Establish Two-Way Trusts Between Multiple Domains
Windows NT authentication is used to communicate across these integrated Flexera Software products. Therefore, if the customer’s environment contains multiple domains, and if your Flexera Software products are installed on different domains, it is recommended that all domains have two-way trusts between them.
- A trust between domains is required for communication—Users in one domain need to be authenticated and authorized to use resources in another domain. To provide authentication and authorization capabilities between clients and servers in different domains, there must be a trust between the two domains. Trusts are the underlying technology by which secured Active Directory communications occur, and are an integral security component of the Windows Server network architecture.
- Trusts act as bridges that allow only validated authentication requests to travel between domains—When a trust exists between two domains, the authentication mechanisms for each domain trust the authentications coming from the other domain. Trusts help provide for controlled access to shared resources in a resource domain (the trusting domain) by verifying that incoming authentication requests come from a trusted authority (the trusted domain). In this way, trusts act as bridges that allow only validated authentication requests to travel between domains.
- **Two-way trusts—**How a specific trust passes authentication requests depends on how it is configured; trust relationships can be one-way, providing access from the trusted domain to resources in the trusting domain, or two way, providing access from each domain to resources in the other domain.
For more information and instructions, see the following articles: