MCITP Exams Inform Users of Major Updates
One-way trusts can either be incoming or outgoing. If they are incoming, it means they will trust incoming connections. If they are outgoing, it means they will trust outgoing connections.
A two-way trust is a trust that is issued in two directions. However, unlike what you might think, a two-way trust is not simply a trust that exists in two directions. Instead, it is two individual one-way trusts that are applied to each domain. This is because trusts are, in practice, binary. Either you trust something or you Don’t. That trust goes just one way. Returning to the friend example, you may very well trust your friend, but your friend MCITP may not trust you.
You can see this type of trust in Figure 3.8. In this ?gure, the MyCorp and MegaCorp domains each trust each other and form two one-way trusts that allow the authentication of resources to each of the individual domains.
Accordingly, each domain in this ?gure will be able to access resources in the other domain. Active Directory trusts come in two ?avors: transitive and nontransitive. This happens regardless of whether the trust is two-way or one-way. In a transitive trust, the trust rela-tionship extends upward, and the trust is established at the lowest level. So if you created a transitive trust to a domain that extends deeply within your forest structure, that transitive trust would accordingly trust all the domains up to the root domain.
In a nontransitive trust, the trust that is established is restricted to the two domains that MCITP Exams have been joined. For example, if two lower-level domains are established by a nontransi- tive two-way trust, they will directly access one another?s resources, but the trust will not be established in an upward direction throughout the forest. Those two domains, and those two domains only, will trust one another.
Forestwide Authentication and Selective Authentication
The easiest way to explain forestwide and selective authentication is to consider Figure 3.9, which shows two separate forests that each contain several domains. So, most likely, each of these forests represents an infrastructure that consists of several hundred or several thousand users. Each forest is a living, breathing system that has its own infrastructure and runs completely independently from the other.
Published by Yanyan on December 28th 2011 | Business
Published by Water123 on December 6th 2011 | Business
Published by Tournaments on December 30th 2011 | Business
Published by Water123 on November 29th 2011 | Business
Published by Zhuimeng on November 30th 2011 | Business
Published by Zhuimeng on November 29th 2011 | Business