[Samba] Re: Interdomain trust between Samba and W2003 ADS in native mode

Steven Geerts Steven.Geerts at softathome.com
Mon Oct 27 13:00:58 GMT 2008

Can you share us some more information on how you configured everyting.

Did you try trusting a 2003 AD domain to your samba domain?

Should be great if this was possible?

Best regards


-----Original Message-----
From: samba-bounces+steven.geerts=softathome.com at lists.samba.org
[mailto:samba-bounces+steven.geerts=softathome.com at lists.samba.org] On
Behalf Of Sébastien Prud'homme
Sent: maandag 27 oktober 2008 13:16
To: Gerald Carter
Cc: samba at lists.samba.org
Subject: Re: [Samba] Re: Interdomain trust between Samba and W2003 ADS in
native mode


FYI i have set up my Samba system to use the ADS DNS and i've
configured /etc/krb5.conf with the ADS realm and now i can see ADS
users and groups with wbinfo :-)

I also changed some Samba conf as read in Red Hat Knowlegde Base (my
distro is RHEL5.2):
client schannel = No
client use spnego = No
server signing = Auto

2008/10/25 Gerald Carter <coffeedude.jerry at gmail.com>:
> Hash: SHA1
> Hey Ryan,
>> Samba3 cannot act as an AD domain controller and therefore cannot
>> operate in a trust with a native mode AD domain. Samba4 will be able
>> to do this but it is still under heavy development.
>> If you put your AD domain in mixed mode, you should be able to create
>> the trust although I'm not sure if you can convert a native to mixed
>> mode or not...
> This is incorrect.  Native mode AD can have trusts with NT4 domains
> (and therefore with Sambas as well).
> cheers, jerry
> Version: GnuPG v1.4.6 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> =+V6v
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list