Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Active Directory
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
===Terminology=== ;One-way trust :One domain allows access to users on another domain, but the other domain does not allow access to users on the first domain. ;Two-way trust :Two domains allow access to users on both domains. ;Trusted domain :The domain that is trusted; whose users have access to the trusting domain. ;Transitive trust :A trust that can extend beyond two domains to other trusted domains in the forest. ;Intransitive trust :A one way trust that does not extend beyond two domains. ;Explicit trust :A trust that an admin creates. It is not transitive and is one way only. ;Cross-link trust :An explicit trust between domains in different trees or the same tree when a descendant/ancestor (child/parent) relationship does not exist between the two domains. ;Shortcut :Joins two domains in different trees, transitive, one- or two-way. ;Forest trust :Applies to the entire forest. Transitive, one- or two-way. ;Realm :Can be transitive or nontransitive (intransitive), one- or two-way. ;External :Connect to other forests or non-Active Directory domains. Nontransitive, one- or two-way.<ref>{{cite web | title =Domain and Forest Trusts Work | url = https://technet.microsoft.com/en-us/library/cc773178(WS.10).aspx | publisher = Microsoft Corporation | date = 11 December 2012 | access-date = 29 January 2013 | quote = Defines several kinds of trusts. (automatic, shortcut, forest, realm, external)}}</ref> ;PAM trust :A one-way trust used by [[Microsoft Identity Manager]] from a (possibly low-level) production forest to a ([[Windows Server 2016]] functionality level) 'bastion' forest, which issues time-limited group memberships.<ref>{{Cite web|url=https://docs.microsoft.com/en-us/microsoft-identity-manager/pam/privileged-identity-management-for-active-directory-domain-services|title=Privileged Access Management for Active Directory Domain Services|website=docs.microsoft.com|date=8 February 2023 }}</ref><ref>{{Cite web|url=https://social.technet.microsoft.com/wiki/contents/articles/33363.mim-2016-privileged-access-management-pam-faq.aspx|title=TechNet Wiki|website=social.technet.microsoft.com|date=17 January 2024 }}</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)