• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 237
  • Last Modified:


How do I create a trust relationship between an NT server domain and a Linux one?
1 Solution
Per se, that concept doesn't exist between Linux and NT. You can have a Linux system using Samba that authenticates against an NT domain. And as the developmental versions of Samba mature you'll be able to do at least some of the NT domain functions with Samab.

What exactly are you wanting to accomplish? Single repository for usernames & passwords?
bmuitaAuthor Commented:
Adjusted points to 300
bmuitaAuthor Commented:
What I want to achive is for the users the Linux domain to access resources on the NT one but every time I attempt this the NT denies the Linux machine access.


Build your data science skills into a career

Are you ready to take your data science career to the next step, or break into data science? With Springboard’s Data Science Career Track, you’ll master data science topics, have personalized career guidance, weekly calls with a data science expert, and a job guarantee.

As far as I know, to do that each Linux user has to have an account in the NT domain. It's possible that the next generation of Samba will provide that functionality, but the current releases done. As an aside, the third time our collection of NT domains at work munged their SAM databases, which broke trusting, we gave up on it and just created accounts for all users that need cross domain access in all of the relevant NT domains.
Tim HolmanCommented:
You can't setup trust relationships between Samba and NT.
If you're getting access denied, then it sounds like the accounts haven't been setup properly at the NT end.
Make sure you add the Linux box as a valid computer on the NT domain.  First set up the NT domain manager and add a the linux box (select a netbios name for it).  Next run smbpasswd on Linux to create a machine SID:

smbpasswd -j DOMAIN

samba's security should be set to domain and the password server set to the NT PDC.

You mentioned a "Linux domain" and an "NT domain" -- they must be the same domain or the domain controllers won't like to play.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Train for your Pen Testing Engineer Certification

Enroll today in this bundle of courses to gain experience in the logistics of pen testing, Linux fundamentals, vulnerability assessments, detecting live systems, and more! This series, valued at $3,000, is free for Premium members, Team Accounts, and Qualified Experts.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now