• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3963
  • Last Modified:

Advantages of a Forest Trust over an external trust

I've created a one way External trust between 2 domains that exist in seperate forests and it works fine.  It so happens that the domains are the forest root domains in each forest.

What is the advantage of a Forest Trust ?  ie what does it give me that my external trust dosent now ?

  • 2
1 Solution
Toni UranjekConsultant/TrainerCommented:

External trust does not support Kerberos authentication, only NTLM and it's not transitive.
Forest trust support both NTL and Kerberos authentication and it's partially transitive. It works for all domain in both forests, when forest wide authentication is enabled.
To create Forest trust, both forests has to be in FFL 2003 (Forest Functional Level).


tickleonthetumAuthor Commented:
Thanks Toni.
Suliman Abu KharroubIT Consultant Commented:

I have a small question here:

does the external trust transitive to the child domains (sub tree) under the parent domain that i have created the trust on?

could you help please ?  
Toni UranjekConsultant/TrainerCommented:
No, external trusts are not transitive or partialy transitive.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now