Exciting new changes are coming to the Knowledge Base site soon!
Starting April 4, 2023, you will notice Support-Specific categorization and improvements to the search filters on the site. In May, we will be launching a new and enhanced Site UI and Navigation. To know more, read our Knowledge Article.

Home
Advice and Troubleshooting
Data Storage Software
ONTAP OS
What does the kerberos.check_transited_list.enable option do?

What does the kerberos.check_transited_list.enable option do?

Last updated
Save as PDF
Share
1. Share
2. Tweet
3. Share

Views:: 205

Visibility:: Public

Votes:: 0

Category:: data-ontap-8

Specialty:: nas

Last Updated:

Applies to

Data ONTAP 8 7-mode
CIFS/SMB
Kerberos

Answer

This option allows support for cross-realm transitive trusts
Allows for verification of the Transited List
- Contains a list of transited domains
- Allows authentication if a transited domain is trusted by the current domain of the 7-mode CIFS Server
  - cifs domaininfo provides the current domain
  - The list of trusted domains must be obtained from the Active Directory Server

Additional Information

Transited Lists are not necessary if trust exists between all domains accessing the system
If checking the Transited List fails, the option may be disabled
- kerberos.check_transited_list.enable off