About use of sites AD in the MS Windows domain, and also about the confidential relations between domains.

17 Июл

“For what the confidential relations (trusts) in the MS Windows domain are used?” – quite often it is necessary to hear such question. The confidential relations in the MS Windows domain are used for possibility through, without input of additional passwords and data, an atunifikatsiya in other (trusting) domain. That allows users is transparent to use resources of both domains, thus it should be noted that group security policies in both domains are individual (domains different).
The Saytovost (sites) of AD in the MS Windows domain is used for differentiation of access rights for underlaying trees (domains) that can be used for restriction of a functional of management by the separate components AD, DNS, for example, at the subordinated domains. I.e. the saytovost allows to increase level of protection against uncoordinated or rash actions of system administrators of subordinate divisions. It is better to execute most any critical change at higher level for subordinate, than in case of problems to understand that led to it or to play an ugadayka.


Метки: ,

Обсуждение закрыто.