On Wed, 07 Sep 2016, Troels Hansen wrote:
Running RHEL 7.2, IPA 4.2 and SSSD 1.13, we have set up a IPA-AD trust
and trying to get Putty GSSAPI login to work.  In Putty GSSAPI have
been enabled, and GSSAPI is enabled in sshd.

Logging in using password from Windows to Linux works, and logging in
from Linux to Linux using kerberos works.

AD trust is a follows:

# ipa trust-find
----------------
2 trusts matched
----------------
Realm name: net.dr.dk
Domain NetBIOS name: NET
Domain Security Identifier: S-1-5-21-xxxxxxxxx-xxxxxxxx-xxxxxxxx

Realm name: place.dr.dk
Domain NetBIOS name: PLACE
Domain Security Identifier: S-1-5-21-xxxxxx-xxxxxx-xxxxxxx
Trust type: Active Directory domain
----------------------------
Number of entries returned 2
----------------------------

# ipa trust-show place.dr.dk
Realm name: place.dr.dk
Domain NetBIOS name: PLACE
Domain Security Identifier: S-1-5-21-xxxx-xxxx-xxxxx
Trust direction: Trusting forest
Trust type: Active Directory domain

# ipa trust-show net.dr.dk
Realm name: net.dr.dk
Domain NetBIOS name: NET
Domain Security Identifier: S-1-5-21-xxxxxxxxxxxxx-xxxxxxxxxxxx-xxxxxxxxxx

users are located in net.dr.dk.

From looking at the doc's this should just work... However, can't get
it to work. Am I missing something?
Make screenshots of PuTTY screens showing what you configured and what
does not work. You can also ask PuTTY to generate logs.

--
/ Alexander Bokovoy

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to