forest-and-tree model

Contributor(s): Andrew Rose

The forest-and-tree model is a logical structure for interconnecting multiple network domains in Windows 2000 and later operating systems. A tree is a set of domains sharing a common network configuration, schema and global catalog. A forest consists of one or more trees that do not form a contiguous namespace.

In the forest-and-tree model, each tree has a unique name. Forests do not have to be named. All the trees in a forest are interconnected by trust relationships that are bi-directional (they can function in either direction) and transitive (they can be cascaded one after another in chains). In a forest, the trees form a hierarchy for the purposes of the trust relationships. It is possible for a single tree to constitute a forest in this model.

The forest-and-tree model can be useful when it is necessary to operate multiple units under separate domain name system (DNS) namespaces. Each tree within a forest can be autonomous, that is, independent of the others.

This was last updated in August 2006

Dig Deeper on Campus area network