Can SSSD authenticate against multiple Active Directory Domains?
Issue
Two AD domains that are in a trust relationship.
DOMAIN1
DOMAIN2
Both domains are running 2003 and have the appropriate DNS SRV records configured for _ldap
and _kerberos
.
Keytab is generated for DOMAIN1, and SSSD is configured to authenticate against a DOMAIN1 AD server. getent passwd
runs successfully on the client against AD users and groups in DOMAIN1 but not for objects in DOMAIN2.
Environment
- Red Hat Enterprise Linux (RHEL) 5
- Red Hat Enterprise Linux (RHEL) 6
- SSSD
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.