Re: [Samba] Trust Domains ...
Greetings ... After a little research (somebody did a bit or work ;-O ) with google and the replies to my questions, this what I think I understand and will test very soon ( Hope not to make an ass of myself. ) Andrew Bartlett wrote: Samba 2.2 supports being trusted by NT. Its a bit odd, and mainly works due to the fact that domain logons and interdomain logons are almost exactly the same. Not 'supported', and only works for NT domains with just a PDC. Okay, I asked this question before, but got no responce, so I am going to ask again, but this time with a little more details from my side. NT4sp6 PDC with Exchange 5.5sp4 host the mail ( and other resouces ) for my Linux domain. I wish to setup a Trust domain. If I understand this correctly, the NT4 domain needs to trust my Samba domain. Now according to http://mordor.clayton.edu/samba-tng/tng-pdc-trust.html as my reference, I will need to setup a machine account for the DOMAIN, PDC and each of the BDC's and then in the User Manager setup the trust relationship. This feel like I am missing something, because when a machine joins the domain, it normally needs root password ( which I don't wish to give to NT4 Admin ) and now I don't see any password been setup here ... it just does not seem secure. If I set my root password to something easy for the trust setup and make it secure afterwards would that not break the trust ... As I said, it feel like I am missing something. I have a funny feeling that my Samba server should join the NT4 domain, but then I don't see anything that says I have too. What should the security option set too, because I have see a few errors in one of my domains that have a LDAP SAM, which I had to change the option until the errors went away without kill my network. Once I get this right, I will get a friend to help document what I have done, maybe it could be tha basis for mini-howto or something. This all seems like too much. Thanks for all the help everybody has given me. Mailed Lee -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Trust Domains ...
(Embedded image moved C.Lee Taylor [EMAIL PROTECTED] to file: 06/06/2002 01:54 PM pic26037.pcx) (Embedded image moved C.Lee Taylor [EMAIL PROTECTED] to file: 06/06/2002 01:54 PM pic01468.pcx) Greetings ... After a little research (somebody did a bit or work ;-O ) with google and the replies to my questions, this what I think I understand and will test very soon ( Hope not to make an ass of myself. ) Andrew Bartlett wrote: Samba 2.2 supports being trusted by NT. Its a bit odd, and mainly works due to the fact that domain logons and interdomain logons are almost exactly the same. Not 'supported', and only works for NT domains with just a PDC. Okay, I asked this question before, but got no responce, so I am going to ask again, but this time with a little more details from my side. NT4sp6 PDC with Exchange 5.5sp4 host the mail ( and other resouces ) for my Linux domain. I wish to setup a Trust domain. If I understand this correctly, the NT4 domain needs to trust my Samba domain. Now according to http://mordor.clayton.edu/samba-tng/tng-pdc-trust.html as my reference, I will need to setup a machine account for the DOMAIN, PDC and each of the BDC's and then in the User Manager setup the trust relationship. This feel like I am missing something, because when a machine joins the domain, it normally needs root password ( which I don't wish to give to NT4 Admin ) and now I don't see any password been setup here ... it just does not seem secure. If I set my root password to something easy for the trust setup and make it secure afterwards would that not break the trust ... As I said, it feel like I am missing something. I have a funny feeling that my Samba server should join the NT4 domain, but then I don't see anything that says I have too. What should the security option set too, because I have see a few errors in one of my domains that have a LDAP SAM, which I had to change the option until the errors went away without kill my network. Once I get this right, I will get a friend to help document what I have done, maybe it could be tha basis for mini-howto or something. This all seems like too much. Thanks for all the help everybody has given me. Mailed Lee -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba pic01468.pcx Description: Binary data pic26037.pcx Description: Binary data
Re: [Samba] Trust Domains ...
(Embedded image moved C.Lee Taylor [EMAIL PROTECTED] to file: 06/06/2002 01:54 PM pic05180.pcx) (Embedded image moved C.Lee Taylor [EMAIL PROTECTED] to file: 06/06/2002 01:54 PM pic26037.pcx) (Embedded image moved C.Lee Taylor [EMAIL PROTECTED] to file: 06/06/2002 01:54 PM pic01468.pcx) Greetings ... After a little research (somebody did a bit or work ;-O ) with google and the replies to my questions, this what I think I understand and will test very soon ( Hope not to make an ass of myself. ) Andrew Bartlett wrote: Samba 2.2 supports being trusted by NT. Its a bit odd, and mainly works due to the fact that domain logons and interdomain logons are almost exactly the same. Not 'supported', and only works for NT domains with just a PDC. Okay, I asked this question before, but got no responce, so I am going to ask again, but this time with a little more details from my side. NT4sp6 PDC with Exchange 5.5sp4 host the mail ( and other resouces ) for my Linux domain. I wish to setup a Trust domain. If I understand this correctly, the NT4 domain needs to trust my Samba domain. Now according to http://mordor.clayton.edu/samba-tng/tng-pdc-trust.html as my reference, I will need to setup a machine account for the DOMAIN, PDC and each of the BDC's and then in the User Manager setup the trust relationship. This feel like I am missing something, because when a machine joins the domain, it normally needs root password ( which I don't wish to give to NT4 Admin ) and now I don't see any password been setup here ... it just does not seem secure. If I set my root password to something easy for the trust setup and make it secure afterwards would that not break the trust ... As I said, it feel like I am missing something. I have a funny feeling that my Samba server should join the NT4 domain, but then I don't see anything that says I have too. What should the security option set too, because I have see a few errors in one of my domains that have a LDAP SAM, which I had to change the option until the errors went away without kill my network. Once I get this right, I will get a friend to help document what I have done, maybe it could be tha basis for mini-howto or something. This all seems like too much. Thanks for all the help everybody has given me. Mailed Lee -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba pic01468.pcx Description: Binary data pic26037.pcx Description: Binary data pic05180.pcx Description: Binary data
RE: [Samba] Trust Domains ...
On Tue, 4 Jun 2002, WEBSTER, Greg wrote: This may be an impossible question, and I don't mean to be a mean taskmaster, but what kind of timeframe are we looking at for a 3.x release? Our office is a mongrelmix of Linux, W2k, and NT and while we are definitely not going to go to an XP environment, we would like to increase linux usage on the backend. Some of the connectivity to W2k that you talk about here would go a long way to that. No exact ETA. Right now we are looking in the Fall of this year. cheers, jerry - Hewlett-Packard http://www.hp.com SAMBA Team http://www.samba.org --http://www.plainjoe.org Sam's Teach Yourself Samba in 24 Hours 2ed. ISBN 0-672-32269-2 --I never saved anything for the swim back. Ethan Hawk in Gattaca-- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Trust Domains ...
Thanks all for responding, it seems my digest samba mail had a virus, so I did not get to read all the reply (I am sure there were many ;-) ) Andrew Bartlett wrote: Sylvestre Taburet wrote: Le Mardi 4 Juin 2002 15:23, C.Lee Taylor a écrit : Greetings ... Please could someone confirm that Samba 2.2.x and Samba 3.0 ( Head ) does not support Trusts between domains. 2.2.X doesn't, 3.0 will, though I don't know if CVS version does it yet. It should be possible with TNG, but I never tried: http://mordor.clayton.edu/samba-tng/tng-pdc-trust.html Will look at this if all else does not work ... I understand it goes like this: Kewl ... Samba 2.2 supports being trusted by NT. Its a bit odd, and mainly works due to the fact that domain logons and interdomain logons are almost exactly the same. Not 'supported', and only works for NT domains with just a PDC. Okay, I hope nobody minds me asking a few question ... I have DOMA, which is an NT4 domain with Exchange 5.5, DOMB is my little Linux server with Samba 2.2.x ( hoping to use 2.2.5 ). If I understand this, DOMA needs to trust DOMB so that the users in DOMB can access their mail in the DOMA Exchange server? Am I right? And would this work? Samba HEAD has support for both being trusted by NT and trusting NT. We don't support doing anything with Win2k ATM. Trusting NT is still a work in progress, but we have shown the basic concepts. I don't really wish to play with Samba Head, but I love to learn ... Samba TNG claims support for being trusted, but I've not tested it myself. You will need current CVS - TNG was able to pick up some of HEAD's work in this area to get around some nasty bugs. Samba-TNG trusting NT domains is a bit dodgy, becouse you need to setup the 'username map' manually. I don't really wish to play with TNG, but I love to learn ... Thanks guys. Mailed Lee -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Trust Domains ...
Le Mardi 4 Juin 2002 15:23, C.Lee Taylor a écrit : Greetings ... Please could someone confirm that Samba 2.2.x and Samba 3.0 ( Head ) does not support Trusts between domains. 2.2.X doesn't, 3.0 will, though I don't know if CVS version does it yet. It should be possible with TNG, but I never tried: http://mordor.clayton.edu/samba-tng/tng-pdc-trust.html Thanks Mailed Lee -- Sylvestre Taburet - Project Manager Mandrakesoft S.A. - 43, rue d'Aboukir, 75002 Paris - FRANCE +33 (1) 40 41 00 41 - http://www.linux-mandrake.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
