[Samba] Samba cannot authenticate users from child domain

Simone simone72 at email.it
Wed Sep 15 14:18:21 GMT 2004

I've been  searching a solution for this with no luck for the last 5 
days, so I thought I'd finally need help.
We have a ADS primary domain, samba 3.0..4-6.3E on RHEL as a domain 
member. The parent domain say MEDIA.COM has a child domain 
CHILD.MEDIA.COM. People from the parent domain can access tha shares 
with no problem , but I can't find a way to make users from the child 
domain access any share. We use winbind for auth, and security=ads. I've 
been trying to add valid users to the share via:
valid users = CHILD\user CHILD.MEDIA.COM\user

Here's a short cut of my smb.conf :

realm : MEDIA.COM
auth methods = winbind
security = ads
password server = ip_parentdomain_dc ip_childdomain_dc
and here's krb5.conf:

kdc = ip_parentdomain_dc:88
admin_server = ip_parentdomain_dc:749
default_domain = media.com

media.com = MEDIA.COM
.media.com = MEDIA.COM

profile = /var/kerberos/krb5kdc/kdc.conf   (this file doesn't exist.....)

If I try to access share \\mediasrvsamba\data from a winxp pc where I'm 
logged as CHILD\user I get an error in the logs saying "couldn't find 
user MEDIA\user".
I guess it cannot find it because it is searching in the parent domain 
rather than the child domain.

Thanks very much for any help, hope I've been able to explain myself.
 Email.it, the professional e-mail, gratis per te: http://www.email.it/f
 La vera mozzarella di Bufala Campana la trovi fresca su Terrasolis.com, provala!
 Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=2499&d=15-9

More information about the samba mailing list