[Samba] Windows 2008 R2 / one way trust / Samba
Duffey, Blake A.
Blake.Duffey at noblis.org
Thu May 6 13:33:05 MDT 2010
I'm pretty sure Windows 2003 domain is native 2k3
I don't believe these settings are specific to Windows 2008 R2. Before
I upgraded the 'lab' domain (from 2008 to 2008R2), things worked
(although I think it was using NTLM, which isn't optimal)
I should have added - we aren't using winbind
-----Original Message-----
From: samba-bounces at lists.samba.org
[mailto:samba-bounces at lists.samba.org] On Behalf Of Gaiseric Vandal
Sent: Thursday, May 06, 2010 3:17 PM
To: samba at lists.samba.org
Subject: Re: [Samba] Windows 2008 R2 / one way trust / Samba
Was the Win 2003 domain in mixed mode or 2000/2003 native?
Also, Win 2008 has some security settings changes that you may want to
change back to "weaker" settings.
http://support.microsoft.com/kb/889030/en-us
Does "wbinfo -u" on the linux machine list users in the trusted
(corporate) domain? If so, does "getent passwd" show them? (Presuming
that previously it did.)
On 05/06/2010 02:42 PM, Duffey, Blake A. wrote:
> Here is our configuration - we have a Windows 2003 domain I'll call
> 'corporate' and a Windows 2008 domain I'll call 'lab'. There is a
> one-way trust (users can log into 'lab' machines using 'corporate'
> creds). We have a linux box running samba that is a member of 'lab'.
> Users log into their Windows machines using a 'corporate' credential
and
> can seamlessly get to samba.
>
>
>
> Yesterday I upgraded 'lab' to Windows 2008R2 - and things blew up from
> there.
>
>
>
> Users are prompted to authenticate when connecting to the samba
system,
> and the server log shows NT_STATUS_NO_SUCH_USER.
>
>
>
> To resolve, we've removed/re-joined to the domain and upgraded to
samba
> 3.5.2
>
>
>
> If I log into a lab system with a lab ID, I can get to samba.
>
>
>
> But nothing from the trusted domain works.
>
>
>
> Any insight greatly appreciated.
>
>
>
>
>
>
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list