TRUSTS

               Trust Relationship can be created between domains to facilitate user authentication and data access.

                 Types of Trusts are:

1. Internal Trust: - It is a trust created automatically between the parent domain and the child domain.

2. External Trust: - It is a trust created between different parent domains and this kind of trust is created manually.

3. Short-cut Trust: - It is a trust created between child domains belonging to a same parent domain. It helps in speeding up user authentication and logon process in different domains.

4. Forest Trust: - It is a trust created only in network having windows 2003 server DCs. When forest trust is created between two different parent domains, child domains in each parent also trust Childs of other parent domain.

5. Realm Trust: - It is a trust created between Windows DC and a Linux/Unix computer. It is a trust created only to authenticate users of Windows or Linux/Unix, using the Kerberos protocol.

CREATING EXTERNAL TRUST BETWEEN DOMAINS

1. Go to a 2003 Server PC, install Active Directory with DNS and give domain-name as amartex.com.
2. Now go to another 2003 Server PC, install Active Directory with DNS and give domain-name as woodland.com.
3. Now to create trust between these domains, go to woodland.com DC.
4. In the TCP/IP properties, in the alternate DNS server box, type DNS address for Amartex.com.
5. Open programs > administrative tools > Active Directory Domains and trusts.
6. Right-click on woodland.com > properties > Trusts > New Trust.
7. Click next. In the Name, type amartex.com and click next.
8. Select Two-way > next.
9. Select 'both this domain and the specified domain'.
10. Click next. Type username as administrator and password of amartex.com DC.
11. Click next > next > next > next > finish.
12. Make a client PC member of amartex.com domain and you will see users of both amatex.com and woodland.com can logon on the client but the user will logon to his respective domain only.
13. Create a shared folder in any PC which is member of domain (amartex.com or woodland.com).
14. You can set NTFS permissions for this folder by adding users of both the domains.