What is a one sentence summary of your feature request?
Provide a supported architecture for managing multiple domains without trust relationships from a centralized Identity Recovery deployment.
Please describe your idea in detail. What is your problem, why do you feel this idea is the best solution, etc.
Organizations often:
• Relax security controls to allow required access
• Introduce additional infrastructure to isolate environments
• Accept operational complexity to meet security requirements
Large organizations commonly operate across:
• multiple Active Directory domains or forests
• segregated environments (e.g., dev, test, production)
• networks with restricted or no trust relationships
In such environments, centralized management becomes challenging when tools rely on domain trust or shared access.
This often leads to:
• deploying multiple independent instances of the same solution
• increased infrastructure and maintenance overhead
• fragmented visibility across environments
A supported architecture designed for no-trust environments could include:
• a central management layer with isolated domain-level components
• secure communication channels without requiring trust relationships
• logical separation while maintaining unified visibility and control
Such an approach would:
• simplify operations
• reduce infrastructure footprint
• support modern enterprise security models
How do you currently solve the challenges you have by not having this feature?
Organizations typically:
• deploy separate instances per domain or environment
• manage each deployment independently
• accept reduced efficiency and increased operational overhead