[Samba] InterDomain Trust Issue w/Server 2003

Cody Jarrett cjarrett at itfreedom.com
Thu Apr 12 20:45:41 GMT 2007

I'm having an issue establishing a trust between a samba/ldap PDC and a 
windows 2003 Active directory server on a seperate domain. Here is what I've 
done. I've created a 2 way trust in windows with the samba domain. When I try 
to verify the outgoing trust from windows I get an access denied message. In 
samba logs I get " get_md4pw: Workstation CATS$: no account in domain" 
although I've created a trust account on the samba server 
using 'smbldap-useradd -w CATS' then I do the ldapmodify stuff accourding to 
the samba interdomain trust howto and set the sambaAcctFlags to "I". When I 
try to do "net rpc trustdom establish CATS" I type the password and 
get "[2007/04/12 15:43:07, 0] rpc_client/cli_pipe.c:cli_nt_session_open(1451)
  cli_nt_session_open: cli_nt_create failed on pipe \wkssvc to machine CODY1.  
[2007/04/12 15:43:07, 0] utils/net_rpc.c:rpc_trustdom_establish(4672)
  Couldn't not initialise wkssvc pipe"

If I type the wrong password, I get "NT_STATUS_LOGON_FAILURE" so I know the 
password is right. Does anyone have any ideas?

[root at server ~]# smbldap-usershow cats$
dn: uid=CATS$,ou=People,dc=domain,dc=com
objectClass: top,inetOrgPerson,posixAccount,sambaSamAccount
cn: CATS$
sn: CATS$
uid: CATS$
uidNumber: 1140
gidNumber: 515
homeDirectory: /dev/null
loginShell: /bin/false
description: Computer
gecos: Computer
userPassword: {SMD5}ZERr2tHzfxsdfFSddfsdfWs=
sambaPwdLastSet: 0
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 0
sambaPwdMustChange: 2147483647
displayName: System User
sambaSID: S-1-5-21-1149954056-267194260-154304278-3280
sambaAcctFlags: [I]

More information about the samba mailing list