Hi,My company was recently acquired by a large corporation. Due to the nature of our business, we need to maintain separate infrastructure (AD, Exchange, etc). I am trying to get the large corporation to setup a forest trust between our domains (mixed 2003 and 2008 R2) and I am getting push back because of security concerns. I think this is just a kneejerk reaction. I have done some research and the only security concern listed on MS site or anywhere else that i can find is that an Admin in the other domain may accidently give one of our accounts elevated permission and compromise security. SID filtering is enabled by default, so that is not a concern. The large corporation has given us all user accounts in their domain as their solution. To me this method runs that same risk as using trusted accounts. An Admin could elevate the permissions on the second account that was created for me and compromise security in the same way. In my mind, if we use selective authentication on the trust, we will actually be more secure because it requires the extra step of setting the "allowed to authenticate" permission on the resource. Is that not correct? Sorry for the long winded post, but i want to be able to say that the forest trust with selective authentication is more secure than duplicate accounts for all users. Am I over looking any other security concerns?Thanks,Rich