[Samba] Samba, Win 2K3, domain trust and NT_STATUS_NO_LOGON_SERVERS

Diego Woitasen diego at woitasen.com.ar
Mon Oct 3 19:54:57 MDT 2011


I've configured a domain trust between Samba 3.5.6 and Windows 2003
Server Enterprise Edition SP2. It's a one way trust, Windows is the
trusted and Samba the trusting. I want to give access to my resources
in the Samba domain to the users in the Windows domain. The
configuration of the trust was fine (I think). The validation on the
window server says that it' s ok and the Windows domain appears in
"net rpc trustdom list".

My problem is that in the domain members (Samba file server,
Squid+NTLM_auth and a NetApp storage) of the Samba domain I can't
login with users from the Windows domain. I configured a simple file
server to debug the problem and when I try to list the shares I get:

# smbclient -L //DOMAINMEMBER -U DOMAINW2K\\pepetest%XXXXXX
session setup failed: NT_STATUS_NO_LOGON_SERVERS

There isn't communication problems between the PDCs and the domain
member. If I list the domain with "wbinfo -m", I see both domains.
With debug enabled, I don't see anything special:

  NTLM CRAP authentication for user [DOMAINW2K]\[pepetest] returned
NT_STATUS_NO_LOGON_SERVERS (PAM: 9)

smb.conf of the file server:
[global]
        workgroup = DOMAINSAMBA
        security = DOMAIN
        printcap name = cups
        disable spoolss = Yes
        show add printer wizard = No
        idmap uid = 15000-20000
        idmap gid = 15000-20000
        winbind use default domain = Yes
        wins server = 10.10.48.67   #this is the Samba PDC
        log level = 5

[public]
        comment = Data
        path = /home/public
        read only = No

nmblookup -R -U 10.10.48.67 WINDOWSPDC   #returns the address of the Windows PDC

Regards,
 Diego

-- 
Diego Woitasen


More information about the samba mailing list