Holland + Knight
Travis
Abrams MCSE, GCIH
Systems
Engineer
Holland & Knight
LLP
NOTICE: This e-mail is from a law firm, Holland &
Knight LLP ("H&K"), and is intended solely for the use of the individual(s)
to whom it is addressed. If you believe you received this e-mail in error,
please notify the sender immediately, delete the e-mail from your computer and
do not copy or disclose it to anyone else. If you are not an existing
client of H&K, do not construe anything in this e-mail to make you a client
unless it contains a specific statement to that effect and do not disclose
anything to H&K in reply that you expect it to hold in confidence. If
you properly received this e-mail as a client, co-counsel or retained expert of
H&K, you should maintain its contents in confidence in order to preserve the
attorney-client or work product privilege that may be available to protect
confidentiality.
Title: [ActiveDir] Trusting Domain SIDs
We are looking at redesigning our extranet and are
considering a separate forest for the extranet users and eventually most of the
resources needed for the extranet will be put into that forest. My thinking is
that since a domain isn't a true security boundary and it really won't cost
us more to bring up a forest vs. domain why not go with a separate forest. The
users in the extranet forest won't necessarily need access to the internal
systems but some of the machines will need to talk to internal servers so I
assume at some point we will need a trust relationship. My question is
simply what am I missing and has anyone done similar setups?
- Re: [ActiveDir] Extranet's travis.abrams
- Re: [ActiveDir] Extranet's Roger Seielstad
- RE: [ActiveDir] Extranet's Grillenmeier, Guido
- RE: [ActiveDir] Extranet's Myrick, Todd (NIH/CIT)
- RE: [ActiveDir] Extranet's Renouf, Phil
- RE: [ActiveDir] Extranet's Rodney Gardiner
- RE: [ActiveDir] Extranet's Justin_Leney
- RE: [ActiveDir] Extranet's travis.abrams
