[Samba] Trust problems after upgrade from 3.5 to 3.6

Andrea Venturoli ml at netfence.it
Sat Feb 9 05:12:09 MST 2013

On 02/09/13 12:59, Mario Codeniera wrote:
> What do you get when you issue the command? This command will list the
> Interdomain Trusts
> net rpc trustdom list -U <admin user>

I see the foreign domain, with its SID, listed on both "Trusted domains" 
and "Trusting domains".

As I said, users from this domain are accepted on the other one, so one 
way the trust works perfectly.

Also, authentication of user from the trusted domain succeeds or fails 
depending on the correctness of the password; so the trust is there.

> If not you can add a relationship, it means the AD domain is trusted by
> your local domain (ex your samba)
> net rpc trustdom add <AD name> <passwd> -U <admin user>
> because you want a two-way trust add this one, local domain has given trust
> from the AD.
> net rpc trustdom establish <SAMBA/local domain> -U <admin user>

I've already tried several times to remove and recreate the trust.
Furthermore, as I said, it's working on the BDC where I've left Samba 
3.5 for now.

> If you now issue the command wbinfo -g, you will now displays the AD and
> samba groups.

"wbinfo -g" gives empty output!!!
I think the problem might lie here...

> But be sure to check also in the AD, trust domain utility.

There are some message in event viewer which confirm the fact that my 
samba is contacting the Windows servers for authentication (which 
succeeds or fails normally).

I'm investigating further.

  bye & Thanks

More information about the samba mailing list