Hi , I need to use ntlm_auth across two different AD domains and their is no trust between the 2 domains. I followed the post http://samba-multiple- domains.blogspot.co.uk/2010/03/how-to-join-one-linux-box-to-two.html <https://deref-mail.com/mail/client/44YIgEylY9w/dereferrer/?redirectUrl=http%3A%2F%2Fsamba-multiple-domains.blogspot.co.uk%2F2010%2F03%2Fhow-to-join-one-linux-box-to-two.html> It seems like only 1 instance can own the Winbindd pipe and bringing up additional instances causes the previous pipe to die. I can use additional socket directory instructions in smb.confs for the winbindd instances but then ntlm_auth doesnt know to locate the winbindd pipe ? The DNS infrastructure allows resolution of both domains and I can join to both the domains. Any pointers welcome. Many Thanks Arnab
On Sun, 21 May 2017 08:58:40 +0100 Arnab Roy via samba <samba at lists.samba.org> wrote:> Hi , > > I need to use ntlm_auth across two different AD domains and their is > no trust between the 2 domains. I followed the post > http://samba-multiple- > domains.blogspot.co.uk/2010/03/how-to-join-one-linux-box-to-two.html > <https://deref-mail.com/mail/client/44YIgEylY9w/dereferrer/?redirectUrl=http%3A%2F%2Fsamba-multiple-domains.blogspot.co.uk%2F2010%2F03%2Fhow-to-join-one-linux-box-to-two.html> >Interesting, but I can see one possible problem, the howto was written for Ubuntu-9.10 and you are probably using a recent version of Samba and smbpass has been removed. There are other problems 'idmap uid & idmap gid' are deprecated in favour of 'idmap config' , also the range numbers used are a bit low. Rowland
Hi , Any suggestions on the config I really need to get this working I am on fedora with samba 4.45 ? I know their is a probable way of getting this to work but not seen a complete example anywhere.. I have seen a commercial product which runs centos use samba and Kerberos across multiple disjoint domains. Your help would really appreciated. Many thanks Arnab On 21 May 2017 9:34 am, "Rowland Penny" <rpenny at samba.org> wrote:> On Sun, 21 May 2017 08:58:40 +0100 > Arnab Roy via samba <samba at lists.samba.org> wrote: > > > Hi , > > > > I need to use ntlm_auth across two different AD domains and their is > > no trust between the 2 domains. I followed the post > > http://samba-multiple- > > domains.blogspot.co.uk/2010/03/how-to-join-one-linux-box-to-two.html > > <https://deref-mail.com/mail/client/44YIgEylY9w/dereferrer/ > ?redirectUrl=http%3A%2F%2Fsamba-multiple-domains. > blogspot.co.uk%2F2010%2F03%2Fhow-to-join-one-linux-box-to-two.html> > > > > Interesting, but I can see one possible problem, the howto was written > for Ubuntu-9.10 and you are probably using a recent version of Samba > and smbpass has been removed. There are other problems 'idmap uid & > idmap gid' are deprecated in favour of 'idmap config' , also the range > numbers used are a bit low. > > Rowland >