1.5 Prerequisites/Preconditions

The client and server must reside in domains with bidirectional trust in order for Kerberos authentication to succeed.

The RPC implementation must support the Kerberos security provider.

Both client and server must be provisioned with X.509 certificates; the subject field of each certificate must be a SID matching the Kerberos identity of its owner.

The RPC server must be fully initialized before the protocol can start.