Solved

Exchange 2000 in Multiple Forest Environment

Posted on 2002-05-24
3
243 Views
Last Modified: 2010-03-05
Is it possible to use the same exchange servers to service users in multiple forests?
0
Comment
Question by:dtempleMT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 10

Expert Comment

by:kevala
ID: 7033402
The quick and dirty answer is NO! well, depending on how bad you want to do it......

The reason for this is that a mailbox is simply an attribute to an account. The object (account in a.d.)must be there to apply the mailbox attribute to it.

We were able to do this in 5.5 because a mailbox WAS an object....you then associated whatever account you wanted to that object - in E2K it's reversed.

You can use the inter-org connection agreement with the active directory connector.
This will replicate all accounts from the other forest into active directory as a disabled windows user account, a new windows user account, or a contact.

If you replicate the accounts from the other forest into active directory as New Windows user accounts, you can then mailbox enable them, create a two way trust between the two forests, give the trusted accounts rights to the replicated accounts mailboxes, and have the users in the other forests logon to the mailboxes through the trust with permissions added.

I wouldn't want to deal with the above, it could get very complicated,...but i believe it would work.


Forest 1  |     Interorg connection agreement   | Forest 2
          |                                     |
A.D.      |<--replicate into a.d via the c.a.-- | Users

1.using the option on the interorg connection agreement to create a new account in A.D. - mailbox enable them
2. setup a trust between the two forests
3. Give the users in forest 2 permissions to their associated (replicated accounts in a.d. for forest1) rights
4. Setup the users in forest 2 to logon to the mailbox they have been given permissions to.

Note: I can almost gaurantee you without research that this is probably not recommended. This can get dirty because changes made by the interorg connection agreement CANNOT BE REVERSED.

So after all of this....i would say DON'T TRY IT.

0
 

Author Comment

by:dtempleMT
ID: 7033406
I found a TID from Microsoft that says to create disabled mailbox accounts in the forest with the Exchange box and then associate those accounts with the active accounts in the other forest.  Pardon my ignorance, but is that, in fact what you've just suggested?
0
 
LVL 10

Accepted Solution

by:
kevala earned 50 total points
ID: 7033427
Yes that is exactly one of the options that i suggested.
Use the active directory connector, create an interorg connection agreement, and you will have the option of taking the users in the other forest, and replicating/creating them in the local forest as disabled windows user accounts.....

The "TID" from Microsoft is telling you to create windows disabled user accounts...i am giving you a method to do that via the interorg connection agreement so you don't have to manually create them.

Then you can associate the accounts from the other forest with the accounts from the local forest....
as i drew out....sorry if i did not explain it clearly enough....
0

Featured Post

Backup Solution for AWS

Read about how CloudBerry Backup fully integrates your backups with Amazon S3 and Amazon Glacier to provide military-grade encryption and dramatically cut storage costs on any platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to know the backup date of a restored DB? 4 55
Fraud Email 22 83
How to give permission to a user to manage a DL on O365? 5 31
Restored mailboxes and OST 11 37
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question