[Samba] Cross Realm Support

Gerald (Jerry) Carter jerry at samba.org
Fri Oct 31 18:44:58 GMT 2003

Hash: SHA1

Wachdorf, Daniel R wrote:
> I am doing some testing in Samba 3.0.  I am using security=ADS.
> I am wondering if Samba has any support for cross-realm trust.
> For example, I have one AD forest SANDIA.GOV that has trust with
> SANDIA2.GOV.  I have the Samba server on linux.sandia2.gov.  I have a local
> user account on linux.sandia2.gov called user.  When I log into a win2k
> client as SANDIA2.GOV/user and connect, it works fine.  When I log on to a
> win2k box in SANDIA.GOV with the account SANDIA.GOV/user I can't connect.  
> The log file displays:
> 	Username SANDIA.GOV\user is invalid on this system.
> I am obtaining all the necessary Kerberos tickets.
> Is there a way to map users from a trusted realm into a local account?

Thsi was fixed post 3.0.0 and is in the current SAMBA_3_0 cvs tree.

cheers, jerry
  Hewlett-Packard            ------------------------- http://www.hp.com
  SAMBA Team                 ---------------------- http://www.samba.org
  GnuPG Key                  ---- http://www.plainjoe.org/gpg_public.asc
  "You can never go home again, Oatman, but I guess you can shop there."
                             --John Cusack - "Grosse Point Blank" (1997)

Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


More information about the samba mailing list