We have 1 forest, with 2 domains. A primary and a subdomain. abc.com and xyz.abc.com. I've started getting errors in the event log saying "A request failed from client realm XYZ.ABC.COM for a ticket in realm XYZ$. This failed because a trust link between the realms is non transitive."
The trusts between the 2 domains validate fine using AD Domains and Trusts. We're not having any serious issues that I know about at this time. There is an article from MS at http://technet.microsoft.com/en-us/library/cc733958.aspx
saying I need to delete the trust and recreate a realm trust. I'm not super keen to delete the current trusts, because my understanding is that a parent child domain trust is different from a Kerberos realm trust. Also, the error isn't making any mention of the parent domain. Just the child domain and a realm which is the child domain's name with a $. Anybody know more about this, and if I should address it.
Thanks in advance,