Having set up two way trust between a Samba domain (with LDAP backend)
and an AD domain, I find that
1. Users from the trusted domain are authenticated against the proper
DC (that is, their regular password works), but only if there is a
corresponding local domain user.
2. Users from the
I have similar issues. II am running Samba 3.4 (compiled from source)
on Solaris 10- so selinux is NOT an issue for me. Otherwise I have
similar config (LDAP backend for samba, trusted domains to windows 2003
server.)
thought this used to work but a month or so ago it wasn't.
getent
On Thu, Oct 21, 2010 at 05:02:55PM -0400, Gaiseric Vandal wrote:
I have not tried ssh'ing in as a trusted domain user (I definately
don't want that available..)
It's not something I want to make available, but it was an important
test to prove that winbind was creating the correct idmap
Re ssh - I should try that.
Windows 2003 Native mode- you can't have NT4 BDC's in the domain.
Trusts with NT4 domains are OK (at least should be.) Samba (as a
PDC) emulates an NT4 domain but still seems to use kerberos for locating
DC's (which would make sense if you want it to be an