I read below 3 artices about Trust Relatioship within Active Directory
(a) article is easier to understand but (b) & (C) articles make me confused .
I tried to summarize the " Trust Relationship within Active Directory "
Correct me if I am wrong...
Based on Wins Server 2003 Trust Relationship only :-
(1) By default , every domain in the same forest will trust each other .
Domain Administrator from Domain#A CANNOT access the Domain#B 's resources like
files,printers etc .
Howerver , only the member of Enterprise Admin Group ( Forest level administrator) of
Domain#A CAN access the Domain#B 's resources like files etc
==> Am I right at this point ????
(2) Only member of Enterprise Admin Group ( forest level ) CAN create External Trust
between 2 forests . We cannot use domain administrator to create this external trust ??
==> Am I right ???
(3) Only member of Enterprise Admin Group ( forest level ) CAN create the trust between
Domiain#A ( from forest#A) and Domain#B ( from forest#B) and after this external trust
is created the domain administrator of Domain#A can access Domain#B's resources
==> at this point , we do not need to use Enterprise Admin Group to access other domain's
resources , we only need to use domain administrator to access other domain's
resource ( the trust between 2 forests ) ==> Am I right ???
For (b) article I read , it sound to me even the domain administrator can access other domain's resources if the domains are in the same forest ????
==> Please clarify ...
For (c) article I read , it sound to me any user from and domain can access other domain resources as long as they are in the same forest ( because the trust relationship is created by default in Server 2003 network ) ???
==> Please clarify ......
A lot of my questions are asking whether the member of Enterprise Admin Group , or , Domain Administrator can access other domain's resources ???
Please help to clarify from (1) to (5) . Thanks .