conceptually understanding domains
jaltman at secure-endpoints.com
Fri May 4 13:26:51 EDT 2007
David Bear wrote:
> I've been trying to better understand the way microsoft handles
> multiple domains in AD. Is it correct to say that each domain in AD is
> a true kerberos realm? We have multiple domains at each prinicpal
> identifier lookes like a principal for a different realm.
> sorry if this is trivial. I'm trying to better understand the
Each Active Directory domain is a Kerberos realm and all of the domains
in a Windows forest have a cross-realm transitive path permitting
Kerberos principals in one realm to obtain service tickets for entities
located within other realms in the domain forest.
Secure Endpoints Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3355 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20070504/e934fac5/attachment.bin
More information about the Kerberos