Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Exchange 2003 Merger Between Company

Posted on 2008-06-10
20
Medium Priority
?
317 Views
Last Modified: 2012-06-21
I have 3 registered SMTP email domain in my environment where all of them running in 3 different domain in 3 different Forest. E.g
1. abc1.com (email domain) is running in ad1dom.local(AD domain)
2. abc2.com i(email domain) is running in ad2dom.local (AD domain)
3. abc3.com i(email domain) is running in ad3dom.local (AD domain)

Since all the domain is belong to the same company, the management plan to use only 1 email domain which is abc1.com

I'm thinking of 'moving' all the exchange users to ad1dom.local domain by creating new users (for all user on the ad2dom.local and ad3dom.local domains). With this steps, both domain users will have a new password.

Is there any alternative way to handle the 'merger' ?
0
Comment
Question by:aihaiai
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 11
  • 8
20 Comments
 
LVL 23

Expert Comment

by:debuggerau
ID: 21757168
well there is always manually, but the ADMT tool is the one I'd use.
0
 

Author Comment

by:aihaiai
ID: 21757716
Can you explained how can we use ADMT tool on this scenario. Is that by using ADMT tool, I don't have to create all the other users for both 'unwanted' domain?
0
 
LVL 15

Expert Comment

by:fishadr
ID: 21757914
The following article gives you the examples of the various methods:
http://support.microsoft.com/kb/327928


I believe that in your situation you need to go through a co-existence and migration phase. Once you have configured trusts and security you need to link the e-mail domains by creating a connector from the new Exchange to the old one, all e-mail should then be directed out of the old system to the new system, and incoming internet e-mail should be configured to come in to the new domain. Therefore the new domain handles all incoming and outoging e-mail.

You may also need to share the e-mail domains between the organizations, the new one needs to be able to accept e-mail for the other e-mail domain's and then pass any messages on to the other servers (if the mailbox is not on the new domain), the following document explains how to do this:

http://support.microsoft.com/kb/321721

Once this is in place you need to install and configure the Active Directory Connector to connect the two systems together to share the e-mail addresses, this will create either new contacts for users in the source domain, in the destination domain and vice-versa. therefore if you create a new user a contact will be created in the other domain and the Global Address List will be updated. When you migrate a user it will change the GAL from being a e-mail user in that domain to a contact (as the users mailbox will be in the other domain).
http://technet.microsoft.com/en-us/library/aa996243.aspx

You can then use the Active Directory Migration  Tool to import the groups from the source domain to the destination domain, then we you are ready to migrate a user you run  the ADMT tool to migrate the user to the new domain, update their group membership, and migrate their SID history (so they have access to any un-migrated data on the old servers). This will update the account created by the Active Directory Connector with all the new details.

http://www.microsoft.com/downloads/details.aspx?FamilyID=6f86937b-533a-466d-a8e8-aff85ad3d212&displaylang=en
http://www.microsoft.com/downloads/details.aspx?FamilyID=6f86937b-533a-466d-a8e8-aff85ad3d212&displaylang=en

The ADMT tool will also migrate the computer accounts and maintain users profiles to the new domain.

You then run the Exchange Migration Tool on the Exchange server to migrate the mailbox from the old Exchange server to the new one, check it has migrated, delete the old mailbox, ask the user to logon, setup their outlook profile and everything should be done.

The ADC will then run and update the old infrastructure that the mailbox is on the new system and mail flow will be maintained to the user.

Once all users have been migrated (and contacts / distributions lists) you can remove the connector to the old server and uninstall it.
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 

Author Comment

by:aihaiai
ID: 21759572
Can the same email domain be share by two different exchange organization (different forest) at the same time? E.g. user1@abc1.com mailbox is located at Exch Org A and at the same time user2@abc1.com mailbox located at Exch Org B.
The MX record for email domain abc1.com is pointing to Exch server at forest A. The recipient policy at Forest A said that it is responsible for email domain abc1.com and it will not forward any email to xxx@abc1.com to the other exchange server at Forest B right?
0
 
LVL 15

Expert Comment

by:fishadr
ID: 21759680
Yes the same e-mail domain or multiple e-mail domains can be shared by multiple systems by following the article. As you say you set the MX records to go in to the Exchange server in forest A, then modify the recipient policy so it is NOT responsible for all e-mail to this domain (change the default recipient policy to a different e-mail domain (such as @local) which is authorative for this domain) and then create a new recipient policy for the @abc1.com domain and set this not to be responsible for all e-mail to the domain. You then create a connector to the other Exchange system so that e-mail that comes in for users not on the forest A Exchange server gets passed on to the other server in Org B.
0
 

Author Comment

by:aihaiai
ID: 21765249
OK that sounds very good. Another advice needed
1. At the same time, for both Exchange org that sharing the same email domain, I need to make sure the xxx@abc1.com users will be the primary address (will be the reply to address)
2. Is there any impact on pop/imap/owa and rpc over http client, since my external DNS is pointing to only one record (the Exchange front end server on Exch org at Forest A) e.g. mail.abc1.com  ( At the same time Exch org at Forest B also have the similar infrastructure). I assume that I need to create another external DNS record e.g. mail1.abc.com for xxx@abc1.com user that reside on exch org at Forest B . Is that the correct way. (But this way will not serve the uniform configuration for all xx@abc1.com users right? Ultimately can it be done so that all xx@abc1.com email domain will have the same client  configuration no matter where the users mailbox is reside on the excahnge org?  
0
 

Author Comment

by:aihaiai
ID: 21767334
Additional advice needed
1. One of the steps is to create SMTP connector to the shared address space (email domain). I have already created connector for 'outgoing mail' (to the internet domain) with address space * for outgoing mail. I assume that I have to create another SMTP connector for the purpose of the shared address space right? So that now I have 2 smtp connectors in place.
2. For any additional shared address space, I have to create additional smtp connectors or I can use the same SMTP connector if the target address (smart host is the same)
3. If I have Exch Org C in place which also need to shared the address space. Can I create additional SMTP connector with the same address space with different target address (smart host) which is Exhange server B on Exch Org B or I can't do that. Or I have to create the similar SMTP connector for the shared address space on Exch Org B with the target address of Exch server C on Exch Org C
0
 
LVL 15

Expert Comment

by:fishadr
ID: 21767409
You can create one connector and populate this with the address spaces (e-mail domains) that go over the connector. If the e-mails are going to different servers then you will need different address spaces. You can alos create different options (restrictions etc) that can be configured for the connector. I would expect that you would not have any additional limits for the other e-mail domains so I would put them all on one connector.

As to question 3 I am not sure what you are asking. You can share multiple e-mail domains with different Exchange Org's by creating multiple connectors (one to each of the e-mail domains). You can share an e-mail domain with more than one organisation but you need to be careful that it is setup correctly or the message will loop around the systems as it may not know where to deliver the message to.
0
 

Author Comment

by:aihaiai
ID: 21767433
I assume after settings all the needed SMTP connectors, The flow of email with shared smtp address space will be.

From Internet -> exch org A -> exch org B -> exch org C
but  I have a bit confuse on how the user3@abc1.com on exch org c email flow to the user1@abc1.com on exch org A
0
 
LVL 15

Expert Comment

by:fishadr
ID: 21767510
This is where you are likely to run in to problems as it is best practice to only share e-mail between two domains.

The master domain needs to send and receive e-mail for all the other Exchage Orgs of which it may share addresses with. This master Org is configured not to be authoratitive for the e-mail and it then forwards e-mail for users that do not exists within its Org to one of the other Exchange Orgs via the connector. As you say in your last example it then gets tricky for the mail from Org C to get to the other Org as looping can occur. It can be done but it is tricky:

http://support.microsoft.com/kb/315511
0
 

Author Comment

by:aihaiai
ID: 21768374
To cut it short, how email flow from the user2@abc1.com on exch org B to the user1@abc1.com on exch org A will be?
0
 

Author Comment

by:aihaiai
ID: 21777229
or by using this method, it will only doing one direction flow e.g. internet->exch org A ->exch org B ?
if receiveing non existing email, the org b will responsible to generate the NDR
0
 
LVL 15

Expert Comment

by:fishadr
ID: 21777283
That is correct, Exchange Org B would then generate a NDR.
0
 

Author Comment

by:aihaiai
ID: 21790493
So that exch org b will be the 'authoritative' for the namespace or it is not necassary?
0
 
LVL 15

Expert Comment

by:fishadr
ID: 21791580
Yes, it is advised that the last hop be authoritative for the e-mail address to avoid message looping - where the message will be passed between the various systems until the maximum hopcount is reached, a NDR will then be generated.
0
 

Author Comment

by:aihaiai
ID: 21808662
Can I assume my summary here is correct .
1. The email flow will be on one direction. e,g Exch Org A -> Exch Org B and so on
2. Users from other that the first Org (maybe Exch Org B) cannot send email back to the first Org (Exch Org A)
3. Only the last Org (Exch Org B) will be the authoritative to generate the NDR
0
 

Author Comment

by:aihaiai
ID: 21869970


Following the method 2 on the article looks in can solve the problem
http://support.microsoft.com/kb/321721
0
 
LVL 15

Expert Comment

by:fishadr
ID: 21872552
Yes, that is how you set the last domain as authoritative to stop message looping. I have implemented this many times and it is pretty straight forward. Sharing across two domains is easy, more than two domains can be tricky as we have previoulsy posted.
0
 
LVL 15

Accepted Solution

by:
fishadr earned 1500 total points
ID: 21887876
How you getting on with this one - Need any more help?
0
 

Author Comment

by:aihaiai
ID: 21920918
Ok I have tested. Method 1 can handle the end less loop by setting the last domain as authoritative but it does not handle the reverse route of email (email from last ORG to previous ORG) . Method 2 can handle all the scenario
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes clients can lose connectivity with the Lotus Notes Domino Server, but there's not always an obvious answer as to why it happens.   Read this article to follow one of the first experiences I had with Lotus Notes on a client's machine, my…
I don't pretend to be an expert at this, but I have found a few things that are useful. I hope that sharing them here will help others, so they will not have to face some rather hard choices. Since I felt this to be a topic of enough importance and…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Suggested Courses

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question