[Samba] Re: Samba-LDAP interdomain trust

Allysson Steve Mota Lacerda stevelacerda at gmail.com
Tue Apr 3 19:32:26 GMT 2007

On 4/2/07, Allysson Steve Mota Lacerda <stevelacerda at gmail.com> wrote:
> When I try to login on the trusting domain (LABI) using an account of the
> trusted domain (ADMIN) the following message is shown: "A device connected
> to the system is not functioning ". My "log on to" is set to ADMIN.
> I had this problem a time ago because the SIDs of my users were wrong but
> I've fixed it.

According to log.smbd, the user has an user SID refering to the trusted
domain but the group SID is from the trusting domain. I don't use groups and
the sambaPrimaryGroupSID field was empty. Even when I change the
sambaPrimaryGroupSID value the message is the same.

[2007/04/03 16:20:02, 2] auth/auth.c:check_ntlm_password(309)
  check_ntlm_password:  authentication for user [facomp] -> [facomp] ->
[facomp] succeeded
[2007/04/03 16:20:02, 1]
  _net_sam_logon: user ADMIN\facomp has user sid
   but group sid S-1-5-21-2029413396-4276977753-1550331494-513.
  The conflicting domain portions are not supported for NETLOGON calls

In both log.nmbd files I got the following messages:
> [2007/04/02 17:01:58, 0]
> nmbd/nmbd_browsesync.c:get_domain_master_name_node_status_fail(486)
>   get_domain_master_name_node_status_fail:
>   Doing a node status request to the domain master browser at IP
>   Cannot get workgroup name.
> I have two domains running on a single server (different NICs) and they
> share the WINS server.
> Can anyone help me?
> --
> Allysson Steve Mota Lacerda
> stevelacerda at stevelacerda.net
> http://www.stevelacerda.net

Allysson Steve Mota Lacerda
stevelacerda at stevelacerda.net

More information about the samba mailing list