This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Windows CIFS fileshare with internal/external domain mismatch

Hi,

I am currently in ZTNA EAP2 program and try to setup a network mapping to our windows fileshares (CIFS/445). As alternative to VPN for remote access users.

In our environment we are using an internal AD domain like corpname.com, but don't own the corresponding public domain. For public access we using anothercorpname.com domain.

The problem:

SSO with Azure AD joined device to fileserver share does not work. I would need to enter my credentials when accessing the share. Currently only the windows server CIFS is configured as resources in ZTNA as "file1.anothercorpname.com".

For SSO to work with Azure AD joined devices, the devices needs to talk to the DC servers (Kerberos Stuff). As far as I could figured out, the device tries to talk to the DCs with their internal name ("dc1.corpname.com") - which fails of course with ZTNA.

How could this be accomplished with ZTNA?

Thank you



This thread was automatically locked due to age.