The Samba-Bugzilla – Bug 7016
Wrong wording used
Last modified: 2010-02-26 07:10:02 UTC
In the third paragraph of page 271 it says the following.
In the situation where UNIX accounts are held on the domain member
server itself, the only effective way to use them involves the smb.conf
entry winbind trusted domains only = Yes. This forces Samba (smbd)
to perform a getpwnam() system call that can then be controlled via
/etc/nsswitch.conf le settings. The use of this parameter disables
the use of Samba with trusted domains (i.e., external domains).
I would have thought that what was meant to be said was "The use of this parameter disables the use of Samba with 'untrusted' domains (i.e., external domains)." where as what is stated contradicts the obvious intent and is contradictory in a number of ways, not just intent alone.