[Samba] integrating multiple NT4 domains with Samba
thephly
thephly at earthlink.net
Sat Mar 15 10:03:08 GMT 2003
On version 2.0 using "security = domain" and "include = globals.%m" I could specify what PDC to use depending on client name. This was a neat arrangement to integrate legacy NT4 domains - I asked the remote admins to add the samba server to their domain, and ran "smbpasswd -j <various> -r <various pdc's>" to end up with multiple machine.sid's in private. All was wonderful, and then I upgraded . . .
Now 2.2.7a with single secrets.tdb, samba is again added to the various domains, and can authenticate to any of them individually (their workgroup in smb.conf), but a %m globals match always produces an auth2 error. I think samba's pulling the wrong SID out of secrets.tdb, always using the %m workgroup, but the smb.conf global workgroup SID to authenticate!
Does anyone else bring together NT4 domains with samba to avoid "trusts"? Do you use this method, how does it work for you?
More information about the samba
mailing list