[Samba] Samba cannot authenticate users from child domain
Simone
simone72 at email.it
Wed Sep 15 14:18:21 GMT 2004
Hi,
I've been searching a solution for this with no luck for the last 5
days, so I thought I'd finally need help.
We have a ADS primary domain, samba 3.0..4-6.3E on RHEL as a domain
member. The parent domain say MEDIA.COM has a child domain
CHILD.MEDIA.COM. People from the parent domain can access tha shares
with no problem , but I can't find a way to make users from the child
domain access any share. We use winbind for auth, and security=ads. I've
been trying to add valid users to the share via:
valid users = CHILD\user CHILD.MEDIA.COM\user
Here's a short cut of my smb.conf :
realm : MEDIA.COM
auth methods = winbind
security = ads
password server = ip_parentdomain_dc ip_childdomain_dc
and here's krb5.conf:
[realms]
MEDIA.COM = {
kdc = ip_parentdomain_dc:88
admin_server = ip_parentdomain_dc:749
default_domain = media.com
}
[domain_realm]
media.com = MEDIA.COM
.media.com = MEDIA.COM
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf (this file doesn't exist.....)
If I try to access share \\mediasrvsamba\data from a winxp pc where I'm
logged as CHILD\user I get an error in the logs saying "couldn't find
user MEDIA\user".
I guess it cannot find it because it is searching in the parent domain
rather than the child domain.
Thanks very much for any help, hope I've been able to explain myself.
Simone
--
Email.it, the professional e-mail, gratis per te: http://www.email.it/f
Sponsor:
La vera mozzarella di Bufala Campana la trovi fresca su Terrasolis.com, provala!
Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=2499&d=15-9
More information about the samba
mailing list