Hallo:
I've a problem with user authentication using samba.
What I have:
- ADS: Active Directory W2003 Controllers
- RH clients (RedHat 4u4), samba 3.0.10
What I do is to authenticate users that connects to RH against ADS.
AD domains:
dom1.net
dom2.com
subdom.dom2.com
My RH computer is joined to ADS dom1.net.
user1 account belongs to ADS dom1.net
user2 account belongs to ADS dom2.com.
I've defined dom1.net and dom2.com in /etc/krb5.conf so I can create tickets for both users.
If I do
kinit
user1@DOM1.NET
it works fine.
If I do in the same computer (the one that is joined to dom1.net)
kinit
user2@DOM2.COM
it works fine.
But it I try to use winbind, it works with user of dom1 but not with users of dom2.
wbinfo passwd DOM1\\user1 --> Returns user1 account.
wbinfo passwd DOM2\\user2 --> Returns that user doesn't exist.
The problem is that I can't authenticate
ssh DOM1\\user1@mycomputer.fqdn --> Works fine
su DOM1\\user1@mycomputer.fqdn --> " "
ssh DOM2\\user2@mycomputer.fqdn --> Logs shows that user doesn't exists.
su DOM2\\user2@mycomputer.fqdn --> Logs shows that user doesn't exists.
I've enabled en smb.conf:
...
security = ads
realm = DOM1.NET
workgroup = DOM1
allow trusted domains = yes
...
Any idea why I can't authenticate users of dom2.com in my RH computer?
Thanks