[Samba] Cross Realm Support
Gerald (Jerry) Carter
jerry at samba.org
Fri Oct 31 18:44:58 GMT 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Wachdorf, Daniel R wrote:
> I am doing some testing in Samba 3.0. I am using security=ADS.
>
> I am wondering if Samba has any support for cross-realm trust.
>
> For example, I have one AD forest SANDIA.GOV that has trust with
> SANDIA2.GOV. I have the Samba server on linux.sandia2.gov. I have a local
> user account on linux.sandia2.gov called user. When I log into a win2k
> client as SANDIA2.GOV/user and connect, it works fine. When I log on to a
> win2k box in SANDIA.GOV with the account SANDIA.GOV/user I can't connect.
> The log file displays:
> Username SANDIA.GOV\user is invalid on this system.
>
> I am obtaining all the necessary Kerberos tickets.
>
> Is there a way to map users from a trusted realm into a local account?
Thsi was fixed post 3.0.0 and is in the current SAMBA_3_0 cvs tree.
cheers, jerry
----------------------------------------------------------------------
Hewlett-Packard ------------------------- http://www.hp.com
SAMBA Team ---------------------- http://www.samba.org
GnuPG Key ---- http://www.plainjoe.org/gpg_public.asc
"You can never go home again, Oatman, but I guess you can shop there."
--John Cusack - "Grosse Point Blank" (1997)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE/oq2qIR7qMdg1EfYRAp1EAKCVJ21l3MfkiDTOpaD9A87z9z6ZdwCgnqZj
7PexOwWPo5Ankum85ZXN53Y=
=NoUK
-----END PGP SIGNATURE-----
More information about the samba
mailing list