Re: [Samba] Samba cannot authenticate users from child domain
I'll try to post it again.. Have a nice day Simone wrote: Hi, I've been searching a solution for this with no luck for the last 5 days, so I thought I'd finally need help. We have a ADS primary domain, samba 3.0..4-6.3E on RHEL as a domain member. The parent domain say MEDIA.COM has a child domain CHILD.MEDIA.COM. People from the parent domain can access tha shares with no problem , but I can't find a way to make users from the child domain access any share. We use winbind for auth, and security=ads. I've been trying to add valid users to the share via: valid users = CHILD\user CHILD.MEDIA.COM\user Here's a short cut of my smb.conf : realm : MEDIA.COM auth methods = winbind security = ads password server = ip_parentdomain_dc ip_childdomain_dc and here's krb5.conf: [realms] MEDIA.COM = { kdc = ip_parentdomain_dc:88 admin_server = ip_parentdomain_dc:749 default_domain = media.com } [domain_realm] media.com = MEDIA.COM .media.com = MEDIA.COM [kdc] profile = /var/kerberos/krb5kdc/kdc.conf (this file doesn't exist.) If I try to access share \\mediasrvsamba\data from a winxp pc where I'm logged as CHILD\user I get an error in the logs saying couldn't find user MEDIA\user. I guess it cannot find it because it is searching in the parent domain rather than the child domain. Thanks very much for any help, hope I've been able to explain myself. Simone -- Email.it, the professional e-mail, gratis per te: http://www.email.it/f Sponsor: La vera mozzarella di Bufala Campana la trovi fresca su Terrasolis.com, provala! Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=2499d=15-9 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba cannot authenticate users from child domain
Hi, I've been searching a solution for this with no luck for the last 5 days, so I thought I'd finally need help. We have a ADS primary domain, samba 3.0..4-6.3E on RHEL as a domain member. The parent domain say MEDIA.COM has a child domain CHILD.MEDIA.COM. People from the parent domain can access tha shares with no problem , but I can't find a way to make users from the child domain access any share. We use winbind for auth, and security=ads. I've been trying to add valid users to the share via: valid users = CHILD\user CHILD.MEDIA.COM\user Here's a short cut of my smb.conf : realm : MEDIA.COM auth methods = winbind security = ads password server = ip_parentdomain_dc ip_childdomain_dc and here's krb5.conf: [realms] MEDIA.COM = { kdc = ip_parentdomain_dc:88 admin_server = ip_parentdomain_dc:749 default_domain = media.com } [domain_realm] media.com = MEDIA.COM .media.com = MEDIA.COM [kdc] profile = /var/kerberos/krb5kdc/kdc.conf (this file doesn't exist.) If I try to access share \\mediasrvsamba\data from a winxp pc where I'm logged as CHILD\user I get an error in the logs saying couldn't find user MEDIA\user. I guess it cannot find it because it is searching in the parent domain rather than the child domain. Thanks very much for any help, hope I've been able to explain myself. Simone -- Email.it, the professional e-mail, gratis per te: http://www.email.it/f Sponsor: La vera mozzarella di Bufala Campana la trovi fresca su Terrasolis.com, provala! Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=2499d=15-9 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba