[Authentication] Question about multiple domains and trust

[Stef Walter]

On 31.07.2013 17:00, Scott Dowdle wrote:
> I'm running Fedora 19 in a lab of computers and would really like to
> authenticate them against Active Directory.  They have historically
> used yp/nis.
> 
> I got it going yesterday sort of.  Bear with me as I provide the
> scenario.
> 
> I work on a university campus.  There is the University domain and
> then some colleges have their own domains that tie into that.  I do
> NOT work on that stuff... but I do have domain admin rights to join
> machines to my college-based domain... which trusts the university
> one.
> 
> So, I have joined coe.{state}.edu and can authenticate as a coe user.
> Most of the students have @university.{state}.edu domain accounts.  I
> do NOT have domain creditials on the university domain.  On the
> Windows side of the boxes (they are dual boot), I can join the
> college domain and since there is a trust relationship in AD,
> @university users can also authenticate.
> 
> Is there a way to do that with realmd?

Yes, although I think for now I think you have to use
--client-software=winbind. Although I usually prefer using sssd on my
client machines, the cross domain trust is an active work in progress there.

You could ask on sssd-users at lists.fedorahosted.org for more details.

Cheers,

Stef