White Paper - File Sharing Security
Copyright © 2000 Hewlett-Packard Company Page 11 of 28
All Rights Reserved
arrows between the domains represent the trust relationship between the domains. The domain that trusts another
domain has an arrow pointed at the domain it trusts.
Figure 1. Master Domain Model
Another common architecture is to have one or more domains configured as resource domains, and multiple
domains configured as account domains. All of the resource domains are then configured to trust all of the
account domains. In NT literature, this architecture is known as the Multiple Master Domain model. Figure 2
shows a diagram of the trust relationships in the Multiple Master Domain model. Each circle in the diagram
represents a different NT domain. Domains X, Y and Z are configured as resource domains. Domains A, B,
and C are configured as account domains. The arrows between the domains represent the trust relationship
between the domains. The domain that trusts another domain has an arrow pointed at the domain it trusts.
Figure 2. Multiple Master Domain Model
Account Domains
Trust Relationships
Resource Domains
X Y Z
B C A
Account Domain
Trust Relationships
Resource Domains
X
Y Z
A