AD installation questions

During setup of active directory, you have a few options. One is to be the root of a forest

"Domain Controller for a new domain" -click this for making childs, new domains or new forests
"Additional domain controller"  - this will just be a "backup" so to speak

"Create a new domain tree"                    - ie:
"Create a child domain in an existing tree" - ie: ?

"Create a New forest"   - this makes it a separate entity all together
"join an existing forest" - transitive trust is made automatically between the two domain trees. Users from domain A, can be   authenticated in domain B

Is this correct?
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

I hope you are not doing this for a test at school, but, since it seems you have understood all the basics by yourself, this does not seem to be against the rules of the site. And yes, what you say is correct.
As a side note, you might find these e-books useful
dissolvedAuthor Commented:
N no definitely not doing this for school. I am out of school and getting old lol :(
I'm a network admin ,they are just now letting us touch the AD boxes.  I spent a plethora of cash getting some software to use at home.

So all of assumptions in my original post were correct???

2 last questions friend:

-My main question is when you choose "JOIN AN EXISTING FOREST."   I noticed it makes automatic transitive trust. what does this mean?  If im a user named B who resides in DOMAIN B.  I can be authenticated in DOMAIN A  correct? Even if I dont have a user account in DOMAIN A?  Is this what transitive trust measn?

-I've linked two forests together before and made one way trust. I think this means no child domains have trust. Correct?
Cloud Class® Course: Ruby Fundamentals

This course will introduce you to Ruby, as well as teach you about classes, methods, variables, data structures, loops, enumerable methods, and finishing touches.

Forests share Global Catalogs and AD Schema. With the trust between the Domains, the users can log in to the different domains automatically.
This document has great information about trusts

As for your last question; these are the main effects of a one-way trust:
• A user who is logged on to the trusted domain can be authenticated to connect to a resource server in the trusting domain.
• A user can use an account in the trusted domain to log on to the trusted domain from a computer in the trusting domain.
• A user in the trusting domain can list trusted domain security principals and add them to groups and access control lists (ACLs) on resources in the trusting domain.

Oh, sorry, I forgot to specify you that yes: since the one-way trust is not transitive, there is no trust relationship between the child domains.
Hope it helps, Elbereth21

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Another link about trees and forest, you might find interesting:
Sorry for the multiple post, I need to re-arrange my bookmarks, anytime soon.
dissolvedAuthor Commented:
You're always welcome.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 2000

From novice to tech pro — start learning today.