Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

I need to support clients from another forest, so do I install the the server locator point in the same forest as these clients or in the site servers forest?

April 26, 2017clients forest install locator point server site support

0

Posted

I need to support clients from another forest, so do I install the the server locator point in the same forest as these clients or in the site servers forest?

1 Answer

0

Posted

Technically, you can install the server locator point in either forest. However, as a security best practice, install it in the site server’s forest. If you have a firewall between the two forests, note that the server locator point requires unauthenticated client connections over HTTP. If this is against your security policies, an alternative configuration is to configure these clients for Internet-only client management, which does require PKI certificates and that the site is in native mode. This configuration does not require that these clients contact a server locator point.