[Samba] Active Directory Trust issues
unix.co at gmail.com
Fri Jul 31 18:06:25 UTC 2015
On Fri, Jul 31, 2015 at 6:55 PM, Denis Cardon <
denis.cardon at tranquil-it-systems.fr> wrote:
> Hi Umar,
> I am using SAMBA 4.1.6 AD on Ubuntu 14.04.02, I am trying to use the Active
>> Directory Domains and Trust tool but it keeps giving me this message.
> Domain trust is not yet supported in that old samba version. There is some
> support in the next release 4.3. From the annonce mail  of the Samba
> Improved support for trusted domains (as AD DC)
> The support for trusted domains/forests has improved a lot.
> samba-tool got "domain trust" subcommands to manage trusts:
> create - Create a domain or forest trust.
> delete - Delete a domain trust.
> list - List domain trusts.
> namespaces - Manage forest trust namespaces.
> show - Show trusted domain details.
> validate - Validate a domain trust.
> External trusts between individual domains work in both ways
> (inbound and outbound). The same applies to root domains of
> a forest trust. The transitive routing into the other forest
> is fully functional for kerberos, but not yet supported for NTLMSSP.
> While a lot of things are working fine, there are currently a few
> - Both sides of the trust need to fully trust each other!
> - No SID filtering rules are applied at all!
> - This means DCs of domain A can grant domain admin rights
> in domain B.
> - It's not possible to add users/groups of a trusted domain
> into domain groups.
>  https://download.samba.org/pub/samba/rc/WHATSNEW-4.3.0rc1.txt
> I am trying to fix this issue:
>> The requested operation cannot be completed. The computer must be trusted
>> for delegation and the current user account must be configured to allow
>> Would you please help how I can solve this issue?
> Denis Cardon
> Tranquil IT Systems
> Les Espaces Jules Verne, bâtiment A
> 12 avenue Jules Verne
> 44230 Saint Sébastien sur Loire
> tel : +33 (0) 184.108.40.206.55
More information about the samba