Primary and Trusted Domains
Hello All,
Hope this post finds you in good health and spirit.
This post is regarding Primary and Trusted Domains.
The following terms describe domains that exist on remote systems.
- Primary Domain
- Trusted Domain
Primary Domain
A primary domain is the one in responsibility of providing authentication and creating further trust relationships (or for passing an authentication request on to an appropriate trusted domain). Requests for authentication that come from the workstation are handled by the domain controllers in the principal domain or forwarded to them.
The LSA checks the built-in and account domains for authentication data at logon. The login request is sent to the system’s principal domain if the account being signed on to is not in one of these domains.
Trusted Domain
A trusted domain is a domain that the local system trusts to authenticate users. In other words, if a user or application is authenticated by a trusted domain, this authentication is accepted by all domains that trust the authenticating domain.
Each subordinate domain automatically has a two-way trust relationship with the main domain. By default, this trust is transitive, meaning that if a system trusts Domain A, it also trusts all domains that Domain A trusts. One-way trusts are also supported for operating systems earlier than Windows 2000, which do not support transitive, two-way trusts.
The Local Security Authority (LSA) has an object type, TrustedDomain, that is used to store information about trust relationships, including the name and security identifier (SID) of the trusted domain, the account in the domain to use for authentication requests, name and SID translation requests, and the names of domain controllers in the trusted domain.
On domain controllers, the LSA creates an instance of a TrustedDomain object for each domain trusted by the local system.
For example, if a Windows XP workstation trusts a Windows 2000 domain controller that in turn trusts four other systems, the workstation, connected using transitive trust, will have five TrustedDomain objects on its local system.
For more information please check MS link
So, that’s all in this blog. I will meet you soon with next stuff .Have a nice day !!!
Recommended content
RODC Installation Guide- Step by step guide to install read only domain controller
RODC Filtered Attribute Set
Installing and configuring a RODC in Windows Server-2012
How to find the GUID of Domain Controller
Understanding Group Policy Preferences
Group Policy Verification Tool GPOTool Exe
Group Policy Health Check on Specific Domain Controller
Netlogon Folder in Active Directory
Custom Attributes in Active Directory
Tombstone Lifetime of My Active Directory Forest
Computers AD Site From the Command Line
Active Directory Database Integrity
Disabling and Enabling the Outbound Replication
DFS Replication Service Stopped Replication
Strict Replication Consistency
The replication operation failed because of a schema mismatch between the servers involved
Troubleshooting ad replication error 8418 the replication operation failed because of a schema mismatch between the servers
Replication information in txt file
Repadmin Replsummary
Enabling the outbound replication
Guys please don’t forget to like and share the post.Also join our WindowsTechno Community and where you can post your queries/doubts and our experts will address them .
You can also share the feedback on below windows techno email id.
If you have any questions feel free to contact us on admin@windowstechno.com also follow us on facebook@windowstechno to get updates about new blog posts.