Michael Conigliaro
2009-Mar-31 19:09 UTC
[Samba] firewalls and winbind authentication to trusted domains
Hello, I currently have a DOMAIN-A and a DOMAIN-B with a one-way trust so that DOMAIN-B trusts DOMAIN-A. There is also a firewall separating the two domains, and I have opened the necessary ports for authentication and replication to take place between the domain controllers. This works fine. Now I have users on Domain A that need to log into machines on Domain B. This works fine when a user logs into a Windows machine. However, I've found that when logging into a Linux machine using winbind authentication, the machine is attempting to communicate with the domain controllers on DOMAIN-A. Authentication will not work unless I allow this traffic, but for security reasons, I'd rather not have to. It's almost as if the Windows machines are able to obtain information about DOMAIN-A from DOMAIN-B, but winbind cannot. Is there some way to enable this behavior? I am using samba 3.2.7 on CentOS. -- Michael Conigliaro Computer Analyst Fuss & O'Neill Technologies www.fandotech.com