On ti, 20 kesä 2017, Tiemen Ruiten via FreeIPA-users wrote:

I have a FreeIPA domain, i.rdmedia.com, (CentOS 7.3, fully up-to-date: rpm
versions are 4.4.0-14.el7.centos.7) with a two-way, non-transitive,
external trust to an Active Directory domain in another forest,
clients.rdmedia.com, (Windows Server 2012R2). I've setup the trust using
the Administrator credentials.

As one of the final steps, I would like to get passwordless SSH-access
using GSSAPI to work, but unfortunately I get the following error in the
Putty log when connecting from an AD domain-joined client:

Event Log: GSSAPI authentication initialisation failed
Event Log: The target was not recognized
"Target was not recognized" means your AD DC does not know that
requests for services in .i.rdmedia.com domain must be routed to FreeIPA
What does

 netdom trust clients.rdmedia.com /namesuffixes:i.rdmedia.com

say on clients.rdmedia.com's DC?

/ Alexander Bokovoy
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to