Trust relationships, sort of

CAE Samba Admin caesmb at
Thu Jun 18 20:18:14 GMT 1998


	Slowly, very slowly, we're finding ways to get samba to fit our
needs around here, but we are constantly running in to problems where I as
a lab manager would like to be able to administer things like machine
accounts and shares and such.  This cannot be done easily because we
are using the campus accout database for logins, and as such
(understandably) the administrators of that system don't want me to be
able to edit the smb.conf file (becase of that little root preexec thing).
	NT has a solution to things like this call trust relationships.
Now, I know you don't have trust relationships functioning yet, but as a
stepping stone, how hard would it be to code in pseudo trust relationships
between samba servers?  Maybe using something like a combo of PDC
functionality with a "password server" style command.  Basically, if a
user isn't a member of the domain, try against another domain (more or
less just forward the request as a domain member similar to if you were
using security = domain).
	I'm just curious if this would be easy to implement or not,
because I know true trust relationships are too far off to start begging
for just yet... :)



More information about the samba-ntdom mailing list