samba to trust another windows domain

NITIN PANDE npande at bajajauto.co.in
Fri Sep 28 01:23:03 GMT 2001 

This is from Roman Kozello--------------------->
Make sure you set up 'domain admin users' in smb.conf. Mapping this
account to root in smbusers file and adding a user root to smbpasswd may
also be necessary.
However, creating machine trust account through Windows Net->Properties
leads to disabled account.
Enable it with webmin or look at smbpasswd file - remove letter D at the
right side of appropriate string.
Then, close Net->Properties applets window and join domain again without
creating an account. You should go.

Or, better, create <machine_name$> Unix account with no shell, no home,
no password...
And # smbpasswd -a -m <machine_name>
Join domain without creating trust account from Win side.
----------------------
HTH. Ciao,
Nitin Pande
Mail Administrator
Bajaj Auto Ltd.
Ext . 6960

Dominic wrote:

>  Hi all, thanks for the response about the sync password. I will work
> and trythe proporsals. There is still another big problem and may be
> someone has a hint howto solve it: How can I make a Samba PDC trust
> another windows domain? We have two subnets: One of them is a
> heterogeneous with Unix/Linux and Windows workstations.One of the
> Linux Workstation (call it PDC1) is the NIS-Server and is alsothe
> Samba Domain Controller. Let us call this Domain (NIS and Samba)
> DOMAIN1 .Unix-NIS accounts and Samba Accounts are identical.Let the
> Net-IP be 121.20.100.0 Another subnet is a pure windows (NT) domain.
> Call the domain controller PDC2and the Domain DOMAIN2. Let the Net-IP
> be 121.20.200.0 Now a lot of users in DOMAIN2 like to log on the
> Unix-Workstaions in DOMAIN1.The Windows-Machine in DOMAIN2 are used
> just as Access-Terminals to Unix-Work-stations in DOMAIN1. Because of
> different departments DOMAIN1 and DOMAIN2cannot be merged to one
> domain. Consequently windows users from DOMAIN2 liking to log on
> Unix-DOMAIN1 must havetwo accounts. One in DOMAIN2 just to provide
> access to the windows machine. Thenanother account in DOMAIN1 for
> Unix-Access (e.g. via ssh and eXeed). Now this is a doulbe work with
> all its disavantages. The questionis: How can I make users have only
> one account in DOMAIN1 but be able to log on DOMAIN2?Can I solve this
> by making the Samba DOMAIN1 trust the NT DOMAIN2 (and vice versa).How
> ? (i.e. How can I make the Samba DOMAIN1 trust the NT DOMAIN2?) Thanks
> a lot for any hint Dominic
-------------- next part --------------
HTML attachment scrubbed and removed

More information about the samba-ntdom mailing list