[Samba] Active Directory member server

James Osbourn james.osbourn at citrix.com
Tue Jun 14 09:55:45 MDT 2011

I am trying to setup samba as a Windows front end to a CUPS print server.  We seem to be having some problems getting the server registered in the domain and for users to be able to connect to the server.  Our problems seems to stem from the fact that we add our machines to one domain which has a one way trust to a different domain which is where all of the user account reside and authentication is handled.  I was able to get the net adc join command to work by using the primary domain administrator credentials.

Any help on getting the correct runes into my smb.conf and krb5.conf files greatly appreciated.  My krb5.conf file is as follows

        default_realm = X.NET
        dns_lookup_realm = false
        dns_lookup_kdc = false
        ticket_lifetime = 24h
        forwardable = yes

A.X.NET = {
        kdc = dc01.a.x.net
        kdc = dc02.a.x.net
        admin_server = dc02.a.x.net

        .a.x.net = A.X.NET

My smb.conf file is as follows

   workgroup = A
   realm = a.x.net
   security = ADS
   encrypt passwords = yes

Many Thanks


More information about the samba mailing list