2.5.4.3 Cross-Forest Environment
The following subsection describes a use case that pertains to network domain logon in a cross-forest environment. For the following use case, it is assumed that a user account and a machine account are provisioned in one domain (domain1) in one forest (forest1) and that a resource is located in another domain (domain2) in another forest (forest2). This use case uses the following notation.
FAA1: The Authentication Authority (AA) of forest1.
AA1: The AA of domain1 in forest1.
DB #1: The account database of domain1 in forest1.
FAA2: The AA of forest2.
AA2: The AA of domain2 in forest2.
DB #2: The account database of domain2 in forest2.
GC: The global catalog server (GC server).
DNS: The Domain Name System (DNS).