Chapter 18. Managing AD trusts

 

Your AD forest is a security boundary that you can use to stop unauthorized access to your environment. If your organization could exist in isolation and not have any interaction with other organizations, security would be simple. Unfortunately, that’s not the case in most organizations—potentially there are customers, suppliers, partner organizations, other parts of your organization, and companies that your organization is acquiring or with which they’re merging, all requiring access to resources in your AD environment.

The method you’ll use to control, manage, and secure this external access is creating AD trusts between your environment and the external environment. You can then control who can gain access to your environment and what they can do once they have that access.

Just as you’d only give someone a key to your front door if you trusted them, you should only allow access to your Active Directory if you trust those accessing it.

Note

Trust management is an activity that you have to perform in conjunction with the administrator of the other domain. You can create, modify, and delete trusts at your end of the link, but you need the other administrator to perform the same tasks at their end as well.

18.1. Trust concepts

 
 
 
 

18.2. Creating trusts

 

18.3. Managing trusts

 
 

18.4. LAB

 
 

18.5. Ideas for on your own

 
 
 
sitemap

Unable to load book!

The book could not be loaded.

(try again in a couple of minutes)

manning.com homepage
test yourself with a liveTest