Monitoring Trusts

New to Windows Server 2003 is the Trustmon WMI provider. The Trustmon provider allows you to query the list of trusts supported on a domain controller and determine if they are working correctly. The Trustmon provider consists of three classes, but the primary one is the Microsoft_DomainTrustStatus class, which represents each trust the domain controller knows about. The Trustmon provider is contained under the root\MicrosoftActiveDirectory namespace. Note that this namespace is different than for the Active Directory provider, which is contained under root\directory\ldap.

Table 29-6 provides a list of the property methods available to this class.

Table 29-6. Microsoft_DomainTrustStatus properties

Property	Description
`Flatname`	NetBIOS name for the domain.
`SID`	SID for the domain.
`TrustAttributes`	Flag indicating special properties of the trust. Can be any combination of the following: 0x1 (nontransitive) 0x2 (uplevel clients only) 0x40000 (tree parent) 0x80000 (tree root)
`TrustDCName`	Name of the domain controller the trust is set up with.
`TrustDirection`	Integer representing direction of the trust. Valid values include: 1 (inbound) 2 (outbound) 3 (bidirectional)
`TrustedDomain`	Naming of trusted domain.
`TrustIsOK`	Boolean indicating whether the trust is functioning properly.
`TrustStatus`	Integer representing the status for the trust. 0 indicates no failure.
`TrustStatusString`	Textual description of status for the trust.
`TrustType ...`

Get Active Directory, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Active Directory, 3rd Edition by Joe Richards, Robbie Allen, Alistair G. Lowe-Norris

Monitoring Trusts

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly