[Samba-it] Trusted Domain
Massimiliano Corno - GESP s.r.l.
corno at gesp.it
Thu Apr 13 17:25:02 MDT 2006
Non riesco a fare mettere in Trusted due domini remoti.
Le due LAN sono connesse tramite VPN (OpenVPN).
Quando dalla LAN A eseguo il comando:
net rpc trustdom establish DOMB
ottengo il seguente output:
[2006/04/13 17:20:45, 0] utils/net_rpc.c:rpc_trustdom_establish(4387)
Couldn't find domain controller for domain DOMB.
Ovviamente ho creato le entry sia in passwd che in samba (non uso ldap).
Qui di seguito riporto i due smb.conf
-- SERVER A
[global]
workgroup = DOMA
netbios name = SERV-A
server string = Domain Server - Release 2.0
interfaces = 10.0.0.1/255.255.255.0
update encrypted = Yes
min password length = 8
passwd program = /usr/bin/passwd %u
unix password sync = Yes
log level = 3
keepalive = 60
add user script = /usr/sbin/useradd -g machines -c Machine -d
/dev/null -s /bin/false %m$
add machine script = /usr/sbin/useradd -c Machine -d
/var/lib/nobody -s /bin/false %m$
logon script = login.bat
logon path = \\%N\profiles\%u
logon drive = H:
logon home = \\SERV-A\%u
domain logons = Yes
preferred master = Yes
delete user script = /usr/sbin/userdel -r %u
add group script = /usr/sbin/groupadd %g
delete group script = /usr/sbin/groupdel %g
add user to group script = /usr/sbin/gpasswd -a '%u' '%g'
###
# x il Trust
idmap uid = 51000-60000
idmap gid = 51000-60000
## Winbindd
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind use default domain = Yes
winbind enum users = yes
winbind enum groups = yes
wins support = Yes
wins proxy = Yes
dns proxy = Yes
ldap ssl = no
remote browse sync = 10.0.1.1
name resolve order = lmhosts wins hosts
admin users = @ntadmin
hosts allow = 10.0.0., 10.0.1.
# ACLs
nt acl support = yes
inherit acls = yes
map acl inherit = yes
map archive = no
map hidden = no
map system = no
store dos attributes = yes
[profiles]
path = /home/samba/ntprofile
read only = No
create mask = 0600
[netlogon]
path = /usr/local/samba/netlogon
invalid users = @olduser
write list = ntadmin
browseable = No
[homes]
comment = home-directory
read only = No
create mask = 0700
directory mask = 0700
browseable = No
locking = No
-- SERVER B --
[Global]
add user script = /usr/sbin/useradd -d /dev/null -g machines -s
/bin/false -M %u
domain logons = yes
domain master = yes
encrypt passwords = yes
unix password sync = Yes
passwd program = /usr/bin/passwd %u
update encrypted = yes
add machine script = /usr/sbin/useradd -c Machine -d
/var/lib/nobody -s /bin/false %m$
hosts allow = 127.0.0.1, 10.0.0., 10.0.1.
local master = yes
log file = /var/log/samba.%m
log level = 2
logon path = \\%L\profiles\%u
logon drive = h:
logon script = login.bat
max log size = 50
netbios name = SERV-B
os level = 64
preferred master = yes
security = user
server string = PDC - Samba %v
workgroup = DOMB
create mask = 0770
directory mask = 0770
idmap uid = 21000-30000
idmap gid = 21000-30000
## Winbindd
wins support = Yes
winbind uid = 30000-50000
winbind gid = 30000-50000
winbind use default domain = Yes
wins proxy = Yes
ldap ssl = no
admin users = @ntadmin
hosts allow = 192.168.10., 192.168.11., 192.168.69.
remote browse sync = 10.0.0.1
name resolve order = lmhosts wins hosts
[netlogon]
comment = Network Logon Service
path = /home/netlogon
read only = yes
browseable = no
write list = @ntadmin
[homes]
comment = home-directory
browseable = no
writeable = yes
[profiles]
admin users = @admuser
path = /home/profiles
writeable = yes
browsable = no
create mask = 0600
directory mask = 0700
Qualcuno ha qualche idea?
Grazie
Max
More information about the samba-it
mailing list