Good to know!
For my site this is important to get cross realm authentication and authorization because users and resources (storage) are in different domains.
Best,
longina
From: sssd-users-bounces@lists.fedorahosted.org [mailto:sssd-users-bounces@lists.fedorahosted.org]
On Behalf Of John Hodrien
Sent: 20. januar 2015 11:41
To: End-user discussions about the System Security Services Daemon
Subject: Re: [SSSD-users] idmaping, AD multi domain forest
On 20 Jan 2015 10:28, Longina Przybyszewska <longina@sdu.dk> wrote:
>
> Thanks for your answer-you sound very sceptic so I would be very happy if you can deepen your meaning;
> Is my goal possible to achieve, is this the right strategy?? -
> to integrate Linux into AD with SSSD , NFS mounted homedir with Kerberos security, cross realm authentication,
> with Posix attributes for user/group objects in AD .
>
> I have to mention that my boss supports me, and my MS-admin colleagues have a positive attitude for the project.
I've done all of that other than the cross realm bit, and it works like a charm.
jh