Trust Relationships

[bazzert]

At the school where I work there are 2 seperate domains one for admin and the other for the pupils with no trust relationships (seems the idea was to keep both seperate for security reasons).

Problem is that staff need to have seperate accounts on both domains (bit of a nightmare for network management).

What I'd like to do is allow staff to see and use the pupil domain but not allow anyone on the pupil domain to see the admin domain.

Would setting up a one-way non-transative trust on the pupil domain (so it trusts the admin domain) achieve what I want?

 

[sioxley]

Hi Bazzert

in short yes! I also have a similar situation and the one way trust seems to work just fine. Trusts can get really messy but if it's only the one trust I can't see any problems

 

[ntinlin]

Sounds fine.

What you are really doing here is replicating the old NT4 master / resource domain idea.

Neill

 

[bazzert]

Unfortunately the domains were setup before I joined the school.

Hopefully getting the whole network upgraded over the summer (using switches instead of hubs) and will look at using VLAN.