[Samba] Settings for winbind on BDC
Michael Gasch
gasch at eva.mpg.de
Thu Dec 8 09:41:27 GMT 2005
thank you very much simo!!
that fixed it
cheerz
Simo Sorce wrote:
> On Wed, 2005-12-07 at 16:45 +0100, Michael Gasch wrote:
>
>>hi,
>>
>>we have a PDC/BDC Samba v3 setup (DOMA) which trusts a foreign Samba v3
>>domain (DOMB).
>>
>>we also installed winbindd on both DCs with idmaping in our network
>>(DOMA) to authenticate users from DOMB. otherwise samba claims "User not
>>found" or "Finding user xxx: No such User".
>>
>>it works great on PDC but not on the BDC. winbind won´t idmap users from
>>DOMB on our BDC as PDC does.
>>
>>winbind.log from BDC:
>>Added domain DOMA S-1-5-21-1042031166-381324594-2118846581
>>Added domain BUILTIN S-1-5-32
>>
>>
>>winbind.log from PDC:
>>Added domain DOMA S-1-5-21-1042031166-381324594-2118846581
>>Added domain BUILTIN S-1-5-32
>>
>> *Added domain DOMB S-1-5-21-1046543266-381324594-9876846581*
>>
>>net rpc trustdom lists the trusted domain (DOMB) on PDC *and* BDC after
>>establishing the trust on PDC to PDC from DOMB.
>>
>>should that work is is this setup not possible with samba?
>>in case PDC goes down BDC would only find POSIX information for its own
>>domain and not for the trusted domain, which is bad.
>
>
> Actually trust info is not replicated between DCs (eg, the trust
> password is not replicated), so you should launch the trustdom command
> on each samba DC to let it be set in the secrets.tdb file of each DC.
>
> Simo.
--
Michael Gasch
Max Planck Institute for Evolutionary Anthropology
Department of Human Evolution (IT)
Deutscher Platz 6
D-04103 Leipzig
Germany
Phone: 49 (0)341 - 3550 137
More information about the samba
mailing list