[SSSD-users] Re: Config for joining AD forest and Kerberos cross-domain authentication

On 04/06/2018 09:59 PM, Jakub Hrozek wrote: On 6 Apr 2018, at 17:54, Bastian Rosner wrote: Unfortunately, users from other domains can't use their Kerberos ticket, only password works. These users are specifying their domain on login. This all sounds like the issue is

[SSSD-users] Re: Config for joining AD forest and Kerberos cross-domain authentication

> On 6 Apr 2018, at 17:54, Bastian Rosner wrote: > > Unfortunately, users from other domains can't use their Kerberos ticket, only > password works. These users are specifying their domain on login. This all sounds like the issue is not on the SSSD level, but either the

[SSSD-users] Config for joining AD forest and Kerberos cross-domain authentication

Hi, we are looking for a detailed configuration example to join an AD forest with working Kerberos authentication. Our AD infrastructure consists of a single forest with multiple (sub-)domains in two-way trust. No FreeIPA, just Windows 2012 AD servers and SSSD clients using version 1.11 and