Hi,
I want to sanity check something here..........
Forest A has resources that Forest B needs to use and data will ultimately need to move from Forest A to Forest B. To avoid making multiple domain trusts, the decision has been taken to use a forest trust (two way).
The risk tolerance for users of Forest B is much higher than those of Forest A; therefore, Forest A must be protected as much as possible from the varied user activity in Forest B whilst still meeting the above access requirements.
Selective Authentication applied to the forest trust seems to suggest that specific resources in Forest A can be defined as accessible by users in Forest B, but only those resources and to only those users.
So, does anyone here:
a) have any experiences or real world examples using SA to restrict access across a forest trust? How successful was it?
b) have any tips, pointers or gotchas from using SA?
TIA,
Mark
I want to sanity check something here..........
Forest A has resources that Forest B needs to use and data will ultimately need to move from Forest A to Forest B. To avoid making multiple domain trusts, the decision has been taken to use a forest trust (two way).
The risk tolerance for users of Forest B is much higher than those of Forest A; therefore, Forest A must be protected as much as possible from the varied user activity in Forest B whilst still meeting the above access requirements.
Selective Authentication applied to the forest trust seems to suggest that specific resources in Forest A can be defined as accessible by users in Forest B, but only those resources and to only those users.
So, does anyone here:
a) have any experiences or real world examples using SA to restrict access across a forest trust? How successful was it?
b) have any tips, pointers or gotchas from using SA?
TIA,
Mark
