Samba 4 Trust relationship with Windows 2008 Active Directory

SATHYA - IT sathyanarayanan.varadharajan at
Thu Aug 11 04:27:27 MDT 2011

Thanks Pavel.

In case if we have both Samba and Windows AD in an environment - is there
any possibilities of having windows AD users accessing Samba domain services
(which mean if I configure a file server based on Samba 4 AD authentication,
is there any possibility of providing file services for Windows AD users in
this environment). 

-----Original Message-----
From: Pavel Herrmann [mailto:morpheus.ibis at] 
Sent: Thursday, August 11, 2011 1:28 PM
To: samba-technical at
Cc: SATHYA - IT; 'Andrew Bartlett'
Subject: Re: Samba 4 Trust relationship with Windows 2008 Active Directory


On Thursday 11 of August 2011 09:05:24 SATHYA - IT wrote:
> Andrew,
> Thanks a ton on the update. On the related note, as the other option - 
> if we could add samba domain as a child domain for an Windows 2008 AD 
> server whether windows users would be able to access the samba 4 
> domain (child
> domain) based services. As we are running Sharepoint and Navision in 
> our environment which are accessed by some set of users, we require 
> windows AD badly. For other users I can utilize samba domain. Where I 
> can configure Mailing, Fileserver, Instant Messaging services under 
> samba domain and can provide access for these services for windows AD 
> users (Parent Domain) users too. Whether the said scenario will work 
> in samba 4 environment. Can you please assist on this.
> Thanks
> Sathya

This probably won't work, I tried child domains few months ago and they were
not supported, and I haven't caught anything about this changing since

one of the symptoms is that samba assumes the configuration container is in
domain basedn, while it should be in forest basedn, but the
incompatibilities were deeper - you can try searching the archives

Pavel Herrmann

More information about the samba-technical mailing list