[Samba] Trust Question.
Linux Addict
linuxaddict7 at gmail.com
Mon Jan 26 22:12:20 GMT 2009
Linux Addict wrote:
> Gerald (Jerry) Carter wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Linux Addict wrote:
>>
>>> winbind offline logon = Yes
>>> idmap config DOMAIN1:range = 200000 - 299999
>>> idmap config DOMAIN1:backend = rid
>>> idmap config DOMAIN2:range = 100000 - 199999
>>> idmap config DOMAIN2:backend = rid
>>> idmap config DOMAIN3:range = 200000 - 299999
>>> idmap config DOMAIN3:backend = rid
>>> idmap config default:default = Yes
>>>
>>
>> Why is DOMAIN1 and DOMAIN3 using the same range?
>>
>>
>>
>>
>>
>> cheers, jerry
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.4.9 (GNU/Linux)
>> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>>
>> iD8DBQFJfgiCIR7qMdg1EfYRArBAAKDUv8hmDTuSwGe3yDcUbDLOKlZ2WACfXbRO
>> khr4btSOJQMCOQ1dX9GcnSw=
>> =3cp+
>> -----END PGP SIGNATURE-----
>>
>>
> Sorry. That must be a typo. They use different ranges for sure.
>
>
Here is the winbindd log pertaning to the trusts and related information.
"2009/01/26 17:03:35, 10] rpc_client/cli_pipe.c:rpc_api_pipe(893)
rpc_api_pipe: Remote machine dc02x-ops-08 pipe \NETLOGON fnum 0xc002
returned 888 bytes.
netr_DsrEnumerateDomainTrusts: struct netr_DsrEnumerateDomainTrusts
out: struct netr_DsrEnumerateDomainTrusts
trusts : *
trusts: struct netr_DomainTrustList
count : 0x00000003 (3)
array : *
array: ARRAY(3)
array: struct netr_DomainTrust
netbios_name : *
netbios_name : 'DOMAIN2'
dns_name : *
dns_name :
'DOMAIN2.net'
trust_flags : 0x00000022 (34)
0: NETR_TRUST_FLAG_IN_FOREST
1: NETR_TRUST_FLAG_OUTBOUND
0: NETR_TRUST_FLAG_TREEROOT
0: NETR_TRUST_FLAG_PRIMARY
0: NETR_TRUST_FLAG_NATIVE
1: NETR_TRUST_FLAG_INBOUND
parent_index : 0x00000000 (0)
trust_type :
NETR_TRUST_TYPE_UPLEVEL (2)
trust_attributes : 0x00000004 (4)
0:
NETR_TRUST_ATTRIBUTE_NON_TRANSITIVE
0:
NETR_TRUST_ATTRIBUTE_UPLEVEL_ONLY
1:
NETR_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
0:
NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE
0:
NETR_TRUST_ATTRIBUTE_CROSS_ORGANIZATION
0:
NETR_TRUST_ATTRIBUTE_WITHIN_FOREST
0:
NETR_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
sid : *
sid :
S-1-5-21-1801674531-362288127-725345543
guid :
00000000-0000-0000-0000-000000000000
array: struct netr_DomainTrust
netbios_name : *
netbios_name : 'DOMAIN3'
dns_name : *
dns_name :
'DOMAIN3.net'
trust_flags : 0x00000002 (2)
0: NETR_TRUST_FLAG_IN_FOREST
1: NETR_TRUST_FLAG_OUTBOUND
0: NETR_TRUST_FLAG_TREEROOT
0: NETR_TRUST_FLAG_PRIMARY
0: NETR_TRUST_FLAG_NATIVE
0: NETR_TRUST_FLAG_INBOUND
parent_index : 0x00000000 (0)
trust_type :
NETR_TRUST_TYPE_UPLEVEL (2)
trust_attributes : 0x00000008 (8)
0:
NETR_TRUST_ATTRIBUTE_NON_TRANSITIVE
0:
NETR_TRUST_ATTRIBUTE_UPLEVEL_ONLY
0:
NETR_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
1:
NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE
0:
NETR_TRUST_ATTRIBUTE_CROSS_ORGANIZATION
0:
NETR_TRUST_ATTRIBUTE_WITHIN_FOREST
0:
NETR_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
sid : *
sid :
S-1-5-21-762517215-2652837481-3023104750
guid :
00000000-0000-0000-0000-000000000000
array: struct netr_DomainTrust
netbios_name : *
netbios_name : 'DOMAIN1'
dns_name : *
dns_name :
'DOMAIN1.com'
trust_flags : 0x0000001d (29)
1: NETR_TRUST_FLAG_IN_FOREST
0: NETR_TRUST_FLAG_OUTBOUND
1: NETR_TRUST_FLAG_TREEROOT
1: NETR_TRUST_FLAG_PRIMARY
1: NETR_TRUST_FLAG_NATIVE
0: NETR_TRUST_FLAG_INBOUND
parent_index : 0x00000000 (0)
trust_type :
NETR_TRUST_TYPE_UPLEVEL (2)
trust_attributes : 0x00000000 (0)
0:
NETR_TRUST_ATTRIBUTE_NON_TRANSITIVE
0:
NETR_TRUST_ATTRIBUTE_UPLEVEL_ONLY
0:
NETR_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
0:
NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE
0:
NETR_TRUST_ATTRIBUTE_CROSS_ORGANIZATION
0:
NETR_TRUST_ATTRIBUTE_WITHIN_FOREST
0:
NETR_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
sid : *
sid :
S-1-5-21-2263361194-3933635440-3122365764
guid :
c11b4066-34cb-48ee-9727-aeb781430c19"
More information about the samba
mailing list