On Thu, Oct 06, 2016 at 04:20:23PM +0200, Andreas Matthus wrote: First, SSSD does not support NTLM, so only Kerberos authentication is available. Which among other things means that you have to use the fully-qualified DNS name of the server to accces the share and cannot use short (NetBIOS) names or IP addresses. To allow Samba to server multiple domains which do not belong to the same forest you have to setup multiple samba instances. https://wiki.samba.org/index.php/Multiple_Server_Instances might be a good starting point. But please note that this document is dated and things might be different with current Samba versions. Additionally it might be more 2016ish to run Samba in containers for this purpose. Your favourite search engine might give you some good starting points if you e.g. search for "samba docker". HTH bye, Sumit