[Samba] Is it possible to access Samba domain member server in a AD domain from outside this domain?

John H Terpstra jht at samba.org
Thu Oct 20 15:55:55 GMT 2005


On Thursday 20 October 2005 03:59, Hong Quan =C1=F5=BA=EC=C8=AA wrote:
> Dear all,
>
> I configured a Samba Server which joins a AD domain to act as a domain
> member server (that is the user authentication is validated
>
> by AD ).It works fine when the domain users access it.
>
> The Samba version is 3.0.20 on FreeBSD 5.4 and the smb.conf (global
> section)as following.
>
> My question is that if I choose logon by this computer (not logon domain)
> from a windows client, I cann=A1=AFt access this samba server because of =
no
> permissions, (also no user authentication dialog box prompt)
>
> Is it possible on this version to do such a kind of samba server access?

You need interdomain trusts for that. See the chapter on that subject in th=
e=20
Samba3-HOWTO.

http://www.samba.org/samba/docs/Samba3-HOWTO.pdf

=2D John T.

>
> (for example, it will prompt entering the username/password, after
> validation success, the user can access this samba=A1=AFs services)
>
> Who has such experience and can give me some advice or clue?
>
> Thank you in advance!
>
>
>
> The following is my global section in smb.conf:
>
> [global]
>
>         workgroup =3D NWBSC
>
>         netbios name =3D NW-BSDFS01
>
>         realm =3D NWBSC.COM
>
>         server string =3D SambaServer01
>
>         log file =3D /var/log/samba/log.%m
>
>         security =3D ADS
>
>         password server =3D NW-AD01
>
>         allow trusted domains =3D Yes
>
>         idmap uid =3D 10000-20000
>
>         idmap gid =3D 10000-20000
>
>         winbind enum users =3D No
>
>         winbind enum groups =3D No
>
>         winbind cache time =3D 3600
>
>         template homedir =3D /home/%U
>
>         template shell =3D /bin/false
>
>         winbind nested groups =3D Yes
>
>         winbind use default domain =3D Yes
>
>         winbind trusted domains only =3D Yes
>
>         auth methods =3D winbind
>
>         server signing =3D auto
>
>         admin users =3D root
>
>    log level =3D 1
>
>         max log size =3D 5000
>
>
>
> Thanks!
>
> Liu

=2D-=20
John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668

Author:
The Official Samba-3 HOWTO & Reference Guide, 2 Ed., ISBN: 0131882228
Samba-3 by Example, 2 Ed., ISBN: 0131882221X
Hardening Linux, ISBN: 0072254971
Other books in production.


More information about the samba mailing list