As a thought, can you put the Samba box in as a member server of the Server 2008 AD ? Run the 2008 Server in 2003 AD mode and it will work perfectly. I have done this successfully.
2008 AD Server (DNS/AD/WINS) Suse 11.0 Member server (Samba version 3.4.4-1.1-2267-SUSE-CODE11) (F&P, Postfix Mail) You won't have to worry about your trust issues this way. Cheers Mal -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Steve Chupack Sent: Sunday, 17 January 2010 2:44 AM To: [email protected] Subject: [Samba] Domain trusts and samba member servers Below is something I posted a while ago and got no responses... Maybe it was too convoluted for anyone to bother with, so let me try and put it more simply. I have a Win Server 2008 AD box (NEWDOMAIN) which is trusted by my samba DC (OLDDOMAIN). Users on NEWDOMAIN can access resources on the OLDDOMAIN DC just fine. But the trust relationship is not recognized or respected by my samba member servers in OLDDOMAIN. So, very simply put, even if nobody has the specific howto: Do samba member servers understand interdomain trusts? Thanks for any and all input -- I am at a standstill with a fairly major project and any help at all would be greatly appreciated. I have a suspicion it has something to do with winbind on the member servers, but I'm having no luck. On Thu, 6 Aug 2009 08:39:51 -0400 Steve Chupack <[email protected]> wrote: > I'm in the process of migrating from a Samba PDC to a Win2k3 PDC (all member servers will remain as Samba boxes). > > NEWDOMAIN = new Win2k3 PDC > OLDDOMAIN = current samba PDC > OLDDOMAIN_MEMBER = a current samba box that's a member of OLDDOMAIN > > I've successfully established a trust relationship between OLDOMAIN and NEWDOMAIN where OLDDOMAIN trusts NEWDOMAIN. Users in NEWDOMAIN have full access to resources on the OLDDOMAIN PDC. > > Where I'm stuck is granting access to OLDDOMAIN_MEMBER to users in NEWDOMAIN. OLDDOMAIN_MEMBER is joined to OLDDOMAIN and works as expected (Users in OLDDOMAIN can access resources on OLDDOMAIN_MEMBER. But users in NEWDOMAIN do not. > > Can someone help with the general concept here? Should it work as I've configured it? Does OLDDOMAIN_MEMBER need to be running winbind against OLDDOMAIN PDC, or even NEWDOMAIN? (although I don't see how the latter would work without moving OLDDOMAIN_MEMBER to NEWDOMAIN). > > Sorry if this is confusing -- tried to make it as clear as possible. > > Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
