beplas
asked on
Exchange over cross forest trust
I'm after some advice for designing the merging of two networks over two sites.
Both networks are running win server 2003 native in seperate forests. i would like to keep the forest seperate to maintain a degree of autonomy between sites and also maintin the domain policy.
Network 1 (The north) has two domains net1.local and net1.com. net1.local contains the sites users. net1.com contains exchange 2003 with a public ip running rpc over https. network 1 has to remain completely autonomous in the event of disaster.
Network 2 (the south)has 1 domain net2.com. net2.com contains this sites users. net2.com is migrating from lotus notes to exchange.
The idea behind the project is to bring the two domains closer together (we are the same company) but still retain a degree of autonomy.
I would like to set up a forest trust between sites. i would then like to add a second exchange server to the existing net1.com (the north)domain, but physically place that in network 2 (the south).
Would a forest trust let me accomplish this?
Both networks are running win server 2003 native in seperate forests. i would like to keep the forest seperate to maintain a degree of autonomy between sites and also maintin the domain policy.
Network 1 (The north) has two domains net1.local and net1.com. net1.local contains the sites users. net1.com contains exchange 2003 with a public ip running rpc over https. network 1 has to remain completely autonomous in the event of disaster.
Network 2 (the south)has 1 domain net2.com. net2.com contains this sites users. net2.com is migrating from lotus notes to exchange.
The idea behind the project is to bring the two domains closer together (we are the same company) but still retain a degree of autonomy.
I would like to set up a forest trust between sites. i would then like to add a second exchange server to the existing net1.com (the north)domain, but physically place that in network 2 (the south).
Would a forest trust let me accomplish this?
ASKER
Hi Chris,
I would like to make the second exchange server part of the existing exchange domain, but place said exchange server in a different forest.
cheers
paul
I would like to make the second exchange server part of the existing exchange domain, but place said exchange server in a different forest.
cheers
paul
You cannot I'm afraid.
Exchange cannot be separated from its configuration forest. It must be a member of the forest hosting the Exchange organisation.
Chris
ASKER
What if the second exchange server was set up and configured in the same forest as the first, then physically moved to the new site/subnet. Could users in site 2 connect to exchange 2 which is a member of forest 1 and then authenticate back to domain 2 through the forest trust?
Could users in site 2
Could users in site 2
You would still have to maintain accounts and mailboxes in Forest 1, but there's nothing to stop you granting the user in the trusted forest rights to a mailbox there.
You would still benefit from having a Global Catalog on the same subnet / same site as the Exchange Server. Exchange is very reliant on that.
Chris
ASKER
Ok, so, even though a forest trust would be in place, users in site 2, being members of domain 2, connecting to exchange 2, which is a member of forest 1, would not be able to authenticate back to domain 2?
have i got that right?
have i got that right?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The Trust is not relevant to the placement of the second Exchange Server (because it is not part of the Exchange domain).
However, you might consider that having a Global Catalog (and therefore a DC) close to the Exchange Server would be beneficial. Exchange makes very heavy use of the Global Catalog.
Chris