[Samba] multi-domain authentication
gasch at eva.mpg.de
Fri Sep 9 11:17:19 GMT 2005
with local you mean DOMA or the samba workstation itself?
we recently implemented a one-way trust between DOMA and DOMB to allow
MS Terminal Server users to authenticate users from both domains.
all member servers (samba) have to use winbindd to "see" trusted
accounts. please read the appropriate chapters in JHT's docs and trust
settings in smb.conf.
then you will be able to specify valid users = DOMA\joe DOMB\joe for
David F. Newman wrote:
> On Thursday 08 September 2005 02:34, Michael Gasch wrote:
>>David F. Newman wrote:
>>>Can samba be used with security = server to authenticate a user in a
>>>domain other than what the samba server is in?
>>>i.e. The samba server is set to workgroup NA and I have a user called
>>>EU\joe that is trying to access a share but it seems it is checking the
>>>password against NA\joe. I have a username map of
>>i think you have to establish a trust between DOM NA and DOM EU - for
>>this to work you have to deal with winbindd, too.
>>mapping won't be sufficient until your users (joe & EU\joe) have the
> I am not looking to authenticate shell access against a windows server. I'm
> only trying to authenticate access to smbd against a windows server. I'm
> using "security = server" with the password server set to the domain
> controllers of my local domain. There is a trust between the two domains.
> But smbd only seems to authenticate users who are in the local domain.
Max Planck Institute for Evolutionary Anthropology
Department of Human Evolution (IT)
Deutscher Platz 6
Phone: 49 (0)341 - 3550 137
More information about the samba