Windows AD and MIT KDC Cross-Realm Trust
Jeffrey Altman
jaltman2 at nyc.rr.com
Mon Feb 16 11:59:39 EST 2004
Digant Kasundra wrote:
> I think that's one of the ways you can do it, but that setup isn't
> considered "pass-through authentication," which is what we are going for.
That is the only way to do it. There is no term called "pass-through"
authentication within Kerberos. The authentication between the MIT and
Microsoft realms are based on cross-realm trusts. This is exactly what
is described on the page:
http://www.microsoft.com/windows2000/techinfo/planning/security/kerbsteps.asp
which is the one referenced by the page you listed in your first post:
http://acd.ucar.edu/~fredrick/linux/kerberos/serversetup.html
More information about the Kerberos
mailing list