[Samba] Trust relationship between two samba with ldap backend

Gustavo Lima listas at opendf.com.br
Tue Sep 21 17:29:17 GMT 2004


Thank´s for answering, but still the same problem. I think is better for us
to go step by step.

Well, I joined the remote domain and the local domain with the net rpc join
command. Then after I tried to create the machine account with the command
net rpc trustdom add DOM2 654. Then I´m asked for another password:

dom1:~# net rpc trustdom add DOM2 654

What password is this one asked after the command. Anything I put there
don´t give me an error but doesn´t give me a sucessfull output later on "net
rpc trustdom list". Still giving me "none" in trusting and trusted domains
list. So I think before trying to reach the end, I should have to make a
trusting domains add sucessfull.

Can you tell me where is good docs about it or give me a step by step

Thank´s once again.

----- Original Message ----- 
From: "John H Terpstra" <jht at samba.org>
To: <samba at lists.samba.org>
Sent: Tuesday, September 21, 2004 12:53 PM
Subject: Re: [Samba] Trust relationship between two samba with ldap backend

On Tuesday 21 September 2004 08:33, Gustavo Lima wrote:
>         Hi All,
> I´m working hard on understing how to make trust relationship work between
> to samba servers with ldap backend.
> In my lab I have two Debian Sarge boxes running samba 3.0.7 with openldap
> 2.1.30. I joined each other domain with both machines. In the first one
> (DOM1) I created the machine account with the command
smbldap-useradd -a -i
> DOM2 and set it´s password. Did the same on the second box with
> smbldap-useradd -a -i DOM3. The strange thing is that these trust domain
> account doesn´t have the $ simbol in front of it.
> Next I´ve tried to add the trusting in DOM1 using the command "net rpc
> trustdom add DOM2 123" and retyped the passsword. And did with DOM2 "net
> rpc trustdom add DOM1 654" and retyped the password.
> And then I tried to establish the trust relationship in DOM1 doing "net
> trustdom establish DOM2" typed the password 654 and got the following
> error:
> [2004/09/21 10:53:19, 0] utils/net_rpc.c:rpc_trustdom_establish(3075)
>   Couldn't verify trusting domain account. Error was NT_STATUS_OK
> Did the same on DOM2 and got the same error.
> Does anybody have a clue of what I´m doing wrong?

First, before setting up the trust relationship, you need to join each Samba
server to its own domain.

net rpc join

Then the setting up of the trust should work.

- John T.

> Thank´s you all.
> Gustavo

John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668

The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
OpenLDAP by Example, ISBN: 0131488732
Other books in production.
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list