add some text about netdom.exe and trusts
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12892 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
@@ -92,7 +92,8 @@ Server) for the domain.
|
||||
|
||||
By default the trust will be non-transitive. This means that only users
|
||||
directly from the trusted domain may authenticate. This can be changed
|
||||
to transitive by using the @code{netdom.exe} tool.
|
||||
to transitive by using the @code{netdom.exe} tool. @code{netdom.exe}
|
||||
can also be used to add the trust between two realms.
|
||||
|
||||
You need to tell Windows 2000 on what hosts to find the KDCs for the
|
||||
non-Windows realm with @code{ksetup}, see @xref{Configuring Windows 2000
|
||||
@@ -112,6 +113,13 @@ OK.
|
||||
|
||||
Do not forget to add trusts in both directions.
|
||||
|
||||
If you want to use @code{netdom.exe} instead of the Domain Tree
|
||||
Management tool, you do it like this,
|
||||
|
||||
@example
|
||||
netdom trust NT.REALM.EXAMPLE.COM /Domain:EXAMPLE.COM /add /realm /passwordt:TrustPassword
|
||||
@end example
|
||||
|
||||
You also need to add the inter-realm keys to the Heimdal KDC. There are
|
||||
some tweaks that you need to do to @file{krb5.conf} beforehand.
|
||||
|
||||
|
Reference in New Issue
Block a user