| Concepts and Planning | << | >> |
|---|
The single master domain model provides centralized administration and the benefits of multiple domains. Each organizational group can manage its own resources, but user accounts and global groups are defined in the master (or first-tier) domain.
All users log on to their accounts in the master domain, but resources, such as printers and file servers, are located in the other domains, which are called resource (or second-tier) domains. Each resource domain establishes a one-way trust relationship with the master domain, and users with accounts in the master domain can use resources in all the other domains. You can manage the entire multidomain network, as well as its users and resources, by managing only the master domain.
The advantage of the single master domain model is its flexibility. For example, if your network requires four domains, you can consolidate the administration of user accounts in one domain instead of creating a separate user account database for each domain.