[Samba] Authentication with trusted credentials
rpenny at samba.org
Tue Jul 21 14:53:25 UTC 2020
On 21/07/2020 15:38, Yakov Revyakin wrote:
> Hi Rowland,
> Thank you for effort
> My output as you requested:
> ## Samba DC
> d at us-smdc3:~$ wbinfo --online-status
> BUILTIN : active connection
> SVITLA3 : active connection
> APEX : active connection
> ## Linux Client
> d at uc-sm18:~$ wbinfo --online-status
> BUILTIN : online
> UC-SM18 : online
> SVITLA3 : online
> APEX : online
> # UC-SM18 is a Linux member of SVITLA3.
> You decided to demonstrate too difficult case. I only want to prove
> that I can ssh to UC-SM18 at SVITLA3.ROOM with trusted account from
> trusted APEX.CORP domain using trust capabilities of Samba DC. It is
> very often case when someone with account in main organization wants
> to login on-premise of another one which is in trusting relationships
> with main.
Perhaps I did go over the top, but I wanted to be sure that I had trusts
set up correctly.
I can get the user & group info for a domain on the other domain, but I
cannot log into a Linux domain member in one domain using a user from
the other domain i.e. DOMAIN\\user at linux-client.example.com
Now comes the strange bit, it works to a DC, just found this out.
I will examine the logs and see if I can work out why.
More information about the samba