Publications

Fill 4

ERNW White Paper 67

Active Directory Trust Considerations

The document discusses security aspects of establishing Active Directory trust relationships between the customer’s Active Directory forest and other domains/forests. The primary use case has users from an external AD domain accessing their Exchange mailboxes hosted on servers in the company domain (“dir.company.com”) with Kerberos as the preferred authentication protocol. In Active Directory terminology the direction of trust is opposite to the direction of access, thus the company’s forest (“dir.company.com”) needs to trust the partner’s AD domain. The document hence focuses on the scenario of a one-way trust where the dir.company.com (=”company”) AD-forest trusts the partner’s AD forest, but not the other way around.



Whitepaper sign up

Get the latest Informations about technical topics within the IT-Security Community and a lot of special insights. Sign up now for our Whitepaper Newsletter:


Talks and Conferences arround the world

More on More articles on our company blog