Within an Active Directory forest all domains implicitly trust each other. IT departments can also create trust relationships between a specific domain from one forest to a domain in another forest. Windows Server 2003 even allows you to create trust relationships that connect entire forests.
These trusts make identity management and access control efficient since you can preserve the “one account per person” concept, but trusts can also introduce significant risk if they are not accurately understand or poorly implemented. Entitlements and separation of duty controls can be compromised if trust relationships are misunderstood or mis-implemented.
In this webinar I will explain how trust relationships work in Active Directory and show you how to identify the trust relationships in your specific environment and how to assess their potential risk.
You will learn about each trust type in AD including:
• Parent
• Child
• Tree-root
• Cross forest
• External
• UNIX Realm
You will learn the difference between transitive and intransitive trusts as well as how to factor in the direction of one-way trusts.