rruegner wrote:
Doug Curtis schrieb:
I hope someone can answer this since my other emails have gone unanswered.
I am using Samba 3.0.7 on both machines and am using LDAP. I believe that the trusts are working but I am still having a slight problem.
I guess we'll use DOM1 and DOM2 for the domain names. DOM2 is trusting DOM1. If a DOM1 user tries to locally login to a DOM1 computer, it gives a "System could not log you on." error. I noticed in the logs that it is trying to create a user with the same name but it is getting this error:
"Error: modifications require authentication at /usr/local/sbin///smbldap_tools.pm line 885, <DATA> line 283."
If I manually create a user in DOM1 with the same username, it will then let the user in DOM2 login.
Is this how the trust is supposed to work? The user has to have a posix account in both domains?
Also, if a user is logged into DOM1 and browses to the DOM2 server, the DOM2 server automatically creates a posix account for that user, thus letting that person login locally to DOM2 from then on. It seems as though it is able to create the posix account it needs when browsing but not when a user tries to login locally for the first time.
I hope this makes some sense to someone.
Thanks,
Doug
I guess yor trust is not working in the right way so , the pdc tries to create a temp account with ldap tools ( which fails )
Ahh, I hoped that this wouldn't be the proper way for trusts to work. Otherwise, what's the point of trusts? I've used NT4 trusts before and didn't have a problem with those.
If you have 2 domains with different ldap servers , every domain
must have her own complete accounts cause they acting as complete
different system , as far i know the trust is only handeled by hashes through the pdcs and given to the clients longing that hash that there is now a trusted domain.Perhaps some of the gurus will help you out,but theres also good doku in the samba faqs
Regards
Yep, that's how I have things setup. Well, I guess I'll keep searching or hopefully someone can shed some light on this.
Thanks for your reply,
Doug -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
