[Samba] Trust between Samba PDC and AD domain
meatsandwich at gmail.com
Sat May 29 15:49:46 MDT 2010
I've pored through the documentation, wiki, lists, etc, and I can't seem
to come to a concise conclusion on how to accomplish this.
My specific scenario is the following.
I have a samba PDC domain called domainA, and an AD domain called
domainB. domainA and domainB are different named domains, and they each
authenticate logins and credentials on their own turf.
The users on domainA need to access resources on domainB, so we set up
each user with a separate account in domainB (but they are not the same
name). For example, my user name in domainA is sgoodwin, but in domainB
it is goodwsb. I have to enter "domainB\goodwsb" + password every time
I access a different server in domainB (and there are many servers --
domainB is a very large domain).
Obviously, I need an interdomain trust set up, but I am unclear on some
of the finer points mentioned in the samba docs.
First off, I am hoping it is possible (and simple) to set it up so that
the user accounts in domainA map to their domainB accounts, so that no
extra authentication is needed. So, SSO between both domains. Is this
possible even though the account names are different?
Second, am I supposed to join my samba PDC to the AD domain as a member
server, or is that even possible when keeping the two domains separately
controlled? Some of the docs seem to imply this, but maybe I'm
Without dumping all my configuration info, logs, etc, in the post, can
someone give me some hints on how I would set this up? I don't need a
full hand-holding... just the direction to go in.
NOTE: before you link me to
I've already read through these entirely, and am still unsure which
scenario I need to follow.
Thanks for any help.
More information about the samba