First: I'm not a Linux administrator, and I don't know what I don't know (if you know what I mean). We have this server here at work, named FAXSERVER, running the Red Hat Enterprise Linux ES release 3 (Taroon Update 8) distro, along with Samba version 3.0.9-1.3E.12. The directory /home/faxes/ is shared out to our domain via Samba/Winbind. This is primarily a Windows network. Windows domain controller, etc. I'm on this primary domain (DOMAIN1). And there is another domain. It's a trusted domain (DOMAIN2). I want users authenticating to DOMAIN2 to be able to access /home/faxes/ on this server as well. I can't seem to be able to make it happen. Here's what I've (clumsily) tried so far: SAMBA: The permissions for /home/faxes/ are as follows: drwxrwsr-x 57 uucp 10001 4096 Jul 24 2012 faxes. Looks like everyone has read/execute permission, and the file owner and members of the file's group additionally have write permission. There are currently three Samba users set up, according to /etc/samba/smbusers: root (mapped to 'administrator' and 'admin'), nobody (mapped to 'guest', 'pcguest', and 'smbguest'), and mike (mapped to 'mike'). The Samba configuration (location: /etc/samba/smb.conf) for /faxes/ is currently as follows: comment = FAX faxespath=/home/faxeswritable = yesprintable = nopublic = yesguest ok = yescreate mask = 0665 Prior to me looking into it, the "guest ok" flag was set to no. I changed it to "yes" (since "public=yes" seems to make this redundant) and restarted the Samba service (service smb restart). It doesn't appear that this resolved the issue, but I wanted to try it. WINBIND: The 'wbinfo -g' command gives me a list of all user groups, but they're all under DOMAIN1\*. There are no DOMAIN2\* groups listed. The 'wbinfo -m' command gives me a list of all trusted domains: FAXSERVER, BUILTIN, and DOMAIN2. So DOMAIN2 is trusted by FAXSERVER. I'm also able to query both DOMAIN1 and DOMAIN2 from FAXSERVER: [root@faxserver home]# wbinfo -D DOMAIN1 Name : DOMAIN1Alt_Name : DOMAINNAME.COMSID : S-1-3-59-7490224-282867100-4786781930Active Directory : YesNative : YesPrimary : YesSequence : 62852289 [root@faxserver home]# wbinfo -D DOMAIN2 Name : DOMAIN2Alt_Name : acrometis.comSID : S-1-5-21-3827589627-1874523873-1381929582Active Directory : NoNative : NoPrimary : NoSequence : -1IN SUMMARY: I don't really know what I'm doing. This is likely self-evident. Is it a matter of changing the "Active Directory" flag under DOMAIN2 from "No" to "Yes"? If so, how would I go about doing that? Or is this an impossible task, and I'll just end up chasing my tail?