[Samba] Winbind with krb5auth for trust users
Rowland Penny
rpenny at samba.org
Tue Aug 22 15:42:37 UTC 2017
On Tue, 22 Aug 2017 17:18:59 +0200
Andreas Hauffe via samba <samba at lists.samba.org> wrote:
> Hi,
>
> the external trust, we have, is a one directional external trust. So
> users of the trusted dom can logon on local dom clients, but not the
> other way around. In case of "wbinfo -a" all communication is between
> the client and the domain controller of the local domain, which is
> the proxy for the auth process. In case of "wbinfo -K" all
> communication is between the client and a trusted domain controller
> and the client do not have any rights/credentials there. Perhaps,
> that's way I'm getting a
>
> No logon servers Could not authenticate user [GLOBALDOM\globdomuser]
> with Kerberos
>
Ah, I do not think that Samba supports one way trusts (yet)
Rowland
More information about the samba
mailing list