[Samba] Trust between Samba DC and Windows DC

Gaiseric Vandal gaiseric.vandal at gmail.com
Sat Nov 19 17:53:16 UTC 2016

On the linux machine, does "wbinfo -u" show users from the windows domain?  How about "wbinfo -g" showing groups from trusted domain.

If wbinfo is working, does "getent passwd" show users from windows domain?  Or try "getent passwd TRUSTEDDOMAIN\someuser."

I found that my domain trusts got broken with some of the recent Microsoft security patches so I suspect that if you do not update your samba version to include the "badlock" patches you won't ever get your trusts working.

-----Original Message-----
From: samba [mailto:samba-bounces at lists.samba.org] On Behalf Of Csoke János via samba
Sent: Saturday, November 19, 2016 8:23 AM
To: samba at lists.samba.org
Subject: [Samba] Trust between Samba DC and Windows DC

I have a problem with Samba. I use Samba 4.1.17 (because my company's security policy deny Samba upgrade) on Debian.
I created a Samba Active Directory Domain Cotroller with linux.local and a Windows Active Directory Domain Controller with windows.local domain (I used Windows Server 2012 R2). I am need to create a smb share in Linux and autheticate users from windows.local domain and need to create also a share in Windows with authenticate from linux.local domain.

I created a two-way external trust in Windows MMC console, and the wizard establish a trust, but not working well. The windows side is working. I created a windows share and authenticate form linux.local like a dream.
But I can't create Samba share in Linux and authenticate from windows.local domain. Samba said when I try access to the share with windows.local user:
'Account unknow'. I think the domain trust is not working well.

Can somebody help me?

Best regards,
János Csőke
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list