tailieunhanh - Active Directory Cookbook for windows server 2003- P5

Active Directory Cookbook for windows server 2003- P5:If you are familiar with the O'Reilly Cookbook format that can be seen in other popular books, such as the Perl Cookbook, Java Cookbook, and DNS and BIND Cookbook, then the layout of this book will not be anything new to you. The book is composed of 18 chapters, each containing 10-30 recipes for performing a specific Active Directory task. Within each recipe are four sections: problem, solution, discussion, and see also. | Using a command-line interface netdom trust ADDomainDNSName Domain KerberosRealmDNSName RETURN Realm ADD PasswordT TrustPassword RETURN UserO ADDomainAdminUser PasswordO The TrustPassword has to match what was set on the Kerberos side. To create a realm trust from the domain to the Kerberos realm called use the following command netdom trust Domain RETURN Realm ADD PasswordT MyKerbRealmPassword RETURN UserO administrator@ PasswordO Discussion You can create a Kerberos realm trust between an Active Directory domain and a non-Windows Kerberos v5 realm. A realm trust can be used to allow clients from the non-Windows Kerberos realm to access resources in Active Directory and vice versa. See Recipe for more information on MIT Kerberos interoperability with Active Directory. See Also MS KB 260123 Information on the Transitivity of a Kerberos Realm Trust and MS KB 266080 Answers to Frequently Asked Kerberos Questions Recipe Viewing the Trusts for a Domain Problem You want to view the trusts for a domain. Solution Using a graphical user interface 1. Open the Active Directory Domains and Trusts snap-in. 2. In the left pane right-click the domain you want to view and select Properties. 3. Click on the Trusts tab. Using a command-line interface netdom query trust Domain DomainDNSName Using VBScript This code prints the trusts for the specified domain. ----- SCRIPT CONFIGURATION ------- strDomain DomainDNSName . ----- END CONFIGURATION ---------- 51 Trust Direction Constants taken from set objTrustDirectionHash CreateObject DIRECTION_DISABLED 0 DIRECTION_INBOUND 1 DIRECTION_OUTBOUND 2 DIRECTION_BIDIRECTIONAL 3 Trust Type Constants - taken from set .