Miguel Sanders wrote:
> Ok I narrowed the problem.
> It seems that whever the user has more than 20 groups, SSO on XP2
> won't work. Below 20 groups it works OK. In XP1 there is no problem on
> the amount of group memberhips. I assume that the Cross Realm Object
> needs the NO_AUTH_REQUIRED field set in userAccountControl. However
> the DNS admin reports that he gets "Access Denied" when trying to edit
> that field of the Cross Realm object...
>
NO_AUTH_REQUIRED cannot be applied to cross realm account objects.



Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

________________________________________________
Kerberos mailing list           [email protected]
https://mailman.mit.edu/mailman/listinfo/kerberos

Reply via email to