Thanks, Tim.
I hope this scenario will really work in our implementation later, since we do not have any control over Domain A, We definitely can't run 'setspn' in Domain A.
Does anyone have answer about the ktab?
I'm confused, as SAP document says that ktab is used to encrypt/decrypt the Kerberos ticket.
Is the ktab produced using the Domain Controller certificate or something like that?
Thanks.
Best Regards.