We will now discuss the new multiforest CM capabilities. Multiforest CM enables an enterprise to issue certs to users from another forest that is trusted by TFC. The Financial Company is bringing on a new UK domain called TFCUK.LOCAL
, which only hosts users. The UK group plans to use CM in the future, but it needs to issue certs immediately.
First, we will verify that our requirements are working properly, such as DNS and the trust; then, we will extend the schema.
Go to the domain controller hosting DNS, open the DNS manager, and add conditional forwarders to The Financial Company.
Expand the server name in the left-hand side pane and right-click on Conditional Forwarders.
Select New Conditional Forwarder and click on Next on the first wizard page:
Then, in the DNS domain, type
tfcuk.local
.In the next section, select DNS Domain.
On the next page, select To all DNS … on this forest and click on Next.
In IP Address, enter...