6.1.6.7.12 trustDirection
The trustDirection attribute dictates in which direction the trust flows. It is stored as an integer value. There are four valid values, corresponding to the TrustDirection field in the LSAPR_TRUSTED_DOMAIN_INFORMATION_EX structure ([MS-LSAD] section 2.2.7.9). The flags in the following diagram are presented in big-endian byte order.
|
|
|
|
|
|
|
|
|
|
1 |
|
|
|
|
|
|
|
|
|
2 |
|
|
|
|
|
|
|
|
|
3 |
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
T |
T |
TRUST_DIRECTION_DISABLED, 0x00000000: Absence of any flags. The trust relationship exists but has been disabled.
TDI (TRUST_DIRECTION_INBOUND, 0x00000001): The trusted domain trusts the primary domain to perform operations such as name lookups and authentication. If this flag is set, then the trustAuthIncoming attribute is present on this object.
TDO (TRUST_DIRECTION_OUTBOUND, 0x00000002): The primary domain trusts the trusted domain to perform operations such as name lookups and authentication. If this flag is set, then the trustAuthOutgoing attribute is present on this object.
TRUST_DIRECTION_BIDIRECTIONAL, 0x00000003: OR'ing of the preceding flags and behaviors representing that both domains trust one another for operations such as name lookups and authentication.