Forum Search:
Forum.Brain-Cluster.com: Brain Cluster Technical Forum
Ultimate forum for Technical Discussions

Home » Microsoft » Windows Server » Active Directory » Forest to Forest trust?
Forest to Forest trust? [message #160589] Wed, 02 September 2009 07:34
David Robson1  is currently offline David Robson1  United Kingdom
Messages: 5
Registered: August 2009
Junior Member
Hi,

I've got a forest called forest_a. All my users and servers and workstations
are in here.

I'm planning on creating a forest_b. In here will sit my web servers.

I will then set a trust so forest_b trusts forest_a which will allow admins
to admin the new forest.
I will then set only certain accounts via selective authentication that can
run as a service.

For example:
Web server sits on forest_b (Used to sit on forest_a)
SQL server sits on forest_a
Previously i had a service account that the website would run under to query
the sql server.
I plan on doing the same. I'm guessing the service account from forest_a
will work in forest_b with my trust in place?


Is this good security?

(The thinking being is someone hacked my web server and got domain admin
they would not be able to do anyhting to my internal network/doman). Is this
correct?

Should i consider ADAM (or ADFS) in any part of this? How would this
integrate?

What is the best setup? This is Win2003.

Thank you.
Dave.
Previous Topic:forest trust inheritance/transitivity
Next Topic:Re: GPO/ESC enabled
Goto Forum:
  


Current Time: Sat Jan 20 08:29:51 MST 2018

Total time taken to generate the page: 0.35736 seconds
.:: Contact :: Home ::Sitemap::.

Powered by: FUDforum 3.0.0RC2.
Copyright ©2001-2009 FUDforum Bulletin Board Software