similar to: idmap for trusted domain changing over time

Hello, I did join 2 sites using an IPSEC tunnel, and made one domain trust the other (2 small Samba DC based domains with about 10 users in each) I first had resolving issues until I decided to keep only one WINS server for both networks (though this is still an issue to me because if for any reason the tunnel is broken, I have no longer WINS on one side). Finally here is my setup : Network A

hi, it?s me again :( i?m still not able to use idmap_rid in a trusted domain environment (samba v3.0.20b Sernet). well, to be clear: NSS is not working (id, getent passwd <user>, ...) so samba does not find the posix information for any user from a foreign domain it?s working in a single domain with ##################################### # WINBIND - Settings idmap backend =

Well, I'm attempting to migrate my old NT4-based domain to Samba3. I've got Samba set up with an LDAP backend, I've extended my NDS schema, and I've got users in this new domain set up successfully and authenticating. I've decided that the best, most seamless way to migrate my domain is to create a new domain which will run alongside the old domain. A two-way trust

I've a problem with trusting domain authentication , I've searched the newsgroup but found no answer . The configuration is very simple . A windows 2000 domain (DOMA) , which contains the samba server , and a Windows 2003 domain (DOMB). The two are trusted by a bidirectional trust . The problem is that users from the 2003 domain can't get authenticated by the samba server and are

hi list, just for my knowledge -> we have a working PDC / BDC infrastructure for our domain DOMA, where PDC trusts another PDC from DOMB (all samba v3). when PDC from DOMA goes down, is the trust still valid or do we have to setup the trust on *both* DCs from DOMA (net rpc trustdom establish DOMB ... )? is that possible at all? thx&greez -- Michael Gasch Max Planck Institute for

I am trying to get two Samba PDC/Domains setup with a trust between them. They are separate domains because they are separate companies (one is a subsidiary of the other) located in different cites. I am using Centos 5.1 x86_64 and Samba 3.0.28a packages built by me from Fedora 8 source RPMs. Based on what I have read, in order to do the trust thing I need to use Winbind/idmap to handle the non

I'm currently building a Samba3-based domain (DomA) that has a trust relationship with an existing production NT4 domain (DomB). DomA uses an LDAP backend. The LDAP server is local on the PDC and is dedicated to such use. DomA runs Samba 3.5.6 on Debian 6.0. DomB is an old-timer: NT4 domain that's running for ages. The trust relationship has been established: DomA trusts DomB. Clients

Hello all. I've set up a testing environment with two Windows DCs. The first, called DCA, is serving the domain DOMA and is running Windows 2003. The second is called DCB and serves DOMB on Windows 2008. The Samba machine I'm setting up (named ULYSSES) should be able to authenticate users from both domains for shell login. I've installed Samba 3.2.3 as a Debian package and closely

Hi everybody. When using the command: # net rpc trustdom list what is the difference in output between: The "trusted" domains list and "trusting" domains list? Which operations are performed in both actions? My example: net rpc trustdom list Trusted domains list: DOMA S-1-5-21-790525478-1844823847-725345543 DOMB

Hi everyone, I have two domains with a two way trust (DomA and DomB). When users from DomA (on a DomB Linux PC) access sysvol on DomB's DC using smbclient everything works: # smbclient //DomB /sysvol -Udoma\\user -c 'ls' -k . D 0 Thu Jan 9 13:53:03 2020 .. D 0 Thu Jan 9 14:28:29 2020 domb

Hi, Here is my scenario:- 1. I got 1 LDAP server with two domains (A & B) configured to it. 2. Both domain PDCs are fully trusted to one another. I did the "trustdom establish" both ways. 3. I have 1 XP client that has joined Dom A. The login bar can allow you to login to 2 domains. 4. I can managed to login to both domains. 5. I got all the sambaHomePath and home drive

Hi there, I'm running Samba 3.0.14a-sernet on Suse 9.1 using ldapsam. I've got an interdomain trust setup across a vpn connection with a 2k3sp1 domain (DOMB). The trust works. What is strange is that a user from DOMB can't access any shares until they browse a share on our domain controller, say netlogon, then samba creates a new posix account for them in the ou=users base. I have

Hallo. I have problem configuring winbind to authenticate against Active Directory (Windows Server 2003 R2 in native mode). Our net topology seems as follows: - We have PDCs for domain DOMA (i.e.) - there are user accounts for all people on our university. - We have PDC for domain DOMB (DC for our department) that holds computer accounts. - Between DOMA and DOMB is one side trust. So Windows

Hi, I have two Windows Domains, DOMA and DOMB. A Samba 3.6 Server is a member server in DOMA. DOMA has a (unidirectional) trust relationship to DOMB. Users from DOMB should be able to connect and authenticate at the Samba server. The domain controller of DOMB has the IP 10.35.5.25. During authentication of a DOMB user at a share I get the following log entries: get_dc_list: preferred server

Hi All, Wonder is someone can help? We have mixed windows & Linux boxes in DomA network. Afaik all DomA clients are blocked and direct connection to DomB are not possible by design & for security. DomA DC(Windows) -- trust --> DomB DC(Windows) ^ | DomA Linux Client(DALC) winbind Samba 3.0.33 For some reason DomA Linux Client attempts ldap connection to all DomB DC once in 5 to 10

Hi, I am having difficuly deleting and renaming files with users from a foreign domain using acls. My setup is as follows : I have two Samba (3.0.14a)/LDAP domains connected via a VPN (OpenVPN) with a bi-directional trust relationship established. The trust relationship appears to be working correctly. I can log on onto PC's at either end on either Domain :) and the browse lists of both

The company I work for is split across two sites, each site has its own domain. The local end is a Samba server (DomA) with about 50 users, the remote end is NT4(DomB) with about 150 active users (400+ usernames in userlist). The two sites are connected over a VPN (Internally DomA=172.16.1.0/24, DomB=10.1.0.0/16) and the two domains trust each other. Users from either site regularly visit,

There may be several parts to the problem: 1. Winbind on Samba 3.4.x seems unable to allocate idmap entries (UID/SID or GID/SID) , whether or not the backend is LDAP or TDB. Winbind on Samba 3.0.x is able to create idmap allocation mappings with an LDAP backend. The two problems with Samba 3.0.x are as follows - "getent" would stop showing trusted users once the cache period

Hi Igor, I am no samba expert. Reading your email produce 2 thots. 1. If I have not read wrongly, you DID NOT managed to reproduce my scenario cos when you joined Domain A , login as user of DomB , you got the expected result, the Domain B's sambahomepath and drive gets map to the user B. Mine result was this: I joined Domain A, login as user of Dom B, I did NOT get Domain B's

Hello Community, I am facing the following question: how is it possible to share malboxes between domains? Example: - 2 domains present on the same dovecot: domA and domB - userA at domA - userB at domB userA at domA wants to share his mailbox to userB at domB (again same server)? Thank you for your help. Greetz