Hello,
I have a FreeIPA domain,
i.rdmedia.com, (CentOS 7.3, fully up-to-date: rpm
versions are 4.4.0-14.el7.centos.7) with a two-way, non-transitive,
external trust to an Active Directory domain in another forest,
clients.rdmedia.com, (Windows Server 2012R2). I've setup the trust using
the Administrator credentials.
As one of the final steps, I would like to get passwordless SSH-access
using GSSAPI to work, but unfortunately I get the following error in the
Putty log when connecting from an AD domain-joined client:
Event Log: GSSAPI authentication initialisation failed
Event Log: The target was not recognized
Is it possible to configure GSSAPI authentication for a cross-forest trust
or should I setup the trust as a 'Trusted Forest' ie. not external?
--
Tiemen Ruiten
Systems Engineer
R&D Media