Sorry for the spam, but after continuing to investigate, it looks like this
database shortcut only works for vertical trusts. A
krbtgt/a.viasat...@b.viasat.io principal only shows up in the realm it’s
created in. That definitely pushes me toward the “unintended/bug” end of the
spectrum, becau
Hello again!
Based on my previous question (“Cross-Realm Admins” from last month) we’re now
using a model with separate admin principals per realm, and a large keyring of
keytab files. This seems to be working *mostly* fine.
Where we run into issues is with creating the cross-realm trusts, spe