Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Multiple Domains and Companies using one Exchange Server

Posted on 2008-10-08
2
Medium Priority
?
643 Views
Last Modified: 2012-06-21
Hello everyone :)

We use Exchange 2003 running on Windows Server 2003 Standard.

We have one network domain but use two different email domains ('@example1.com' and '@example2.com') because we have two different trading names.

Presently, any user can use the address book and see every other user address.  This has not really been an issue until now.

The Managing Director has recently setup another, but totally independent, Company.  As a result, we would like to create mailbox accounts, using our current infrastructure, and ensure that users of this new Company have their own Global Address Book whilst not seeing user accounts from the other Companies.

Typically, I create an OU for every Company and place users into the correct one.  This allows me to control which Company gets what group policy.

Obviously all these users are still logging into the one domain. I'm not sure if creating individual domains is the correct or easiest option? And am not sure how one Exchange server copes with more than one domain.

I also realise that any user logging into Webmail will need to use 'DOMAIN\User Name'. I've automated that process so the user doesn't need to type the domain in.

I've used Hosted Email Solutions before and within seconds you can have an account setup which looks and feels like your own server and domain.  Their webmail or Outlook (RPC over HTTPS) never reveals any other user accounts via the address book even though their server handles multiple users using multiple Companies and Domains.

I'd really like to know how they go about doing this so that we can utilise our equipment for our different Companies.

Thanks for reading and I hope someone can assist :)
0
Comment
Question by:Boyderama
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 23

Accepted Solution

by:
Justin Durrant earned 1500 total points
ID: 22670808
0
 

Author Comment

by:Boyderama
ID: 22687617
Thanks.

Just completed those steps and about to move onto 'Part 2'.

I've got several questions regarding this tutorial.

I've typed a lot and apologise if these have been asked before. My head is over flowing with questions that I need to ask in order to fully understand.

1. It asks to create a Universal Security Group which I've done. However does it really need an email address? I'm assuming that the reason to have the group is to allow the recipient policy to know which accounts to append the correct email domain? I realise it's also handy to have this group so employees can email everyone but just want to fully understand the process behind it.  Currently I've set to only allow email from authenticated users.

2.  When creating a recipient policy the instructions give a Custom LDAP rule.  I've copied this and altered it to suit our needs.  I kind of understand the rule apart from all the '&' and '(' symbols.  I was wondering though, could I not create the same rule but use the GUI? I've seen a few 'Member Of' statements.  The reason I ask is as I'm unable to create my own LDAP rule I may want to alter it and I'd need to rely on the GUI wizard.  Can the wizard create the same filter that the tutorial mentions?

3.  In the recipient policy I've specified the email address as ' %g.%s@example.com '.  This is 'first.lastname@example.com'.  Is this OK to use?

4.  The tutorial mentions that a 'bogus' SMTP address will appear and needs to be present in the recipient policy.  It's basically the network domain after the @ sign.  It never appeared when I set the policy up.  In fact, when I've added users in the past I've always removed the network domain email address from all users.  The tutorial states OWA requires this but we've never had a problem?  Am I missing something or has something changed within Exchange which no longer requires this?

5.  Again, setting up the address book requires an LDAP rule.  The tutorial has a custom rule but could this be created using the GUI wizard?  If so, how?  I've tried using the wizard but it always creates rules which look really long?  These custom ones are so tidy.

6.  I've create a UPN suffix and this works well.  I noticed it only works for accounts you create directly under the OU you've edited.  If you create an account under a Sub OU of the OU you edited then you don't get the option to change domain.  Is this correct?  What is the purpose of the UPN suffix?  Is it simply used for this reason?

7.  I want users to login using their full email address via OWA.  I take it I must ensure to set their username to be 'first.lastname' and then select the correct domain name from the list?  This again appears to work.  I've noticed that the user can also type in 'Domain\username'.  Is this method of two different logins standard?

Lastly!

8.  If I remove a user from the Universal group will the email recipient policy update that users email address? (i.e. remove it?)  OR would I need to reapply the policy manually?

Thank you very much for reading and I hope someone can help :)

0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Suggested Courses

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question