[Samba] Cross Realm Support
Wachdorf, Daniel R
drwachd at sandia.gov
Mon Oct 27 23:14:00 GMT 2003
I am doing some testing in Samba 3.0. I am using security=ADS.
I am wondering if Samba has any support for cross-realm trust.
For example, I have one AD forest SANDIA.GOV that has trust with
SANDIA2.GOV. I have the Samba server on linux.sandia2.gov. I have a local
user account on linux.sandia2.gov called user. When I log into a win2k
client as SANDIA2.GOV/user and connect, it works fine. When I log on to a
win2k box in SANDIA.GOV with the account SANDIA.GOV/user I can't connect.
The log file displays:
Username SANDIA.GOV\user is invalid on this system.
I am obtaining all the necessary Kerberos tickets.
Is there a way to map users from a trusted realm into a local account?
Thanks.
-dan
--------------------------------------
Daniel Wachdorf
drwachd at sandia.gov
Sandia National Laboratories
System Security Research and Integration
505-284-8060
More information about the samba
mailing list