AFS servers as well as adding both realm names to the AFS servers' krb.conf.
On 1/19/2020 4:53 PM, Måns Nilsson wrote:
I'm running a very small site (home) with family members accessing
computing resources. Now, some users are requesting windows clients,
and since I'm not trusting them I decided to make my own life more
complicated by running an Active Directory site, but I'm too cheap to
buy real Windows Server licenses, so have opted for Samba 4.
Being the glutton for punishment I am, I want their home directories to
be their usual home directories in AFS. This means, that I'd like to
cross-realm ("AD Trust", but not entirely) between my Heimdal realm (where
I run the AFS cell) and the Heimdalish Kerberos that is part of Samba 4.
I've found the windows documentation for setting up trust/cross-realm
to external realms, and I believe I've tried most permutations of those
commands, but no such luck.
It is really not entirely appropriate for this forum, but if anyone has
done this, they probably are here, so I'm asking anyway. Any pointers?
For instance, is there a Samba-native command for cross-realm? All of my
testing has been from Windows clients using the management tools for AD,
and that won't work for this even if it works for an impressive amount
of other things.
Thanks,
smime.p7s
Description: S/MIME Cryptographic Signature
