Solved

Opening a mailbox in a different Exchange 2003 Org / Trusted Domain

Posted on 2011-02-21
9
1,414 Views
Last Modified: 2012-05-11
Need a temporary fix if possible.

I have two 2003 domains, trusted both ways.  Each has their own Exchange organization.

A user in Domain1 would like to be able to open his mailbox in Domain2 using Outlook until we can get everything migrated properly.  I know I can assign the right mailbox rights but how do I convince Outlook to look outside its own AD domain when setting up an Exchange profile?

Understand this is just a patch.  Any ideas appreciated!
0
Comment
Question by:Figin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +2
9 Comments
 
LVL 2

Expert Comment

by:squirrelnuttz
ID: 34946626
as far as i know outlook can only have one exchange mailbox configured at a time. are you trying to use the open other users folder feature within outlook?
0
 
LVL 12

Assisted Solution

by:Navdeep
Navdeep earned 250 total points
ID: 34946766
Hi,

The process that you are trying to do is Creating Linked mailbox accounts. This involves several steps.

lets Say Forest A has Exchange Mailbox accounts.
Forest B has users account who wan to access Mailbox accounts in Forest A

Requirement Two way Trust RelationShip between forests
Create disabled user accounts in Forest A with Mailbox A
Grant mailbox right on AssociatedExternalAccount Account attribute to ForestB user.

Please check the following article
Granting Access to External Accounts
http://technet.microsoft.com/hi-in/library/aa998787%28en-us,EXCHG.65%29.aspx

0
 
LVL 3

Accepted Solution

by:
iamshergill earned 250 total points
ID: 34947394
What I understood from your descripton that You have messaging System in A.D. domain domain1.com and user from A.D. domain domain2.com wants to access this mailbox. If this is correct, please follow below steps:

- Create two way trust relation between domain1.com and domain2.com
- Create a mailbox in domain1.com for user from domain2.com. (Lets user from domain1.com is user1@domain1.com and user from domain2.com is user1@domain2.com)
- Disable user1@domain1.com. Go to user1@domain1.com properties > Mailbox Rights > Select user1@domain2.com from domain2.com and give him Full Mailbox Access + Associated External Account.
- On DNS server in domain2.com, configure forwarder to forward all queries for domain1.com to DNS Server in domain1.com
- While configure Outlook profile in domain2.com, user always FQDN name for mailbox server.

Please let me know if you need any clearification.

0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 

Author Comment

by:Figin
ID: 34948101
Does the user account in Domain1 (the one he wants access to using his Domain2 account) *have* to be disabled?

Currently, there's a bit of a hodge-podge of access where he actually uses both accounts for different things (strange but that's how it is set up).  

We ultimately want all the Domain2 user accounts to be migrated over to Domain1 but unfortunately, that's several months off before I can do it.
0
 
LVL 2

Expert Comment

by:squirrelnuttz
ID: 34948830
could you just forward the user's domain2 email to the domain1 address?
0
 
LVL 3

Expert Comment

by:iamshergill
ID: 34950173
users in domain1.com should be disabled.
0
 
LVL 24

Expert Comment

by:Mike Thomas
ID: 34950195
Seriously I would just use Outllok Web on the other domain this way he can have both mailboxes opened on the one PC, or access both remotly. If it just a short term thing that should be fine
0
 

Author Comment

by:Figin
ID: 34951004
All good thoughts and comments!

The user refuses to use OWA and doesn't want things forwarded.  He wants to use the mailbox in Outlook native.

I guess I'm just wondering what the rationale is for having the resource mailbox account disabled?  He would not be using that account to access mail (he wants to use only his current trusted domain account) but wants to use the same mailbox account for other access.  We're having a time working through all the domain migration details so we can't just do it in one fell swoop.  But yes, this would be a temporary thing, just trying to confirm whether not disabling the account will break anything else on the mailbox account.

Thanks again.
0
 
LVL 12

Assisted Solution

by:Navdeep
Navdeep earned 250 total points
ID: 34954696
Disabling the account in resource forest is a requirement the way Linked mailbox works. mailbox will still be accessible because user in account forest will have full access and external associate rights on it.

It shudn't be breaking anything unless he uses resources forest account for some other purpose like file access, login, etc etc
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
This video discusses moving either the default database or any database to a new volume.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question