[Samba] wbinfo --sequence returns DISCONNECTED in NT 4.0 domain

todd todd_run at yahoo.com
Tue Jun 24 21:43:43 GMT 2003

I have Samba 2.2.5 on two Red Hat 8 systems in an environment of NT 4.0 
machines where all PDC's/BDC's are NT machines.  We have 2 trusted 
domains (also NT PDC's).

Samba/winbind work great locally, but the trusted accounts are not 
working.  Here's a run down of what works and what doesn't:

wbinfo -m  #shows trusted domains
wbinfo -a TRUSTEDDOMAIN+user%pass  #successful
wbinfo -u/-g  #only accounts/groups for local domain, not trusted
wbinfo -I  #works on locals, trusted returns nothing
wbinfo -N  #resolves correctly for local or trusted
wbinfo --sequence  #shows all domains, however trusted are shown as 

I've read a few posts on people fixing this with wbinfo -A 
\\DOMAIN\user%pass but I've not been able to get that to work.  I'm 
assuming that only works with AD, which we're not using at this point

Again, this all works great for local users.  The users from the trusted 
domains are the only ones affected. They can see the shares but the 
samba machine just won't let them in (since it doesn't see their accounts).

Any suggestions would be greatly appreciated.  Here's some basics from 
globals in my smb.conf file:

    security = domain
    password server = *
    encrypt passwords = yes
    smb passwd file = /etc/samba/smbpasswd
    unix password sync = Yes
    passwd program = /usr/bin/passwd %u
    passwd chat = *New*password* %n\n *Retype*new*password* %n\n 
    pam password change = yes
    obey pam restrictions = yes
    socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
    wins server =
    allow trusted domains = yes
    dns proxy = no
#winbindd stuff
winbind separator = +
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind cache time = 15
winbind enum users = yes
winbind enum groups = yes
template shell = /bin/bash
template homedir = /home/%D/%U

Thanks in advance!

More information about the samba mailing list