Creating Realm Trusts

Applies To: Windows Server 2008, Windows Server 2008 R2

You can create a realm trust to form a one-way or two-way, nontransitive or transitive trust with non-Windows Kerberos realms in your organization. You can create the trust when you are logged on to the domain, or you can use the Run as command to create the trust for a different domain.

For more information about realm trusts, see How Domain and Forest Trusts Work (https://go.microsoft.com/fwlink/?LinkID=111481).

Task requirements

You can use either of the following tools to perform the procedures for this task:

  • Active Directory Domains and Trusts

  • Netdom.exe

For more information about how to use the Netdom command-line tool to create a realm trust, see Netdom Overview (https://go.microsoft.com/fwlink/?LinkId=111537).

Note

The New Trust Wizard in the Active Directory Domains and Trusts snap-in does not support the creation of both sides of a realm trust at the same time. For more information about how the “both sides of the trust” option works, see the section "Sides of Trust" in Appendix: New Trust Wizard Pages.

To create a realm trust, perform any of the following procedures, depending on the requirements of your organization and the administrative credentials that you have when you create the trust: