Mayers, P J p.mayers at
Thu Sep 23 16:17:30 GMT 1999

1) I don't think Samba can maintain trust relationships with NT domains

2) No - you can use PAM_NTDOM (or is it called PAM_SMB these days) to
*authenticate* users from an NT domain, but you'd need the equivalent of
NSS_NTDOM to be able to have the users appear "local".

<Note - you can "kind of" do this - see the "add user script" parameter of

Luke Leighton mentioned something about nss_ntdom a while back - anyone have
any ideas?

That said, the nss interface is really easy, it shouldn't be too hard to
implement (and would be a *massive* improvement over "add user script" -


-----Original Message-----
From: Jim_F._Goeke at
To: Multiple recipients of list SAMBA-NTDOM
Sent: 9/23/99 3:56 PM
Subject: questions

ok. im new at this so bear with me.

I have a redhat 6.0 running the 7/21 release of samba 2.0.5.  what i
want to be
able to do with this is this.

I need to be able to run the samba as a NT  PDC.  I need the samba
server to be
able to start and maintain trust relationships with other NT domains.

The other problem im having is with security.  is there a way to get it
listen to the PDC of the domain its in with out having to add each and
user into the samba box?

Please help

Jim Goeke

More information about the samba-ntdom mailing list