[Samba] Samba and trusted domains - need to get my story straight

[Kraa de Simon]

Hello all,

Samba 3.0.1 on Sun Solaris 5.9.

I need to get my story straight before I ask the people with the necessary
access rights to do the Samba setup.

I would appreciate it if someone could validate my story below.

Thanks!

Simon.

The situation:

* There are 2 domains:
 - EMEA (PDC=EMEAD01,BDC=EMEAD02)
 - NLRESOURCES (PDC=NLRESOD01,BDC=NLRESOD02)
* Users have accounts on the EMEA domain.
* There are no user accounts defined on the NLRESOURCES domain.
* The Samba server is in domain NLRESOURCES.
* EMEA is trusted by NLRESOURCES.

Part of smb.conf looks like:

workgroup = NLRESOURCES
security = DOMAIN
password server = NLRESOD01,NLRESOD02
allow trusted domains = YES

This is how it all should work:

"User kraades is defined in the domain EMEA, the Samba server is a member of
the domain NLRESOURCES. The domain EMEA is trusted by the domain
NLRESOURCES. This means that user kraades or any other user of EMEA can
access ressources in the domain NLRESOURCES,even if they don't have a
account in NLRESOURCES. This is the trust relationship principe of a NT
domain. Because Samba is a resource in the domain NLRESOURCES, user kraades
can access it without having been defined in the PDC of NLRESOURCES. The
only need is to have a unix account on Samba called kraades."

This is what I should do:

* Create a machine account for the Samba server on the PDC of NLRESOURCES.
* Execute the command "net join -S NLRESOD01-UAdministrator%password" on the
Samba server.