Multiforest configuration

We will now discuss the new multiforest CM capabilities. Multiforest CM enables an enterprise to issue certs to users from another forest that is trusted by TFC. The Financial Company is bringing on a new UK domain called TFCUK.LOCAL, which only hosts users. The UK group plans to use CM in the future, but it needs to issue certs immediately.

First, we will verify that our requirements are working properly, such as DNS and the trust; then, we will extend the schema.

Step 1 – CM DNS setup

Perform the following steps:

Go to the domain controller hosting DNS, open the DNS manager, and add conditional forwarders to The Financial Company.
Expand the server name in the left-hand side pane and right-click on Conditional Forwarders ...

Get Microsoft Identity Manager 2016 Handbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Microsoft Identity Manager 2016 Handbook by David Steadman, Jeff Ingalls

Multiforest configuration

Step 1 – CM DNS setup

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly