• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Active  directory  domain  and  trust
 

Active directory domain and trust

on

  • 2,750 views

Active directory domain and trust

Active directory domain and trust

Statistics

Views

Total Views
2,750
Views on SlideShare
2,750
Embed Views
0

Actions

Likes
0
Downloads
25
Comments
0

0 Embeds 0

No embeds

Accessibility

Upload Details

Uploaded via as Microsoft Word

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Active  directory  domain  and  trust Active directory domain and trust Document Transcript

    • Netmetric Solutions ( Meer Shahanawaz ) ( Abdullah )Active Directory is an implementation of LDAP directory services by Microsoft for usein Windows environments. Active Directory allows administrators to assign enterprise-wide policies, deploy programs to many computers, and apply critical updates to an entireorganization. An Active Directory stores information and settings relating to anorganization in a central, organized, accessible database. Active Directory networks canvary from a small installation with a few hundred objects, to a large installation withmillions of objects. Active Directory Domain and TrustTrustTo allow users in one domain to access resources in another, AD uses trust. Trust isautomatically produced when domains are created. The forest sets the default boundariesof trust, not the domain, and implicit trust is automatic. As well as two-way transitivetrust, AD trusts can be shortcut (joins two domains in different trees, transitive, one- ortwo-way), forest (transitive, one- or two-way), realm (transitive or nontransitive, one- ortwo-way), or external (nontransitive, one- or two-way) in order to connect to other forestsor non-AD domains. AD uses the Kerberos V5 protocol, although NTLM is alsosupported and web clients use SSL/TLS.Trusts in Windows 2000 (native mode)Simply speaking, AD uses trust to allow users in one domain to have access to resourcesin another domain. The AD trust has a two way trust with its parent. The root of everytree has a two way trust with the Forest Root domain. As a result, every domain in theforest, either explicitly or implicitly, trusts every other domain in the forest. These defaulttrusts cannot be deleted.Trust relationship is a description of the user access between two domains consisting of aone way and a two way trust. • One way trust - When one domain allows access to users on another domain, but the other domain does not allow access to users on the first domain.
    • • Two way trust - When two domains allow access to users on the other domain. • Trusting domain - The domain that allows access to users on another domain. • Trusted domain - The domain that is trusted; whose users have access to the trusting domain. • Transitive trust - A trust that can extend beyond two domains to other trusted domains in the tree. • Intransitive trust - A one way trust that does not extend beyond two domains. • Explicit trust - A trust that an admin creates. It is not transitive and is one way only. • Cross link trust - An explicit trust between domains in different trees or in the same tree when a descendent/ancestor (child/parent) relationship does not exist between the two domains.Windows 2000 - supports the following types of trusts: • Two way transitive trusts. • One way non transistive trusts.After making the Trust, at any system on two domains clinet login screen will be :