[samba] TRUSTS - The conflicting domain portions are not supported
for NETLOGON calls
Ryan Novosielski
novosirj at umdnj.edu
Wed Sep 12 18:58:29 GMT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gerald (Jerry) Carter wrote:
> Daniel Wilson wrote:
>> My Windows XP machine is in the Windows 2003 DomainB, and the users home
>> areas are in the Samba DomainA.
>
>> When i try to access the users home areas i get this error in the Samba
>> log.smbd ???
>
>> [2007/09/11 16:58:59, 2] auth/auth.c:check_ntlm_password(309)
>> check_ntlm_password: authentication for user [ws0dwi] -> [ws0dwi] ->
>> [ws0dwi] succeeded
>> [2007/09/11 16:58:59, 1]
>> rpc_server/srv_netlog_nt.c:_net_sam_logon_internal(1004)
>> _net_sam_logon: user DomainB\ws0dwi has user sid
>> S-1-5-21-xxxx096750-1475201110-303849303-1131
>> but group sid S-1-5-21-xxxx8923-2461359520-1342846908-513.
>> The conflicting domain portions are not supported for NETLOGON calls
>
> We (I) don't support trusts on a Samba DC without running Winbind.
So does this mean if I have two domain controllers, A and B, and I want
all A users to be able to log into B machines, and vice-versa, I must
use Winbind? I thought that was what the add user script parameter was
for? Or has this changed in recent versions?
(I ask, primarily, because the cross domain logins seem to only
occasionally work as they are at present).
- --
---- _ _ _ _ ___ _ _ _
|Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Systems Programmer II
|$&| |__| | | |__/ | \| _| |novosirj at umdnj.edu - 973/972.0922 (2-0922)
\__/ Univ. of Med. and Dent.|IST/AST - NJMS Medical Science Bldg - C630
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFG6DbVmb+gadEcsb4RAtCOAJ0Ut8hDNP3CbTDC9hf6yFUpRBuuAgCfdgEg
f8RApoOsoA1LKPMSLwvZ1Ng=
=UCEk
-----END PGP SIGNATURE-----
More information about the samba
mailing list