[Samba] Winbind Trusts on Multiple Domains
sjohnson at engr.psu.edu
Mon Mar 7 16:28:39 GMT 2005
I've got an interesting problem that I'll try to detail here as best I
My Setup: We've got a W2K domain with 2 W2K DC's and a Samba member
server that hosts the shares, including home directories. We've got both
Linux and Windows clients (2000 & XP). For reference, the samba server
will be named "SAMBA" and the Windows PDC will be named "PDC".
The Problem: All the users can log in, and when they log in, their home
directories are mounted automatically. However, if we try to map a share
from outside the domain, it doesn't accept the username and password.
When Windows comes back asking for the username and password again, it
has replaced the domain name with "SAMBA", but it still won't work.
We've tried "SAMBA/username", "username at SAMBA",
"username at SAMBA.FULL.DOMAIN.NAME", and several other things, but it only
works if we make up something and put it as the domain name. For
example, "SAMBA/abc123" doesn't work, but "ANYTHING/abc123" does.
Originally, we thought the problem was related to the winbind separator.
We had it set to "+", and we thought it would resolve itself once we
changed it to "/" or "\". It didn't. Now, we're looking into the trusted
domains, which leads me to our current situation.
On the Samba server, if I type "wbinfo -m", it lists SAMBA and BUILTIN,
but not the real domain name (DOMAIN). If I do a "wbinfo -sequence", it
shows SAMBA and BUILTIN as 1, but DOMAIN as some large number. We're
guessing that SAMBA doesn't have a trust relationship with PDC, and
that's why DOMAIN doesn't appear in the list of trusted domains.
Is that a fairly simple thing to fix, or am I looking in the wrong place
IT Specialist II
Mechanical and Nuclear Engineering
Penn State University
224 Reber Building
University Park, PA 16802
Phone: (814) 865-8267
Fax: (814) 863-4848
More information about the samba