[Samba] Trust relationship between two samba with ldap backend
John H Terpstra
jht at samba.org
Tue Sep 21 18:14:37 GMT 2004
On Tuesday 21 September 2004 11:29, Gustavo Lima wrote:
> Thank´s for answering, but still the same problem. I think is better for us
> to go step by step.
> Well, I joined the remote domain and the local domain with the net rpc join
> command. Then after I tried to create the machine account with the command
> net rpc trustdom add DOM2 654. Then I´m asked for another password:
> dom1:~# net rpc trustdom add DOM2 654
Before you do this, use the smbldap-useradd tool to create the trust account.
Then set a pasword on it. That is the one you need to use.
- John T.
> What password is this one asked after the command. Anything I put there
> don´t give me an error but doesn´t give me a sucessfull output later on
> "net rpc trustdom list". Still giving me "none" in trusting and trusted
> domains list. So I think before trying to reach the end, I should have to
> make a trusting domains add sucessfull.
> Can you tell me where is good docs about it or give me a step by step
> Thank´s once again.
> ----- Original Message -----
> From: "John H Terpstra" <jht at samba.org>
> To: <samba at lists.samba.org>
> Sent: Tuesday, September 21, 2004 12:53 PM
> Subject: Re: [Samba] Trust relationship between two samba with ldap backend
> On Tuesday 21 September 2004 08:33, Gustavo Lima wrote:
> > Hi All,
> > I´m working hard on understing how to make trust relationship work
> > between to samba servers with ldap backend.
> > In my lab I have two Debian Sarge boxes running samba 3.0.7 with openldap
> > 2.1.30. I joined each other domain with both machines. In the first one
> > (DOM1) I created the machine account with the command
> smbldap-useradd -a -i
> > DOM2 and set it´s password. Did the same on the second box with
> > smbldap-useradd -a -i DOM3. The strange thing is that these trust domain
> > account doesn´t have the $ simbol in front of it.
> > Next I´ve tried to add the trusting in DOM1 using the command "net rpc
> > trustdom add DOM2 123" and retyped the passsword. And did with DOM2 "net
> > rpc trustdom add DOM1 654" and retyped the password.
> > And then I tried to establish the trust relationship in DOM1 doing "net
> > trustdom establish DOM2" typed the password 654 and got the following
> > error:
> > [2004/09/21 10:53:19, 0] utils/net_rpc.c:rpc_trustdom_establish(3075)
> > Couldn't verify trusting domain account. Error was NT_STATUS_OK
> > Did the same on DOM2 and got the same error.
> > Does anybody have a clue of what I´m doing wrong?
> First, before setting up the trust relationship, you need to join each
> Samba server to its own domain.
> net rpc join
> Then the setting up of the trust should work.
> - John T.
> > Thank´s you all.
> > Gustavo
> John H Terpstra
> Samba-Team Member
> Phone: +1 (650) 580-8668
> The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556
> Samba-3 by Example, ISBN: 0131472216
> Hardening Linux, ISBN: 0072254971
> OpenLDAP by Example, ISBN: 0131488732
> Other books in production.
> To unsubscribe from this list go to the following URL and read the
> instructions: http://lists.samba.org/mailman/listinfo/samba
John H Terpstra
Phone: +1 (650) 580-8668
The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
OpenLDAP by Example, ISBN: 0131488732
Other books in production.
More information about the samba