Solved

Conditional Forwarders, Domain trusts, and DNS issues

Posted on 2010-08-20
5
961 Views
Last Modified: 2012-05-10
We are in the beginning steps of integrating into our AD domain a company (we'll call them companyX) that we purchased.  One of the first steps in our integration is to set up a two way trust.  To do this we plan to use a conditional forwarder however in our testing we became aware of a critical issue. While our public and private domain DNS namespaces are different,  companyX has identical public and private namespaces.  To top that off, their Exchange 2003 mailserver's public and private dns names are identical.

The problem we are having is that when we put in place the conditional forwarders, our mail servers stop looking at the public address for companyX's mail server and start looking at their internal address.  Their Exchange server is configured to only accept email on their public IP address and so email to companyX stops flowing.

We have tried to circumvent this issue by configuring Hosts file entries on our mailservers so that they route to the external IP of companyX's mailservers but this did not work. I am hoping that someone might have other suggestions on how to resolve this. We're looking into configuring other smtp connectors on their Exchange server but no one on had is expert in Exchange 2003 or has the expertise to do this.  We're also talking with our Network/firewall admins to see if they can do some fancy NATting of the traffic.  Any other suggestions on how to proceed?
0
Comment
Question by:Tiarna101
5 Comments
 
LVL 24

Expert Comment

by:Mike Thomas
ID: 33484961
Mayb grab a copy of their zone file and modify it as per your requirements, (modify the Host files for their mail server etc)


0
 
LVL 1

Accepted Solution

by:
vr_000 earned 350 total points
ID: 33485308
Create a SMTP connector for companyX's domain name space and set their external IP address as Smart Host. To do that, follow the below steps: For ease, I will consider CompanyX's domain name space as companyx.com
- Go to Exchange System manager
- Adminsitrative Groups > Routing Groups > Select Routing Group > Connectors.
- Right click on "Connectors" > New > SMTP Connector
- On General Tab page, Give Name "companyx.com"
- On General Tab Page, select option "Forward all mail through this connector to the following smart hosts" and mention Public IP address of  companyX's Exchange Server
- Go to Address Space tab, Add > SMTP > E-mail Domain: @companyx.com
- Click Okay and apply the settings.
- Restart MS Exchange Routing Engine service
- Go to CMD, run IPCONFIG/FLUSHDNS command

Let me know if you would have any query or concern or need clearification.


0
 
LVL 12

Assisted Solution

by:Rant32
Rant32 earned 150 total points
ID: 33492281
vr000 is right on the money with Exchange message delivery. This one can neatly be solved within Exchange, I hope that this is the only issue you run into...

If you use an IP address for the smart host in the SMTP Connector, it should be between brackets, like so: [10.5.5.5]

The cost for the CompanyX SMTP Connector should be lower than other connectors. You may have to increase the cost of your default SMTP connector (for asterisk address space). Exchange will try the lowest cost route first.
0
 
LVL 1

Author Comment

by:Tiarna101
ID: 33504672
Thanks for the suggestion on the SMTP connector.  We're going to try this on Thursday and I'll let you know how it goes!
0
 
LVL 1

Author Closing Comment

by:Tiarna101
ID: 33566423
Thanks guys, that absolutely did the trick.  We had to use slightly different steps since the sending servers were on Exchange 2007 but once we did this the conditional fowarders did not interrupt email flow to our subsidiary any longer.

Yesterday we put the 2 way trust in place and we're well on our way now to the next phase of our integration.  Thanks again for the excellent tip :)
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Utilizing an array to gracefully append to a list of EmailAddresses
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now