oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

add some text about netdom.exe and trusts

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12892 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2003-09-20 18:53:47 +00:00
parent 600a32f5f0
commit 5604878733
1 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
doc/win2k.texi
View File

@@ -92,7 +92,8 @@ Server) for the domain.
By default the trust will be non-transitive. This means that only users By default the trust will be non-transitive. This means that only users
directly from the trusted domain may authenticate. This can be changed directly from the trusted domain may authenticate. This can be changed
to transitive by using the @code{netdom.exe} tool. to transitive by using the @code{netdom.exe} tool. @code{netdom.exe}
can also be used to add the trust between two realms.
You need to tell Windows 2000 on what hosts to find the KDCs for the You need to tell Windows 2000 on what hosts to find the KDCs for the
non-Windows realm with @code{ksetup}, see @xref{Configuring Windows 2000 non-Windows realm with @code{ksetup}, see @xref{Configuring Windows 2000
@@ -112,6 +113,13 @@ OK.
Do not forget to add trusts in both directions. Do not forget to add trusts in both directions.
If you want to use @code{netdom.exe} instead of the Domain Tree
Management tool, you do it like this,
@example
netdom trust NT.REALM.EXAMPLE.COM /Domain:EXAMPLE.COM /add /realm /passwordt:TrustPassword
@end example
You also need to add the inter-realm keys to the Heimdal KDC. There are You also need to add the inter-realm keys to the Heimdal KDC. There are
some tweaks that you need to do to @file{krb5.conf} beforehand. some tweaks that you need to do to @file{krb5.conf} beforehand.