[Samba] Samba DC to Samba NT4 Domain Trust

Vex Mage dosmage at gmail.com
Thu Oct 31 18:29:10 UTC 2019

Hello! I'm trying to create a two way trust between a Samba DC and a Samba
NT4 domain both are 4.10.9. The issue I'm seeing is that while I can
establish a one way trust from the NT4 PDC to the DC using the following

net rpc trustdom add sambaad thepassword
net rpc trustdom establish sambaad
I enter the password for PDC$ and the trust is established.

When I go into Domains and Trusts and create a trust it fails to verify. I
then attempt to login to an account on NT4 domain named PDC and get the
following message.

[2019/10/30 16:35:41.408512,  0]
  _netr_ServerAuthenticate3: failed to get machine password for account
sambaad.engineering.college.edu.: NT_STATUS_NONE_MAPPED

Believing I shouldn't have used the short name I tried the net commands to
add the full name, as used in the logs, sambaad.engineering.college.edu
which results in the following error message.

Couldn't find domain controller for domain SAMBAAD.ENGINEERING.COLLEGE.EDU.

I feel like I need the Samba DC to use the short name and not the realm as
the trust user and it might resolve. The ultimate goal is to allow the NT4
domain users to be able to authenticate on the Active Directory domain

We cannot upgrade the NT4 domain at this time or we would perform a classic
upgrade, there are too many legacy components that have no upgrade path.
Any guidance would be greatly appreciated!

More information about the samba mailing list