The integrated Kerberos Token Processor accepts and validates Kerberos tokens through a configured Kerberos realm.
- Go to AuthenticationToken ExchangeToken Processors.
On the Instance Configuration tab, select the applicable
domain from the Domain/Realm Name list.
An AD domain or a Kerberos realm must be configured for use with the Kerberos Token Processor. If the domain you want does not appear, click Manage Active Directory Domains/Kerberos Realms to add it. For more information, see Active Directory and Kerberos.Note:
Kerberos tickets can be accepted from domains other than the domain configured in the token processor if there is a transient, two-way trust. This trust exists by default when domains are joined within a single server forest. For more information, see Multiple-domain support.