Netmetric Solutions                          ( Meer Shahanawaz ) ( Abdullah )Active Directory is an implementation of LDAP...
•   Two way trust - When two domains allow access to users on the other domain.   •   Trusting domain - The domain that al...
Upcoming SlideShare
Loading in …5
×

Active directory domain and trust

2,980 views
2,784 views

Published on

Active directory domain and trust

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
2,980
On SlideShare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
31
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Active directory domain and trust

  1. 1. Netmetric Solutions ( Meer Shahanawaz ) ( Abdullah )Active Directory is an implementation of LDAP directory services by Microsoft for usein Windows environments. Active Directory allows administrators to assign enterprise-wide policies, deploy programs to many computers, and apply critical updates to an entireorganization. An Active Directory stores information and settings relating to anorganization in a central, organized, accessible database. Active Directory networks canvary from a small installation with a few hundred objects, to a large installation withmillions of objects. Active Directory Domain and TrustTrustTo allow users in one domain to access resources in another, AD uses trust. Trust isautomatically produced when domains are created. The forest sets the default boundariesof trust, not the domain, and implicit trust is automatic. As well as two-way transitivetrust, AD trusts can be shortcut (joins two domains in different trees, transitive, one- ortwo-way), forest (transitive, one- or two-way), realm (transitive or nontransitive, one- ortwo-way), or external (nontransitive, one- or two-way) in order to connect to other forestsor non-AD domains. AD uses the Kerberos V5 protocol, although NTLM is alsosupported and web clients use SSL/TLS.Trusts in Windows 2000 (native mode)Simply speaking, AD uses trust to allow users in one domain to have access to resourcesin another domain. The AD trust has a two way trust with its parent. The root of everytree has a two way trust with the Forest Root domain. As a result, every domain in theforest, either explicitly or implicitly, trusts every other domain in the forest. These defaulttrusts cannot be deleted.Trust relationship is a description of the user access between two domains consisting of aone way and a two way trust. • One way trust - When one domain allows access to users on another domain, but the other domain does not allow access to users on the first domain.
  2. 2. • Two way trust - When two domains allow access to users on the other domain. • Trusting domain - The domain that allows access to users on another domain. • Trusted domain - The domain that is trusted; whose users have access to the trusting domain. • Transitive trust - A trust that can extend beyond two domains to other trusted domains in the tree. • Intransitive trust - A one way trust that does not extend beyond two domains. • Explicit trust - A trust that an admin creates. It is not transitive and is one way only. • Cross link trust - An explicit trust between domains in different trees or in the same tree when a descendent/ancestor (child/parent) relationship does not exist between the two domains.Windows 2000 - supports the following types of trusts: • Two way transitive trusts. • One way non transistive trusts.After making the Trust, at any system on two domains clinet login screen will be :

×