Can not see domains in kerberos mode

Arup Biswas biswas_arup at
Wed Jun 28 21:19:27 GMT 2006

I do not know what happened to the body of my e-mail.  But, here it goes 

Let me describe the scenario first:

OS: Fedora, Samba version: 3.0.22

1. Join a win2k domain in ads mode
2. Map a drive from a win2k client in kerberos mode (using net use FQDN 
3. From the client, create a file on the mapped drive
4. Right click on the file and then select properties/security/add

At this point,I should be able to see a list of trusted domains, right?
But, all I see is the built-in domain for the samba server.
However, in the NTLM mode I can see all the trusted domains.
I have a ethereal capture between the client, dc and the Samba server.
It seems, in the ads case, the client never sends the netlogon RPC
DsrEnumerateDomainTrusts(). Could it be because of Samba server's
some earlier response? Or I am missing something?
I will appreciate any help in this matter.

If anyone wants to look at the ethereal traces please let me know.
Yesterday, I tried to attach the trace but it exceeded the 128 KB limit and 
my mail never got posted.


More information about the samba-technical mailing list