Hierarchical
NOTE | Each intermediate realm has four keys if you are performing |
| |
|
|
In the BAMBI.COM realm:
1.Using the Kerberos Server’s Administrator, add the krbtgt/BAMBI.COM@FINANCE.JUNGLE.COM principal, which allows users in the FINANCE.JUNGLE.COM realm to authenticate with the server in the BAMBI.COM realm.
Enable the same settings for the principal, krbtgt/BAMBI.COM@FINANCE.JUNGLE.COM, as used for the principal, krbtgt/BAMBI.COM@FINANCE.JUNGLE.COM, in the local realm. Refer to Step 1.1.
2.If the FINANCE.JUNGLE.COM realm also trusts the BAMBI.COM realm, add the krbtgt/FINANCE.JUNGLE.COM@BAMBI.COM principal, which allows users in the BAMBI.COM realm to authenticate with the server in the FINANCE.JUNGLE.COM realm.
3.Enable the same settings for this principal as for the first krbtgt/FINANCE.JUNGLE.COM@BAMBI.COM, with the same settings enabled as used for the principal in the local realm. Refer to Step 1.3.
4.Add the krbtgt/IT.JUNGLE.COM@BAMBI.COM principal, which allows users in the BAMBI.COM realm to authenticate with the server in the
IT.JUNGLE.COM realm.
5.Enable the same settings for this principal as for the first krbtgt/IT.JUNGLE.COM@BAMBI.COM, with the same settings enabled as used for the principal in the local realm. Refer to Step 3.1.
6.If the BAMBI.COM realm also trusts the IT.JUNGLE.COM realm, add the krbtgt/BAMBI.COM@IT.JUNGLE.COM principal, which allows users in the IT.JUNGLE.COM realm to authenticate with the Server in the BAMBI.COM realm.
7.Enable the same settings for this principal as for the first krbtgt/BAMBI.COM@IT.JUNGLE.COM, with the same settings enabled as used for the principal in the local realm. Refer to Step 3.2.
8.Exit Administrator.
256 | Chapter 8 |