On Thu, Aug 5, 2010 at 7:23 AM, Gaiseric Vandal <[email protected]> wrote: > He is correct that the Windows 2003 native shd be able to trust an NT4 > domain (which is what Samba pretends to be.) AD domain in Windows "mixed" > mode supports NT4 domain members- which is not what you are trying to do > anyway. But it suggested to me that when the AD domain moves to native mode > it either tightens up some authentication protocols in such a way that don't > play nice with older version of Samba. Of course, there could have been > some weird issue with my environment that I couldn't isolate. > > > If you really were setting up a domain trust between NT4 PDC and an Windows > 2003 PDC, the NT4 PDC would "think" it was talking to another NT4 PDC. > Samba , even tho it is providing the function of an NT4 PDC, looks like it > will detect that the other domain is an Active Directory domain. Things > like DNS name lookup (which wasn't so much of an issue for primitive OS's > like NT4 or Windows 95) are a lot more important. (Active directory > clients use DNS to locate AD LDAP and Kerberos servers.) It will > probably make your life simpler if you use your Active Directory server as > the main DNS and WINS server for the network. You may also want to > update the krb5.conf file on your samba server to have information info on > the AD "kerberos" domain. That may help samba locate the the DC for > the AD domain. > > > Also, pretty sure you need to keep NBT (netbios over tcp ) enable on your > Windows AD server- which should be the default option. Windows XP (and > later) AD clients don't need NBT to talk to an AD server so it is possible > your AD admin turned it off. > > I also found that the samba documentation was not as complete or current as > I would like. > > > > On 08/05/2010 09:18 AM, Marc Rechté wrote: >> >> Hello Gaiseric, >> >> Thank you for your answer. >> >> My last experience in Windows server was on NT, therefore my knowledge on >> AD is rather limited. I however work with an AD admin who may answer to some >> questions. >> >> He said the server with which the relation has to be set is in a 2003 >> level forest with a 2003 R2 schema. He also made a reference to MS KB >> http://support.microsoft.com/kb/325874/ on establishing a trust relation >> between an NT server and 2003 server and this document does not explicitly >> state the Windows server must be set in mixed mode. >> >> I checked both the Samba3 Official guide and Samba 3 how-to guides but it >> seems both of them are stuck to 3.0 version. Is there some more updated >> information regarding domains and AD interoperability in Samba ? >> >> Many thanks >> > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
Hi people. I'm working on a trust relation between Samba 3.3.X and Windows 2003 AD mixed mode. I have read the doc about this but for some reason wont work, my PDC+LDAP is working but I still cannot make this 2 servers share users. Could u please give me the process u use to create the relation between win2k3(in/out) and samba? I will appreciated, thanks!!! -- LIving the dream... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
