Trust Relationships
The trust relationship between domains in Windows forests provides many benefits. It also creates new headaches. On the one hand, single sign-on across multiple domains makes administration of resources easier; on the other, the tight coupling between domains makes it easier for an administrator of one domain to mount an elevated privilege attack against another domain in the forest. To take advantage of the benefits and minimize the problems, you must understand the following:
The benefits of trust
Forest functional level
Group scope
Function of the Global Catalog
Benefits of Forest Trust
Trust relationships with the forest offer many benefits to users and administrators. Three major benefits are as follows:
Single sign-on
Get Windows Server 2003 Security: A Technical Reference now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
