Solved

What happens to active directory with exchange in new domain in same forest

Posted on 2009-06-29
5
185 Views
Last Modified: 2012-05-07
I have 2 trusted domains in the same forest, and all of the users and exchange are in domain a. I want to move exchange to domain b, but don't have any users in there yet (except the admin). What do I have to do with active directory for users to still log into domain a and use exchange in domain b? Thanks!
0
Comment
Question by:LunaRavenscroft
  • 3
  • 2
5 Comments
 
LVL 38

Expert Comment

by:Hypercat (Deb)
Comment Utility
You have to create a two-way trust between the two domains, so that you can give the users in domain A access to domain B.
0
 

Author Comment

by:LunaRavenscroft
Comment Utility
That is already done. Do I actually have to add users to domain b?
0
 
LVL 38

Accepted Solution

by:
Hypercat (Deb) earned 500 total points
Comment Utility
You can create a group and then add them to that group - I believe it has to be a Universal or Domain local group (not Global). Then, you can use that group to assign permissions, or you can make that group a member of the Domain Users group (which is a global group by default). That way they have access to anything on the domain that you assign to that group, including of course Exchange mailboxes.
0
 

Author Comment

by:LunaRavenscroft
Comment Utility
I created a group, but either way I create it as Universal or Local, I cannot see it to make it a member of the Domain Users group. Since it is in the User container, does it matter?
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
Comment Utility
Yeah - I forgot this hierarchy, as it's a little bit weird.  You can make a global group a member of a domain local or univeral group, but not vice versa. So, the Domain Users group won't work for you that way.  But as long as the users have the ability to access domain B, they should be able to connect to the Exchange server anyway, as they will be members of the Everyone/Authenticated Users.  I was only recommending adding it to the Domain Users group so that you could easily grant other file access if needed.  If you make the new group a Universal group, you can add it to the Buit-in Users group, which you could also use for file access, etc., if you wanted to do that.
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now