[Samba] Domain trusts and samba member servers
malz at jetlan.com
Sun Jan 17 00:33:13 MST 2010
As a thought, can you put the Samba box in as a member server of the
Server 2008 AD ? Run the 2008 Server in 2003 AD mode and it will work
perfectly. I have done this successfully.
2008 AD Server (DNS/AD/WINS)
Suse 11.0 Member server (Samba version 3.4.4-1.1-2267-SUSE-CODE11)
(F&P, Postfix Mail)
You won't have to worry about your trust issues this way.
From: samba-bounces at lists.samba.org
[mailto:samba-bounces at lists.samba.org] On Behalf Of Steve Chupack
Sent: Sunday, 17 January 2010 2:44 AM
To: samba at lists.samba.org
Subject: [Samba] Domain trusts and samba member servers
Below is something I posted a while ago and got no responses... Maybe it
was too convoluted for anyone to bother with, so let me try and put it
I have a Win Server 2008 AD box (NEWDOMAIN) which is trusted by my samba
DC (OLDDOMAIN). Users on NEWDOMAIN can access resources on the OLDDOMAIN
DC just fine. But the trust relationship is not recognized or respected
by my samba member servers in OLDDOMAIN.
So, very simply put, even if nobody has the specific howto: Do samba
member servers understand interdomain trusts?
Thanks for any and all input -- I am at a standstill with a fairly major
project and any help at all would be greatly appreciated. I have a
suspicion it has something to do with winbind on the member servers, but
I'm having no luck.
On Thu, 6 Aug 2009 08:39:51 -0400
Steve Chupack <steve.chupack at dealer.com> wrote:
> I'm in the process of migrating from a Samba PDC to a Win2k3 PDC (all
member servers will remain as Samba boxes).
> NEWDOMAIN = new Win2k3 PDC
> OLDDOMAIN = current samba PDC
> OLDDOMAIN_MEMBER = a current samba box that's a member of OLDDOMAIN
> I've successfully established a trust relationship between OLDOMAIN
and NEWDOMAIN where OLDDOMAIN trusts NEWDOMAIN. Users in NEWDOMAIN have
full access to resources on the OLDDOMAIN PDC.
> Where I'm stuck is granting access to OLDDOMAIN_MEMBER to users in
NEWDOMAIN. OLDDOMAIN_MEMBER is joined to OLDDOMAIN and works as expected
(Users in OLDDOMAIN can access resources on OLDDOMAIN_MEMBER. But users
in NEWDOMAIN do not.
> Can someone help with the general concept here? Should it work as I've
configured it? Does OLDDOMAIN_MEMBER need to be running winbind against
OLDDOMAIN PDC, or even NEWDOMAIN? (although I don't see how the latter
would work without moving OLDDOMAIN_MEMBER to NEWDOMAIN).
> Sorry if this is confusing -- tried to make it as clear as possible.
To unsubscribe from this list go to the following URL and read the
More information about the samba