Domain Trust

A subdomain with an exploitable flaw or vulnerability can provide us with a quick route into the target domain.

Companies may also establish trusts with other companies, a customer, or other business units of the same company (such as a division of the company in another geographical region)

Trust

A trust is used to establish forest-forest or domain-domain (intra-domain) authentication, which allows users to access resources in (or perform administrative tasks) another domain, outside of the main domain where their account resides. A trust creates a link between the authentication systems of two domains and may allow either one-way or two-way (bidirectional) communication.

Types of Trust

  • Parent-child: Two or more domains within the same forest. The child domain has a two-way transitive trust with the parent domain, meaning that users in the child domain corp.inlanefreight.local could authenticate into the parent domain inlanefreight.local, and vice-versa.

  • Cross-link: A trust between child domains to speed up authentication.

  • External: A non-transitive trust between two separate domains in separate forests which are not already joined by a forest trust. This type of trust utilizes SID filtering or filters out authentication requests (by SID) not from the trusted domain.

  • Tree-root: A two-way transitive trust between a forest root domain and a new tree root domain. They are created by design when you set up a new tree root domain within a forest.

  • Forest: A transitive trust between two forest root domains.

  • ESAE: A bastion forest used to manage Active Directory.

Kinds of Trust

Transitive Trust

A transitive trust means that trust is extended to objects that the child domain trusts. For example, let's say we have three domains. In a transitive relationship, if Domain A has a trust with Domain B, and Domain B has a transitive trust with Domain C, then Domain A will automatically trust Domain C.

Non-Transitive Trust

In a non-transitive trust, the child domain itself is the only one trusted.

image

Trust Table Side By Side

Transitive
Non-Transitive

Shared, 1 to many

Direct trust

The trust is shared with anyone in the forest

Not extended to next level child domains

Forest, tree-root, parent-child, and cross-link trusts are transitive

Typical for external or custom trust setups

Kinds of Trust

One-Way Trust

Users in a trusted domain can access resources in a trusting domain, not vice-versa.

Bidirectional Trust

Users from both trusting domains can access resources in the other domain. For example, in a bidirectional trust between INLANEFREIGHT.LOCAL and FREIGHTLOGISTICS.LOCAL, users in INLANEFREIGHT.LOCAL would be able to access resources in FREIGHTLOGISTICS.LOCAL, and vice-versa.

PreviousMiscellaneous MisconfigurationsNextEnumeration

Last updated