In order to set the Samba PDC to be the trusted party of the relationship, you first need to create a special account for the domain that will be the trusting party. To do that, you can use the smbpasswd utility. Creating the trusted domain account is similar to creating a trusted machine account. Suppose, your domain is called SAMBA, and the remote domain is called RUMBA. The first step will be to issue this command from your favorite shell:

root#  
smbpasswd -a -i rumba

New SMB password: 
XXXXXXXX

Retype SMB password: 
XXXXXXXX

Added user rumba$

where -a means to add a new account into the passdb database and -i means to “create this account with the Interdomain trust flag”.

The account name will be “rumba$” (the name of the remote domain). If this fails, you should check that the trust account has been added to the system password database (/etc/passwd). If it has not been added, you can add it manually and then repeat the previous step.

After issuing this command, you will be asked to enter the password for the account. You can use any password you want, but be aware that Windows NT will not change this password until 7 days following account creation. After the command returns successfully, you can look at the entry for the new account (in the standard way as appropriate for your configuration) and see that the account's name is really RUMBA$ and it has the “I” flag set in the flags field. Now you are ready to confirm the trust by establishing it from Windows NT Server.

Open User Manager for Domains and from the Policies menu, select Trust Relationships.... Beside the Trusted domains list box, click the Add... button. You will be prompted for the trusted domain name and the relationship password. Type in SAMBA, as this is the name of the remote domain and the password used at the time of account creation. Click on OK and, if everything went without incident, you will see the Trusted domain relationship successfully established message.