Explaining Domain Trust
1)Client —> Ask the Domain Controller a Ticket Granting Ticket
- Domain Controller —> Reply with Ticket Granting Ticket
- Client —> Request a Ticket Granting Service from Domain Controller
- Domain Controller —> Reply with Inter-Realm Ticket Granting Ticket encrypted with (Trust Key)
- Client —> Request Ticket Granting Service from Forest Root Domain Controller and the Forest Root Only Check if it can decrypt the ticket or not (No Validation On the Service Or The User Or Anything)
- Forest Root Domain Controller —> Reply with Ticket Granting Service
- Client —> Provide the Ticket Granting Service for Access
- Application Server —> Verify and authenticate the user
Now let’s Start Dumping Trust Keys