[Samba] Strange Problem with Samba and WIndows 2012 Domain forest
Ricardo Carlini Sperandio
rcarlini at gmail.com
Tue Mar 19 12:07:28 MDT 2013
Em 12-03-2013 17:16, Ricardo Carlini Sperandio escreveu:
> Hello,
>
> I work in a corp with a lot of active directory domains (20 in
> total) in a forest, these 18 are in windows 2003 with '2003 level
> mode' and twin in AD 2012 with '2012 level mode'.
>
> There is a domain hierarchy like this:
>
> . Domain2003A <----------Trust
> relation------------->Doman2012X<------Trust relation----->Domain2012Y
> |- Domain2003B
> |- Domain2003C
> .
> .
> .
> |-Domain2003R
>
> The problem is:
> When I put the Linux machine with Samba 3.5.x or 3.6.x in
> Domain2003C (son of Domain2003A) all users in domains sons of
> Domain2003A (Domain2003A...Domain2003R) can login on this. But users
> of Domain2012X (and 2012Y) can't do.
>
> When I did a winbind -D domain2012X I got:
>
> In Samba 3.5.x
> Could not get domain info
>
> in Samba 3.6.x
> failed to call wbcDomainInfo: WBC_ERR_DOMAIN_NOT_FOUND
> Could not get domain info
>
> But in Samba 3.4.x (x = 8 and 17):
>
> wbinfo -D DOMAIN2012X
> Name : DOMAIN2012X
> Alt_Name : domain.2012.a.com
> SID : S-1-5-21-2994637511-790031978-1797744665
> Active Directory : Yes
> Native : Yes
> Primary : No
>
>
> And when I included the Linux Machine in DOMAIN2012X with samba 3.6.x
> only users from Doman2012X and Doman2012Y could logon on it.
> winbind -m didn't show the Domain2003A and his sons.
>
> I put the Linux Samba machine in domain (in all cases) with the
> command: net ads join -U userAdd
>
> My security mode in smb.conf is ads and I have krb5.conf and
> smb.conf's realm configured.
>
> So, what's the possible problem?
>
> Regards
>
> Ricardo
>
>
Anybody else? Any sugestion?
More information about the samba
mailing list