When this method runs, it searches the local Active Directory forest, each trusted forest, and each additional forest that you configure in the Active Directory Forests node of the Configuration Manager console.
Use Active Directory Forest Discovery to: To configure publishing for Active Directory forests for each site in your hierarchy, connect your Configuration Manager console to the top-level site of your hierarchy.
The Publishing tab in an Active Directory site's Properties dialog box can show only the current site and its child sites.
When publishing is enabled for a forest and that forest's schema is extended for Configuration Manager, the following information is published for each site that is enabled to publish to that Active Directory forest: Note Secondary sites always use the secondary site server computer account to publish to Active Directory.
Because this discovery method is not optimized to discover computer and user resources, consider running this discovery method after you have run Active Directory System Discovery and Active Directory User Discovery.
This is because this method creates a full discovery data record (DDR) for groups, but only a limited DDR for computers and users that are members of groups.
You can also install the Configuration Manager client on a discovered device by using client push installation.It is enabled by default and runs on each computer client (instead of on a site server) to create a DDR.For mobile device clients, this DDR is created by the management point that the mobile device client is using.Use this discovery method to search your Azure AD for users who authenticate to your instance of Azure AD, to find the following attributes: This method supports a full synchronization and delta synchronization of User data from Azure AD.This information can then be used along-side discovery data you collect from the other discovery methods.By default, this method discovers basic information about the computer, including the following: To successfully create a DDR for a computer, Active Directory System Discovery must be able to identify the computer account and then successfully resolve the computer name to an IP address.