LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 07-01-2007, 03:13 PM   #1
mozilla
LQ Newbie
 
Registered: Feb 2005
Posts: 17

Rep: Reputation: 0
Samba 3 and Windows NT4 trust relationship


Hi all,
I have configured Samba 3 as a PDC for domain "LINDOMAIN" ,
configured a trust relation ship between the samba server and a windows NT4-sp6 domain
"WINDOMAIN". the trust relationship is bi-directional.
when I run the command :

# net rpc trustdom list -U root

trusted domains:
WINDOMAIN <Windows Domain SID>

trusting domains:
WINDOMAIN <Windows Domain SID>

Now to test the trust relationship, I prepared 2 Windows XP machines.
one is joined to LINDOMAIN and the other is joined to WINDOMAIN.

I can authenticate and login to both domains from the machine that was joined to WINDOMAIN, by switching between domains in the login window.

From the machine that was joined to LINDOMAIN, I can only login to LINDOMAIN, and cannot login to the other domain WINDOMAIN.
and cannot also access share on the samba server by using:

# smbclient //WINDOMAIN-PDC/data -U WINDOMAIN\\username.

Actually it checks the password, if it was correct, gives me an error in log.smbd file and connects as "nobody".

log.smbd file says that:

[2007/07/01 19:22:18, 0] auth/auth_util.c:make_server_info_info3(1297)
make_server_info_info3: pdb_init_sam failed!

by increasing the debug level, the error is:

auth/auth_util.c:make_server_info_info3(1297)
make_server_info_info3: pdb_init_sam failed!
[2007/07/01 19:58:20, 2] auth/auth.c:check_ntlm_password(317)
check_ntlm_password: Authentication for user [testuser] -> [testuser] FAILED with error NT_STATUS_NO_SUCH_USER
[2007/07/01 19:58:20, 1] smbd/service.c:make_connection_snum(700)
degy (10.102.152.246) connect to service users initially as user nobody (uid=65534, gid=65533) (pid 15493)

# wbinfo -u (from the Linux server)
gives me all users on the windows domain

# id WINDOMAIN\\testuser
no such user error!

the samba global section is:
[global]
workgroup = LINDOMAIN
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
map to guest = Bad User
include = /etc/samba/dhcp.conf
logon path =
logon home =
logon drive = P:
local master = yes
domain master = yes
preferred master = yes
os level = 65
idmap uid = 10000-20000
idmap gid = 10000-20000
;debug level = 2
auth methods = guest sam winbind
winbind separator = \
winbind enum users = yes
winbind enum groups = yes
netbios name = WINDOMAIN-PDC
add machine script = /usr/sbin/useradd -d /var/lib/samba -c 'Machine' -s /bin/false -M %u
server string = File Server
wins support = yes
domain logons = yes
security = user
username map = /etc/samba/smbusers

I need an urgent help for this problem, and you fast response will
be appreciated.
 
Old 07-03-2007, 02:11 AM   #2
mozilla
LQ Newbie
 
Registered: Feb 2005
Posts: 17

Original Poster
Rep: Reputation: 0
problem Solved!

It was the nscd daemon, a recommendation from Samba official documentation
not to run nscd when working with winbind.

Thanks
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Samba 3 got problem with add trusted relationship with NT4 heero82 Linux - Software 0 03-23-2005 03:59 AM
trust relationship between windows pdc and fedora core 2 rans Linux - Networking 0 09-10-2004 01:44 AM
samba PDC (trust relationship error) egyptian Linux - Networking 1 09-07-2004 01:00 PM
Trust relationship vineet_s280 Linux - Networking 2 07-23-2003 11:09 PM
Trust relationship using SAMBA in Redhat Linux 7.2 dibakar Linux - Networking 5 02-22-2003 12:36 PM


All times are GMT -5. The time now is 07:01 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration