Setting up domain trusts on SLES (Samba) Servers
This document (7005575) is provided subject to the disclaimer at the end of this document.
FRED contacts SRV1 to access a resource
SRV1 contacts domA PDC for authentication verification
domA PDC uses the domA$ account to ask domB PDC "Do you know FRED and is this the correct auth info?"
domB PDC says "yes" to domA PDC
domA PDC says "yes" to SRV1
SRV1 lets FRED access the resource
- You must create a trust account on the windows side
- Connect to the windows box, from the samba side, using that user account
- Next, run the following: net rpc trustdom establish
To describe in more details, say we are trying to setup trusts between two samba servers:
- Assume you have two domains: domA and domB
- On domA's DC: "net rpc trustdom add domB <password>" (this will create an account called domB$ on domA)
- On domB, run the following using the password in number 2 above: "net rpc trustdom establish domA": Enter password when prompted
- net rpc trustdom list (this will list trusting and trusted domains)
This works the same way with windows using a GUI, which varies depending on the release of windows.
(Note: The following are just provided as examples and may not be exactly the type of trust desired. See Microsoft for more details on setting up domain trusts on Windows servers)
START > PROGRAMS > ADMINISTRATIVE TOOLS > ACTIVE DIRECTORY DOMAINS AND TRUSTS > Right Click on Domain > PROPERTIES > TRUSTS tab > Add Samba server domain (keep passwords same); click OK despite warning/error
START > PROGRAMS > ADMINISTRATIVE TOOLS > ACTIVE DIRECTORY DOMAINS AND TRUSTS > Right Click on Domain > PROPERTIES > TRUSTS tab > NEW TRUST button > NEXT > Enter Samba Domain and NEXT > REALM TRUST radio button and NEXT > NONTRANSITIVE radio button and NEXT > TWO-WAY radio button and NEXT (if that is what is wanted) > Enter passwords and NEXT > NEXT > FINISH > OK
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:7005575
- Creation Date: 31-Mar-2010
- Modified Date:10-Jan-2022
- SUSE Linux Enterprise Server
For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com