[Samba] Multiple domains issue

Ron García-Vidal ghstwrtr at evilgenius.net
Mon Jan 24 14:40:44 MST 2011 

Here's some more info.  This is an excerpt from the log on a connection 
attempt:

[2011/01/24 15:30:55, 1] smbd/service.c:make_connection_snum(950)
   CLIENT_STATION (X.X.X.46) connect to service USERNAME initially as 
user ADDOMAIN+USERNAME (uid=10000, gid=10000) (pid 18741)
[2011/01/24 15:30:56, 0] smbd/service.c:set_current_service(150)
   chdir (/opt/ntpublic/users/USERNAME) failed
[2011/01/24 15:30:56, 0] smbd/service.c:set_current_service(150)
   chdir (/opt/ntpublic/users/USERNAME) failed
[2011/01/24 15:30:56, 0] smbd/service.c:set_current_service(150)
   chdir (/opt/ntpublic/users/USERNAME) failed
[2011/01/24 15:30:56, 0] smbd/service.c:set_current_service(150)
   chdir (/opt/ntpublic/users/USERNAME) failed
[2011/01/24 15:30:56, 0] smbd/service.c:set_current_service(150)
   chdir (/opt/ntpublic/users/USERNAME) failed
[2011/01/24 15:30:56, 0] smbd/service.c:set_current_service(150)
   chdir (/opt/ntpublic/users/USERNAME) failed
[2011/01/24 15:30:56, 0] smbd/service.c:set_current_service(150)
   chdir (/opt/ntpublic/users/USERNAME) failed
[2011/01/24 15:30:56, 0] smbd/service.c:set_current_service(150)
   chdir (/opt/ntpublic/users/USERNAME) failed
[2011/01/24 15:30:56, 0] smbd/service.c:set_current_service(150)
   chdir (/opt/ntpublic/users/USERNAME) failed
[2011/01/24 15:30:56, 0] smbd/service.c:set_current_service(150)
   chdir (/opt/ntpublic/users/USERNAME) failed
[2011/01/24 15:30:56, 0] smbd/service.c:set_current_service(150)
   chdir (/opt/ntpublic/users/USERNAME) failed
[2011/01/24 15:30:57, 0] smbd/service.c:set_current_service(150)
   chdir (/opt/ntpublic/users/USERNAME) failed
[2011/01/24 15:30:57, 0] smbd/service.c:set_current_service(150)
   chdir (/opt/ntpublic/users/USERNAME) failed
[2011/01/24 15:30:57, 0] smbd/service.c:set_current_service(150)
   chdir (/opt/ntpublic/users/USERNAME) failed
[2011/01/24 15:30:59, 0] smbd/service.c:set_current_service(150)
   chdir (/opt/ntpublic/users/USERNAME) failed
[2011/01/24 15:30:59, 0] smbd/service.c:set_current_service(150)
   chdir (/opt/ntpublic/users/USERNAME) failed
[2011/01/24 15:31:05, 1] smbd/service.c:close_cnum(1150)
   CLIENT_STATION (X.X.X.46) closed connection to service USERNAME


As I said, prior to Friday's domain drop and rejoin, this worked 
properly.  I think there just needs to be able to say 
ADDOMAIN+USERNAME=NTDOMAIN+USERNAME.

-Ron

On 01/24/2011 06:52 AM, Ron García-Vidal wrote:
> Understood and agreed, but since we're migrating to the AD in a
> piecemeal fashion must get this to work for users in both domains until
> the migration is complete. Any suggestions?
>
> -Ron
>
> On 01/23/2011 01:05 PM, tms3 at tms3.com wrote:
>>
>>>
>>> I encountered a strange problem recently when changing the IP of my
>>> Samba server. We are in the process of moving from an ancient NT4
>>> domain to an AD domain. We did a full migration of all the users, and
>>> up until Friday, our AD users were able to access the Samba server
>>> (which is still on the NT domain) with full permissions, etc.
>>>
>>> On Friday for reasons completely unrelated, we had to change the IP of
>>> the Samba server. When we brought it up on the new IP, it gave an error
>>> bringing up the Samba daemons. I was rushed and didn't pay to much
>>> attention to the error, but instead took the easy route of removing
>>> Samba from the NT domain, and re-joining.
>>>
>>> That got the Samba daemons up and running and we mostly had no problem,
>>> except now the AD users aren't allowed to access their home directories.
>> Home directories in a trusted domain is probably a bad idea, and likely
>> has some permission issues. It might be best to join the samba server to
>> the AD domain instead.
>>>
>>>
>>> The AD and NT domains have a mutual trust relationship, and all SSIDs
>>> for the users on both domains are the same. As I said, prior to Friday,
>>> these users were able to access.
>>>
>>> I'm not entirely sure how Samba handles multiple domains, etc. and I
>>> have no idea how to even begin to trouble shoot this problem. Any
>>> suggestions would be welcome.
>>>
>>> -Ron
>>> --
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions: https://lists.samba.org/mailman/options/samba
>>

More information about the samba mailing list