I am trying to establish a domain trust between a Samba 3.024 domain and a PC Netlink 2.0 domain.
Currently, we are using PC Netlink as our primary Windows file server and "NT4" domain controller. (Lets say that the domain is called LEGACY and the domain controller LX1) Windows 2003 servers are unable to join a PC Netlink domain (even with the SignOrSeal option disabled.) For this, and other reasons the eventual goal is to drop PC Netlink in favor of Samba. In the interim, I would like to make resources on Windows 2003 machines available to users without a duplicate set of accounts being required. To this end, I configured a Samba 3.024 domain "SAMBA" with a machine called SMB1. I can add Windows 2003 servers to this domain. I then tried to establish trusts. (Actually, I only need the SAMBA domain to trust the LEGACY domain.) LEGACY DOMAIN TO TRUST SAMBA DOMAIN I tried the following to have the LEGACY domain trust the SAMBA domain: On SMB1: #useradd legacy$ #smbpasswd -a -i legacy On a Windows 2000 server in the LEGACY domain, I used the NT4 User Manager for Domains tool to add the SAMBA domain as a trusted domain. Which seemed to work. I then added my SAMBA user account to the local users group of the Windows 2000 machine. However, when I try to log in as that user, I get the following message "the system cannot log you on now because the domain e2k is not available." The event log on the PC Netlink server shows "no domain controller is available for E2K for the following reason: There are currently no logon servers available to service the logon request" SAMBA DOMAIN TO TRUST LEGACY DOMAIN I have also tried to have the SAMBA domain trust the LEGACY domain. On the Windows 2000 server in the LEGACY domain, with the User Manager for Domains tool, I listed SAMBA as a trusting domain. The, on SMB1: smb1# net rpc trustdom establish legacy Could not connect to server LX1 Trust to domain LEGACY established On the Windows 2003 server in the SAMBA domain, I attempt to add users from the LEGACY domain to the local users group. I go to the CompMgt console->users->add -> select the domain. When prompted, enter the LEGACY\Administrator name and password. When I attempt to list accounts, or explicitly add a name, from from the LEGACY domain, I get the message the following error occurred while using the user name and password you entered. The remote procedure call failed and did not execute. Any thoughts? thanks for your help. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba