A Kerberos Realm defines an authentication boundary within which a server has authority to authenticate a service, host, or user. You need to define the Kerberos realm in Address Manager, to match the domain name in Active Directory.
If you are running multiple child domain servers and wish to use the GSS-TSIG
protocol for secure DDNS updates, you must create a Kerberos realm for each child
domain along with a Kerberos realm for the parent domain.
Note: Adding or removing a
Kerberos Realm in Address Manager and deploying DHCP requires a restart
of DHCP service, resulting in a service outage.
To create a Kerberos Realm: