Good to know!
For my site this is important to get cross realm authentication and authorization because
users and resources (storage) are in different domains.
Best,
longina
From: sssd-users-bounces(a)lists.fedorahosted.org
[mailto:sssd-users-bounces@lists.fedorahosted.org] On Behalf Of John Hodrien
Sent: 20. januar 2015 11:41
To: End-user discussions about the System Security Services Daemon
Subject: Re: [SSSD-users] idmaping, AD multi domain forest
On 20 Jan 2015 10:28, Longina Przybyszewska
<longina@sdu.dk<mailto:longina@sdu.dk>> wrote:
Thanks for your answer-you sound very sceptic so I would be very happy if you can deepen
your meaning;
Is my goal possible to achieve, is this the right strategy?? -
to integrate Linux into AD with SSSD , NFS mounted homedir with Kerberos security,
cross realm authentication,
with Posix attributes for user/group objects in AD .
I have to mention that my boss supports me, and my MS-admin colleagues have a positive
attitude for the project.
I've done all of that other than the cross realm bit, and it works like a charm.
jh