Solved

Exchange 2010 with multiple domains

Posted on 2010-09-16
7
775 Views
Last Modified: 2012-05-10
We have a domain that spans several different physical locations with a few hundred users and client machines. We were set to upgrade our Exchange 2003 server to Exchange 2010 when we learned we could not move forward as scheduled because the domain name was not acceptable to Exchange 2010 because it contains an underscore, such as DOMAIN_1 (this was set up by a previous IT staff and we wanted to change it at some point.)

Instead of delaying the project and creating a lot of chaos by trying to rename the entire domain in a hurry, we came up with the following idea:  create a new domain controller for the new domain name we want to use (DOMAIN2) and set up two-way trusts between DOMAIN2 and DOMAIN_1. Then we can build the new Exchange 2010 server on a member server in DOMAIN2, import the mailboxes from the exchange server on DOMAIN_1.  If users can authenticate across both domains, I think this should work.

Can anyone think of any reasons why it wouldn't, or other trouble we might hit along the way? Any 'gotchas' in this scenario?

0
Comment
Question by:Ad-Apex
7 Comments
 
LVL 31

Accepted Solution

by:
DrUltima earned 250 total points
ID: 33691486
An Exchange mailbox must be linked to an AD Account.  Your AD account must have a password.  You may run into issues due to the fact that users have to either 1) maintain two separate accounts or 2) keep their passwords in "sync" so that they don't get a challenge/response every time they access their mailboxes.  Remember that Outlook uses the default user's credentials.  You, as an administrator, could grant the user's original AD Account rights to the new account's mailbox, but that would create a tremendous overhead for administration.  

Honestly, my advice is to delay the email upgrade for a week or two and just rename your production domain to get rid of the Underscore.  Here is a good overview of this process:

http://www.petri.co.il/windows_2003_domain_rename.htm

Justin
0
 
LVL 11

Expert Comment

by:willettmeister
ID: 33691516
YOu will need to set up a connector between the exchange boxes so that mail can route from one to the other while you are in the process of migration your users.  
0
 

Expert Comment

by:pawanopensource
ID: 33691548
why dont u go for zimbra.
0
 
LVL 49

Expert Comment

by:Akhater
ID: 33692204
your scenario makes perfect sense you can do it you don't even need a trust between them
0
 
LVL 11

Assisted Solution

by:JuusoConnecta
JuusoConnecta earned 250 total points
ID: 33715793
Why doesnt he need a two-way trust between them ? Are you trying to get the man fired ?

If hes building a new domain within the same ROOT domain it should for since the new child domain till resides within the Exchange Organization.

If its a new domain in another forest or a new root domain a two-trust is necessry for several reasons. External ip addresses to exchange server, MX records, ULTRAdns ?

All of those need to be reconfigured if he doesnt have a two-way trust.


Some help along the way for you Apex.
Right now you have an organization and your exchange server works fine. If your building a new domain into your current domain the exchange server install will become a part of your current Exchange Organization. You should be able to run the migration thru the GUI of Exchange 2010 (exchange management shell).
Remember to repoint your mx records to your new exchange server before unplugging the old one

If your build a whole new domain in another forest or if its a new root domain you will face a whole different scenario. You will need the following:
1. Two-way trust between the domains
2. Send Receive Connectors between the Exchange servers
3. A routing connector, Smart Host or another external ip address (for exchange 2010 to route traffic to the internet)
4. For the migration I would suggest using the Script release from Microsoft called "PrepareMoveRequest.PS1"

Let me know what your organization build will look like (talking about the domain structure)

regards
0
 

Author Comment

by:Ad-Apex
ID: 33853148
Hi everyone,
Thanks for the comments. There were two ways to progress with this project: rename the domain and put the Exchange upgrade on hold, or try to install exchange on a new domain that was accessible to the old one.
 I decided to rename the domain first as this is something that needs to be done eventually regardless of the exchange server's upgrade.  I will then upgrade the exchange server in the renamed domain without the additional layer of complexity the reverse would involve.
JuusoConnecta and DrUltima had the two responses that best represented what each path would involve. I have split the points between the two.
Regards,
Ad-Apex
0
 

Author Closing Comment

by:Ad-Apex
ID: 33853166
Thanks for the assistance.
0

Join & Write a Comment

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now