Trust Relation Types in Windows 2003 and 2008 Server

By WireINPUT -
Parent-child trust
This trust is implicitly created when we add a new child domain to a tree. This trust is a two-way and transitive in nature.
Tree-root Trust
This trust is implicitly established when we add a new tree root domain to a forest. This trust is two-way and transitive in nature.
Shortcut Trust
This trust is created to improve user logon times between two domains in a forest. This trust is created explicitly, transitive and can be one-way or two-way.
As you can see in the above diagram, one-way trust is created from techpeoples.net to asia.microsoft.com so that users in asia.microsoft.com can logon to techpeoples.net domain, but not vice-versa. In other scenario, two way trusts is created between usa.techpeoples.net and europe.microsoft.com so that users in each domain can logon to other domain, two-way trust.

External Trust
External trust is created between two different forests or between a Windows Server 2003 domain and Windows NT 4 domain. This trust is explicitly created, non-transitive in nature and can be one-way or two-way.
 

As you can see in the above diagram, one-way trust is created from techpeoples.net to asia.microsoft.com so that users in asia.microsoft.com can logon to techpeoples.net domain, but not vice-versa. In other scenario, two way trusts is created between usa.techpeoples.net and europe.microsoft.com so that users in each domain can logon to other domain, two-way trust.

Realm Trust
Realm trust is created between a Windows Server 2008 and non-windows Kerberos realm. This trust us explicitly created, non-transitive and can be one-way or two-way.
Forest Trust
 Forest trust is created between two forest root domains. Trust is explicitly transitive in nature and can be one-way or two-way.

 
As you can see in the above diagram, a two-way trust is created between two different forests.

Comments

Post a Comment

Popular posts from this blog

IBM x3650 M4 Series Server Model - Activation Keys Backup to be taken for IMM Moduel II, why?

By WireINPUT -
Image
If you are planning to replace the system board (Mother Board) for M4 series of IBM xSeries 3650 model server, you should and must take the activation keys backup, otherwise you will miss the IMM key. IMM key something like iLO Activation key on HP servers. If that  iLO key didn't acivated, then you won't get the 'Remote Access' option. In the same way, IBM series requires a key to be activated to access the IMM console. IMM Activation to be backuped and restore once the new board get replaced. Here is the screenshot there you see more options what we discussed so far -
Read more

HPONCFG GUI Utility / Tool Download Links - x32 & x64 bit versions, 2003 & 2008 Windows Versions

By WireINPUT -
Here goes the links to download the versions. With this new GUI version, we can change /reset the iLO password,  change the IP address, Subnet & Gateway configurations and many more - HP Lights-Out Online Configuration Utility for Windows 2003/2008 x64 Editions Click here to download x64 bit version Type: Software - Lights-Out Management Version: 3.1.1.0 (22 Nov 2010) Operating System(s): File name: cp013639.exe (1.0 MB) HP Lights-Out Online Configuration Utility for Windows Server 2003/2008 Click here to download x32 bit version (3.2.0.0) Type: Software - Lights-Out Management Version: 3.2.0.0 (18 Jul 2011) Operating System(s): Microsoft Windows Server 2003, Microsoft Windows Server 2008 W32 File name: cp015357.exe (950 KB) HP Lights-Out Online Configuration Utility for Windows Server 2003/2008 Click here to download x32 bit version (3.1.0.0) Type: Software - Lights-Out Management Version: ...
Read more

The Windows Time Service terminated with the following error - Event ID 7023 & 46

By nag -
After you upgrade a Microsoft Windows Server 2003-based domain controller to Windows Server 2003 Service Pack 1 (SP1), the Windows Time service may not start. In this scenario, the following events may be logged in the Windows System log. Message 1 Event Type: Error Event Source: Service Control Manager Event Category: None Event ID: 7023 Description: The Windows Time service terminated with the following error: Not all privileges referenced are assigned to the caller. For more information, see Help and Support Center at http://support.microsoft.com. Message 2 Event Type: Error Event Source: W32Time Event Category: None Event ID: 46 Description: The time service encountered an error and was forced to shut down. The error was: 0x80070700: An attempt was made to logon, but the network logon service was not started. Additionally, when you try to start the Windows Time service manually, you may receive one of the following error messages: Error 1083: The executable program that this servic...
Read more