Please see the attached screenshot for the Trust settings, and thank you
for your time.

On 20 June 2017 at 19:36, Tiemen Ruiten <t.rui...@rdmedia.com> wrote:

> On 20 June 2017 at 18:07, Alexander Bokovoy <aboko...@redhat.com> wrote:
>
>> On ti, 20 kesä 2017, Tiemen Ruiten via FreeIPA-users wrote:
>>
>>> Hello,
>>>
>>> I have a FreeIPA domain, i.rdmedia.com, (CentOS 7.3, fully up-to-date:
>>> rpm
>>> versions are 4.4.0-14.el7.centos.7) with a two-way, non-transitive,
>>> external trust to an Active Directory domain in another forest,
>>> clients.rdmedia.com, (Windows Server 2012R2). I've setup the trust using
>>> the Administrator credentials.
>>>
>>> As one of the final steps, I would like to get passwordless SSH-access
>>> using GSSAPI to work, but unfortunately I get the following error in the
>>> Putty log when connecting from an AD domain-joined client:
>>>
>>> Event Log: GSSAPI authentication initialisation failed
>>> Event Log: The target was not recognized
>>>
>> "Target was not recognized" means your AD DC does not know that
>> requests for services in .i.rdmedia.com domain must be routed to FreeIPA
>> DC.
>> What does
>>
>>  netdom trust clients.rdmedia.com /namesuffixes:i.rdmedia.com
>>
>> say on clients.rdmedia.com's DC?
>
>
> It says: The parameter is incorrect.
>
> Actually, I don't see the Name Suffix Routing tab in the incoming/outgoing
> trust properties either, only the General and Authentication tabs.
>
>
>>
>> --
>> / Alexander Bokovoy
>>
>
>


-- 
Tiemen Ruiten
Systems Engineer
R&D Media
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to