UPN suffixes and MIT Kerberos

view story

http://serverfault.com – I have a functionnal samba linked with AD, through an MIT kerberos. The KDC is the domain controller, and is a windows AD server. There is one point not working. There are 2 UPN suffixes. One obviously with the same name of the AD domain, and working. And one other. How could i configure the kerberos client to authenticate successfully with the different upn suffix ? UPDATE : The authenticating is working with [email protected], even if his upn suffix in AD is @DOMAIN2.COM. But it must be a SSO solution, and they want to log in their windows account with [email protected] How should i pro (HowTos)