{"id":101962,"date":"2025-01-22T16:33:25","date_gmt":"2025-01-22T08:33:25","guid":{"rendered":"https:\/\/version-2.com\/?p=101962"},"modified":"2025-01-15T16:36:11","modified_gmt":"2025-01-15T08:36:11","slug":"cross-forest-authentication-with-thinfinity-secure-multi-domain-access","status":"publish","type":"post","link":"https:\/\/version-2.com\/zh\/2025\/01\/cross-forest-authentication-with-thinfinity-secure-multi-domain-access\/","title":{"rendered":"Cross-forest authentication with Thinfinity: secure multi-domain access"},"content":{"rendered":"\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

<\/p>

Introduction\u00a0<\/h2>

In modern enterprises, IT environments often span multiple Active Directory (AD) forests<\/b>, hybrid cloud platforms, and external identity providers (IDPs) such as Azure Entra ID, Okta, and PingID<\/b>. Securely managing authentication across these disparate environments is a critical challenge for CIOs, CISOs, and IT administrators.<\/b><\/p>

Thinfinity provides a powerful Cross-Forest Authentication<\/b> solution through Global Account Mapping<\/b>, ensuring seamless user authentication across multiple domains while maintaining a Zero Trust Security Model<\/b>. This article explores how Thinfinity achieves secure cross-domain authentication, leveraging 2FA, external IDPs, and directory federation.<\/b><\/p>

\u00a0<\/div><\/div><\/div><\/div>
\u00a0<\/div><\/div><\/div>

What is cross-forest authentication?<\/h2>

Defining active directory (AD) forests<\/h3>

An Active Directory forest<\/b> is the highest-level security boundary in a Windows Server <\/b>environment. Multiple forests can exist within an organization due to:<\/p>

  • Mergers & Acquisitions:<\/b> Different companies with separate AD infrastructures.<\/li>
  • Security Segmentation:<\/b> Isolating user groups or business units.<\/li>
  • Geographic Distribution: <\/b>Multiple regional offices managing separate IT infrastructures.<\/li><\/ul><\/div><\/div><\/div>
    \u00a0<\/div><\/div><\/div>

    Challenges in cross-forest authentication<\/h3>

    Cross-forest authentication becomes a challenge when users need to access resources outside their native AD forest<\/b>. The main obstacles include:<\/p>

    1. Credential Duplication:<\/b> Users often require separate accounts for each domain.<\/li>
    2. Lack of SSO (Single Sign-On):<\/b> Logging into multiple domains requires multiple authentications.<\/li>
    3. Security Risks:<\/b> Traditional authentication mechanisms expose organizations to credential theft and privilege escalation<\/b> attacks.<\/li>
    4. Limited Integration with Modern IDPs:<\/b> Many enterprises are moving to Azure Entra ID, Okta, and other cloud IDPs<\/b> but still require legacy on-premises AD integration.<\/b><\/li><\/ol><\/div><\/div><\/div>

      Cross-Forest Authentication Challenges<\/h2><\/div><\/div><\/div>
      \"Cross-forest<\/div><\/div>

      The need for a secure cross-forest solution<\/h3>

      To address these issues, organizations require:<\/p>

      • A unified authentication mechanism<\/b> that works across AD forests.<\/li>
      • Seamless integration with cloud IDPs <\/b>like Azure Entra ID, Okta, OneLogin, and ForgeRock.<\/b><\/li>
      • Zero Trust Network Access (ZTNA)<\/b> principles that ensure users only access authorized resources.<\/li><\/ul>

        This is where Thinfinity\u2019s Global Account Mapping<\/b> comes into play.<\/p><\/div><\/div><\/div>

        Thinfinity\u2019s global account mapping: How it works<\/h2>

        Thinfinity simplifies cross-forest authentication by implementing Global Account Mapping<\/b>, which associates external user identities with Thinfinity accounts and resource identities.<\/b><\/p>

        Step-by-Step Process of Thinfinity\u2019s cross-forest authentication<\/h3>

        1. External authentication via IDPs & Federation services<\/h4>
        • Thinfinity supports authentication from <\/span>Google, Microsoft AD, Azure Entra ID, Okta, DUO, Auth0, ForgeRock, JumpCloud, PingID, and OneLogin.<\/b><\/span>\u00a0<\/span><\/li>
        • Supports <\/span>SAML and OAuth 2.0<\/b><\/span> for federated authentication.<\/span><\/li>
        • Thinfinity validates the user\u2019s identity against <\/span>their primary domain<\/b><\/span>.<\/span><\/li><\/ul>

          2. Global mapping of user identities<\/h4>
          • Thinfinity maps the authenticated user<\/strong> from an external domain to the internal AD forest account.<\/strong><\/span><\/li>
          • This ensures that external and internal users are seamlessly linked<\/strong>.<\/span><\/li><\/ul>

            3. Role-based access vontrol (RBAC) enforcement<\/h4>
            • After authentication, Thinfinity assigns roles<\/strong> based on Active Directory groups<\/strong> or Thinfinity IDP policies<\/strong>.<\/span><\/li>
            • Access is granted only to resources authorized for the assigned role.<\/span><\/li><\/ul>

              4. Authorization for specific resources<\/h4>
              • Thinfinity ensures that <\/span>only mapped identities<\/span> can access <\/span>Active Directory<\/span>, <\/span>Local Users<\/span>, <\/span>and Database-based User Apps (SQL, MongoDB, etc.)<\/span>.<\/span><\/li><\/ul>

                5. Seamless multi-domain access<\/h4>
                • Thinfinity supports authentication and resource access across Corporate Domains and Secondary Domains<\/strong>.<\/span><\/li>
                • This eliminates the need for users to manage multiple passwords across different forests.<\/strong><\/span><\/li><\/ul><\/div><\/div><\/div>
                  \"Thinfinity<\/div><\/div>
                  \u00a0<\/div><\/div><\/div>

                  Key benefits of Thinfinity\u2019s cross-forest authentication solution<\/h2>

                  1. Secure access without VPN dependencies<\/h3>

                  Traditional VPN-based solutions<\/b> struggle with cross-forest authentication, often requiring complex trust relationships<\/b>. Thinfinity eliminates these issues by providing direct browser-based authentication<\/b> using secure web protocols.<\/p>

                  2. Seamless integration with Cloud IDPs & Multi-factor authentication (2FA)<\/h3>

                  Thinfinity integrates with leading identity providers<\/b> like:<\/p>

                  • Azure Entra ID<\/li>
                  • Okta<\/li>
                  • PingID<\/li>
                  • OneLogin<\/li>
                  • Google Workspace<\/li>
                  • Duo Security<\/li>
                  • Auth0<\/li>
                  • ForgeRock<\/li><\/ul>

                    This ensures that users can leverage existing identity platforms<\/b> while securing authentication with MFA (Multi-Factor Authentication)<\/b>.<\/p>

                    3. Unified identity management with active directory & external domains<\/h3>

                    Thinfinity creates a centralized authentication layer<\/b>, mapping external identities<\/b> to internal AD resources<\/b>. This allows:<\/p>

                    • Users to log in once and access resources across multiple forests<\/b>.<\/li>
                    • RBAC (Role-Based Access Control)<\/b> enforcement to restrict unauthorized access.<\/li>
                    • Elimination of duplicate credentials<\/b> across different forests.<\/li><\/ul>

                      4. Support for hybrid and Multi-Cloud environments<\/h3>

                      Many enterprises run workloads across multiple clouds<\/b> and require cross-domain authentication<\/b> for:<\/p>

                      • On-premises<\/b> Active Directory<\/b><\/li>
                      • Cloud-hosted Azure Entra ID<\/b><\/li>
                      • Hybrid cloud environments (AWS, GCP, Azure, private clouds)<\/b><\/li><\/ul>

                        Thinfinity ensures authentication is seamless across these environments<\/b>, enabling secure access control.<\/b><\/p>

                        5. Zero Trust architecture (ZTA) compliance<\/h3>

                        Thinfinity aligns with Zero Trust principles<\/b>, ensuring:<\/p>

                        • Least Privilege Access<\/b>: Users can only access authorized applications.<\/li>
                        • Adaptive Authentication<\/b>: Based on device, location, and risk analysis.<\/li>
                        • Continuous Monitoring: <\/b>Tracking authentication events and potential anomalies<\/b>.<\/li><\/ul>
                          \u00a0<\/div><\/div><\/div><\/div>
                          \"Thinfinity<\/div><\/div>
                          \u00a0<\/div><\/div><\/div>

                          Use Cases<\/h2>

                          Use case 1: Enterprise deployment of cross-forest authentication<\/h3>

                          Scenario: Multi-Domain Organization with External IDP<\/h4>

                          A global enterprise has:<\/h5>
                          • Corporate AD Domain (HQ)<\/b><\/li>
                          • Regional Active Directory Domains (Europe, APAC, Americas)<\/b><\/li>
                          • Cloud-based Azure Entra ID for remote users<\/b><\/li>
                          • Okta authentication for contractors<\/b><\/li><\/ul>
                            Thinfinity\u2019s solution<\/h5>
                            1. Users log in using Okta\/Azure Entra ID credentials.<\/b><\/li>
                            2. Thinfinity maps external users<\/b> to their corresponding AD accounts<\/b> in the primary domain.<\/li>
                            3. Users authenticate once and gain access to all authorized applications<\/b>.<\/li>
                            4. 2FA is enforced<\/b> on each log in to enhance security.<\/li>
                            5. Access is logged for auditing and compliance.<\/b><\/li><\/ol>
                              Outcome<\/h5>

                              \u2713<\/b><\/span>\u00a0Seamless authentication across multiple forests<\/p>

                              \u2713<\/b><\/span> No password duplication or credential sprawl.<\/p>

                              \u2713<\/b><\/span> Increased security via MFA and RBAC.<\/p><\/div><\/div><\/div>

                              Achieving Seamless Enterprise Authentication<\/h2><\/div><\/div><\/div>
                              \"Enterprise<\/div><\/div>

                              Use Case 2: MSP-Hosted applications with customer-managed authentication<\/h3>

                              Scenario: Multi-Tenant MSP with Customer-Managed IDPs<\/h4>

                              A Managed Service Provider (MSP)<\/b> offers hosted applications to multiple customers. Each customer:<\/p>

                              • Manages their own Azure Entra ID or Okta authentication.<\/li>
                              • Requires Single Sign-On (SSO) to access MSP-managed applications.<\/li>
                              • Has users in different Active Directory (AD) domains and requires seamless cross-forest authentication.<\/li><\/ul>

                                Challenges faced by the MSP<\/h4>

                                1. Multi-Tenant Identity Management<\/h5>
                                • Customers do not want to provision separate credentials for the MSP\u2019s environment.<\/li>
                                • The MSP must support authentication via each customer\u2019s existing IDP (Azure Entra ID, Okta, etc.).<\/strong><\/li><\/ul>
                                  2. Secure Access Without VPN or Direct AD Trusts<\/h5>
                                  • VPN tunnels or Active Directory trust relationships<\/strong> with the MSP.<\/li>
                                  • Traditional cross-domain authentication methods increase complexity and security risks.<\/li><\/ul>
                                    3. Single Sign-On (SSO) to Hosted Applications<\/h5>
                                    • Users should authenticate once <\/span>via their own Entra ID<\/b><\/span> or <\/span>Okta accounts<\/b><\/span>.<\/span><\/li>
                                    • They should get automatic access<\/strong> to applications hosted in the MSP\u2019s data center or cloud.<\/span><\/li><\/ul>

                                      Thinfinity\u2019s solution: Global account mapping for MSPs<\/h3>

                                      Thinfinity enables secure cross-forest authentication and SSO<\/b> between:<\/p>

                                      \u2713<\/b><\/span> Customer-Managed Identity Providers (Azure Entra ID, Okta, PingID, etc.)<\/b><\/p>

                                      \u2713<\/b><\/span> MSP-Hosted Applications<\/b><\/p>

                                      Using Global Account Mapping<\/b>, Thinfinity:<\/p>

                                      1. Authenticates users via their customer-managed IDP (Azure Entra ID, Okta, etc.)<\/b><\/li>
                                      2. Maps the authenticated identity to a corresponding Thinfinity account<\/b> in the MSP\u2019s domain.<\/li>
                                      3. Grants access to MSP-hosted applications via SSO<\/b>, enforcing Role-Based Access Control (RBAC).<\/li><\/ol>

                                        How it works<\/h3>
                                        1. User logs into Thinfinity using their existing IDP (Azure Entra ID or Okta).<\/b><\/li>
                                        2. Thinfinity validates authentication <\/b>via SAML or OAuth 2.0.<\/b><\/li>
                                        3. Global Account Mapping links the external IDP user<\/b> to an internal account in the MSP\u2019s environment.<\/li>
                                        4. Thinfinity grants SSO access<\/b> to the MSP\u2019s hosted applications.<\/li><\/ol>

                                          Outcome & business impact<\/h3>

                                          \u2713<\/b><\/span> Customers authenticate using their existing credentials<\/b>\u2014no need to manage extra accounts.<\/p>

                                          \u2713<\/b><\/span>\u00a0Seamless Single Sign-On (SSO)<\/b> to MSP-hosted applications.<\/p>

                                          \u2713<\/b><\/span>\u00a0No VPNs or direct AD trust relationships required<\/b>, reducing security risks.<\/p>

                                          \u2713<\/b><\/span>\u00a0Full Role-Based Access Control (RBAC)<\/b> ensures users access only authorized applications.<\/p><\/div><\/div><\/div>

                                          Thinfinity\u2019s Global Account Mapping Process<\/h2><\/div><\/div><\/div>
                                          \"MSP<\/div><\/div>

                                          Why Thinfinity is the ideal solution for MSPs<\/h3>
                                          • Multi-Tenant Ready:<\/b> Supports customer-managed authentication while centralizing access to hosted apps.<\/li>
                                          • Cloud-First Security:<\/b> Enables Zero Trust<\/b> authentication across multiple identity providers.<\/li>
                                          • Seamless Cross-Forest Authentication:<\/b> Bridges customer IDPs with MSP-hosted environments.<\/b><\/li>
                                          • Looking to enable secure SSO for MSP-hosted applications? <\/b>Thinfinity\u2019s Global Account Mapping<\/b> provides the best solution for multi-tenant authentication.<\/b><\/li><\/ul>
                                            \u00a0<\/div><\/div><\/div><\/div>
                                            \u00a0<\/div><\/div><\/div>

                                            Conclusion<\/h2>

                                            Thinfinity\u2019s Global Account Mapping for Cross-Forest Authentication<\/b> provides enterprises with a secure, scalable, and seamless<\/b> solution for managing authentication across Active Directory forests and external identity providers.<\/b><\/p>

                                            By integrating Azure Entra ID, Okta, and other IDPs<\/b>, Thinfinity eliminates the complexities of cross-domain authentication <\/b>while enforcing Zero Trust security<\/b> and Multi-Factor Authentication.<\/b><\/p>

                                            With Thinfinity<\/b>, enterprises can modernize their authentication strategy,<\/b> ensuring users can securely access resources across all domains, clouds, and hybrid environments.<\/b><\/p>

                                            Key takeaways:<\/h3>

                                            \u2713<\/span> <\/b>Supports Cross-Forest Authentication without VPNs<\/span><\/p>

                                            \u2713<\/b><\/span> Seamless Integration with External IDPs (Azure Entra ID, Okta, DUO, etc.)<\/span><\/p>

                                            \u2713<\/b><\/span> Role-Based Access Control (RBAC) & MFA for Security<\/span><\/p>

                                            \u2713<\/b><\/span> Zero Trust & Secure Web Access Model<\/span><\/p>

                                            \u2713<\/b><\/span> Improves IT Efficiency by Eliminating Credential Duplication<\/span><\/p>

                                            \u00a0<\/div><\/div><\/div><\/div><\/div><\/div><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                            \n\t\t\t\t
                                            \n\t\t\t\t\t\t\t
                                            \n\t\t
                                            \n\t\t\t\t\t\t
                                            \n\t\t\t\t\t\t
                                            \n\t\t\t\t\t
                                            \n\t\t\t
                                            \n\t\t\t\t\t\t
                                            \n\t\t\t\t
                                            \n\t\t\t\t\t\t\t\t\t

                                            About Cybele Software Inc.
                                            <\/strong>We help organizations extend the life and value of their software. Whether they are looking to improve and empower remote work or turn their business-critical legacy apps into modern SaaS, our software enables customers to focus on what\u2019s most important: expanding and evolving their business.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t

                                            \n\t\t\t\t\t\t
                                            \n\t\t\t\t\t\t
                                            \n\t\t\t\t\t
                                            \n\t\t\t
                                            \n\t\t\t\t\t\t
                                            \n\t\t\t\t
                                            \n\t\t\t\t\t

                                            About Version 2 Digital<\/h3>

                                            Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n

                                            \nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

                                            Introduction\u00a0 In modern enterprises, IT environments of […]<\/p>\n","protected":false},"author":149011790,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1305,1297,61],"tags":[1077,1301],"class_list":["post-101962","post","type-post","status-publish","format-standard","hentry","category-1305","category-cybele","category-press-release","tag-1077","tag-cybele"],"acf":[],"yoast_head":"\nCross-forest authentication with Thinfinity: secure multi-domain access - Version 2<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.cybelesoft.com\/cross-forest-authentication-with-thinfinity-secure-multi-domain-access\/\" \/>\n<meta property=\"og:locale\" content=\"zh_HK\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cross-forest authentication with Thinfinity: secure multi-domain access - Version 2\" \/>\n<meta property=\"og:description\" content=\"Introduction\u00a0 In modern enterprises, IT environments of […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.cybelesoft.com\/cross-forest-authentication-with-thinfinity-secure-multi-domain-access\/\" \/>\n<meta property=\"og:site_name\" content=\"Version 2\" \/>\n<meta property=\"article:published_time\" content=\"2025-01-22T08:33:25+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blog.cybelesoft.com\/wp-content\/uploads\/2025\/01\/cross-forest-auth-1.png\" \/>\n<meta name=\"author\" content=\"tracylamv2\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"tracylamv2\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9810\u8a08\u95b1\u8b80\u6642\u9593\" \/>\n\t<meta name=\"twitter:data2\" content=\"22 \u5206\u9418\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/blog.cybelesoft.com\\\/cross-forest-authentication-with-thinfinity-secure-multi-domain-access\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2025\\\/01\\\/cross-forest-authentication-with-thinfinity-secure-multi-domain-access\\\/\"},\"author\":{\"name\":\"tracylamv2\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/011bc7c3731c930bcfeecd52fefb6365\"},\"headline\":\"Cross-forest authentication with Thinfinity: secure multi-domain access\",\"datePublished\":\"2025-01-22T08:33:25+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2025\\\/01\\\/cross-forest-authentication-with-thinfinity-secure-multi-domain-access\\\/\"},\"wordCount\":1318,\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/blog.cybelesoft.com\\\/cross-forest-authentication-with-thinfinity-secure-multi-domain-access\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/blog.cybelesoft.com\\\/wp-content\\\/uploads\\\/2025\\\/01\\\/cross-forest-auth-1.png\",\"keywords\":[\"2025\",\"Cybele\"],\"articleSection\":[\"2025\",\"Cybele\",\"Press Release\"],\"inLanguage\":\"zh-HK\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/version-2.com\\\/2025\\\/01\\\/cross-forest-authentication-with-thinfinity-secure-multi-domain-access\\\/\",\"url\":\"https:\\\/\\\/blog.cybelesoft.com\\\/cross-forest-authentication-with-thinfinity-secure-multi-domain-access\\\/\",\"name\":\"Cross-forest authentication with Thinfinity: secure multi-domain access - Version 2\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/blog.cybelesoft.com\\\/cross-forest-authentication-with-thinfinity-secure-multi-domain-access\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/blog.cybelesoft.com\\\/cross-forest-authentication-with-thinfinity-secure-multi-domain-access\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/blog.cybelesoft.com\\\/wp-content\\\/uploads\\\/2025\\\/01\\\/cross-forest-auth-1.png\",\"datePublished\":\"2025-01-22T08:33:25+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/blog.cybelesoft.com\\\/cross-forest-authentication-with-thinfinity-secure-multi-domain-access\\\/#breadcrumb\"},\"inLanguage\":\"zh-HK\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/blog.cybelesoft.com\\\/cross-forest-authentication-with-thinfinity-secure-multi-domain-access\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/blog.cybelesoft.com\\\/cross-forest-authentication-with-thinfinity-secure-multi-domain-access\\\/#primaryimage\",\"url\":\"https:\\\/\\\/blog.cybelesoft.com\\\/wp-content\\\/uploads\\\/2025\\\/01\\\/cross-forest-auth-1.png\",\"contentUrl\":\"https:\\\/\\\/blog.cybelesoft.com\\\/wp-content\\\/uploads\\\/2025\\\/01\\\/cross-forest-auth-1.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/blog.cybelesoft.com\\\/cross-forest-authentication-with-thinfinity-secure-multi-domain-access\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9801\",\"item\":\"https:\\\/\\\/version-2.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cross-forest authentication with Thinfinity: secure multi-domain access\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"name\":\"Version 2\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/version-2.com\\\/zh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"zh-HK\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\",\"name\":\"Version 2\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"width\":1795,\"height\":335,\"caption\":\"Version 2\"},\"image\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/011bc7c3731c930bcfeecd52fefb6365\",\"name\":\"tracylamv2\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"caption\":\"tracylamv2\"},\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/author\\\/tracylamv2\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Cross-forest authentication with Thinfinity: secure multi-domain access - Version 2","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.cybelesoft.com\/cross-forest-authentication-with-thinfinity-secure-multi-domain-access\/","og_locale":"zh_HK","og_type":"article","og_title":"Cross-forest authentication with Thinfinity: secure multi-domain access - Version 2","og_description":"Introduction\u00a0 In modern enterprises, IT environments of […]","og_url":"https:\/\/blog.cybelesoft.com\/cross-forest-authentication-with-thinfinity-secure-multi-domain-access\/","og_site_name":"Version 2","article_published_time":"2025-01-22T08:33:25+00:00","og_image":[{"url":"https:\/\/blog.cybelesoft.com\/wp-content\/uploads\/2025\/01\/cross-forest-auth-1.png","type":"","width":"","height":""}],"author":"tracylamv2","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"tracylamv2","\u9810\u8a08\u95b1\u8b80\u6642\u9593":"22 \u5206\u9418"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blog.cybelesoft.com\/cross-forest-authentication-with-thinfinity-secure-multi-domain-access\/#article","isPartOf":{"@id":"https:\/\/version-2.com\/2025\/01\/cross-forest-authentication-with-thinfinity-secure-multi-domain-access\/"},"author":{"name":"tracylamv2","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/011bc7c3731c930bcfeecd52fefb6365"},"headline":"Cross-forest authentication with Thinfinity: secure multi-domain access","datePublished":"2025-01-22T08:33:25+00:00","mainEntityOfPage":{"@id":"https:\/\/version-2.com\/2025\/01\/cross-forest-authentication-with-thinfinity-secure-multi-domain-access\/"},"wordCount":1318,"publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"image":{"@id":"https:\/\/blog.cybelesoft.com\/cross-forest-authentication-with-thinfinity-secure-multi-domain-access\/#primaryimage"},"thumbnailUrl":"https:\/\/blog.cybelesoft.com\/wp-content\/uploads\/2025\/01\/cross-forest-auth-1.png","keywords":["2025","Cybele"],"articleSection":["2025","Cybele","Press Release"],"inLanguage":"zh-HK"},{"@type":"WebPage","@id":"https:\/\/version-2.com\/2025\/01\/cross-forest-authentication-with-thinfinity-secure-multi-domain-access\/","url":"https:\/\/blog.cybelesoft.com\/cross-forest-authentication-with-thinfinity-secure-multi-domain-access\/","name":"Cross-forest authentication with Thinfinity: secure multi-domain access - Version 2","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/#website"},"primaryImageOfPage":{"@id":"https:\/\/blog.cybelesoft.com\/cross-forest-authentication-with-thinfinity-secure-multi-domain-access\/#primaryimage"},"image":{"@id":"https:\/\/blog.cybelesoft.com\/cross-forest-authentication-with-thinfinity-secure-multi-domain-access\/#primaryimage"},"thumbnailUrl":"https:\/\/blog.cybelesoft.com\/wp-content\/uploads\/2025\/01\/cross-forest-auth-1.png","datePublished":"2025-01-22T08:33:25+00:00","breadcrumb":{"@id":"https:\/\/blog.cybelesoft.com\/cross-forest-authentication-with-thinfinity-secure-multi-domain-access\/#breadcrumb"},"inLanguage":"zh-HK","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.cybelesoft.com\/cross-forest-authentication-with-thinfinity-secure-multi-domain-access\/"]}]},{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/blog.cybelesoft.com\/cross-forest-authentication-with-thinfinity-secure-multi-domain-access\/#primaryimage","url":"https:\/\/blog.cybelesoft.com\/wp-content\/uploads\/2025\/01\/cross-forest-auth-1.png","contentUrl":"https:\/\/blog.cybelesoft.com\/wp-content\/uploads\/2025\/01\/cross-forest-auth-1.png"},{"@type":"BreadcrumbList","@id":"https:\/\/blog.cybelesoft.com\/cross-forest-authentication-with-thinfinity-secure-multi-domain-access\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9801","item":"https:\/\/version-2.com\/"},{"@type":"ListItem","position":2,"name":"Cross-forest authentication with Thinfinity: secure multi-domain access"}]},{"@type":"WebSite","@id":"https:\/\/version-2.com\/zh\/#website","url":"https:\/\/version-2.com\/zh\/","name":"Version 2","description":"","publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/version-2.com\/zh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"zh-HK"},{"@type":"Organization","@id":"https:\/\/version-2.com\/zh\/#organization","name":"Version 2","url":"https:\/\/version-2.com\/zh\/","logo":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","contentUrl":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","width":1795,"height":335,"caption":"Version 2"},"image":{"@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/011bc7c3731c930bcfeecd52fefb6365","name":"tracylamv2","image":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","caption":"tracylamv2"},"url":"https:\/\/version-2.com\/zh\/author\/tracylamv2\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pbQRKm-qwy","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/101962","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/users\/149011790"}],"replies":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/comments?post=101962"}],"version-history":[{"count":7,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/101962\/revisions"}],"predecessor-version":[{"id":101969,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/101962\/revisions\/101969"}],"wp:attachment":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/media?parent=101962"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/categories?post=101962"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/tags?post=101962"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}