The primary security boundary for Active Directory is the forest, which contains domain trees. There can be one or more domain trees in a forest, though the first domain is designated as the forest root domain. Domains in Active Directory are identified through their domain name system (DNS) names rather than the NetBIOS naming schema that was prevalent in Windows NT Server 4 and earlier. An example of a DNS domain name is contoso.com. A domain tree can contain multiple domains that share a common namespace.
For example, contoso.com, marketing.contosa.com, sales.contosa.com, and europe.sales.contoso.com are all part of the same domain tree. The marketing.contosa.com domain is a child domain of contosa.com, the parent domain. Since a forest can contain mutiple domian trees, you could also have a domain tree for fabrikam.com in the same forest as the contosa.com domain tree.
Regardless of the number of domain trees in a forest, there is centralized administration at the forest level with permission to all domain trees. Each forest has an Enterprise Admins group as well as a Schema Admins Group.
To learn more about other terms and descriptions in networking, enroll for the MCSA course at SLA IT Employment Training Company. Join SLA now! For more details, visit SLA Chennai or dial (91 44) 4200 5050/90.