[Samba] Samba4 - Interdomain trust with samba3

Julien TEHERY julien.tehery at openevents.fr
Tue Jun 5 10:10:57 UTC 2018


I'm actually migrating resources from an old samba3/LDAPĀ  (DOMAINA) to a 
Samba4 domain (DOMAINB) .
I succeded in populating Samba4 users and groups from the old one.

Now both domain live together during the migration i would like to set 
up an interdomain trust between the 2 domains so that samba4 users can 
still have access to samba shares on the old samba3 domain. So it would 
be a one-way trust from samba4 to samba3

I have allready set up bi directionnal approbations in the past between 
samba3 and real AD servers; but now I have difficulties to set it up.

Samba4 version : 4.6.4 (i've read that normally domain approbations 
should be supported in this version)

Using ADUC on Samba4, I only see approbations for kerberos V5 domains or 
windows domains.
On the samba3 side, i tried the "net rpc trustdom establish" as i used 
to do but it doesn't work.

I actually get a "couldn't verify trusting domain account"
I created a DOMAINA$ user on DOMAINB to establish the trust but 
something's wrong.

I don't know if it's related to a wins/lmhosts resolution problem or not.

Have any of you ever set up something like this?
 From what i know this should be possible, but i don't succeed in 
adapting the usual tutorial in this case.

Thanks for your Help



More information about the samba mailing list