NT Domains & accessing Samba Server

yarond yaron.daniel at telrad.co.il
Wed Jan 31 17:05:11 GMT 2001

Hello Alin

well I try to play with my config files, but it did not work
when i join a samba server to one domain his netbios name always points to this server.

But what i succeed to make is this:

I succeed making one way trust between the two NT Domains.Thats mean : i can access form "Dom1" all off my Samba-server that i joined to "Dom1" and also access all the Samba-servers that i joined to "Dom2". without any need to make any authentication.

But the users that login to "Dom2" can access only the Samba-servers in "Dom2".

i did it with this steps:
1) on "samba1" : /opt/samba/smbpasswd -j Dom1
2) on "samba2" : /opt/samba/smbpasswd -j Dom2
3) make trust in the NT Domain, Dom2 is trusted by Dom1.
4) I got on each NT domain same-user (i did not check if i need this) i think that only one will work too.

Thanks anyway 

bye bye

-----Original Message-----
From:	Alin Osan [SMTP:aline at home.ro]
Sent:	â 16 éðåàø 2001 9:57
To:	yarond
Subject:	Re: NT Domains & accessing Samba Server

On 15 Jan 2001, at 16:55, yarond wrote:

> Hello David
> Sorry that i am writing to u directly but u are my last help, I could not find any documentation about this issue.
> I have two HP-10.20 unix servers running Samba2.0.7.
> one is called - "samba" and the second is called - "samba1"
> I also have two NT Domains:
> one called - "DOM1" and the second is called - "DOM2" and there are trusted
> I joined the Samba-server "samba"  to Domain - "DOM1"
> i joined the Samba-server "samba1" to Domain - "DOM2"
> when i login to the NT- DOM1 i can access "samba" but when i  try to access "DOM2\samba1" i got an authentication message.
> I can access other PC clients in DOM2.
> also when i login to the NT-DOM2 i can access "samba1" but i can not access "DOM1\samba" , i can access other PC clients in DOM1.
> Is it possible to access a Samba-server on other Domain ??? 
> my config files are:
> Samba - server :
> [global] 
> 	workgroup = DOM1
> 	netbios name = samba
> 	security = domain
> 	password server = DOM1PDC
> Samba1 server:
> [global]
> 	workgroup = DOM2
> 	netbios name = samba1
> 	security = domain
> 	password server = DOM2PDC
> I tried to put "*" in the password server but it did not work.
> what should i do ??? 
> Best Regards
> Yaron Daniel
> System Administrator - HP team
> There is so many many worlds
> So many many suns
> And we got just one world 
> But we living in different ones...

The problem is that you can't acces computer cross-domain. They 
have to be in the same domain (workgroup if you like). One trick 
can be done, you add in [global] "netbios alias=DOM1" in smb.conf 
on DOM2 server and vice-versa. This tells Smba to accept 
conection from both domains. I have only one server so i can't try it 
first. Let me know if it worked.
People at Samba believe that this is a marketing strategy from 
Microsoft to make you have one server per domain.

Alin Osan
Network Administrator
"Fundatia Casa"
phone 059467200
fax   059467202

More information about the samba mailing list