Hi All,

Currently planning a NAM deployment with a requirement for Desktop SSO
via Kerberos.

I can see a potential issue that our users and computers are currently
in different domains. The two domains are in the same forest and have a
bi directional trust between them.

Has anyone setup Kerberos in this scenario before?

My plan is going to be to start by configuring the Kerberos class to
point to the domain where the computers are located as this domain will
issue the tickets to machines. Then configure a user store/method that
points to the domain with the users in it.



rtruscot's Profile: https://forums.netiq.com/member.php?userid=293
View this thread: https://forums.netiq.com/showthread.php?t=46249