Group Policy Administrator 4.6
Group Policy Administrator 5.0
Group Policy Administrator 5.0 SP1
GPA will support working with untrusted domains, provided that the untrusted domain name can be resolved. This requires that the DNS server in the trusted domain have forwarding set up to the untrusted domain. The DNS servers which are authoritative for each of the domains the customer wants to manage with GPA need to have forwarders to the DNS server for each untrusted domain.
This is the configuration that should be used. If forwarders are not already in place, they should be added. There is no security risk in this configuration.
Using LMHosts is not a viable option.