Hello @Eric.E, and welcome to the updated B 
B site!
I’m assuming that your domains are not necessarily child domains so it is a little trickier to configure. KBA 1245178 - krb5.ini configuration options for java AD in BI applications talks about this but with child domains. I’m not sure how helpful that would be.
We currently have two domains configured for our single sign on. I honestly don’t know if there is a one-way or two-way trust between them.
If it helps any, here is the krb5.ini file that we are using:
[libdefaults]
default_realm = DOMAIN1.COM
dns_lookup_kdc = true
dns_lookup_realm = true
default_tkt_enctypes = rc4-hmac, aes256-cts-hmac-sha1-96, aes128-cts-hmac-sha1-96
default_tgs_enctypes = rc4-hmac, aes256-cts-hmac-sha1-96, aes128-cts-hmac-sha1-96
[domain_realm]
.DOMAIN1.COM = DOMAIN1.COM
DOMAIN1.COM = DOMAIN1.COM
[realms]
DOMAIN1.COM = {
default_domain = DOMAIN1.COM
kdc = DOMAIN1DCHOST1.DOMAIN1.COM
kdc = DOMAIN1DCHOST2.DOMAIN1.COM
}
DOMAIN2.COM = {
kdc = DOMAIN2DCHOST1.DOMAIN2.COM
kdc = DOMAIN2DCHOST2.DOMAIN2.COM
default domain = DOMAIN2.COM
}