[Samba] Samba 3.5.6 - Windows 2008r2 domain trust fail

Diego Woitasen diegows at xtech.com.ar
Sun Feb 6 22:13:55 MST 2011 

Hi,
 I'm trying to configure a Domain trust between Samba 3.5.6 (TEST domain)
and Windows 2008 r2 (WTEST Domain). Samba is the trusting side and Windows
is the trusted side. I created the "incoming trust" in the W2K8 called TEST.
Then I executed the "net  rpc trustdom establish WTEST" and got:

Enter TEST$'s password:
Could not connect to server W2K8SERVER
Could not initialise lsa pipe. Error was NT_STATUS_ACCESS_DENIED

I tried with "net -d3 rpc trustdom establish WTEST" and got:

[2011/02/07 02:11:13,  3] param/loadparm.c:9158(lp_load_ex)
  lp_load_ex: refreshing parameters
[2011/02/07 02:11:13,  3] param/loadparm.c:4929(init_globals)
  Initialising global parameters
[2011/02/07 02:11:13,  2] param/loadparm.c:4788(max_open_files)
  rlimit_max: rlimit_max (10240) below minimum Windows limit (16384)
[2011/02/07 02:11:13.212239,  3] ../lib/util/params.c:550(pm_process)
  params.c:pm_process() - Processing configuration file
"/etc/samba/smb.conf"
[2011/02/07 02:11:13.212291,  3] param/loadparm.c:7842(do_section)
  Processing section "[global]"
[2011/02/07 02:11:13.212970,  2] lib/interface.c:340(add_interface)
  added interface eth0 ip=10.10.10.137 bcast=10.10.10.255
netmask=255.255.255.0
lp_load_ex: refreshing parameters
params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf"
Processing section "[global]"
added interface eth0 ip=10.10.10.137 bcast=10.10.10.255
netmask=255.255.255.0
Enter CANC$'s password:
Connecting to host=W2K8SERVER
Connecting to 10.10.10.202 at port 445
Doing spnego session setup (blob length=136)
got OID=1.3.6.1.4.1.311.2.2.30
got OID=1.2.840.48018.1.2.2
got OID=1.2.840.113554.1.2.2
got OID=1.2.840.113554.1.2.2.3
got OID=1.3.6.1.4.1.311.2.2.10
got principal=not_defined_in_RFC4178 at please_ignore
Got challenge flags:
Got NTLMSSP neg_flags=0x62898215
NTLMSSP: Set final flags:
Got NTLMSSP neg_flags=0x60088215
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0x60088215
SPNEGO login failed: No logon interdomain trust account
failed session setup with NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT
Could not connect to server W2K8SERVER
Connecting to host=W2K8SERVER
Connecting to 10.10.10.202 at port 445
NetServerEnum2 error: Couldn't find primary domain controller            for
domain WTEST
Could not initialise lsa pipe. Error was NT_STATUS_ACCESS_DENIED
return code = -1

I haven't found information about trust between 2008 and Samba. May be it's
not supported.

Regards,
 Diego

-- 
Diego Woitasen
XTECH

More information about the samba mailing list