[Samba] Trusted domain problem (maybe networking)

Misty Stanley-Jones misty at borkholder.com
Tue Dec 14 20:30:45 GMT 2004


I have spent the afternoon learning how to configure my routers to allow 
directed-broadcast with an access list, so that I can allow two different 
domains on different subnets to trust each other.  Now I can do a broadcast 
ping from either subnet to the other, and I can also do smbclient -L 
<remote_pdc> and get the shares, from one side.  From the other side I 
cannot.  Let me  clarify here.

PDC A is called CORPSRV, controls domain CORP, and has IP address
PDC B is called FURNSRV, controls domain FURN, and has IP address

From CORPSRV, I can broadcast ping to (and answers) 
and I can successfully do "smbclient -L FURNSRV".

From FURNSRV, I can broadcast ping to, but cannot do "smbclient 
-L CORPSRV".  I get no errors on CORPSRV, but FURNSRV says the following:
furnsrv:~ # smbclient -L CORPSRV
Connection to CORPSRV failed

I think this is why the 'net rpc trustdom" commands fail.  But they fail on 
both sides.

Each PDC is acting as the WINS server for its subnet.    Below are relevant 
portions of the smb.conf files:

wins support = yes
domain logons = yes
os level = 100
preferred master = yes
domain master = yes
remote announce =
remote browse sync =

wins support = Yes
wins proxy = Yes
os level = 100
preferred master = yes
domain master = yes
local master = yes
remote announce =
remote browse sync =
name resolve order = wins bcast host

I can't really remember why I have all the settings on FURNSRV so I didn't add 
them all to CORPSRV just because they are there.  It looks like from the docs 
that I should only have one "wins support = Yes" but I'm not sure if that's 
per subnet or not.  Any advice would be appreciated.


More information about the samba mailing list