[Samba] Domain Logon fails in interdomain trusted domain

mlists mlists at ind.rwth-aachen.de
Mon Sep 21 00:19:36 MDT 2009


I have a problem with domain logon using interdomain trust relationship.
The interdomain trust relationship is correctly listed on both domain

The trusted domain is correctly listed in the drop down menu of the the
client. If I try to login using the trusted domain I get this error:

[2009/09/20 22:51:56, 0] libsmb/samlogon_cache.c:netsamlogon_cache_store(120)
  netsamlogon_cache_store: cannot open netsamlogon_cache.tdb for write!
[2009/09/20 22:51:56, 1]
  _net_sam_logon: user WORKGROUP\andreas has user sid
   but group sid S-1-5-21-2229473642-486623142-3909071980-513.
  The conflicting domain portions are not supported for NETLOGON calls

The problem seems to be, that the user is correctly selected
"WORKGROUP\andreas", but the group isn't! The group seems to be choosen
from the local domain and NOT from the remote trusted domain.

Local Domain is: PRAKTIKUM
Remote Domain is: WORKGROUP

Here is the Output of getlocalsid on both domain servers:
[root at mahler samba]# net getlocalsid
SID for domain PRAKTIKUMS is: S-1-5-21-2229473642-486623142-3909071980

[root at pumba samba]# net getlocalsid
SID for domain PUMBA is: S-1-5-21-2088895755-1197506039-3214754817

Is there a possibility to force the local domain server to use the groups
an the trusted server when login with the trusted domain account? May
somethings like:
equal to the user where WORKGROUP\<user> is used correctly.

Or are there any other ideas how I can solve the problem?

With Google I didn't find a working solution!

Many thanks,

More information about the samba mailing list