0
The term 'domain' is too general to compare to the idea of a forest. A domain and the AD can be a part of a forest. This includes; domain controllers, child domains, domain functionality, replicators, directory service and so on. The concept of creating a forest was first introduced in the windows 2003 AD architecture. Suffice to say interoperability with server 2000 and NT (which do not recognize the forest) poses limitations and security issues. Hence four levels of functionality. Some are, in my opinion, basically unsound with regards to the security levels of a forest. A forest is not to be taken lightly. It requires much research and preparation. The term 'domain' applies across the board in a forest. Moreover, a forest relies on security. The PC you start the first installation of a forest will be considered the root and will hold the high level admins such as the enterprise and schema admins. Making forest trusts (only on root domain) facilitates communications between domains and ADs that share the same SPN (service principle name) which have to be resolved at a remote location in another forest. The configuration also requires IAS, Kerberos, UPN, SPD, SID namespaces .... What am I forgetting? Thinking about configuring the root forest on the first PC makes you dizzy with abbreviations acronyms, protocols, group security, etc ... Comprehensive research and planning are crucial. Managing forests and domain is hard enough as it is. I'd say this basic principle of security properties could be considered the largest difference between a 'forest' and a 'domain'.
Wiki User
∙ 12y ago
Add your answer:
Earn +20 pts
The administrator of the first domain in a forest is called the?
The administrator .he/she is part of administrators group and has all rights in the domain.The entreprise admin has all the rights on the forest/domain both are default groups.You can rename your administrator's name and make him part of this group.
What is the difference between 50 ad and 2010 ad?
1960 years
What is the difference between AD and AC?
Ad is higher than ac
What is the difference between interim and ad-interim relief?
what is that...
What is the difference between voluntary insurance?
What is the difference between voluntary life insurance and life, ad/d?
What is the difference between AC and AD?
AC is alternating current and AD is Anno Domini or after Christ.
What is the difference between 200 AD and 2008?
1808 years
What is difference between ads and advertisements?
"Ad" is an abbreviation for "advertisement."
In which hierarchy AD forest is built?
Forest
What is difference between DC and ADC?
Difference between DC & ADCThere is no difference between in DC and ADC both contains write copy of AD. Both can also handles FSMO roles (If transfers from DC to ADC). Functionality wise there is no difference. ADC just require for load balancing & redundancy. If two physical sites are segregated with WAN link come under same domain, better to keep one ADC in other site, and act as a main domain controller for that site. This will reduce the WAN traffic and also user authentication performance will increase.
Diagram of active directory?
http://technet.microsoft.com/en-us/library/cc751379.aspx here are steps to create diagram of implemented AD in network othere wise 1.forest( single AD has 1 forest but can connect to different forests) 2.tree(mutliple tree under it can be formed) domain(multiple domains can be created in forest under different tree)
What hosts an AD DS domain?
SysVol
