[Samba] Re: Interdomain trust between Samba and W2003 ADS
in native mode
Steven.Geerts at softathome.com
Mon Oct 27 13:00:58 GMT 2008
Can you share us some more information on how you configured everyting.
Did you try trusting a 2003 AD domain to your samba domain?
Should be great if this was possible?
From: samba-bounces+steven.geerts=softathome.com at lists.samba.org
[mailto:samba-bounces+steven.geerts=softathome.com at lists.samba.org] On
Behalf Of Sébastien Prud'homme
Sent: maandag 27 oktober 2008 13:16
To: Gerald Carter
Cc: samba at lists.samba.org
Subject: Re: [Samba] Re: Interdomain trust between Samba and W2003 ADS in
FYI i have set up my Samba system to use the ADS DNS and i've
configured /etc/krb5.conf with the ADS realm and now i can see ADS
users and groups with wbinfo :-)
I also changed some Samba conf as read in Red Hat Knowlegde Base (my
distro is RHEL5.2):
client schannel = No
client use spnego = No
server signing = Auto
2008/10/25 Gerald Carter <coffeedude.jerry at gmail.com>:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> Hey Ryan,
>> Samba3 cannot act as an AD domain controller and therefore cannot
>> operate in a trust with a native mode AD domain. Samba4 will be able
>> to do this but it is still under heavy development.
>> If you put your AD domain in mixed mode, you should be able to create
>> the trust although I'm not sure if you can convert a native to mixed
>> mode or not...
> This is incorrect. Native mode AD can have trusts with NT4 domains
> (and therefore with Sambas as well).
> cheers, jerry
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> -----END PGP SIGNATURE-----
To unsubscribe from this list go to the following URL and read the
More information about the samba