[Samba] Trust between SAMBA and NT server

Madhusudan, R r.madhusudan at hp.com
Wed Nov 3 14:01:54 GMT 2004

My intention is to make NT domain the trusted domain, and SAMBA the trusting domain.

I was able to pull off the vice-versa exercise though, that enabled users in the SAMBA domain - the TRUSTED domain - to be able to use the resources of the NT domain - the TRUSTING domain.


-----Original Message-----
From: Daniel Wilson [mailto:daniel.wilson at sunderland.ac.uk]
Sent: Wednesday, November 03, 2004 7:23 PM
To: Madhusudan, R
Cc: samba at lists.samba.org
Subject: Re: [Samba] Trust between SAMBA and NT server

Sorry i dont understand you, do you want samba to be the trusted domain 
or Windows to be the trusted domain?

what i told you before was to make samba the trusted domain, so users in 
the windows domain can access resources in samba domain without entering 
username and passwords again!

Madhusudan, R wrote:

>Thanks for the response!
>The inter-domain trust A/C, namely ASNT01$, was created when I tried successfully in getting the NT domain to trust the SAMBA domain. 
>The NT domain is called ASNT01, and COBRA.DOM is SAMBA domain.
>If you think your procedure would help me, then I'd request you
>to please make it available. 
>-----Original Message-----
>From: Daniel Wilson [mailto:daniel.wilson at sunderland.ac.uk]
>Sent: Wednesday, November 03, 2004 7:03 PM
>To: Madhusudan, R
>Cc: samba at lists.samba.org
>Subject: Re: [Samba] Trust between SAMBA and NT server
>You need to have an inter-trust user account in samba before you attempt 
>to add a trust in your windows domain, like this:
>bash# useradd service-domain$
>bash# smbpasswd -a -i service-domain
>New SMB password:
>retype New SMB password:
>Added user systems-domain$.
>if you get stuck i have a wiki detailing how i went about it, it explains for NT4->2003 domains
>Madhusudan, R wrote:
>>FWIW, I'm running SAMBA-3.0.3-5 on Fedora Core 2.
>>-----Original Message-----
>>From: Madhusudan, R 
>>Sent: Wednesday, November 03, 2004 6:42 PM
>>To: samba at lists.samba.org
>>Subject: [Samba] Trust between SAMBA and NT server
>>I'm having problems getting the SAMBA domain to trust an NT domain. The following is how I went about the exercise:
>>1. On the NT domain, I added the SAMBA domain A/C in the TRUSTING DOMAINS list, providing a certain password.
>>2. On the SAMBA domain, I executed the following command feeding the same password given in step 1, but without 
>>[root at cobra root]# net rpc trustdom establish asnt01
>>Could not connect to server ASNT1
>>[2004/11/03 17:43:37, 0] rpc_parse/parse_prs.c:prs_mem_get(530)
>> prs_mem_get: reading data of size 4 would overrun buffer.
>>[2004/11/03 17:43:37, 0] utils/net_rpc.c:rpc_trustdom_establish(3035)
>> WksQueryInfo call failed.
>>[root at cobra root]#
>>Any ideas as to what the problem is? I was able to get the NT domain to trust the SAMBA domain though.
>>Given below is the SMB.CONF contents:
>>  workgroup = COBRA.DOM 
>>  netbios name = COBRA
>>  server string = Samba Server
>>  printcap name = /etc/printcap
>>  load printers = yes
>>  log file = /var/log/samba/%m.log
>>  max log size = 50
>>  security = user
>>  socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>>  domain master = yes 
>>  domain logons = yes
>>  wins server = 
>>  dns proxy = no 
>>  admin users = madhu
>>       comment = Home Directories
>>       read only = No
>>       browseable = No
>>       comment = Network Logon Service
>>       path = /usr/lib/samba/netlogon
>>       guest ok = Yes
>>       share modes = No
>>       comment = All Printers
>>       path = /var/spool/samba
>>       printable = Yes
>>       browseable = No

Daniel Wilson
Systems Administrator

IT & Communications Service
University of Sunderland
Unit1 Technology Park
Chester Road

Tel: 0191 515 2695

This e-mail contains information which is confidential and may be privileged and is for the exclusive use of the recipient. 
It is the responsibility of the recipient to ensure that this message and its attachments are virus free. 
Any views or opinions presented are solely those of the author and do not necessarily represent those of the University, unless otherwise specifically

More information about the samba mailing list