[Samba] InterDomain Trust Issue w/Server 2003
Cody Jarrett
cjarrett at itfreedom.com
Thu Apr 12 20:45:41 GMT 2007
I'm having an issue establishing a trust between a samba/ldap PDC and a
windows 2003 Active directory server on a seperate domain. Here is what I've
done. I've created a 2 way trust in windows with the samba domain. When I try
to verify the outgoing trust from windows I get an access denied message. In
samba logs I get " get_md4pw: Workstation CATS$: no account in domain"
although I've created a trust account on the samba server
using 'smbldap-useradd -w CATS' then I do the ldapmodify stuff accourding to
the samba interdomain trust howto and set the sambaAcctFlags to "I". When I
try to do "net rpc trustdom establish CATS" I type the password and
get "[2007/04/12 15:43:07, 0] rpc_client/cli_pipe.c:cli_nt_session_open(1451)
cli_nt_session_open: cli_nt_create failed on pipe \wkssvc to machine CODY1.
Error was NT_STATUS_ACCESS_DENIED
[2007/04/12 15:43:07, 0] utils/net_rpc.c:rpc_trustdom_establish(4672)
Couldn't not initialise wkssvc pipe"
If I type the wrong password, I get "NT_STATUS_LOGON_FAILURE" so I know the
password is right. Does anyone have any ideas?
[root at server ~]# smbldap-usershow cats$
dn: uid=CATS$,ou=People,dc=domain,dc=com
objectClass: top,inetOrgPerson,posixAccount,sambaSamAccount
cn: CATS$
sn: CATS$
uid: CATS$
uidNumber: 1140
gidNumber: 515
homeDirectory: /dev/null
loginShell: /bin/false
description: Computer
gecos: Computer
userPassword: {SMD5}ZERr2tHzfxsdfFSddfsdfWs=
sambaPwdLastSet: 0
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 0
sambaPwdMustChange: 2147483647
displayName: System User
sambaSID: S-1-5-21-1149954056-267194260-154304278-3280
sambaAcctFlags: [I]
More information about the samba
mailing list