Suppose I have two Active Directory forests, each with one global catalog. There is a transitive trust between these forests. Does this imply that data is replicated between the two forests?
Can I perform searches on one global catalog and get results from both catalogs?
Best Answer
Yes, but not to the degree you think of. Naturally certain elements will be replicated - those that are needed to maintain a trust relationship.
But no user level data. Stuff like passwords etc. do NOT leave a forest.
No. And if you think about it, it makes sense.
For example, the schemata of both forests can be different. If one object has been extended - what would the schema on the other forest do? Trust is not about syncing data, it is about allowing security contexts to pass.