[Samba] ad module, unix/user domain/group oddity, can't use winbind trusted domains only

Doug VanLeuven roamdad at sonic.net
Thu Sep 14 23:20:38 GMT 2006

I've tried everything I can think of.  I kept thinking it must be 
something I needed to configure when I changed over from padl xad to the 
samba ad builtin module.
Everything had been working for the last 2 years.  AD. samba, and unix 
passwords are synchronized.

Samba version 3.0.24pre1-SVN-build-18449
  winbind nss info = sfu
  idmap backend = ad
Without any users defined in passdb.tdb, domain users authenticate, but 
explorer detail security listings list

If I have users defined in passdb.tdb, then explorer security listings list

  winbind trusted domains only = yes
causes most, maybe all, domain authentication to fail, but I'm still 
connecting from an XP workgroup notebook.

Regards, Doug

More information about the samba mailing list