locked
sshPublicKey Active Directory and 2 ADs with trust relationship RRS feed

  • Question

  • I'm trying to create key based SSH with keys stored in active directory. We have an AD for our productive network, where we store user public keys. So, we also have a test network and we don't want to join the test servers to our productive AD. For this reason we installed another AD and we configured trust relationship between the domain controllers. Now I would like to know if there is any possibility to store the user public keys in the productive AD, and let the users authenticate with these keys at servers in the test AD.

    The result: Keys are stored in production domain, test servers joined the test domain. Authentication is only possible if public key request is sent to the production AD and same named user is created in test domain. Pretty ugly. If that's my solution, I want my problem back.

    The result I would wish: Keys are stored in production domain, test servers joined the test domain. Authentication is possible by sending public key request to the test AD, that gets the information from production AD.

    Is it possible to configure it with AD trust relationship?

    Saturday, November 4, 2017 11:55 AM