At 12:24 PM 7/10/2003, you wrote:
http://www.ISAserver.org
Correct, Transitive Trusts can not be changed, just about the only way you can create safe separation between domains that live in the same forest is to have your public DMZ domain live and breathe on a separate IP segment separated by a router, this way you could target port specific services and filter out the rest, that would be one heck of master plan though, not one I would even conceive of doing, I can't think of a reason why this configuration is needed.
t