Web lists-archives.com

[Samba] Trusted domain with different short name to DNS name.




Hey,

I have 2 trusted domains to deal with, "DEV" and "TODEV", and I have configured smb.conf like this:-

[global]
 workgroup = MAIN
 security = ADS
 realm = MAIN.DOMAIN.LOCAL

 idmap config *:backend = tdb
 idmap config *:range = 95000-99999
 idmap config MAIN:backend = rid
 idmap config MAIN:range = 100000-999999
 idmap config DEV:backend = rid
 idmap config DEV:range = 2000000-2999999
 idmap config TODEV:backend = rid
 idmap config TODEV:range = 3000000-3999999

 winbind trusted domains only = no
 winbind use default domain = yes
 winbind refresh tickets = yes

 template shell = /bin/bash
 template homedir = /home/%D/%U

The issue is that "TODEV" is the short name, while the DNS name is to.dev.domain.local.... I can see group memberships in "DEV", but not in TODEV... presumably because there's no way for Samba to map the TODEV short name to a DNS "SRV" query to find the LDAP server details.

What would be the correct way to go about this when the domain short name, and the DNS don't match?

--
A. James Lewis (james@xxxxxxxxxx (mailto:james@xxxxxxxxxx))
"Engineering does not require science. Science helps a lot but people
built perfectly good brick walls long before they knew why cement works."
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba