http://support2.microsoft.com/kb/2994331
In our last large project we had a situation where there were two forests with no trust, one forest housed the primary business network and the other forest housed the operational machines which ran a certain utility for our state.
This CU contains the following option…
Management point communications
- This cumulative update introduces a new registry entry for clients. This entry will restrict which management point (MP) a client can communicate with. This can be useful in environments that have multiple MPs in different forests, and the clients can only communicate with a subset of them. Setting the registry value to only those MPs that can be reached by the client can improve overall efficiency. The new registry value is AllowedMPs, a REG_MULTI_SZ (multi-string) type that is under the following subkey:
HKEY_LOCAL_MACHINESoftwareMicrosoftCCM
This would have been exceeding useful a few moths ago for us… but at least it is in there now and available for the next environment.