[Samba] Re: Trusted domain user login
Thorkil Olesen
thorkil at pip.dknet.dk
Wed Jan 30 22:26:00 GMT 2008
Carlos Lorenzo Matés <clmates <at> mundo-r.com> writes:
> > Maybe you should try:
> >
> > wbinfo -a NTDOMAIN\\clorenzo%myrealpassword
>
> This was my first try and it says exactly the same.
Well, that should work.
> We have the very same users groups and passwords in the
> NT Domain and in the
> samba Domain, our samba domain uses ldap for storage.
It doesn't make sense to have same users in both domains.
>From samba's point of view users in different domains are
not the same even though they have same username and
password. They will still have different SIDs.
> Here is our nsswitch.conf
(...)
> passwd: files ldap
> group: files ldap
(...)
> passwd_compat: ldap winbind
> group_compat: ldap winbind
(...)
Why do you put winbind at 'passwd_compat' instead of 'passwd'?
> getent returns the ldap users, groups and paswwords, should
> getent also return
> the NT domain users when they are the same?
If you use 'DOMAIN\user' it should, eg.
getent passwd NTDOMAIN\\clorenzo
I don't think however that nsswitch is used by wbinfo -a so this
may not be your real problem.
I had a similar problem that i solved by changing to kerberos,
but with NT this is not possible.
I don't think I can help with this.
--
Thorkil Olesen, Denmark.
More information about the samba
mailing list