A "Floresta" mostra em qual entrada 2 "Domínio Primário" é membro. Ele muda com base no número de entradas retornadas. Você pode verificar isso trocando '/ all_trusts' por '/ forest'.
PS C:\WINDOWS\system32> nltest /domain_trusts /all_trusts
List of domain trusts:
0: DOMAIN.SUF (MIT) (Direct Outbound) ( Attr: non-trans 0x1000000 )
1: FOREST FOREST.DOMAIN.SUF (NT 5) (Forest Tree Root) (Direct Outbound) (Direct Inbound)
2: DOMAIN2 DOMAIN2.DOMAIN.SUF (NT 5) (Direct Inbound)
3: CHILD CHILD.FOREST.DOMAIN.SUF (NT 5) (Forest: 1) (Primary Domain) (Native)
The command completed successfully
PS C:\WINDOWS\system32> nltest /domain_trusts /forest
List of domain trusts:
0: FOREST FOREST.DOMAIN.SUF (NT 5) (Forest Tree Root) (Direct Outbound) (Direct Inbound)
1: CHILD CHILD.FOREST.DOMAIN.SUF (NT 5) (Forest: 0) (Primary Domain) (Native)
The command completed successfully