Kerberos - Costrained delegation for CIFS on a server in a subdomain of the same forest

Hello,
Has anyone ever managed to implement costrained delegation for the CIFS service between two subdomains of the same forest?
When I open the service user (delegation tab) in ADUC on the DC, it only allows me to choose computer objects in the same subdomain while my file server is located in a different, trusted, fully accessible subdomain of the same forest.

Any idea?

Thanks,
Roberto.
LVL 1
martineitAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
compdigit44Connect With a Mentor Commented:
Happy New Year...

According to the following post constrained delegation is not support across forest: http://social.technet.microsoft.com/forums/en-US/sharepointadminprevious/thread/c43260a9-6791-4572-a7f2-1547467d89bb

It's recommended to use AD FS instead...

Hope this helps...
0
 
martineitAuthor Commented:
Hey,
sorry if it took me a while to answer... Your answer helps as at least confirms my initial suspicion that Kerberos only works intra-domain.
I will try to explore the ADFS way.

Thanks again,
Roberto.
0
All Courses

From novice to tech pro — start learning today.