domain_client_validate() in smbd/password.c

[Luke Kenneth Casson Leighton]

On Thu, 18 Feb 1999, Nicolas Williams wrote:

> 
> I don't understand your reply. Does it mean that Samba currently does
> not have code to deal with domain trusts even when it's configured to be
> just an SMB server and not a PDC/BDC?

correct, because as a stand-alone SMB server domain trust relationships
are not relevant: all accounts are "local workstation" accounts on a
stand-alone SMB server.
 
> If you have an NT based PDC/BDC infrastructure and several domains with
> domain trusts setup, will a Samba server (with security=domain) allow a
> client from a trusted domain to validate?

i am not very bright, today, i have to think what you mean.

nt-pdc1   nt-pdc2  samba-memberof-nt-pdc2

trust between nt-pdc1 and nt-pdc2.  clients in nt-pdc2's domain can access
samba-memoberof-nt-pdc2.  clients in nt-pdc1: no, i don't think so.
maybe!  try it!


> Nico
> 
> 
> On Wed, Feb 17, 1999 at 04:53:08PM +0000, Luke Kenneth Casson Leighton wrote:
> > this requires a trust relationship between the two PDCs (not SMB servers)
> > and we haven't done that yet, sorry.
> > 
> > On Thu, 18 Feb 1999, Nicolas Williams wrote:
> > 
> > > 
> > > But I thought that clients in domains other than the SMB server's should
> > > be able to get validated, provided that their domains are trusted by the
> > > SMB server's domain.
> > > 
> > > Is this not true?
> > > 
> > > Nico
> 

<a href="mailto:lkcl at samba.anu.edu.au" > Luke Kenneth Casson Leighton  </a>
<a href="http://mailhost.cb1.com/~lkcl"> Samba and Network Development </a>
<a href="http://www.samba.co.uk"       > Samba and Network Consultancy </a>