There are three types of positions of trust:
- Subsidiary Position of Trust
- Position of Trust for the complete structure
- External Position of Trust
1. Subsidiary Position of Trust
While attaching a subdomain to another existing domain structure, normally a two-way, transitive subsidiary position of trust is set up.
migRaven recognizes the domains and sub domains. As the domain administrators have permission over the complete domains, migRaven can recognize and read the domains and sub domains.
2. Position of Trust for the complete structure
In this case, a position of trust is built between two domains.
If this is two-way and without SID-filtration, then the domain administrators of one domain can also administer other domains.
migRaven is then able to recognize and scan both domains.
3. External Position of Trust
An external position of trust reacts in a different way from a complete structure position of trust.
This position of trust is by default provided with SID-filtering. Therefore the administrators of one domain are able to set permissions for users of other domains inside their own domain, but they do not have any administrative permissions in the other domains.
migRaven recognizes external positions of trust and shows the corresponding domains after the start of the program. Over external positions of trust, additional permissions are needed to read these domains. We recommend you to give full permissions to the administrative account, with which you want to log inin migRaven, over the root of the external domains to be scanned. Here, You must log in as domain administrator of the external domain and give the domain administrator of the main domain, with which you wish to work, the full permission over the root of the external domain.