[Freeipa-users] SSH login using putty from Windows to SSSD client in IPA AD trust
Alexander Bokovoy
abokovoy at redhat.com
Wed Sep 7 07:27:17 UTC 2016
On Wed, 07 Sep 2016, Troels Hansen wrote:
>Running RHEL 7.2, IPA 4.2 and SSSD 1.13, we have set up a IPA-AD trust
>and trying to get Putty GSSAPI login to work. In Putty GSSAPI have
>been enabled, and GSSAPI is enabled in sshd.
>
>Logging in using password from Windows to Linux works, and logging in
>from Linux to Linux using kerberos works.
>
>AD trust is a follows:
>
># ipa trust-find
>----------------
>2 trusts matched
>----------------
>Realm name: net.dr.dk
>Domain NetBIOS name: NET
>Domain Security Identifier: S-1-5-21-xxxxxxxxx-xxxxxxxx-xxxxxxxx
>
>Realm name: place.dr.dk
>Domain NetBIOS name: PLACE
>Domain Security Identifier: S-1-5-21-xxxxxx-xxxxxx-xxxxxxx
>Trust type: Active Directory domain
>----------------------------
>Number of entries returned 2
>----------------------------
>
># ipa trust-show place.dr.dk
>Realm name: place.dr.dk
>Domain NetBIOS name: PLACE
>Domain Security Identifier: S-1-5-21-xxxx-xxxx-xxxxx
>Trust direction: Trusting forest
>Trust type: Active Directory domain
>
># ipa trust-show net.dr.dk
>Realm name: net.dr.dk
>Domain NetBIOS name: NET
>Domain Security Identifier: S-1-5-21-xxxxxxxxxxxxx-xxxxxxxxxxxx-xxxxxxxxxx
>
>users are located in net.dr.dk.
>
>>From looking at the doc's this should just work... However, can't get
>>it to work. Am I missing something?
Make screenshots of PuTTY screens showing what you configured and what
does not work. You can also ask PuTTY to generate logs.
--
/ Alexander Bokovoy
More information about the Freeipa-users
mailing list