You want to create a trust to a Kerberos realm.
Open the Active Directory Domains and Trusts snap-in.
In the left pane, right-click the domain you want to add a trust for and select Properties.
Click on the Trusts tab.
Click the New Trust button.
After the New Trust Wizard opens, click Next.
Type the name of the Kerberos realm.
Select the radio button beside Realm Trust and click Next.
Select either Transitive or Nontransitive and click Next.
Select Two-way, One-way incoming, or One-way outgoing and click Next.
Enter and retype the trust password and click Next.
Click Next and click Finish.
> netdom trust <ADDomainDNSName> /Domain:<KerberosRealmDNSName>[RETURN] /Realm /ADD /PasswordT:<TrustPassword>[RETURN] [/UserO:<ADDomainAdminUser> /PasswordO:*]
The <TrustPassword> has to match what was set on the Kerberos side. To create a realm trust from the rallencorp.com domain to the Kerberos realm called kerb.rallencorp.com, use the following command:
> netdom trust rallencorp.com /Domain:kerb.rallencorp.com[RETURN] /Realm /ADD /PasswordT:MyKerbRealmPassword[RETURN] /UserO:administrator@rallencorp.com /PasswordO:*
You can create a Kerberos realm trust between an Active Directory domain and a non-Windows Kerberos v5 realm. A realm trust can be used to allow clients from the non-Windows Kerberos realm to access resources in Active Directory, and vice versa. See Recipe 18.7 for more information on MIT Kerberos interoperability with Active Directory.
MS KB 260123 (Information on the Transitivity of a Kerberos Realm Trust) and MS KB 266080 (Answers to Frequently Asked Kerberos Questions)