[Samba] Win2K child domains and winbind
Oskar Scheikl
oscheikl at rockingham.k12.va.us
Thu Feb 28 05:04:02 GMT 2002
I just set up a Samba server to serve as a file server in a Win2K domain.
It's version 2.2.3a running on RedHat 7.2. I set up winbind according to
the documentation provided with Samba. The Win2K domain tree includes a
top-level domain A, and child domains B, C, and D. The children and parent
have transitive two-way trust relationships established, and in Win2K,
each domain properly authenticates the others, and users from one domain
can become members in groups of the other domains.
The Samba server is supposed to serve as a file server in child domain D.
I joined the domain with no problems, but when running wbinfo -u and
wbinfo -g, I get a list of all users and groups in domain A (the parent
domain), and in one of the child domains (C). The users and groups from
domains B and D don't show up (even though the Samba server is a member of
domain D). If I set up the server to join domain A, B, or C instead, I get
the same results. Winbind can see two of the domains, but not the others,
even though I can see the user accounts for all domains on Win2K servers
in either of the four domains.
I worked around the issue by not using winbind. Using the DC in domain D
as the password server, and using security = domain works just fine, so
the authentication of user accounts in domain D is not the problem.
Any ideas why winbind may not see some of the domains, while it perfectly
sees the others (regardless of which domain I join)?
Oskar Scheikl
More information about the samba
mailing list