RE: pass-through authentication
From: S.J.Haribabu (sjhari_at_microsoft.com)
Date: 08/19/04
- Next message: anonymous_at_discussions.microsoft.com: "Re: Netologon Error Event ID 5723"
- Previous message: Mark Renoden [MSFT]: "Re: Netologon Error Event ID 5723"
- In reply to: Ro: "pass-through authentication"
- Next in thread: Ro: "Re: pass-through authentication"
- Reply: Ro: "Re: pass-through authentication"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 19 Aug 2004 23:11:09 GMT
Hi,
Windows 2000 has implicit trust relationships with a
domain tree, and between trees in a forest, are transitive and
bi-directional by default, the single sign-on provides access not
only to the entire domain, but to all domains in the Windows 2000
forest. When a user has been authenticated to one domain in a
forest, referral or pass-through authentication provides access
to resources on computers that reside in other domains within the
forest.
But windows NT domains on your network, trust
relationships are not implicit; they must be created by the
administrator. Additionally, they are one-way and non-transitive
so you must create two explicit trusts between each pair of NT
domains – or NT domain and Windows 2000 domain – in order to
enjoy pass-through authentication throughout the network.
Thanks,
sjhari@online.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no rights.
- Next message: anonymous_at_discussions.microsoft.com: "Re: Netologon Error Event ID 5723"
- Previous message: Mark Renoden [MSFT]: "Re: Netologon Error Event ID 5723"
- In reply to: Ro: "pass-through authentication"
- Next in thread: Ro: "Re: pass-through authentication"
- Reply: Ro: "Re: pass-through authentication"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
