On 5/14/20 11:01 AM, DHilsbos at performair.com wrote: > All; > > My Google foo is failing me, and searching through the last 10 months on this mailing list hasn't helped either. > > We have an existing Active Directory domain set up, and I'd like to add a CentOS 8 Workstation to it. > > I have experience using both realmd and manual configuration to allow local login with AD accounts to various Linux distribution, and have this working on my test system. I used realmd this time, and it configured sssd. > > I have one problem that I've never been able to solve; when I attempt to connect to a remote file server, while logged on to the CentOS 8 system using a domain account, it asks for credentials. Theoretically, this should work as it's just Kerberos. Can anyone point me at resources on what is needed for SSO to domain resources to work properly? Well, check the usual kerberos stuff: - Do you have a ticket (klist)? - Is /etc/krb5.conf(.d) looking good? - How are you connecting to the remote file server? Is that software configured to use Kerberos/GSSAPI to authenticate? Do it have debug options to show you the authentication steps? - What does the remote server report about the connection attempts? -- Orion Poplawski Manager of NWRA Technical Systems 720-772-5637 NWRA, Boulder/CoRA Office FAX: 303-415-9702 3380 Mitchell Lane orion at nwra.com Boulder, CO 80301 https://www.nwra.com/