Wednesday, February 3, 2010

Understanding Microsoft's Trust Vocabulary

In windows server operating systems prior to server 2008 Microsoft had two terms for distinguishing domain trust directions, trusted and trusting. Now in server 2008 they are called "incoming" and "outgoing"

An "incoming trust" means its a "trusting" trust.

An "outgoing trust" means its a "trusted" trust.

Ok how does this relate to my network?

Well the easiest way to explain this is with a diagram.



If we want users in Domain 3 to access network resources in Domain 1 we create a "Trusted" or now known as "Outgoing" trust to domain 3. Users in Domain 3 are able to print on Domain 1's printers and access Domain 1's files, sharepoint and other network resources. However Domain 1 users cannot access Domain 3. One thing I use to find confusing was the arrow. The arrow represents the trust, not what users have access to. For a long time I use to always draw it the wrong away around as I thought of it as "users in Domain 3 have access to resources in Domain 1 so I'd draw the arrow FROM domain 3 TO domain 1" ... not the case so be careful with this.

5 comments:

  1. Its the opposite. You have to switch incoming and outgoing. For reference - http://technet.microsoft.com/en-us/library/cc816877.aspx

    ReplyDelete
  2. The discription is correct if you read http://technet.microsoft.com/en-us/library/cc816877.aspx carefully.

    ReplyDelete
  3. No, the data above is correct... just very confusing!

    ReplyDelete
  4. Incoming is when you access resources in the other domain (Trusted)

    ReplyDelete
  5. The description is correct, please read http://technet.microsoft.com/en-us/library/cc816877.aspx.

    I am just sitting another MS 2012 exam and I need to get this terminology back in my head again :(

    ReplyDelete