Hi, I've run into a problem with the cross realm trust and Windows Workstations. The setup is as follows: Windows Workstation stand-alone with XP. The department owning the workstation is doing their own adminsitration. The central department is running AD. The Workstation should not be imported into AD, as the owning department doesn't want that. The standalone Workstation shall login to a Kerberos KDC. Works like a charm. Cross Realm trusts between the Kerberos KDC and AD were established. If I use a WS in the AD domain, I can logon to the KDC and get the tickets for AD, so I can access everytrhing there. If the standalone Workstation is trying to access a resource in the domain, it is not asking for the domain ticket, however. It is asking for a specific service ticket for the server hosting the service. For example, if I want to map a drive, the workstation is asking the KDC for a ticket for cifs/server. Now I know this is really working as designed, as the Windows workstation has no clue about a domain or cross realm trusts. So my question is: Is it possible to make this work *without* putting the Windows Workstation into the AD domain?
Thanks Thomas Thomas Lubanski "The best laid LANs Senior Architect often go foul." Novell Consulting Tel: +49-211-5631-3758 email: [EMAIL PROTECTED] Noerdlicher Zubringer 9 -11 40470 Duesseldorf Novell, Software for the Open Enterprise ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
