Created attachment 6661 [details] Exact point where the message is produced System 1: Debian - Samba 4 - domain controller System 2: WIndows- 2008 R2 - domain controller Two-way trust relationship established. Using Windows Remote Server admnistration tools and windows Active Directory. The authentication is working in the windows direction. I'm able to add the administrator user from the samba domain into the Admnistrator group of the windows domain, after which I have full persions on the windows domain. When I try to add the administrator user of the samba domain to the Administrators group of the windows domain, I can select the user, but upon confirmation the follwoig message is displayed: The specified user was not found. If the user exists on another Acie Directory Doain Controller in the enterprise, it make take 15 minutes or more for the user to be replicated to the global catalog. I have inspected the log which is attached. In the screenshot the message is displayed with the exact situation where I try to confirm a user add. Clicking ok causes a specific block of debug code in the log, from which I have attached a singe block. I have also analysed the traffic with wireshark, which indicates: Everythime I click apply for the user add, it generates a LDAP request to the samaba domain controller port 389 which is then responded, by the domain controller. so this communucation is observed. installation of samba 4 is clean install of Alpha 16 (06-30-2011) ..... ..... LOG ..... ldb: ldb_trace_next_request: (extended_dn_out_ldb)->search [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (repl_meta_data)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (partition)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (show_deleted)->search [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (partition)->search [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: partition_request() -> (metadata partition) [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->search [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (operational)->search [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (rdn_name)->search [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (extended_dn_out_ldb)->search [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (repl_meta_data)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (partition)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (show_deleted)->search [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (partition)->search [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->search [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (password_hash)->modify [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (operational)->search [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (rdn_name)->search [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (extended_dn_out_ldb)->search [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (repl_meta_data)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (partition)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (show_deleted)->search [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (partition)->search [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: partition_request() -> (metadata partition) [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->search [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: password_hash_modify [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (instancetype)->modify [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: instancetype_mod [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (objectclass_attrs)->modify [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: objectclass_attrs_modify [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (repl_meta_data)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (partition)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (rdn_name)->modify [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (repl_meta_data)->modify [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: replmd_modify [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (repl_meta_data)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (partition)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (extended_dn_out_ldb)->search [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (repl_meta_data)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (partition)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (show_deleted)->search [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (partition)->search [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: partition_request() -> (metadata partition) [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->search [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_request: EXTENDED oid: 1.3.6.1.4.1.7165.4.4.3 data: yes control: <NONE> [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_request: (rootdse)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (lazy_commit)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (acl)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (samldb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (schema_load)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (repl_meta_data)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (partition)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: partition_request() -> CN=Schema,CN=Configuration,DC=linux,DC=janstaal,DC=com [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: partition_request() -> CN=Configuration,DC=linux,DC=janstaal,DC=com [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: partition_request() -> DC=linux,DC=janstaal,DC=com [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: partition_request() -> CN=Schema,CN=Configuration,DC=linux,DC=janstaal,DC=com [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: partition_request() -> CN=Configuration,DC=linux,DC=janstaal,DC=com [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: partition_request() -> DC=linux,DC=janstaal,DC=com [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 6] ../source4/dsdb/samdb/ldb_modules/repl_meta_data.c:636(replmd_replPropertyMetaDataCtr1_sort) Sorting rpmd with attid exception 3 rDN=CN DN=CN=Administrators,CN=Builtin,DC=linux,DC=janstaal,DC=com [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (extended_dn_out_ldb)->search [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (repl_meta_data)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (partition)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (show_deleted)->search [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (partition)->search [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: partition_request() -> (metadata partition) [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->search [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (repl_meta_data)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (partition)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (extended_dn_out_ldb)->search [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (repl_meta_data)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (partition)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (show_deleted)->search [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (partition)->search [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->extended [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->search [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: cancel ldb transaction (nesting: 0) [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_request: (schema_load)->del_transaction [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (repl_meta_data)->del_transaction [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (linked_attributes)->del_transaction [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (partition)->del_transaction [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: partition_del_trans() -> CN=Schema,CN=Configuration,DC=linux,DC=janstaal,DC=com [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->del_transaction [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: partition_del_trans() -> CN=Configuration,DC=linux,DC=janstaal,DC=com [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->del_transaction [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: partition_del_trans() -> DC=linux,DC=janstaal,DC=com [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->del_transaction [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: partition_del_trans() -> (metadata partition) [2011/07/01 22:31:58, 5] ../source4/lib/ldb-samba/ldb_wrap.c:68(ldb_wrap_debug) ldb: ldb_trace_next_request: (tdb)->del_transaction
Created attachment 6662 [details] Sharing permission peculiarity, (maybe a clue?) Also when trying to share folders and give permissions fom within windows it seems that the Windows Active Directory service is not availible to the linux domain for granting rights. (this may however be a pollicy issue)
I see I made a mistake in my description, this paragraph: When I try to add the administrator user of the samba domain to the Administrators group of the windows domain, I can select the user, but upon confirmation the follwoig message is displayed: should be: When I try to add the administrator user of the windows domain to the Administrators group of the samba domain, I can select the user, but upon confirmation the follwoig message is displayed: See sreenshot. This procedure thus works the other way around... Possible suggestions I have been thinking of: Inmap ? (samba 4 doesnt seem to accept idmap accoc and backend parameters) Windbind or WINS??? I'm not sure how to debug this further. Any hints would be appreciated.
Created attachment 6663 [details] PCAP network dump of the error query
In the network dump the IP addres map is: ----------------------------------------------------------------------------- DC01.linux.janstaal.com = 192.168.137.65 Samba 4 PDC VM01.linux.janstaal.com = 192.168.137.120 Windows 7 Client (Remote Admin tools) === TWO WAY TRUST === ThinkPad.notebook.janstaal.com = 192.168.1.77 or 192.168.137.1 Windows server 2008 R2 PDC ------------------------------------------------------------------------------
Checked net rpc trusdom list: Trusted domains list: NOTEBOOK S-1-5-21-1384411707-2710940644-2322260587 Trusting domains list: NOTEBOOK S-1-5-21-1384411707-2710940644-2322260587 root@DC01:/usr/local/samba/bin#
Any support for trusted domains in Samba 4.0 AD server is preliminary and incomplete. As such, this is simply not expected to work. Samba 4.0 can join an existing single AD domain, or Windows servers can join us, but trusted domains are not supported. (some of the establishment RPCs work, as does some of the KDC, but it is not a complete environment). Trusted domain support will not be in the Samba 4.0 release. I'll have to mark this as resolved/later unless you reproduce it without the trusted domains. Sorry,
Thank you Andrew for the quick response. I understand that this functionallity is not fully implemented yet. Do you have any insight wheter this configuration might work in samba 3.6 if I would implement a LDAP backend and do the appropriate idmap winbind settings? Or maybe as third options. Could I create a secondary (replicating) samba DC of the windows domain and create a bridge somehow between the samba (windows domain) DC and the samba (linux domain) DC?
One last thougth: Is it possible to manually add the user (mapping) or user to the group by using the net command? I tried using this command and received the following back: root@DC01:/usr/local/samba/bin# ./net rpc group addmem Administrators administrator@NOTEBOOK.JANSTAAL.COM Ignoring unknown parameter "server role" Enter root's password: Could not lookup up group member administrator@NOTEBOOK.JANSTAAL.COM Could not add administrator@NOTEBOOK.JANSTAAL.COM to Administrators: NT_STATUS_NONE_MAPPED root@DC01:/usr/local/samba/bin# It seems like if I could only resolve this user mapping, that the problem could be solved...
Jan, did you already get an answer on this questions? In future it would be better to ask on samba-technical@samba.org (or also samba@samba.org) where far more people have an opportunity to read and think about them.
Hi Matthias, Sorry, but I didn't manage to resolve the issue. I've tried asking the question the IRC channel samba-technical, without success. For now I switched back to a Win NT-DC, but I'm interrested to hear about new opportunities / developments. Thanks for the advice. Best regards, Jan
Hi Jan, much better for such difficult questions are the mailing lists, not IRC (the readers are able to reflect better). Please retry to post them there. Thanks, Matthias Wallnöfer
We managed to do some improvements in the area of Global Catalog and multi-domain support. So please retest!
Hi, Sounds promissing. As I recall it was exactly the linux implementation of the global catalog which was missing. Will give it a try when my freshly ordered hardware arrives. Regards, Jan
Please retry, otherwise I have to mark this as INVALID.
Marking it as "INVALID" at least for now. If problem persists, please reopen.