[CentOS] samba windows 2000 and windows 2003

Bryan J. Smith thebs413 at earthlink.net
Wed Nov 23 23:16:57 UTC 2005

Peter Farrow <peter at farrows.org> wrote:
> I have two AD domains, one running on Windows 2000 and one
> running on Windows 2003. Each with XP clients, and no
>  ...  
> I disconnect the linux server from using the windows 2000
> server as a password server and setup up separate smb
> and it works fine from the win2k3 box.

I'm really scratching my head here because I think you just
identified the reality of your situation -- the limitation of
your Windows clients, not any configuration issue with Samba

Samba will gladly handle authentication fine, even across
domains that don't have trusts between them.  The problem is
that your Samba server has a computername and related SID in
only one domain.  Windows clients 

Even if you configure the Samba server to be a member server
in both domains, you still have differing SIDs on the objects
stored and presented.  So various Windows clients in each
domain may balk at the SIDs of objects presented in RPC

I could be mistaken, but this issue has far more to do with
SIDs and what the Windows clients do and don't know about,
than the Samba server configuration.  SIDs are everything in
the NT security model, and are very, very different than
UID/GID of the legacy UNIX model.

Bryan J. Smith                | Sent from Yahoo Mail
mailto:b.j.smith at ieee.org     |  (please excuse any
http://thebs413.blogspot.com/ |   missing headers)

More information about the CentOS mailing list