Saturday, March 10, 2012

Understanding forwarders

Print Friendly and PDF

Scenario: Your network is a multiple-domain Active Directory with two forests, each containing multiple child domains. Full trust is configured among the domains.
When a trust exists between two domains, the authentication mechanisms for each domain trust the authentications coming from the other domain. Trusts help provide for controlled access to shared resources in a resource domain (the trusting domain) by verifying that incoming authentication requests come from a trusted authority (the trusted domain). In this way, trusts act as bridges that allow only validated authentication requests to travel between domains.
What Are Domain and Forest Trusts? 

The network includes several branch offices with computers in the branch offices running Windows 7 or Windows Server 2008 R2 over low-bandwidth links.

Each branch office has a Dynamic Host Configuration Protocol (DHCP) server. Each branch office has at least one domain controller configured as a Domain Name System (DNS) server and hosts an Active Directory-integrated DNS zone.

Computers in the branch offices need to use resources throughout the network. You want to configure name resolution for the branch offices. You need to keep the traffic generated by fully qualified domain name (FQDN) resolution attempts to a minimum.