Trusts
General
Relationship between two domains or forest
Trusted Domain Objects (TDOs) represent trust relationship in a domain
Types of trusts
One-way: users in trusted domain can access resources in the trusting domain
Two-way trust: users of both domains can access resources in the other domain
Transitive: If A and B trust each other and B and C trust each other, A and C also trust each other (default between domains in same forest)
Non-transitive: cannot be extended to other domains in the forest (default between two domains in different forests)
Automatic trust: created automatically when creating new subdomain (parent-child, tree-root)
Shortcut trusts: used to reduce access time in complex trust scenarios
External trusts: between two domains in different forests when forests do not have a turst relationships
Forest trusts: between forest root domains
Get All Trusts for the Current Domain
# AD Module
Get-ADTrust
Get-ADTrust -Filter * | Select Source,Target,Direction
# PowerView
Get-NetDomainTrust
Get Trusts for Specific Domain
# AD Module
Get-ADTrust -Identity test.lab.local
# PowerView
Get-NetDomainTrust -Domain test.lab.local
Last updated