Is it possible to use Smart Cards as 2FA for external non-transitive trust with a child domain?

Solution Verified - Updated -

Issue

Users from any Active Directory Domain are authenticated by Active Directory. Red Hat Identity Management (IdM) has no control over how the account's authentication is performed and cannot authenticate them on its own.

Active Directory systems should be configured to enforce Smart Card use for Active Directory users during authentication.

Because of the nature of the authentication mechanism, this configuration cannot be fulfilled on IdM side.

Environment

  • Red Hat Enterprise Linux 7
  • Red Hat Enterprise Linux 8
  • Red Hat Identity Management

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content