Samba/winbind work great locally, but the trusted accounts are not working. Here's a run down of what works and what doesn't:
wbinfo -m #shows trusted domains
wbinfo -a TRUSTEDDOMAIN+user%pass #successful
wbinfo -u/-g #only accounts/groups for local domain, not trusted
wbinfo -I #works on locals, trusted returns nothing
wbinfo -N #resolves correctly for local or trusted
wbinfo --sequence #shows all domains, however trusted are shown as DISCONNECTED
I've read a few posts on people fixing this with wbinfo -A \\DOMAIN\user%pass but I've not been able to get that to work. I'm assuming that only works with AD, which we're not using at this point
Again, this all works great for local users. The users from the trusted domains are the only ones affected. They can see the shares but the samba machine just won't let them in (since it doesn't see their accounts).
Any suggestions would be greatly appreciated. Here's some basics from globals in my smb.conf file:
security = domain
password server = *
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
pam password change = yes
obey pam restrictions = yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
wins server = 129.0.3.2
allow trusted domains = yes
dns proxy = no
#winbindd stuff
winbind separator = +
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind cache time = 15
winbind enum users = yes
winbind enum groups = yes
template shell = /bin/bash
template homedir = /home/%D/%U
Thanks in advance!
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
