I am trying to do a forest discovery to a domain in our DMZ. I am able to connect from the SCCM server and run LDP.EXE to connect to and bind to the AD forest. SCCM forest discovery fails with "Error Information The specified forest does not exist or cannot be contacted." I can do a DNS lookup for the domain from the CM server. I get a similar error in the logs for internal domains but I still can run system discovery on those domains without a problem. I believe I have all the ports open I need on the firewall because I can telnet to the ports outside of sccm from the server.