The question of how to manage systems in a multi-forest Active Directory (AD) infrastructure using System Center Configuration Manager (ConfigMgr) comes up quite often in online forums and at customers; this post will summarize and detail the answers I’ve given (over and over again).
The Really Short Answer
It doesn’t matter, and ConfigMgr doesn’t care.
The Short Answer
For client management activities, ConfigMgr neither relies on or requires AD in any way, so multiple domains or forests with or without trusts are irrelevant. If you intend to target users in untrusted domains or forests, then you will need to have a site system with the management point role installed in that untrusted domain or forest to perform authentication and authorization.
The Detailed Answer
See the complete post on the 1E blog site: ConfigMgr/SCCM Client Management, Domains, Forests, and Trusts (Oh My).