Design Trusts with CompTia

 You are the assistant IT administrator for a network with a single domain named PartnerCorp.xyz. Your company network has three domains, CorpNet.local, Branch1.CorpNet.local, and Branch2.CorpNet.local.

Management has decided that the full cross-forest trust you created is too much of a security risk. However, the board of directors for PartnerNet still needs access to financial resources that are in the Branch1.CorpNet.local domain.

Only the members of the Directors group should be allowed to access the domain. Other users at PartnerNet should not be able to access Branch1.CorpNet.local, and users in CorpNet should not be able to access the PartnerCorp.xyz domain.

In this lab, your task is to create trust relationship(s) with the CorpNet network to meet the requirements specified in the scenario above.

  • You are currently working at CampusServer1, which is a Hyper-V host. Domain controllers for the PartnerCorp.xyz domain run as guests on this server.
  • Create both sides of the trust.
  • As necessary, use the following usernames and passwords to connect to the destination domain:
    DomainUsernamePassword
    CorpNet.localAdministrator1Drowss@p!@#
    Branch1.CorpNet.localAdministrator2ManyP@ssw0rds
    Branch2.CorpNet.localAdministratorgoingFISHing@5
  • Any additional configuration required in the CorpNet.local forest beyond creating the trust relationship will be performed by administrators in their respective domains.

EXPLANATION

Complete this lab as follows:

  1. Access the CampusDC1 virtual server.
    1. From Hyper-V Manager, select CAMPUSSERVER1.
    2. Under Virtual Machines, double-click CampusDC1 to open the virtual server.
    3. Maximize the window for better viewing.
  2. Access the properties of the PartnerCorp.xyz domain.
    1. From Server Manager, select Tools > Active Directory Domains and Trusts.
    2. Maximize the window for better viewing.
    3. From the left pane, right-click PartnerCorp.xyz and select Properties.
  3. Create the new trust relationships.
    1. From the PartnerCorp.xyz properties dialog, select the Trusts tab.
    2. Select New Trust.
    3. Select Next to start the wizard.
    4. In the Name field, enter Branch1.CorpNet.local and select Next.
    5. Select One-way: incoming and then select Next.
    6. Select Both this domain and the specified domain, and then select Next.
    7. Enter Administrator in the User name field.
    8. In the Password field, enter 2ManyP@ssw0rds (0 is a zero), and then select Next.
    9. Select Selective authentication, and then click Next.
    10. Select Next to create the trust.
    11. Select Next to configure the new trust.
    12. Select Yes, confirm the incoming trust, and then click Next.
    13. Select Finish.
    14. Select OK on the SID filtering prompt.
    15. Select OK to close the domain properties dialog.

Comments

Post a Comment

Popular Posts