two domains, Samba and LDAP AD lookup user authentication

Posted on 2011-02-18
Medium Priority
Last Modified: 2012-05-11
In our company we are working with two Active Directory domains (DOMAIN1 and DOMAIN2) In DOMAIN1 we have a linux server running samba and are authenticating to the Domain controller for this domain. useres located in DOMAIN1 can access samba using \\SERVER\SHARE from logonscript.

in DOMAIN2 we have users have access to the Linux server in DOMAIN1, but have to authenticate with a DOMAIN1 user (yes they have 2 users). When authenticing they need to enter DOMAIN1\username and their password to get acces.

My question is, can we make the samba force user authentication to select user from DOMAIN1, sp that the users dont need to type DOMAIN1\username, but can just type username and password?

my other question is, Can samba use two domain controlles and two active directory to authenticate users from both domains?

Kind regards. A description of the elements in my "problem" This is the logon image i get from DOMAIN2, it works if i login using username DOMAIN1\Username
Question by:waaland
LVL 11

Accepted Solution

willettmeister earned 2000 total points
ID: 34925339
I assuming  the users machines windows.  If so this is a function of windows not SAMBA.  Windows isn't designed to be able to authenticate to multiple domains simulataneously.  I don't think there is anything you can do to change that mechanism without messing up authentication to the systems primary domain.  

Author Comment

ID: 34977439
This is pretty much what we expected .)

Featured Post

A proven path to a career in data science

At Springboard, we know how to get you a job in data science. With Springboard’s Data Science Career Track, you’ll master data science  with a curriculum built by industry experts. You’ll work on real projects, and get 1-on-1 mentorship from a data scientist.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

High user turnover can cause old/redundant user data to consume valuable space. UserResourceCleanup was developed to address this by automatically deleting user folders when the user account is deleted.
This installment of Make It Better gives Media Temple customers the latest news, plugins, and tutorials to make their Grid shared hosting experience that much smoother.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question