Windows 2008 R2 / one way trust / Samba
in [Samba]
|
Prev: [Samba] Windows 2008 R2 / one way trust / Samba
Next: [Samba] Samba/LDAP share issue -- user with invalid SID
From: Gaiseric Vandal on 6 May 2010 15:20 Was the Win 2003 domain in mixed mode or 2000/2003 native? Also, Win 2008 has some security settings changes that you may want to change back to "weaker" settings. http://support.microsoft.com/kb/889030/en-us Does "wbinfo -u" on the linux machine list users in the trusted (corporate) domain? If so, does "getent passwd" show them? (Presuming that previously it did.) On 05/06/2010 02:42 PM, Duffey, Blake A. wrote: > Here is our configuration - we have a Windows 2003 domain I'll call > 'corporate' and a Windows 2008 domain I'll call 'lab'. There is a > one-way trust (users can log into 'lab' machines using 'corporate' > creds). We have a linux box running samba that is a member of 'lab'. > Users log into their Windows machines using a 'corporate' credential and > can seamlessly get to samba. > > > > Yesterday I upgraded 'lab' to Windows 2008R2 - and things blew up from > there. > > > > Users are prompted to authenticate when connecting to the samba system, > and the server log shows NT_STATUS_NO_SUCH_USER. > > > > To resolve, we've removed/re-joined to the domain and upgraded to samba > 3.5.2 > > > > If I log into a lab system with a lab ID, I can get to samba. > > > > But nothing from the trusted domain works. > > > > Any insight greatly appreciated. > > > > > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
From: Duffey, Blake A. on 6 May 2010 15:40 I'm pretty sure Windows 2003 domain is native 2k3 I don't believe these settings are specific to Windows 2008 R2. Before I upgraded the 'lab' domain (from 2008 to 2008R2), things worked (although I think it was using NTLM, which isn't optimal) I should have added - we aren't using winbind -----Original Message----- From: samba-bounces(a)lists.samba.org [mailto:samba-bounces(a)lists.samba.org] On Behalf Of Gaiseric Vandal Sent: Thursday, May 06, 2010 3:17 PM To: samba(a)lists.samba.org Subject: Re: [Samba] Windows 2008 R2 / one way trust / Samba Was the Win 2003 domain in mixed mode or 2000/2003 native? Also, Win 2008 has some security settings changes that you may want to change back to "weaker" settings. http://support.microsoft.com/kb/889030/en-us Does "wbinfo -u" on the linux machine list users in the trusted (corporate) domain? If so, does "getent passwd" show them? (Presuming that previously it did.) On 05/06/2010 02:42 PM, Duffey, Blake A. wrote: > Here is our configuration - we have a Windows 2003 domain I'll call > 'corporate' and a Windows 2008 domain I'll call 'lab'. There is a > one-way trust (users can log into 'lab' machines using 'corporate' > creds). We have a linux box running samba that is a member of 'lab'. > Users log into their Windows machines using a 'corporate' credential and > can seamlessly get to samba. > > > > Yesterday I upgraded 'lab' to Windows 2008R2 - and things blew up from > there. > > > > Users are prompted to authenticate when connecting to the samba system, > and the server log shows NT_STATUS_NO_SUCH_USER. > > > > To resolve, we've removed/re-joined to the domain and upgraded to samba > 3.5.2 > > > > If I log into a lab system with a lab ID, I can get to samba. > > > > But nothing from the trusted domain works. > > > > Any insight greatly appreciated. > > > > > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
From: Duffey, Blake A. on 10 May 2010 09:10
I'm reposting, hoping for additional response. Does anyone have any insight? From: Duffey, Blake A. Sent: Thursday, May 06, 2010 2:42 PM To: samba(a)lists.samba.org Subject: Windows 2008 R2 / one way trust / Samba Here is our configuration - we have a Windows 2003 domain I'll call 'corporate' and a Windows 2008 domain I'll call 'lab'. There is a one-way trust (users can log into 'lab' machines using 'corporate' creds). We have a linux box running samba that is a member of 'lab'. Users log into their Windows machines using a 'corporate' credential and can seamlessly get to samba. Yesterday I upgraded 'lab' to Windows 2008R2 - and things blew up from there. Users are prompted to authenticate when connecting to the samba system, and the server log shows NT_STATUS_NO_SUCH_USER. To resolve, we've removed/re-joined to the domain and upgraded to samba 3.5.2 If I log into a lab system with a lab ID, I can get to samba. But nothing from the trusted domain works. Any insight greatly appreciated. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba |