Hello guys, I got a few questions about winbind / samba and multi domain authentication. At my company we have to different domains.
DOMAIN-A and DOMAIN-B My smb.conf is attached (global section only). My linux server (rhel 5.4 x64) is configured with the security mode "ads" and has been joined to the DOMAIN-A via "net ads join DOMAIN-A -U administrator" I can see the users and groups for DOMAIN-A and DOMAIN-B (with wbinfo -u / wbinfo -g), even with "getent passwd" and "getent group". If I initiate the following command, only the list of users for DOMAIN-A is successfull, users for DOMAIN-B alway fail: id DOMAIN-A+schlegels -> successful id DOMAIN-B+schlegels -> No such user Can you please help me with this issue? I spend more than a week with reading documentation about that, but I can't figure out the problem. Samba-Version (also required packages): 3.4.9 smb.conf (global section): [global] workgroup = DOMAIN-A realm = DOMAIN-A.LCL password server = dchh01.domain-a.lcl preferred master = no server string = Linux Test Server security = ads encrypt passwords = yes local master = no log level = 3 log file = /var/log/samba/%m max log size = 50 winbind enum users = Yes winbind enum groups = Yes ##winbind use default domain = Yes winbind nested groups = Yes #winbind separator = \\ winbind separator = + winbind refresh tickets = yes #winbind offline logon = false winbind offline logon = true winbind trusted domains only = no map untrusted to domain = Yes allow trusted domains = yes #obey pam restrictions = yes obey pam restrictions = no idmap uid = 1000-60000 idmap gid = 1000-60000 idmap config DOMAIN-A : backend = rid idmap config DOMAIN-A : range = 1000-30000 idmap config DOMAIN-B : backend = rid idmap config DOMAIN-B : range = 31000-60000 passdb backend = tdbsam ;template primary group = "domain users" template shell = /bin/bash winbind nss info = rfc2307 client use spnego = yes client ntlmv2 auth = yes restrict anonymous = 2 Thanks in advance! With best regards Steven Schlegel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
