Hierarchical
Step 3. Steps for configuring the Target Realm
For these steps, the name of the intermediate realm is BAMBI.COM and the name of the target realm is IT.JUNGLE.COM.
In the IT.JUNGLE.COM realm:
1.Using HP’s Kerberos Server Administrator, add the krbtgt/IT.JUNGLE.COM@BAMBI.COM principal, which allows users in the BAMBI.COM realm to authenticate with the server in the
IT.JUNGLE.COM realm.
Enable the following settings for this principal:
•Provide the same password used for the krbtgt/IT.JUNGLE.COM@BAMBI.COM in the intermediate realm as mentioned in Step 2.4 and 2.5.
•Select all Allow attributes.
•Clear all Require attributes.
•Record the primary key type and salt type.
•Record the password key version number.
2.If the BAMBI.COM realm also trusts the IT.JUNGLE.COM realm, add the krbtgt/BAMBI.COM@IT.JUNGLE.COM principal, which allows users in the IT.JUNGLE.COM realm to authenticate with the server in the BAMBI.COM realm.
3.Exit Administrator.
Chapter 8 | 257 |