[Samba] Trust relationship between Windows Domains
Emilio Iglesias Martinez
eiglesiasmar at csc.com
Tue Nov 8 01:19:50 MST 2011
Hello,
we have the following scenario:
- Samba v3.0.23d runing under AIX v5.3
- Two Windows Domains, lets call them D1 and D2, that have a trust
relationship between them so that any user on D1 can access resources on
D2 without need to re-authenticate.
Now, for business needs we would like to set up a common repository in our
AIX server that is accessible from all our AIX and Windows machines. Our
goal is that any user (independently of the environment or Domain he is
in) is able to access this repository without need to re-enter any
credentials.
We have tried associating the Samba instance to domain "D2" and we
expected that users on domain D1 would be able to access it as well (as it
happens on Windows machines due to the trust relationship). However, we
have seen that this is not the case. Users on "D1" can not access the
Samba repository without re-authenticating using "D2" credentials. It
seems like Samba is not able to apply the trust relationship that was
defined at Windows level.
Is there any way we can configure Samba to achieve our goal of granting
access to the AIX repository to both users on D1 and D2 without need to
re-authenticate?
Two possible solutions have occurred to us, but we don't know whether they
are technically feasible or not or how hard they would be to
implement/maintain:
Option 1) Configure Samba in such a way so that it is able to apply the
trust relationship that exists between the two windows domains (D1 and
D2).
---------------
Option 2) Configure and run a second instance of Samba on the AIX machine.
One instance would be assigned to D1 and the other instance to D2.
---------------
Can you please advise on the feasibility of these options or provide
alternatives we have not thought of?
thanks!
EMILIO J. IGLESIAS
ALM - Application Lifecycle Management Engineer
CSC Asturias
WSS | office: +34 985 120341 | email: eiglesiasmar at csc.com | www.csc.com
Advanced Leave notice: July 29th to Aug 22nd
CSC • This is a PRIVATE message. If you are not the intended recipient,
please delete without copying and kindly advise us by e-mail of the
mistake in delivery. NOTE: Regardless of content, this e-mail shall not
operate to bind CSC to any order or other contract unless pursuant to
explicit written agreement or government initiative expressly permitting
the use of e-mail for such purpose • Computer Sciences España, SA •
Registered Office: Avenida Diagonal, 545 Pl. 6, Edificio L’Illa, 08029
Barcelona, Spain • Registered in Spain No: C.i.f. A59425546
More information about the samba
mailing list