Export (0) Print
Expand All

Securing Domain and Forest Trusts

Updated: March 2, 2005

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

When you create a new trust in an existing Active Directory forest, all communications over that trust are tightly secured. However, when you create a trust between your domain and another domain outside your forest, there are certain security issues involved. For example, you might need to configure security identifier (SID) filtering to deny one domain the right to provide credentials for another domain. You can enable or disable SID filtering for external trusts or forest trusts.

The following tasks for securing domain and forest trusts are described in this objective:

For more information about how the security settings for domain and forest trusts work, see "Security Considerations for Trusts" in the Windows Server 2003 Technical Reference on the Microsoft Web site (http://go.microsoft.com/fwlink/?LinkId=35413).

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

© 2015 Microsoft