-   Linux - Networking (
-   -   Samba 3 and Windows NT4 trust relationship (

mozilla 07-01-2007 03:13 PM

Samba 3 and Windows NT4 trust relationship
Hi all,
I have configured Samba 3 as a PDC for domain "LINDOMAIN" ,
configured a trust relation ship between the samba server and a windows NT4-sp6 domain
"WINDOMAIN". the trust relationship is bi-directional.
when I run the command :

# net rpc trustdom list -U root

trusted domains:
WINDOMAIN <Windows Domain SID>

trusting domains:
WINDOMAIN <Windows Domain SID>

Now to test the trust relationship, I prepared 2 Windows XP machines.
one is joined to LINDOMAIN and the other is joined to WINDOMAIN.

I can authenticate and login to both domains from the machine that was joined to WINDOMAIN, by switching between domains in the login window.

From the machine that was joined to LINDOMAIN, I can only login to LINDOMAIN, and cannot login to the other domain WINDOMAIN.
and cannot also access share on the samba server by using:

# smbclient //WINDOMAIN-PDC/data -U WINDOMAIN\\username.

Actually it checks the password, if it was correct, gives me an error in log.smbd file and connects as "nobody".

log.smbd file says that:

[2007/07/01 19:22:18, 0] auth/auth_util.c:make_server_info_info3(1297)
make_server_info_info3: pdb_init_sam failed!

by increasing the debug level, the error is:

make_server_info_info3: pdb_init_sam failed!
[2007/07/01 19:58:20, 2] auth/auth.c:check_ntlm_password(317)
check_ntlm_password: Authentication for user [testuser] -> [testuser] FAILED with error NT_STATUS_NO_SUCH_USER
[2007/07/01 19:58:20, 1] smbd/service.c:make_connection_snum(700)
degy ( connect to service users initially as user nobody (uid=65534, gid=65533) (pid 15493)

# wbinfo -u (from the Linux server)
gives me all users on the windows domain

# id WINDOMAIN\\testuser
no such user error!

the samba global section is:
workgroup = LINDOMAIN
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
map to guest = Bad User
include = /etc/samba/dhcp.conf
logon path =
logon home =
logon drive = P:
local master = yes
domain master = yes
preferred master = yes
os level = 65
idmap uid = 10000-20000
idmap gid = 10000-20000
;debug level = 2
auth methods = guest sam winbind
winbind separator = \
winbind enum users = yes
winbind enum groups = yes
netbios name = WINDOMAIN-PDC
add machine script = /usr/sbin/useradd -d /var/lib/samba -c 'Machine' -s /bin/false -M %u
server string = File Server
wins support = yes
domain logons = yes
security = user
username map = /etc/samba/smbusers

I need an urgent help for this problem, and you fast response will
be appreciated.

mozilla 07-03-2007 02:11 AM

problem Solved!

It was the nscd daemon, a recommendation from Samba official documentation
not to run nscd when working with winbind.


All times are GMT -5. The time now is 12:58 PM.