There are 2 trusted domains: DomainA.com (WorkgroupA, Administrator userA/passwordA) DomainB.com (WorkgroupB, Administrator userB/passwordB) Linux client has smb.conf and krb5.conf files with DomainA information configured correctly. #net rpc join -U userA%passwordA Joined domain WorkgroupA. #net rpc join -U WorkgroupB/userB%passwordB Joined domain WorkgroupA. #net "rpc join -W WorkgroupB -U userB%passwordB Joined domain WorkgroupA. #net ads join -U userA%passwordA Using short domain name -- WorkgroupA Joined 'Client' to realm 'DomainA.com' #net ads join -U WorkgroupB/userB%passwordB [2006/05/06 03:58:45, 0] libads/kerberos.c:ads_kinit_password(145) kerberos_kinit_password WorkgroupB/userB@DomainA.com failed: Client not found in Kerberos database [2006/05/06 03:58:45, 0] utils/net_ads.c:ads_startup(191) ads_connect: Client not found in Kerberos database #net ads join -W WorkgroupB -U userB%passwordB [2006/05/06 04:01:11, 0] libads/kerberos.c:ads_kinit_password(145) kerberos_kinit_password userB@DomainA.com failed: Client not found in Kerberos database [2006/05/06 04:01:11, 0] utils/net_ads.c:ads_startup(191) ads_connect: Client not found in Kerberos database #net -V Version 3.0.14a Client runs MIT Kerberos library Domains are Win2K3 SP1 servers
Both domains DomainA.com and DomainB.com are valid Two way trust between them
Known issue. Already under investigation.
I think this is fixed in the current SAMBA_3_0 tree.