Creating Realm Trusts

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

You can create a realm trust to form a one-way or two-way, nontransitive or transitive trust with non-Windows Kerberos realms in your organization. You can create the trust when you log on to the domain, or you can use the Run as command to create the trust for a different domain.

For more information about realm trusts, see "How Domain and Forest Trusts Work" in the Windows Server 2003 Technical Reference on the Microsoft Web site (https://go.microsoft.com/fwlink/?LinkId=35356).

Task requirements

You can use either of the following tools to perform the procedures for this task:

  • Active Directory Domains and Trusts

  • Netdom.exe

For more information about how to use the Netdom command-line tool to create a realm trust, see "Netdom.exe: Windows Domain Manager" in the Windows Server 2003 Technical Reference on the Microsoft Web site (https://go.microsoft.com/fwlink/?LinkId=41700).

Note

The New Trust Wizard in Active Directory Domains and Trusts does not support the creation of both sides of a realm trust at the same time. For more information about how the “both sides of the trust” option works, see the section "Sides of Trust" in Appendix: New Trust Wizard Pages.

You can create a realm trust by using any of the following procedures, depending on the requirements of your organization and the administrative credentials that you have when you create the trust: