[Samba] Authentication with trusted credentials

Rowland penny rpenny at samba.org
Tue Jul 21 14:53:25 UTC 2020

On 21/07/2020 15:38, Yakov Revyakin wrote:
> Hi Rowland,
> Thank you for effort
> My output as you requested:
> ## Samba DC
> d at us-smdc3:~$ wbinfo --online-status
> BUILTIN : active connection
> SVITLA3 : active connection
> APEX : active connection
> ## Linux Client
> d at uc-sm18:~$ wbinfo --online-status
> BUILTIN : online
> UC-SM18 : online
> SVITLA3 : online
> APEX : online
> # UC-SM18 is a Linux member of SVITLA3.
> You decided to demonstrate too difficult case. I only want to prove 
> that I can ssh to UC-SM18 at SVITLA3.ROOM with trusted account from 
> trusted APEX.CORP domain using trust capabilities of Samba DC. It is 
> very often case when someone with account in main organization wants 
> to login on-premise of another one which is in trusting relationships 
> with main.
Perhaps I did go over the top, but I wanted to be sure that I had trusts 
set up correctly.

I can get the user & group info for a domain on the other domain, but I 
cannot log into a Linux domain member in one domain using a user from 
the other domain i.e. DOMAIN\\user at linux-client.example.com

Now comes the strange bit, it works to a DC, just found this out.

I will examine the logs and see if I can work out why.


More information about the samba mailing list