[Samba] Samba4 Domain Trust: which direction?
Klaus Hartnegg
hartnegg at gmx.de
Tue Jul 1 13:55:40 MDT 2014
On 30.06.2014 22:47, Robert Bilbrey wrote:
> Can two Samba AD domains trust each other, just for look ups
> so that a workstation can be a member of both domains?
"Each other" implies bidirectional trust. If the info in the FAQ is
still correct, then this is not yet possible.
Also it would require moving from internal DNS server to bind, because
trust requires DNS resolving of the other domain. This is difficult when
each DC run its own DNS server, and all info about the domain is only
stored there. Windows server can do this with a Conditional Forwarder in
the DNS server. But the internal DNS server of Samba 4 can handle only
one single forwarder, and that is usually already used to resolve the
rest of the world.
Klaus
More information about the samba
mailing list