First: I'm not a Linux administrator, and I don't know what I don't know (if you know what I mean).
We have this server here at work, named FAXSERVER, running the Red Hat Enterprise Linux ES release 3 (Taroon Update 8) distro, along with Samba version 3.0.9-1.3E.12. The directory /home/faxes/ is shared out to our domain via Samba/Winbind.
This is primarily a Windows network. Windows domain controller, etc. I'm on this primary domain (DOMAIN1). And there is another domain. It's a trusted domain (DOMAIN2). I want users authenticating to DOMAIN2 to be able to access /home/faxes/ on this server as well. I can't seem to be able to make it happen.
Here's what I've (clumsily) tried so far:
SAMBA:
The permissions for /home/faxes/ are as follows:
drwxrwsr-x 57 uucp 10001 4096 Jul 24 2012 faxes. Looks like everyone has read/execute permission, and the file owner and members of the file's group additionally have write permission.
There are currently three Samba users set up, according to /etc/samba/smbusers: root (mapped to 'administrator' and 'admin'), nobody (mapped to 'guest', 'pcguest', and 'smbguest'), and mike (mapped to 'mike').
The Samba configuration (location: /etc/samba/smb.conf) for /faxes/ is currently as follows:
comment = FAX faxes
path=/home/faxes
writable = yes
printable = no
public = yes
guest ok = yes
create mask = 0665
Prior to me looking into it, the "guest ok" flag was set to no. I changed it to "yes" (since "public=yes" seems to make this redundant) and restarted the Samba service (service smb restart). It doesn't appear that this resolved the issue, but I wanted to try it.
WINBIND:
The 'wbinfo -g' command gives me a list of all user groups, but they're all under DOMAIN1\*. There are no DOMAIN2\* groups listed.
The 'wbinfo -m' command gives me a list of all trusted domains: FAXSERVER, BUILTIN, and DOMAIN2. So DOMAIN2 is trusted by FAXSERVER.
I'm also able to query both DOMAIN1 and DOMAIN2 from FAXSERVER:
[root@faxserver home]# wbinfo -D DOMAIN1
Name : DOMAIN1
Alt_Name : DOMAINNAME.COM
SID : S-1-3-59-7490224-282867100-4786781930
Active Directory : Yes
Native : Yes
Primary : Yes
Sequence : 62852289
[root@faxserver home]# wbinfo -D DOMAIN2
Name : DOMAIN2
Alt_Name : acrometis.com
SID : S-1-5-21-3827589627-1874523873-1381929582
Active Directory : No
Native : No
Primary : No
Sequence : -1
IN SUMMARY:
I don't really know what I'm doing. This is likely self-evident. Is it a matter of changing the "Active Directory" flag under DOMAIN2 from "No" to "Yes"? If so, how would I go about doing that?
Or is this an impossible task, and I'll just end up chasing my tail?