[Samba] Samba 3 trusting Windows 2003 (Native Mode)
lbaker at mcauley.org.uk
Mon Sep 27 11:06:48 GMT 2004
I have the following situation:
Windows XP (SP2) clients connected to a Samba 3 PDC (3.0.7-2.FC2) on the
Also a separate Windows 2003 AD domain "SCH" (using Native Mode).
I want to allow users in the AD domain "SCH" to logon to that domain
from the XP clients by using their existing credentials and simply
choosing the SCH domain in the XP logon dialogue. ie. Users in domain
"SCH" accessing resources in domain "MNET".
In order to do this I have attempted to establish a one-way trust - the
Samba domain trusting the 2003AD domain. I have setup the trust on the
AD server (but not verified it) then on the Samba server "net rpc
trustdom establish SCH" I then get the following:
Password: [entered password]
Could not connect to server WOLF [this is the PDC for the SCH domain]
Trust to domain SCH established
When I then try to logon to the SCH domain, in the way described above,
for most accounts it will fail with a bad password error. However if
the user account in the SCH domain is set to force password change on
next logon it will work - the user is forced to change password and they
are then logged in.
The SCH domain is made up of several 2003 servers running in native mode
with server WOLF promoted as the PDC. The Samba server is set to use a
WINS server in the SCH domain. The SCH domain PDC can be
pinged/nslookup/nmblookup from the Samba server.
Any help would be greatly appreciated.
More information about the samba