Professional Documents
Culture Documents
Module 6
Designing and Implementing an
Active Directory Domain Services
Forest and Domain Infrastructure
Module Overview
Wingtiptoys.com Tailspintoys.com
Forest 1 Forest 2
Forest trust
Global
6
Global
catalog catalog
woodgrovebank. contoso.com
com
4
2
5
3 7
8
1
9
emea.woodgrovebank.com na.contoso.com
Guidelines for Designing Forest Trusts
Multiple domain
trees
DomainDNSZone
To all domain controllers that are DNS
ForestDNSZones servers in the Active Directory forest
Custom Partition
Trust Relationships
Shortcut Trusts
External Trusts and Realm Trusts
• Guidelines for Designing Active Directory Domain
Trusts
Trust Relationships
In a trust relationship:
• The trust extends the concept of the trusted
identity store to another domain
• The trusting domain trusts the identity store and
authentication services of the trusted domain
• A trusted user can authenticate to, and be given
access to resources in the trusting domain
• Within a forest, each domain trusts all other
domains
• Trust relationships can exist with external domains
Shortcut Trusts
Forest root
domain
Tree root
domain
tailspintoys.com
wingtiptoys.com
europe.tailspintoys.com
usa.wingtiptoys.com asia.wingtiptoys.com
External Trusts and Realm Trusts
tailspintoys.com wideworldimporters.com
• Review Question(s)