server 2003 R2 SP1, and 2-way trusts are established. I have winbind running as "winbind -d 100" for maximum logging. Steps I've tried: * I have confirmed that the trust between NTDOMAIN <-> EUROPE validates (via Windows tools) * Tried using a user account with full domain privileges in the EUROPE domain via "wbinfo --set-auth=user=EUROPE/user%password" but no change. * Successfully logged in from one domain to another (i.e. an NTDOMAIN user logged in to a machine joined to the EUROPE domain, and vice versa) While tailing the log /var/log/samba/0.0.0.0_0.0.0.0_winbindd_.log I see that the samba box successfully detects the PDC role server for the EUROPE domain and locates the correct IP address, the samba box tries to authenticate against the EUROPE domain using it's NTDOMAIN computer account, and negotiates security authentication mechanisms. I then see this error in the log: [2006/12/04 16:05:04, 4] nsswitch/winbindd_cm.c:cm_prepare_connection(305) authenticated session setup failed with No logon workstation trust account I don't understand this, the samba box would not have a workstation account in the EUROPE domain, it is joined to the NTDOMAIN domain. I've attached results of some wbinfo commands. ---- root@s-lnx003-50:~# wbinfo -m UK EUROPE ---- root@s-lnx003-50:~# wbinfo --sequence: EUROPE : DISCONNECTED UK : 4969 S-LNX003-50 : 1 BUILTIN : 1 NTDOMAIN : 34338 ---- root@s-lnx003-50:~# wbinfo -D NTDOMAIN Name : NTDOMAIN Alt_Name : SID : <deleted> Active Directory : No Native : No Primary : Yes Sequence : 34338 ---- root@s-lnx003-50:~# wbinfo -D EUROPE Name : EUROPE Alt_Name : europe.<deleted> SID : <deleted> Active Directory : Yes Native : No Primary : No Sequence : -1 ---- root@s-lnx003-50:~# wbinfo -t checking the trust secret via RPC calls succeeded ---- /etc/samba/smb.conf: workgroup = NTDOMAIN security = domain password server = <deleted> <deleted> winbind separator = / winbind cache time = 10 idmap uid = 10000-20000 idmap gid = 10000-20000 winbind enum users = yes winbind enum groups = yes obey pam restrictions = no winbind nested groups = yes Any suggestions? I'd be happy to provide more log or configuration file data. Thanks very much! -- Michael Coburn Enterprise Systems Adminstrator