Ping a Specific Port

Question

Michael Brown

Asked: 2016-06-20 03:40:06 +0800 CST2016-06-20 03:40:06 +0800 CST 2016-06-20 03:40:06 +0800 CST

why use an Active Directory multi-tree design?

772

I get asked the same question a lot. Why use multi-tree forests when designing Active Directory?

I know that the two trees will belong to different namespaces and that they will share Scheme/configuration partition/Forest FSMO roles etc.

why not use two forests with a Forest trust instead?

I would be keen to get real world examples of multi-tree designs being used today and why people are using them.

Thanks in advance.

1 Answers

Voted

Jim B · Answer 1 · 2016-06-20T07:33:35+08:00

Best Answer

Jim B

2016-06-20T07:33:35+08:002016-06-20T07:33:35+08:00

The only reason to have a disjointed namespace is because you do not have control over the other DNS namespace OR have a need to separate control of the other namespace, while maintaining control over the AD objects on both. The issue wih disjoint namespaces is that most (if not all AD aware apps) use the assumption that the UPN suffix will be the same for all users.

1

why use an Active Directory multi-tree design?

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?