[Samba] transitive trusts between forests (samba-3.3.9)?

John elmer_samba at yahoo.com.cn
Mon Feb 8 00:17:28 MST 2010

   We have 3 AD2003 forests, A.com, B.com and C.com.  A forest trust B, and B trust C. Transitive is enabled.
  We use ntlm_auth to authenticate with AD. Set A.com as default domain. Only users in A.com and B.com can ntlm_auth success. All users in C.com return "No such user" error.
Anything miss configured in smb.conf ?
A-02fb83:/usr/local/etc/smb$ cat smb.conf 
        workgroup = A
        server string = Samba Server
        log file = /var/log/samba/%m.log
        max log size = 500
        security = ads
        password server =
        #Enable support for only NTLMv2 on the server
        encrypt passwords = yes
        lanman auth = no
        ntlm auth = no
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        dns proxy = no
        template shell = /bin/bash
        winbind use default domain = yes
        winbind trusted domains only = no
        realm = A.com
        machine password timeout = 2592000
        debuglevel = 0



More information about the samba mailing list