Well.. all my samba boxes are behaving the same way. When joined to the AD, they work when addressed by name, but fail trust with the AD when addressed by IP. AD is controlled by windows 2003, not by samba. I'm pretty sure if I made a samba PDC, I could get this to work, but I can't because that's not our architecture here.
I have a mixture of a couple different versions on both solaris and linux, and they all seem to behave the same. All the samba boxes use the same wins, which is the PDC. They also use a mix of DNS, for a couple of internal reasons, but for name/ip in regards to the AD, they will get the same responses because of the way delegation is setup among name servers. The AD does not run it's own name space and defers to the bind clusters for dns. The krb5.conf does point to the AD, as samba is the only thing on these boxes that use kerberos. name resolve order is not explicitly set, so defaults to lmhosts host wins bcast Anyway, the samba servers are not seeing the connection attempt when they get the trust failure error. The AD seems to be rejecting the connection attempt and not directing the connection to the samba box. When I use a FQDN, I see the connection attempt, and it works fine. It's only when I use IP. We have a security scanner that is failing because it is using IP since that's how it's network discovery works, which is what I'm trying to fix. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba