SSO Openfire Linux AD Windows - realm cross

Anyone have idea how setup SSO in openfire in this configuration:

  1. Openfire is in ubuntu 22.04

  2. AD in Windows 2016 but i have 2 domains:

  • it.local where i have all machine like


Problems is i have in it.local container name users but they log as
example: but they in it.local

I dont know how set kerberos. I read something like cross trust kerberos but no idea how set it in krb5.conf and set spn in dc.