Kerberos - Costrained delegation for CIFS on a server in a subdomain of the same forest
Hello,
Has anyone ever managed to implement costrained delegation for the CIFS service between two subdomains of the same forest?
When I open the service user (delegation tab) in ADUC on the DC, it only allows me to choose computer objects in the same subdomain while my file server is located in a different, trusted, fully accessible subdomain of the same forest.
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
Hey,
sorry if it took me a while to answer... Your answer helps as at least confirms my initial suspicion that Kerberos only works intra-domain.
I will try to explore the ADFS way.
Thanks again,
Roberto.
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
sorry if it took me a while to answer... Your answer helps as at least confirms my initial suspicion that Kerberos only works intra-domain.
I will try to explore the ADFS way.
Thanks again,
Roberto.