Managing Multiple Realms
Hierarchical Interrealm Trust
Chapter 10282
interrealm ticket from VIBGYOR.INDIGO.COM, and can use this
interrealm ticket to contact GREEN.YELLOW.COM for a ticket to use a
service in its realm.
Hierarchical Interrealm Configuration
To configure realms to perform hierarchical interrealm authentication,
complete the following steps in the local realm, intermediate realm, and
target realm:
Step 1. Add an interrealm principal (krbtgt/REALM2@REALM1) to the principal
database to allow the local realm to authenticate with the intermediate
realm and the intermediate realm to authenticate with another
intermediate or the target realm.
Step 2. Add a second interrealm principal(krbtgt/REALM1@REALM2) to the
database if you also want the intermediate or target realm to
authenticate two-way with the local realm or another intermediate
realm.
