When considering the typical Development, Test or QA, and Production environments of an application (say a custom web app), should there be a separate AD forest for each one? Or should there be a dev and a production forest? Or just a production AD forest?
This applies across a very large enterprise. Currently the setup is a DEV forest that houses development environments, and a PROD forest that houses test and production environments.
Is there value to a third forest? Or should domains with one-way trusts for each environment be used instead?