Cross Forest Trusts
Gerald (Jerry) Carter
jerry at samba.org
Fri Sep 7 18:47:18 GMT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Todd,
> Given the following:
>
> Forest A < --------- Cross Forest
> Transitive Trust ---> Forest B
>
> Child Domain of forest A
>
> When a Samba server is joined to the child domain of
> forest A, and the share level permissions allow Forest B \
> Domain Users, winbindd fails to authenticate the user - simply
> put, it cannot do a name-->sid translation for Forest B:
>
> winbindd_group.c:winbindd_getgrnam(243)
> [11:28am]
> could not get domain sid for domain W2K3.WEST.ISILON.COM
>
> I'm pretty sure this is because we're using "crusty
> old" RPCs which don't do cross forest lookups - is this something
> which is slated to be fixed sometime soon?
All fixed in 3.2.0. I spent most of the month of April with
all types of trust variants. Try the current dev code and
let me know if that does not work for you.
cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFG4Zy2IR7qMdg1EfYRAmJOAJwKP6Db2IVdE+pQUEmGiWqU8gzX5QCeMLqs
7sP7VSs0pDlhJOm1+Za+7yE=
=OWHB
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list