[Samba] Trusted NT domains won't connect
Dan Tremitiere
tremitie at bc.edu
Thu Feb 26 21:55:29 GMT 2004
Hi all,
I've been struggling with this problem for quite some time, and I'm
hoping someone will have an answer for me. I'm trying to use Samba to
authenticate against a campus-wide NT domain setup. As such, I can't
change any of the details of the NT domain.
The NT domains are set up as follows:
+-----> USER1
|
MACHINES <-+-----> USER2
|
+-----> USER3
Machines join the MACHINES domain, using a username (let's call it
"addmachine") and password set aside for this purpose. USER1, USER2,
and USER3 are trusted by MACHINES, and all user accounts are created in
these three domains.
I've got smbd and winbindd running under Samba 3.0.2a1. Issuing
net join -S PDCNAME -Uaddmachine%password
returns
Joined domain MACHINES.
Issuing wbinfo -m at this point will return:
USER1
USER2
USER3
(MACHINES is absent.)
Issuing wbinfo --sequence, however, returns:
USER1 : DISCONNECTED
USER2 : DISCONNECTED
USER3 : DISCONNECTED
MACHINES : 75917
Try as I might, I have never gotten Samba to connect to the USER1-3
domains. What am I doing wrong? The global section of my smb.conf
(minus comments) is
below.
My apologies if this is a duplicate post; I tried posting it to
linux.samba but
that seems to just be a mail -> news gateway.
Dan
smb.conf:
[global]
workgroup = MACHINES
server string = myservername
log file = /var/log/samba/log.%m
max log size = 50
security = domain
password server = PDC
encrypt passwords = yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
dns proxy = no
winbind separator = +
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
More information about the samba
mailing list