[Samba] Is this how "trusted domains" work in Samba 3?
Kraa de Simon
Simon.de.Kraa at services.fujitsu.com
Fri Feb 27 13:30:41 GMT 2004
Samba 3.0.1 on Sun Solaris 5.9.
I need to get my story straight before I ask the people with the necessary
access rights to do the Samba setup.
I would appreciate it if someone could validate my story below.
* There are 2 domains:
- EMEA (PDC=EMEAD01,BDC=EMEAD02)
- NLRESOURCES (PDC=NLRESOD01,BDC=NLRESOD02)
* Users have accounts on the EMEA domain.
* There are no user accounts defined on the NLRESOURCES domain.
* The Samba server is in domain NLRESOURCES.
* EMEA is trusted by NLRESOURCES.
Part of smb.conf looks like:
workgroup = NLRESOURCES
security = DOMAIN
password server = NLRESOD01,NLRESOD02
allow trusted domains = YES
This is how it all should work:
"User kraades is defined in the domain EMEA, the Samba server is a member of
the domain NLRESOURCES. The domain EMEA is trusted by the domain
NLRESOURCES. This means that user kraades or any other user of EMEA can
access ressources in the domain NLRESOURCES,even if they don't have a
account in NLRESOURCES. This is the trust relationship principe of a NT
domain. Because Samba is a resource in the domain NLRESOURCES, user kraades
can access it without having been defined in the PDC of NLRESOURCES. The
only need is to have a unix account on Samba called kraades."
This is what I should do:
* Create a machine account for the Samba server on the PDC of NLRESOURCES.
* Execute the command "net join -S NLRESOD01-UAdministrator%password" on the
More information about the samba