Trusts

The WolfTech Active Directory is based on a single forest, single domain model.

Forest Trusts:

  • One-way, non-transitive trusts will be permitted between WolfTech AD and other Windows domains. The intention of any one-way trust is to allow for the migration from other NC State domains to the central WolfTech domain. Once completed, the trust is removed — the timeframe of these migrations will be determined at the time of creation.
  • Two-way trusts between WolfTech and other forests/domains at NC State will not be established unless a strong technical need is determined and approved.

Domain Trusts:

  • There currently are no plans to create any child domains under the WolfTech Active Directory domain.

Cross Realm Trusts:

  • It currently is the intention to establish a one-way trust from the WolfTech Active Directory domain to the EOS.NCSU.EDU MIT Kerberos realm and to map Wolftech\UnityID to unityid@EOS.NCSU.EDU for all accounts in the People OU in order to provide interoperability with other non-Windows environments.

Requesting the Creation of a Trust:
All requests for a trust must be submitted to the Active Directory governance for review and approval. An email with technical details and justification for the request should be emailed to wolftech_ad_policy@help.ncsu.edu. The AD Technical committee will review the request to assure that security isn’t negatively affected and that there are no technical obstacles to the trust. The AD Policy group will review and invite the requester to explain their need at one of their meetings; in addition, they will establish the timeframe for the trust. Once both groups have approved the request, the Domain Administrators will be instructed to implement it.