|
Home > Archive > 70-217 > October 2003 > Just touch up
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
| bigjon 2003-10-22, 4:34 pm |
| Thanks for the help so far Jeff, Adam and curious George. I am just wanting to touch up on a few things, before I take the test.
Okay with DNS
How would you guys set up an external trust for 2 forests, with respect to setting up the DNS.
2. When setting up a new user does that user have to be authenticated in there local domain before they can log into another domain in ther forest and this is after the user object has been replicated over to the other domain they are trying to log into. | |
| bigjon 2003-10-22, 4:35 pm |
| In active directory sites and services, is the site structure replicated to the other domain controllers in the forest or external trust | |
| jeff_j_black 2003-10-22, 11:42 pm |
| Man, do you have a good bead on the SUBJECT!!!
For Question one: I can't speak authoritatively on this, I would say set up a secondary DNS zone in each opposing Forest that is an explicit replication partner with a master in the other domain. You would need some kind of name resolution between the two organizations. Restrict the resources in this zone to only the ones you need to advertise to the other organization.
For Question Two: The user has to authenticate in their own domain every time an authentication event is triggered. They never really authenticate with the other domain. Are you up on Kerberos? This is a good thing to understand.
For the other one: Configuration partition is replicated to every domain in the forest, but not outside of the forest. |
|
|
|
|