On Fri, Aug 12, 2016 at 04:51:41PM -0700, Guy Knights wrote: > Hi, > > Can anyone confirm for me if SSSD supports authentication of users > belonging to a trusted domain via an AD controller in the trusting domain? > > ie. A user attempts to log in as [email protected] on a client machine > running SSSD, where SSSD has joined a domain test2.example.com and there is > a 2-way forest trust between both domains. Is this supported? I've been > trying to do so and so far it hasn't been working.
As long as the two domains are in the same forest, then yes, you just need to use the fully qualified name. > > For the record, my setup is: > > AD controller domain test1: Windows server 2012 R2 > AD controller domain test2: Windows server 2012 R2 > Ubuntu 14.04 client running SSSD 1.12.5 But I would recommend to use something newer on the client side (1.13+) _______________________________________________ sssd-users mailing list [email protected] https://lists.fedorahosted.org/admin/lists/[email protected]
