[Samba] [4.0] Inter-realm trust

Andrew Bartlett abartlet at samba.org
Thu Apr 4 19:05:03 MDT 2013

On Thu, 2013-03-28 at 13:16 +0100, Kaito Kumashiro wrote:
> Hello
> I know that inter-domain trust is not supported in Samba, but is it
> possible to create an inter-realm trust on Kerberos level? I have a
> kerberized service in realm X (Samba 4.0 as DC) and I want to allow users
> from realm Y (also Samba 4.0, but different domain) to access it using
> If it is possible, how can I accomplish this?

You can try and set up such a trust with the windows tools.  The pure
kerberos level should work (because it is a natrual part of kerberos,
which we didn't cripple, but instead did the small work to enable and
the FreeIPA project added the RPC calls for), but not much else will. 

Andrew Bartlett

Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org

More information about the samba mailing list