NT Domain to establish Trust with SAMBA

Elrond elrond at samba.org
Mon Jun 19 13:32:53 GMT 2000

On Fri, Jun 16, 2000 at 05:53:41AM +1000, Gerry George wrote:
> I have one ( and soon to have many more) SAMBA networks established.   It 
> is connected via a WAN link to a NT-Based domain (NT4).  Some of my Samba 
> users need to access the NT domain.  I need to establish a one-way trust 
> from Samba to the NT domain so that my users can be authenticated against 
> the NT domain.  I am NOT using the CVS branch.  Is this possible or do I 
> need CVS?  Note that there is no need for me to trust them 
> (NT).  Optionally, can I simply choose to synchronize usernames & passwords 
> (yeech!) to achieve similar results?

Do I understand that the right way?

You want the remote NT domain to trust your samba domain,
so your users can log into the nt domain with their
username/password from samba?


You need TNG for this.

I need this currently too (and it's only halfworking).

It's ugly.

Currently it has some traps and stuff like that, this
includes hand-copying passwords in your smbpasswd every
some weeks and other ugly stuff.

In other words: It's not realy practical currently.

syncing the passwords is currently your only "stable"
I don't know, how you could automate the changing of the pw
in the NT domain... Using some password-sync with smb.conf
and running smbpasswd against the remote NT domain would be
some idea, BUT: For remote smbpasswd, you need the old pw
in cleartext... and you don't have it.


More information about the samba-ntdom mailing list