Sunday, December 13, 2009

SID filtering

An administrator in a trusted domain can modify the SID history for a user, which could grant her elevated privileges in the trusting domain. To prevent this from happening you can enable SID Filtering for a trust. When SID filtering is enabled, the only SIDs that are used as part of a user's token are from those domains in the trust path of the trusted domains. if the trusted domain is dns-info.blogspot.com which has a child domain called child.dns-info.blogspot.com, SID Filtering would accept SIDs from both the dns-info.blogspot.com.com domain and its child domain.

1 comments:

JanuskieZ said...

Hi... Looking ways to market your blog? try this: http://bit.ly/instantvisitors

Design by infinityskins.blogspot