Trust relationships, sort of

Joseph Cheek joseph at
Thu Jun 18 20:44:19 GMT 1998

trust relationships are such a hassle with a large number of domains.  is
there any type of multi-domain relationship model we can implement that's
better than trust relationships?  i get the feeling that ms just made trust
relationships as a bandaid to the entire single-signon/single point of
authentication problem.  there have got to be better solutions.  any ideas?

 Joseph Cheek, Director, Cheek Consulting
  Computer Network Solutions -- NetWare, Linux, and Internet consulting
   Novell and Caldera partners, supporter of Linux in business
    joseph at,, (206) 282-2892

-----Original Message-----
From: CAE Samba Admin <caesmb at>
To: Multiple recipients of list <samba-ntdom at>
Date: Thursday, June 18, 1998 1:26 PM
Subject: Trust relationships, sort of

> Slowly, very slowly, we're finding ways to get samba to fit our
>needs around here, but we are constantly running in to problems where I as
>a lab manager would like to be able to administer things like machine
>accounts and shares and such.  This cannot be done easily because we
>are using the campus accout database for logins, and as such
>(understandably) the administrators of that system don't want me to be
>able to edit the smb.conf file (becase of that little root preexec thing).
> NT has a solution to things like this call trust relationships.
>Now, I know you don't have trust relationships functioning yet, but as a
>stepping stone, how hard would it be to code in pseudo trust relationships
>between samba servers?  Maybe using something like a combo of PDC
>functionality with a "password server" style command.  Basically, if a
>user isn't a member of the domain, try against another domain (more or
>less just forward the request as a domain member similar to if you were
>using security = domain).
> I'm just curious if this would be easy to implement or not,
>because I know true trust relationships are too far off to start begging
>for just yet... :)

More information about the samba-ntdom mailing list