Also: I'm not sure I follow what's being said about AD access control, but the comment "my admin account has read-only access to the user accounts" worries me a bit. In builds before 142, the configuration needs to be such that our machine account has read access to any user records that are going to be used.

(BTW, that requirement, and the requirement for a 2-way trust, continues past build 142 if you use AD directory-based mapping.)

Alan Wright wrote:
The SMB service fully supports trusts in snv_134 but due to
an idmap limitation only two-way trusts will work on that build.
You would need snv_142 to use a one-way trust, which I suspect
is what you are describing below.


-------- Original Message --------
Subject: [cifs-discuss] Are domain trusts supported?
Date: Thu, 02 Sep 2010 18:11:43 PDT
From: artiepen <>

We currently have a test machine running svn_134 and we'd like to try it in our AD environment. Our AD environment has two domains: and with a Forest trust.

I can only create computer accounts in, has user accounts and I cannot create computer accounts, but my admin account has read-only access to the user accounts (so that I can add the user objects to Universal groups in

I've created a computer account in and joined the osol test machine to it. I've made some shares. My administrative account can read/write to those shares, but when I log into a windows machine with my account, I get "Access Denied".

Is there some special way to configure cifs to allow the account from to write?

cifs-discuss mailing list

cifs-discuss mailing list

Reply via email to