This page looks best with JavaScript enabled

TIL: AD Forests

 ·  ☕ 1 min read

For environments with complex Active Directory (AD) environments, AD forests can allow flexibility in management and organization of objects.

Basically, an AD forest allows multiple domains and trees of domains (subdomains) to access and have a shared configuration while still having separate domains with separate host servers.
They allow domains to trust and access each other while still maintain separations and boarders. I’ve seen this used to allow corporate and client domains to communicate or to have a development domain tree that trust and can cross-talk with the production domain tree while still being separate (this is less common as dev domains are usually just subdomains within the production tree).