How Domain and Forest Trusts Work
"Active Directory provides security across multiple domains or forests through domain and forest trust relationships. Before authentication can occur across trusts, Windows must first determine whether the domain being requested by a user, computer or service has a trust relationship with the logon domain of the requesting account. To make this determination, the Windows security system computes a trust path between the domain controller for the server that receives the request and a domain controller in the domain of the requesting account."
Creating Domain and Forest Trusts
"In Windows Server 2003, there are four trust types that must be created manually. External trusts, realm trusts, and forest trusts help provide interoperability with domains outside your forest or with realms. Shortcut trusts optimize access to resources and logons that are made between domain trees in the same forest. "
No comments:
Post a Comment