Samba-3.0.0 RC's and transitive trusts
Gerald (Jerry) Carter
jerry at samba.org
Thu Sep 18 16:17:27 GMT 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Jason Haar wrote:
| I'm running 3.0.0-rc4 under "security = ADS" (with
| a successful "net join"/etc), and it's working
| OK as a "normal" SMB server. However, it
| appears that winbindd can only successfully
| communicate with the NT4 domains which our AD domain
| has direct trust relationships with. Our domain is
| "sub1.top-dom" (also called "sub1"), and there's
| a "sub2.top-dom" AD domain too. However if I do
| "getent passwd sub2+user", it just returns an exit
| status 2. If I do "getent passwd sub1+user" or
| "getent passwd nt4+user" they work fine.
|
| All the domains (both NT4 and AD) show up when
| I run "wbinfo -m".
|
| winbindd shows the following when one of the
| AD subdoms is queried:
|
| accepted socket 20
| [12866]: request interface version
| [12866]: request location of privileged pipe
| accepted socket 22
| read failed on sock 20, pid 12866: EOF
| [12866]: getpwnam sub2+user
| user 'user' does not exist
| read failed on sock 22, pid 12866: EOF
|
| When I do "getent passwd nt4+user", winbindd (debug 9)
| shows tonnes of lines of output and gives the
| correct result.
|
| WINBINDD_DOMAIN is not set...
Can you describe you domain structure a little more. I'm a
little unclear on what is not working.
cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE/adqXIR7qMdg1EfYRAj+bAJ9G741qR1K5UJzTHFpq2+qMWvgfbACg0zQO
PSUe8knK4o7ZabjxphtZuHo=
=f/CB
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list