Solved

Kerberos - Costrained delegation for CIFS on a server in a subdomain of the same forest

Posted on 2012-12-27
2
505 Views
Last Modified: 2013-01-04
Hello,
Has anyone ever managed to implement costrained delegation for the CIFS service between two subdomains of the same forest?
When I open the service user (delegation tab) in ADUC on the DC, it only allows me to choose computer objects in the same subdomain while my file server is located in a different, trusted, fully accessible subdomain of the same forest.

Any idea?

Thanks,
Roberto.
0
Comment
Question by:martineit
2 Comments
 
LVL 19

Accepted Solution

by:
compdigit44 earned 500 total points
ID: 38733001
Happy New Year...

According to the following post constrained delegation is not support across forest: http://social.technet.microsoft.com/forums/en-US/sharepointadminprevious/thread/c43260a9-6791-4572-a7f2-1547467d89bb

It's recommended to use AD FS instead...

Hope this helps...
0
 
LVL 1

Author Comment

by:martineit
ID: 38744025
Hey,
sorry if it took me a while to answer... Your answer helps as at least confirms my initial suspicion that Kerberos only works intra-domain.
I will try to explore the ADFS way.

Thanks again,
Roberto.
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Synchronize a new Active Directory domain with an existing Office 365 tenant
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question