TRUSTS
Trust Relationship can be created between domains to facilitate user
authentication and data access.
authentication and data access.
Types
of Trusts are:
of Trusts are:
1. Internal Trust: – It is a trust created
automatically between the parent domain and the child domain.
automatically between the parent domain and the child domain.
2. External Trust: – It is a trust created between
different parent domains and this kind of trust is created manually.
different parent domains and this kind of trust is created manually.
3. Short-cut Trust: – It is a trust created between
child domains belonging to a same parent domain. It helps in speeding up user
authentication and logon process in different domains.
child domains belonging to a same parent domain. It helps in speeding up user
authentication and logon process in different domains.
4. Forest Trust: –
It is a trust created only in network having windows 2003 server DCs. When
forest trust is created between two different parent domains, child domains in
each parent also trust Childs of other parent domain.
It is a trust created only in network having windows 2003 server DCs. When
forest trust is created between two different parent domains, child domains in
each parent also trust Childs of other parent domain.
5. Realm Trust: – It is a trust created between
Windows DC and a Linux/Unix computer. It is a trust created only to
authenticate users of Windows or Linux/Unix, using the Kerberos protocol.
Windows DC and a Linux/Unix computer. It is a trust created only to
authenticate users of Windows or Linux/Unix, using the Kerberos protocol.
CREATING EXTERNAL
TRUST BETWEEN DOMAINS
TRUST BETWEEN DOMAINS
1. Go to a 2003 Server PC, install Active Directory
with DNS and give domain-name as amartex.com.
with DNS and give domain-name as amartex.com.
2. Now go to another 2003 Server PC, install Active
Directory with DNS and give domain-name as woodland.com.
Directory with DNS and give domain-name as woodland.com.
3. Now to create trust between these domains, go to
woodland.com DC.
woodland.com DC.
4. In the TCP/IP properties, in the alternate DNS
server box, type DNS address for Amartex.com.
server box, type DNS address for Amartex.com.
5. Open programs > administrative tools >
Active Directory Domains and trusts.
Active Directory Domains and trusts.
6. Right-click on woodland.com > properties >
Trusts > New Trust.
Trusts > New Trust.
7. Click next. In the Name, type amartex.com and
click next.
click next.
8. Select Two-way > next.
9. Select ‘both this domain and the specified
domain’.
domain’.
10. Click next. Type username as administrator and
password of amartex.com DC.
password of amartex.com DC.
11. Click next > next > next > next >
finish.
finish.
12. Make a client PC member of amartex.com domain
and you will see users of both amatex.com and woodland.com can logon on the
client but the user will logon to his respective domain only.
and you will see users of both amatex.com and woodland.com can logon on the
client but the user will logon to his respective domain only.
13. Create a shared folder in any PC which is member
of domain (amartex.com or woodland.com).
of domain (amartex.com or woodland.com).
14. You can set NTFS permissions for this folder by
adding users of both the domains.
adding users of both the domains.
