[Samba] Trust Domains ...
C.Lee Taylor
leet at leenx.co.za
Thu Jun 6 11:20:04 GMT 2002
(Embedded
image moved "C.Lee Taylor" <leet at leenx.co.za>
to file: 06/06/2002 01:54 PM
pic01468.pcx)
Greetings ...
After a little research (somebody did a bit or work ;-O ) with google and
the replies to my questions, this what I think I understand and will test
very soon ( Hope not to make an ass of myself. )
Andrew Bartlett wrote:
> Samba 2.2 supports being trusted by NT. Its a bit odd, and mainly works
> due to the fact that domain logons and interdomain logons are almost
> exactly the same. Not 'supported', and only works for NT domains with
> just a PDC.
Okay, I asked this question before, but got no responce, so I am going to
ask again, but this time with a little more details from my side.
NT4sp6 PDC with Exchange 5.5sp4 host the mail ( and other resouces ) for my
Linux domain. I wish to setup a Trust domain.
If I understand this correctly, the NT4 domain needs to trust my Samba
domain.
Now according to http://mordor.clayton.edu/samba-tng/tng-pdc-trust.html as
my reference, I will need to setup a machine account for the DOMAIN, PDC
and each of the BDC's and then in the User Manager setup the trust
relationship.
This feel like I am missing something, because when a machine joins the
domain, it normally needs root password ( which I don't wish to give to NT4
Admin ) and now I don't see any password been setup here ... it just does
not seem secure. If I set my root password to something easy for the trust
setup and make it secure afterwards would that not break the trust ...
As I said, it feel like I am missing something. I have a funny feeling
that
my Samba server should join the NT4 domain, but then I don't see anything
that says I have too. What should the security option set too, because I
have see a few errors in one of my domains that have a LDAP SAM, which I
had to change the option until the errors went away without kill my
network. Once I get this right, I will get a friend to help document what
I have done, maybe it could be tha basis for mini-howto or something. This
all seems like too much.
Thanks for all the help everybody has given me.
Mailed
Lee
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pic01468.pcx
Type: application/octet-stream
Size: 2427 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba/attachments/20020606/0a06562a/pic01468.obj
More information about the samba
mailing list