Dear All,
Kindly help related to implement Kerberos authentication on CRM application with multiple Forest environment. My environment details are as below:
Number of forests: 2
1. First is with name of domain1.local
2. Second is with name of domain2.local
Trust Level: One Way trust from domain1 and domain2.
CRM Farm Details:
1. 1 CRM(APP + WEB)Server (CRMAPP-01.domain1.local)
2. 1 SQL Server (CRMSQL-01.domain1.local)
3. 1 CRM SSRS Server (CRMSSRS-01.domain.local)
4. CRM site url: http://mscrminternal.domain.local/MSORG1
*I have successfuly configured Kerberos authentication and everything is working fine once try to access for Users of domain1.But once I tried to access for users of domain2. I am getting following error.
HTTP Error 401 - Unathorized: Access denied.
*If i switch to NTLM, I can access CRM site for domain2 and domain1 users without any issue.
I read MS article, Kerberos delegation can be established if one way FOrest trust is present.
Please help me to understand if Kerberos is possible to setup cross forest oneway trust.
Regards
Gyan
GYAN SHUKLA