unolinuxguru
2003-Mar-08 21:13 UTC
[Samba] allow trusted domains ... howto specifiy domains?
I am running a samba pdc on host "debianpdc" for domain "linuxdom" and have set "allow trusted domains = yes" in my [global] smb.conf file... now how do I specify which domains to trust? I would like to trust an NT4 domain "nt4dom" run by the host "nt4pdc" on the same network.
unolinuxguru
2003-Mar-08 22:37 UTC
[Samba] Re: allow trusted domains ... howto specifiy domains?
I would truly appreciate some help on this, it seems even the simplest things are so complicated!?... How does one enable samba shares through "allow trusted domains" to users of an nt4 domain? Has anyone else done this?.. (I would hope so) see below for what I've tried...> I am running a samba pdc on host "debianpdc" for domain "linuxdom" and > have set "allow trusted domains = yes" in my [global] smb.conf file... > now how do I specify which domains to trust? > > I would like to trust an NT4 domain "nt4dom" run by the host "nt4pdc" on > the same network.I just need a general overview of what needs to be done please. Looking at this chart [1] for the process of how authentication to a share is done from a user in a seperate 'trusted' domain, I do not know what I am missing, this seems it should be simple enough... I have an entirely new user "user2" created on the "nt4dom" domain, this user is completely unkown to the "linuxdom" domain. From a Win98 workstation "user2pc", "user2" can log on fine into "nt4dom" and everything works. I now want user2 to access a shared drive (//lnxmbrsvr/share, perms rwxrwxrwx) on a member server "lnxmbrsvr" in the domain "linuxdom". I have configured "lnxmbrsvr" to have the following pertinent settings in it's smb.conf file: [global] security = domain password server = debianpdc allow trusted domains = yes add user script = ...(it works in the linuxdom domain) I have also added a unix+samba machine (trust?) account for the "nt4dom" primary domain controller "nt4pdc" and user2's workstation "user2pc" on this linux domain member server "lnxmbrsvr". I have tested and reloaded+restarted the debianpdc and lnxmbrsvr samba servers. The nt4pdc has also been configured to trust the 'linuxdom' domain. I see no helpful output in the samba logs, what am I possibly missing? (When user2 is logged on at user2pc workstation in nt4dom domain and tries to access //lnxmbrsvr/share in the linuxdom domain (prompted for \\LNXMBRSVR\IPC$) and supplies the password for the nt4dom, it still errors "The password is incorrect. Try again.") [1] http://samba.linuxbe.org/en/samba/config/domain-1.html#trusted