[Samba] Can't authenticate users from both domains in forest
Roger Roden
rroden at gmail.com
Fri Sep 19 04:20:16 GMT 2008
I have 2 domains in my forest. I need to allow users from both DomA (The
forest root and the Domain the server is joined to) and DomB to log in. All
works fine with DomA, but no one from DomB can log in. wbinfo --domain=DOMB
-u returns error looking up domain users. wbinfo -D DOMB returns the
following:
Name : DOMB
Alt_Name : DOMB.local
SID : S-1-5-21-1846896199-2149236580-2910475250
Active Directory : No
Native : No
Primary : No
Sequence : -1
I can get a kerberos ticket from DomB.
Here is my smb.conf
----------------------------------------------------------------------------------------------------------------------------
[global]
#--authconfig--start-line--
# Generated by authconfig on 2008/09/17 12:52:21
# DO NOT EDIT THIS SECTION (delimited by --start-line--/--end-line--)
# Any modification may be deleted or altered by authconfig in future
workgroup = DOMA
password server = ad01.doma.local
realm = DOMA.LOCAL
security = ads
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
template shell = /bin/bash
template homedir = /home/%U
winbind use default domain = false
winbind offline logon = false
#--authconfig--end-line--
log level = 3
server string = Samba Server Version %v
client use spnego = yes
passdb backend = tdbsam
wins server = AN.I.P.ADDRESS
cups options = raw
-----------------------------------------------------------------------------------------------------------
I'm running CentOS 5 and Samba 3.0.28. All AD Servers are 2003 R2.
Thanks
More information about the samba
mailing list