s4-11 interdomain trusts

Matthew Geddes musicalcarrion at gmail.com
Wed Mar 10 11:32:20 MST 2010


What do you think the right approach is and how far through it have you made
it?

It looks like we can make calls to an S3 winbindd in S4, but S3 winbindd
isn't going to know about the trust credentials and attributes we have.

We can act as a domain member, right? So we can generate calls ourselves.
I'm not sure what would be involved in doing the translation between
incoming and outgoing calls. Any ideas or suggestions?

Thanks for the quick response.

On 10 March 2010 10:15, simo <idra at samba.org> wrote:

>
> Matthew, I am looking in cross forest trusts, which present some of the
> same problems.
>
> As far as I could see, in Samba 4 we totally lack any infrastructure to
> do netlogon calls on behalf of clients so anything NTLM based is
> confined to the specific S4 server being contacted.
>
> In samba 3.x that is done by winbind.
>
> Simo.
>
> --
> Simo Sorce
> Samba Team GPL Compliance Officer <simo at samba.org>
> Principal Software Engineer at Red Hat, Inc. <simo at redhat.com>
>
>


More information about the samba-technical mailing list