[Samba] samba samba two way trusts and winbind

Liutauras Adomaitis liutauras.adomaitis at gmail.com
Mon May 25 19:59:33 GMT 2009


Great François,

it worked somehow.
I did net join on both domain controllers, then some restarting
winbind and smbd and it worked suddenly. Actually I'm not sure if this
solves my problem with browsing other domain workstations, but this is
what i was struggling all the day.

On Mon, May 25, 2009 at 10:24 PM, Liutauras Adomaitis
<liutauras.adomaitis at gmail.com> wrote:
> thanks François,
>
> On Mon, May 25, 2009 at 8:56 PM, François Legal <devel at thom.fr.eu.org> wrote:
>> I did never setup 2 way trust, but had a hard time setting up a one way
>> trust.
>> As far as I remember, the first thing to verify (before establishing the
>> trust relation), is to have winbind successfully enumerate the local DC
>> users and groups. This implies you have to join the PDC to its own domain
>> (yes, this kind of surprised me at that time, but it makes some sense). For
>> you that would be SIMPLE PDC have to join the SIMPLE domain and REC PDC
>> join the REC domain (net rpc join PDC -U...)
>
> joining to its own PDC surprises me too ...  but I will try.
>
>> You should also have winbind correctly configured and able to allocate
>> uids/gids.
>
> Do you mean that winbind should also get info out of its own domain?
>
>> At that point, you should have wbinfo -m, wbinfo -t, wbinfo -u and wbinfo
>> -g return successfully and the correct information.
>
> Yes, this what I thought, but winbind is complaining that it cannot
> find PDC, but net lookup finds it correctly.
>
>> François
>


More information about the samba mailing list