Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


What happens to active directory with exchange in new domain in same forest

Posted on 2009-06-29
Medium Priority
Last Modified: 2012-05-07
I have 2 trusted domains in the same forest, and all of the users and exchange are in domain a. I want to move exchange to domain b, but don't have any users in there yet (except the admin). What do I have to do with active directory for users to still log into domain a and use exchange in domain b? Thanks!
Question by:LunaRavenscroft
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 24737938
You have to create a two-way trust between the two domains, so that you can give the users in domain A access to domain B.

Author Comment

ID: 24737967
That is already done. Do I actually have to add users to domain b?
LVL 38

Accepted Solution

Hypercat (Deb) earned 2000 total points
ID: 24738030
You can create a group and then add them to that group - I believe it has to be a Universal or Domain local group (not Global). Then, you can use that group to assign permissions, or you can make that group a member of the Domain Users group (which is a global group by default). That way they have access to anything on the domain that you assign to that group, including of course Exchange mailboxes.

Author Comment

ID: 24738262
I created a group, but either way I create it as Universal or Local, I cannot see it to make it a member of the Domain Users group. Since it is in the User container, does it matter?
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 24738872
Yeah - I forgot this hierarchy, as it's a little bit weird.  You can make a global group a member of a domain local or univeral group, but not vice versa. So, the Domain Users group won't work for you that way.  But as long as the users have the ability to access domain B, they should be able to connect to the Exchange server anyway, as they will be members of the Everyone/Authenticated Users.  I was only recommending adding it to the Domain Users group so that you could easily grant other file access if needed.  If you make the new group a Universal group, you can add it to the Buit-in Users group, which you could also use for file access, etc., if you wanted to do that.

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I don't pretend to be an expert at this, but I have found a few things that are useful. I hope that sharing them here will help others, so they will not have to face some rather hard choices. Since I felt this to be a topic of enough importance and…
Here in this article, you will get a step by step guidance on how to restore an Exchange database to a recovery database. Get a brief on Recovery Database and how it can be used to restore Exchange database in this section!
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Suggested Courses

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question