Samba, Win2000 and trust between samba

Luis Cordeiro cordeiro at ipn.pt
Tue Apr 24 17:40:15 GMT 2001


I'm sorry,

I've tried to do it, and even reading the manual, I wasn't able to make it
work.

What I understand from this is:

**********
* Win2000 *
**********
          |
          |
         V
**********                 **********
* Server 1 *----------->* Server 2 *
**********                  **********

Server 1: - security = server
               - password server = server 2
               - allow trusted domains = yes

and then I run the following on Server 1 :   smbpasswd -j <server 2 domain>

Server 2: - security = user

and then I run the following on Server 2 :   smbpasswd -a -m <server 1>

I'm sending the smb.conf files in attach so you can see how i'm doing it.

What's the problem?

Is it necessary to have the machines registered on a DNS server? (they are
on the same LAN and have invalid IPs)

thanks,
Luis Cordeiro


----- Original Message -----
From: "Patrick" <slu at firerun.net>
To: "Luis Cordeiro" <cordeiro at ipn.pt>
Cc: <samba at lists.samba.org>; <samba-ntdom at lists.samba.org>
Sent: Tuesday, April 24, 2001 12:02 AM
Subject: Re: Samba, Win2000 and trust between samba


> You will need to have one machine setup as the authentication machine.
You will
> also have to add a machine account for the other server.  Then for the
other
> machine you will need to have 'security = domain' and 'password server =
<name
> of server>' set in the smb.conf. then you will have to issue the command
> 'smbpasswd -j <Domain>' for the machine to join the domain.
>
> Patrick
>
> Luis Cordeiro wrote:
>
> > Hi,
> >
> > I'm having some problems with samba.
> >
> > I have two servers with redhat 7.0 and samba 2.2. The computers that are
> > making autentification though samba have Win2000 (witch is working when
> > having only one domain).
> >
> > My problem is that I need to have the possibility to logon on the
Win2000
> > machines using the two servers. I've heard that I could use the trust
> > between the two samba servers. But I've read in some documents (perhaps
not
> > the right ones) that that's not possible to do.
> >
> > My question is: is it possible? if so how to? if not is there another
way to
> > do it?
> >
> > Thanks,
> > Luis

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smb.conf_osipn
Type: application/octet-stream
Size: 1069 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba/attachments/20010424/1f0ea87a/smb.obj
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smb.conf_samba
Type: application/octet-stream
Size: 1125 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba/attachments/20010424/1f0ea87a/smb-0001.obj


More information about the samba mailing list