[Samba] Inter-domain trust relationship AND logon script/ntconfig.pol

syrius.ml at no-log.org syrius.ml at no-log.org
Fri Mar 30 10:05:24 GMT 2007

Hi there,

I'm using an inter-domain trust relationship (DOM-B trusted, DOM-A
trusting, COMP-A=DOM-A computer member).
It works as expected (ish), DOM-B users can logon onto DOM-A
I'd like to know if it is possible to force login scripts and
ntconfig.pol to be read from the DOM-A pdc server, rather than from
the DOM-B one ?

My setup includes a samba trusted domain and several trusting domains
running (samba, w2ksrv, 2003srv). I don't think it really is a samba
specific question. (i haven't tried with a windows-managed trusted

We have a ldap server holding more than 20000 accounts, I have
installed a samba as a trusted domain so that others can manage their
ressources on their domain, but it appears login scripts &
ntconfig.pol (or gpo for windows trusting domains) can't be delegated.
(they're read from the trusted domain server)

Am I missing something ?
Is it possible to delegate login script/ntconfig.pol for dom-b users
to trusting domain servers ?

Thanks in advance.


More information about the samba mailing list