Building a Multi-Domain AD Forest

Jan 15, 2025

Maurice Suter

ICT System Engineer

I deployed a proper Active Directory forest with microsoftlab.ch as the forest root and corp.microsoftlab.ch as a child domain.

This mirrors enterprise architectures where the forest root is kept clean and child domains handle user accounts. The trust relationships are automatic and transitive.

DNS integration was the trickiest part - conditional forwarders and proper delegation are essential.

Deploying a 2-Tier PKI Infrastructure

Achieving 48.7 Gbit/s with LACP Bonds