[Samba] Re: Samba-LDAP interdomain trust
Allysson Steve Mota Lacerda
stevelacerda at gmail.com
Tue Apr 3 19:32:26 GMT 2007
On 4/2/07, Allysson Steve Mota Lacerda <stevelacerda at gmail.com> wrote:
>
> When I try to login on the trusting domain (LABI) using an account of the
> trusted domain (ADMIN) the following message is shown: "A device connected
> to the system is not functioning ". My "log on to" is set to ADMIN.
>
> I had this problem a time ago because the SIDs of my users were wrong but
> I've fixed it.
According to log.smbd, the user has an user SID refering to the trusted
domain but the group SID is from the trusting domain. I don't use groups and
the sambaPrimaryGroupSID field was empty. Even when I change the
sambaPrimaryGroupSID value the message is the same.
[2007/04/03 16:20:02, 2] auth/auth.c:check_ntlm_password(309)
check_ntlm_password: authentication for user [facomp] -> [facomp] ->
[facomp] succeeded
[2007/04/03 16:20:02, 1]
rpc_server/srv_netlog_nt.c:_net_sam_logon_internal(1004)
_net_sam_logon: user ADMIN\facomp has user sid
S-1-5-21-2439387625-709437076-297468561-23822
but group sid S-1-5-21-2029413396-4276977753-1550331494-513.
The conflicting domain portions are not supported for NETLOGON calls
In both log.nmbd files I got the following messages:
>
> [2007/04/02 17:01:58, 0]
> nmbd/nmbd_browsesync.c:get_domain_master_name_node_status_fail(486)
> get_domain_master_name_node_status_fail:
> Doing a node status request to the domain master browser at IP
> <IP_OF_THE_OTHER_DOMAIN_PDC> failed.
> Cannot get workgroup name.
>
> I have two domains running on a single server (different NICs) and they
> share the WINS server.
>
> Can anyone help me?
>
> --
> Allysson Steve Mota Lacerda
> stevelacerda at stevelacerda.net
> http://www.stevelacerda.net
>
--
Allysson Steve Mota Lacerda
stevelacerda at stevelacerda.net
http://www.stevelacerda.net
More information about the samba
mailing list