Đang chuẩn bị nút TẢI XUỐNG, xin hãy chờ
Tải xuống
The Best Damn Windows Server 2003 Book Period- P54:The latest incarnation of Microsoft’s server product,Windows Server 2003, brings many new features and improvements that make the network administrator’s job easier.This chapter will briefly summarize what’s new in 2003 and introduce you to the four members of the Windows Server 2003 family: the Web Edition, the Standard Edition, the Enterprise Edition, and the Datacenter Edition. | 496 Chapter 13 Working with Trusts and Organizational Units Working with Active Directory Trusts One of the many issues that need to be dealt with in any computer organization is how to protect resources. The main difficulty that administrators face is the dilemma of how to ensure that the resources of the company are not accessible by those who do not need access. The other side of that coin equally important is how to ensure that people who do need access are granted access with the least amount of hassle. In small companies the issues are simpler because multiple domains rarely exist. In today s larger corporations and conglomerates the issues of security are compounded. What administrators need is an easy tool to manage access across multiple domains and often across forests. The tool is Active Directory Domains and Trusts. With Active Directory Domains and Trusts an administrator can establish relationships between domains that will allow users in one domain to access the resources in another. This way the administrator can ensure that all users who need access can have it without the hassles involved in having user accounts in multiple domains. Types of Trust Relationships Two or more Active Directory domains are implicitly or explicitly connected using trust relationships. The authentication requests made from one domain to the other domains use these relation-ships.The trusts provide a seamless coexistence of resources within the forest structure. Users are granted access to the resources in the other domain s after being authenticated in their own domain first. Once authenticated in their own domain they can traverse the other domains to gain access to their resources. The primary advantage of these relationships is that administrators no longer need to create multiple user accounts for each user who needs access to resources within each domain. Administrators can now add the users of the other domains to their access control lists ACLs to control access .