AFS servers as well as adding both realm names to the AFS servers' krb.conf.
On 1/19/2020 4:53 PM, Måns Nilsson wrote:
I'm running a very small site (home) with family members accessing computing resources. Now, some users are requesting windows clients, and since I'm not trusting them I decided to make my own life more complicated by running an Active Directory site, but I'm too cheap to buy real Windows Server licenses, so have opted for Samba 4. Being the glutton for punishment I am, I want their home directories to be their usual home directories in AFS. This means, that I'd like to cross-realm ("AD Trust", but not entirely) between my Heimdal realm (where I run the AFS cell) and the Heimdalish Kerberos that is part of Samba 4. I've found the windows documentation for setting up trust/cross-realm to external realms, and I believe I've tried most permutations of those commands, but no such luck. It is really not entirely appropriate for this forum, but if anyone has done this, they probably are here, so I'm asking anyway. Any pointers? For instance, is there a Samba-native command for cross-realm? All of my testing has been from Windows clients using the management tools for AD, and that won't work for this even if it works for an impressive amount of other things. Thanks,
smime.p7s
Description: S/MIME Cryptographic Signature