Samba, Win2000 and trust between samba

Patrick slu at firerun.net
Wed Apr 25 00:29:25 GMT 2001


Did you do the following in this order?
1. Add the machine account for server1 on server 2 using the adduser command
"/usr/sbin/adduser -g machines -c Machine -d /dev/null -s /bin/" assuming  you
have a group called machines?
2. Then add the account to the smbpasswd file using "smbpasswd -a -m <server
1>"?
3. Then issue the "smbpasswd -j <server 2 domain>"

Patrick

Luis Cordeiro wrote:

> I'm sorry,
>
> I've tried to do it, and even reading the manual, I wasn't able to make it
> work.
>
> What I understand from this is:
>
> **********
> * Win2000 *
> **********
>           |
>           |
>          V
> **********                 **********
> * Server 1 *----------->* Server 2 *
> **********                  **********
>
> Server 1: - security = server
>                - password server = server 2
>                - allow trusted domains = yes
>
> and then I run the following on Server 1 :   smbpasswd -j <server 2 domain>
>
> Server 2: - security = user
>
> and then I run the following on Server 2 :   smbpasswd -a -m <server 1>
>
> I'm sending the smb.conf files in attach so you can see how i'm doing it.
>
> What's the problem?
>
> Is it necessary to have the machines registered on a DNS server? (they are
> on the same LAN and have invalid IPs)
>
> thanks,
> Luis Cordeiro
>
> ----- Original Message -----
> From: "Patrick" <slu at firerun.net>
> To: "Luis Cordeiro" <cordeiro at ipn.pt>
> Cc: <samba at lists.samba.org>; <samba-ntdom at lists.samba.org>
> Sent: Tuesday, April 24, 2001 12:02 AM
> Subject: Re: Samba, Win2000 and trust between samba
>
> > You will need to have one machine setup as the authentication machine.
> You will
> > also have to add a machine account for the other server.  Then for the
> other
> > machine you will need to have 'security = domain' and 'password server =
> <name
> > of server>' set in the smb.conf. then you will have to issue the command
> > 'smbpasswd -j <Domain>' for the machine to join the domain.
> >
> > Patrick
> >
> > Luis Cordeiro wrote:
> >
> > > Hi,
> > >
> > > I'm having some problems with samba.
> > >
> > > I have two servers with redhat 7.0 and samba 2.2. The computers that are
> > > making autentification though samba have Win2000 (witch is working when
> > > having only one domain).
> > >
> > > My problem is that I need to have the possibility to logon on the
> Win2000
> > > machines using the two servers. I've heard that I could use the trust
> > > between the two samba servers. But I've read in some documents (perhaps
> not
> > > the right ones) that that's not possible to do.
> > >
> > > My question is: is it possible? if so how to? if not is there another
> way to
> > > do it?
> > >
> > > Thanks,
> > > Luis
>
>   ------------------------------------------------------------------------
>                      Name: smb.conf_osipn
>    smb.conf_osipn    Type: unspecified type (application/octet-stream)
>                  Encoding: quoted-printable
>
>                      Name: smb.conf_samba
>    smb.conf_samba    Type: unspecified type (application/octet-stream)
>                  Encoding: quoted-printable





More information about the samba-ntdom mailing list