Hi Ben,
thx for your explanation. I have to look for an easier way. I think an
export and import of the user principal names without realmname from the
old to the new realm will be easier. One disadvantage are a lot of new
keytabs and users have to set new passwords.
Andy
> The realm name is part
On 10/04/15 17:23, kerberos-requ...@mit.edu wrote:
> I would like to upgrade my inter-realm trust key from DES to AES.
>
> My current situation is
> i] Domain IC.AC.UK (Windows Server 2012): I have no access to it. People
> from College manage it.
>
> Users in IC.AC.UK (Windows) can login and use s
List,
> I would like to upgrade my inter-realm trust key from DES to AES.
I've always wondered...
Those descriptions that explain that we need a ticket krbtgt/A@B to
allow clients in realm B to access services in realm A (right?) seem to
forget about one thing, namely to avoid failures authenticat
You delete and re-establish the trust from the AD side, which will apply
domain defaults to the trust. You can use the /remove switch in the netdom
trust command, instead of /add, see the docs from the technet link below.
The following config will render one way cross realm trust where the MIT
re
