[Samba] Trusted domains with samba3.0

Paul Taka takaanna at hotmail.com
Wed Jan 22 09:09:01 GMT 2003

*** Please, even if you have not an answer to my question, just tell me
where can I find more log files or a forum where I could find gurus,
Thanks ***


I am testing Samba3.0alpha21 using trusted domains. On my network, I
domain STLO-ADMIN (nt4 server)
domain STLO-SMB (mandrake8.1 - samba3.0alpha21 server)

I want to make a relationship between these 2 domains. So, on my
NT4server, I add STLO-SMB in "trusting domains" and on my samba server,
I type:

net rpc trustdom establish STLO-ADMIN
<root samba password>

-> then it says:

[2003/01/14 09:19:52, 1] libsmb/cliconnect.c:cli_full_connection(1250)
  failed session setup with NT_STATUS_LOGON_FAILURE
[2003/01/14 09:19:52, 1] utils/net.c:connect_to_ipc(128)
  Cannot connect to server.  Error was NT_STATUS_LOGON_FAILURE
The username or password was not correct.
[2003/01/14 09:19:52, 0] utils/net_rpc.c:rpc_trustdom_establish(1688)
  Couldn't verify trusting domain account. Error was

I have the same errors if I use net command with -I <ip addr nt4
server> -U administrateur with nt4 administrator password.

It seems Samba can't see my NT4 domain. Then, if I type:

net rap domain
<root samba password>

-> I have:

Enumerating domains:
        Domain name          Server name of Browse Master
        -------------        ----------------------------
        STLO-SMB          HONFLEUR

But if I type

net rap domain -I <ip addr nt4 server> -U administrateur
<nt4 administrator password>

-> I have:

[2003/01/14 09:18:46, 1] libsmb/cliconnect.c:cli_full_connection(1218)
  session request to failed (Called name not present)
Enumerating domains:
        Domain name          Server name of Browse Master
        -------------        ----------------------------
        STLO-SMB          HONFLEUR

In this case, I can see my 2 domains.

Global section of my smb.conf is:
        netbios name = honfleur
        workgroup = STLO-SMB

        domain logons = yes
        security = user
        os level = 34
        local master = yes
        preferred master = yes
        domain master = yes
        encrypt passwords = yes

        invalid users = bin daemon adm sync shutdown halt mail \
                        news uucp operator gopher

        # domain admin group = root paul // Plus dispo sous samba3

        allow trusted domains = yes

        add user script = /usr/sbin/useradd -g 10001 -d /dev/null \
	-s /bin/false -M %u

Thanks by advance for your help !


MSN Messenger : discutez en direct avec vos amis !  

More information about the samba mailing list