Help with domain trust relationship

Carroll, Patrick S psc59782 at glaxowellcome.com
Wed Dec 16 16:16:21 GMT 1998 

Hello,

I've got samba 2.0.0beta4 compiled and working properly on my RedHat 5.1
(Linux kernel 2.1.131) system.  I have the following NT domains to work
with...

I have the Linux box setup on the NT Domain "X"
Users are only authenticated on NT Domain "Y".
There is a trust relationship between Domain X and Y (both are NT servers)

I setup my smb.conf file with..

        workgroup = (Domain "X")
        security = domain (also tried server)
        encrypt passwords = yes
        password server = (primary domain controller for domain "x", also
tried primary domain controller for domain "y")

and pam_smb.conf with

	(Domain Y, also tried Domain X)
	(PDC for Y, also tried PDC for X)

I had my system admin add my computer netbios name (same as dns name) to the
NT Domain "X".  I ran the following..

smbpasswd -j (NT Domain "X")

And I successfully joined the domain, and the mac file was created in /etc.
(Note: if I tried to rejoin the domain at a later date, I got an error
message.  If I asked the domain admin to re-add me, I could join, but would
get the same error if I retried).

Now I setup my username with a "*" password in the password file. I tried
telnet to the Linux Box.  When I log-in with my username and the NT domain
password, I get the following error....

===================================================
Red Hat Linux release 5.2 (Apollo)
Kernel 2.1.131 on an i686
login: psc59782
Password:
client_init: connection succeeded
LSA Query Info Policy
Domain Member     - Domain: US-DESKTOP2 SID:
S-1-5-21-26028188-139138990-2934943
63
Domain Controller - Domain: US-DESKTOP2 SID:
S-1-5-21-26028188-139138990-2934943
63
NET_REQ_CHAL: NT_STATUS_INVALID_COMPUTER_NAME
Server  rejected the login of psc59782 to domain US1_AUTH.
Login incorrect                  
==========================================================
(note: us-desktop2 is domain "X", us1_AUTH is domain "Y").

Any suggestions?



Patrick Carroll
Instrument Technical Support
ASci Automation
Office: 483-7124  International: 703-7124 Mobile Phone: 272-5692 
Text Pager: http://griwww.glaxo.com/src/personalPages/show/psc59782
Unsecure Personal Email: mailto:Patrick.S.Carroll at gte.net

More information about the samba-ntdom mailing list