Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Additional feedback?
1500 characters remaining
Export (0) Print
Expand All

6.1.6.7.15 trustType

The trustType attribute is an integer value that dictates what type of trust has been designated for the trusted domain. Following are the valid values, corresponding to the TrustType field in LSAPR_TRUSTED_DOMAIN_INFORMATION_EX, as specified in [MS-LSAD] section 2.2.7.9. The trustType contains one of the following values:

TTD (TRUST_TYPE_DOWNLEVEL, 0x00000001): The trusted domain is a Windows domain not running Active Directory.

TTU (TRUST_TYPE_UPLEVEL, 0x00000002): The trusted domain is a Windows domain running Active Directory.

TTM (TRUST_TYPE_MIT, 0x00000003): The trusted domain is running a non-Windows, RFC4120-compliant Kerberos distribution. This type of trust is distinguished in that (1) a SID is not required for the TDO, and (2) the default key types include the DES-CBC and DES-CRC encryption types (see [RFC4120] section 8.1).

TTDCE (TRUST_TYPE_DCE, 0x00000004): Historical reference; this value is not used in Windows.

Show:
© 2015 Microsoft