Samba-3.0.0 RC's and transitive trusts

Jason Haar Jason.Haar at
Thu Sep 18 00:50:34 GMT 2003

I'm running 3.0.0-rc4 under "security = ADS" (with a successful "net
join"/etc), and it's working OK as a "normal" SMB server. However, it
appears that winbindd can only successfully communicate with the NT4 domains
which our AD domain has direct trust relationships with. Our domain is
"" (also called "sub1"), and there's a "" AD domain
too. However if I do "getent passwd sub2+user", it just returns an exit
status 2. If I do "getent passwd sub1+user" or "getent passwd nt4+user" they
work fine.

All the domains (both NT4 and AD) show up when I run "wbinfo -m".

winbindd shows the following when one of the AD subdoms is queried:

accepted socket 20
[12866]: request interface version
[12866]: request location of privileged pipe
accepted socket 22
read failed on sock 20, pid 12866: EOF
[12866]: getpwnam sub2+user
user 'user' does not exist
read failed on sock 22, pid 12866: EOF

When I do "getent passwd nt4+user", winbindd (debug 9) shows tonnes of
lines of output and gives the correct result.

WINBINDD_DOMAIN is not set...

This is under RH8.

Any ideas?



Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1

More information about the samba-technical mailing list