Support Questions
Find answers, ask questions, and share your expertise

Active directory trusts & Kerberized cluster

Rising Star



After days of research, I'm turning to the community.

I understand this is not strictly speaking CDH related, but I'm hoping that someone has a similar setup to mine.


My situation:


My CDH 5.13 cluster is installed and Kerberized, as member of the Active directory "CDH_AD"

The users & data sources are member of the Active Directory "USERS_AD" 

These are two differents forests, a bi-directionnal trust is established between the forests.


My problems: 

1. As soon as the trust is crossed, no matter which direction, the authentication will fail.

2. I can't get SSSD configured either



I believe that my network configuration should work, I suspect some misconfiguration but I can't find the root cause.


Any tips will be welcome,