2.5.4.3 Cross-Forest Environment

The following subsection describes a use case that pertains to network domain logon in a cross-forest environment. For the following use case, it is assumed that a user account and a machine account are provisioned in one domain (domain1) in one forest (forest1) and that a resource is located in another domain (domain2) in another forest (forest2). This use case uses the following notation.

FAA1: The Authentication Authority (AA) of forest1.

AA1: The AA of domain1 in forest1.

DB #1: The account database of domain1 in forest1.

FAA2: The AA of forest2.

AA2: The AA of domain2 in forest2.

DB #2: The account database of domain2 in forest2.

GC: The global catalog server (GC server).

DNS: The Domain Name System (DNS).