[Samba] Continuing problem with domain trusts

Joe Dougherty dougherty at nlmof.navy.mil
Fri Jul 18 18:24:59 GMT 2003

    Samba3beta3 domain (NEWDOM) with a single PDC. No winbind activated.
Uses smbpasswd for user authentication.
    Windows 2K AD (OLDDOM) domain with two DCs.

    I've been struggling to get a trust established one way with these two
domains. Since I have a native W2K AD domain, I have to use AD domain tools
to establish the trusts. I followed the documentation regarding creating a
domain trust account on the Samba side. Using the W2K tools, I have
successfully managed to get the OLDDOM domain to trust the NEWDOM domain, so
Samba clients can access shares on the Windows domain. I can add the Samba
accounts to the security settings of the shares, and everyone sees
everything they're supposed to on the Windows side.

    However, I can't get the Samba domain to trust the Windows domain the
other way. I've attempted to add the Samba domain using the same W2K tools,
but getting the trust to work (Samba trusting Windows) just gives me a bunch
of mysterious errors.

   I have two questions: is winbindd/pam a requirement for proper trust
establishment, and has anyone had success establishing W2K trusts?


More information about the samba mailing list