How to ignore trusted domains completely?

Gerald (Jerry) Carter jerry at
Thu Oct 11 13:28:07 GMT 2007

Hash: SHA1

Dmitry Butskoy wrote:
> Our AD has several trusted domains. These domains are reported to
> winbind daemon, and then winbind tries to contact the correspond DCs.
> The "allow trusted domains = no" does not affect winbind in this context.

That would be a BUG IMO.  Where still talking about the 3.0.26a
installation with idmap_rid correct?

> I would like to ignore these domains for some reasons:
> - Their DCs are very far geographically, the network channels for them
> is too low, or even not reachable at all (from our Samba hosts exactly).
> (I am aware of "winbind enum", and don't want to disable this...)

Understood.  We still should ignore trusted domains if you tell
us to.  So enumeration is not the root cause.

Looking at the code, it appears that disabling trusted domains
regressed.  Not sure when.

cheers, jerry
Samba                                    -------
Centeris                         -----------
"What man is a man who does not make the world better?"      --Balian
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla -


More information about the samba-technical mailing list