Victor Sudakov <v...@mpeks.no-spam-here.tomsk.su> writes: > 2. Are there any success stories of servers in a Heimdal realm > authenticating users from a trusted Microsoft AD based realm?
Yes, we do this. > Is there a documentation how to setup such one way trust? We have a bidirectional trust, but I think the setup is substantially the same. It's just like a regular bidirectional trust, except you would then delete the krbtgt principal for the Active Directory realm from the Heimdal realm. There's a section in the Heimdal manual on setting up cross-realm trust. On the Active Directory side, I've not done it personally, but: http://technet.microsoft.com/en-us/library/cc738617%28WS.10%29.aspx looks like the right documentation, and I think you want one-way incoming if I understand that properly. -- Russ Allbery (r...@stanford.edu) <http://www.eyrie.org/~eagle/> ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
