[Samba] Trusts between Windows 2003 and Samba 3.0 don't work
Wieseckel, Marcus
WieseckelM at media-saturn.com
Thu Oct 23 08:55:15 GMT 2003
Hi,
I'm running samba 3.0 pre 1 with ldapsam backend on SuSE 8.2 Prof.
Everything works fine. The creation of interdomain trusts between samba -
nt/2000/samba works also without any problems. It's possible to add users
from the trusting domain to local groups, sharing directorys for the other
side and
logon on both sides with different accounts from the other Domain.
The Order when I createing the Trust is follow:
1. Createing the trust on the samba side ( net rpc trustdom add win2k3test
password )
2. Check it with net rpc trustdom list
3. Createing a two-way trust on the Windows 2003 side and deactivate all
secure settings in the domaincontroller security policy like
requiresignorseal and Microsoft network server: Digitally sign
commnunications (always)
4. When i try to establish the Trust with net rpc trustdom establish
win2k3test and after this i type in the right password, i get following
error-message.
sql-domlin:/usr/sbin # net rpc trustdom establish win2k3test
Password:
[2003/10/22 14:33:19, 0] utils/net_rpc.c:rpc_trustdom_establish(1829)
Couldn't not initialise wkssvc pipe
I had already raise the log level to 10, but I can't find the problem while
the creation of the trust. Do anyone know what's problem could be?
I hope the postet information is enough. Thanks for your help
Best regards
Marcus
My smb.conf:
[global]
netbios name = SVR_SAMBA
workgroup = DOM_SAMBA
serverstring = SVR_SAMBA
os level = 254
log level = 10
log file = /var/log/samba/samba.log
preferred master = yes
local master = yes
domain master = yes
domain logons = yes
time server = yes
security = user
encrypt passwords = yes
wins support = yes
name resolve order = wins lmhosts host bcast
socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY
utmp = yes
keep alive = 30
host msdfs = yes
unix charset = UTF8
interfaces = 127.0.0.1 eth0
bind interfaces only = true
add user script = /usr/sbin/useradd -m %u
delete user script = /usr/sbin/userdel -r %u
add group script = /usr/sbin/groupadd %g
delete group script = /usr/sbin/groupadd %g
add user to group script = /usr/sbin/usermod -G %g %u
add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null %u
########################
# Backend-Parameter #
########################
passdb backend = ldapsam:ldap://127.0.0.1
algorithmic rid base = 10000
winbind cache time = 600
template shell = /bin/bash
template homedir = /home/%u
winbind use default domain = yes
idmap backend = ldap:ldap://127.0.0.1
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum groups = yes
winbind enum users = yes
ldap admin dn = cn=ldapadmin,dc=samba,dc=corp
ldap suffix = dc=samba,dc=corp
ldap machine suffix = ou=machines
ldap group suffix = ou=groups
ldap user suffix = ou=users
More information about the samba
mailing list