Trust status

Andrew Bartlett abartlet at
Thu Dec 4 21:37:34 GMT 2008

On Thu, 2008-12-04 at 16:33 +0100, Stefan (metze) Metzmacher wrote:
> >>>> Can Samba3 trust us? (With the extended dn fixes applied)
> >>> I hope to have this working soon. 
> >> Both as workstation and domain trust?
> > 
> > Well, my hope is that once the extended DN work is in, then the
> > workstation side might be done.  Then we can test over domain trusts and
> > see if we missed anything else.
> I managed to setup that a samba3 pdc trusts samba4 dc.
> With todays commits and manually setting
> userPrincipalName: VZ0S3DOM at of the VZ0S3DOM$
> account.
> I couldn't find a quick way to fix your kdc to automaticly find the keys
> for the VZ0S3DOM at client principal.

OK, I'll try to look at this next week.  It needs to notice that it's a
trusted domain name and redirect into the trusted domain entries (which
as you notice, has a different codepath). 

Andrew Bartlett

Andrew Bartlett
Authentication Developer, Samba Team 
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :

More information about the samba-technical mailing list