Solved

Opening a mailbox in a different Exchange 2003 Org / Trusted Domain

Posted on 2011-02-21
9
1,374 Views
Last Modified: 2012-05-11
Need a temporary fix if possible.

I have two 2003 domains, trusted both ways.  Each has their own Exchange organization.

A user in Domain1 would like to be able to open his mailbox in Domain2 using Outlook until we can get everything migrated properly.  I know I can assign the right mailbox rights but how do I convince Outlook to look outside its own AD domain when setting up an Exchange profile?

Understand this is just a patch.  Any ideas appreciated!
0
Comment
Question by:Figin
  • 2
  • 2
  • 2
  • +2
9 Comments
 
LVL 2

Expert Comment

by:squirrelnuttz
ID: 34946626
as far as i know outlook can only have one exchange mailbox configured at a time. are you trying to use the open other users folder feature within outlook?
0
 
LVL 12

Assisted Solution

by:Navdeep
Navdeep earned 250 total points
ID: 34946766
Hi,

The process that you are trying to do is Creating Linked mailbox accounts. This involves several steps.

lets Say Forest A has Exchange Mailbox accounts.
Forest B has users account who wan to access Mailbox accounts in Forest A

Requirement Two way Trust RelationShip between forests
Create disabled user accounts in Forest A with Mailbox A
Grant mailbox right on AssociatedExternalAccount Account attribute to ForestB user.

Please check the following article
Granting Access to External Accounts
http://technet.microsoft.com/hi-in/library/aa998787%28en-us,EXCHG.65%29.aspx

0
 
LVL 3

Accepted Solution

by:
iamshergill earned 250 total points
ID: 34947394
What I understood from your descripton that You have messaging System in A.D. domain domain1.com and user from A.D. domain domain2.com wants to access this mailbox. If this is correct, please follow below steps:

- Create two way trust relation between domain1.com and domain2.com
- Create a mailbox in domain1.com for user from domain2.com. (Lets user from domain1.com is user1@domain1.com and user from domain2.com is user1@domain2.com)
- Disable user1@domain1.com. Go to user1@domain1.com properties > Mailbox Rights > Select user1@domain2.com from domain2.com and give him Full Mailbox Access + Associated External Account.
- On DNS server in domain2.com, configure forwarder to forward all queries for domain1.com to DNS Server in domain1.com
- While configure Outlook profile in domain2.com, user always FQDN name for mailbox server.

Please let me know if you need any clearification.

0
 

Author Comment

by:Figin
ID: 34948101
Does the user account in Domain1 (the one he wants access to using his Domain2 account) *have* to be disabled?

Currently, there's a bit of a hodge-podge of access where he actually uses both accounts for different things (strange but that's how it is set up).  

We ultimately want all the Domain2 user accounts to be migrated over to Domain1 but unfortunately, that's several months off before I can do it.
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 2

Expert Comment

by:squirrelnuttz
ID: 34948830
could you just forward the user's domain2 email to the domain1 address?
0
 
LVL 3

Expert Comment

by:iamshergill
ID: 34950173
users in domain1.com should be disabled.
0
 
LVL 24

Expert Comment

by:Mike Thomas
ID: 34950195
Seriously I would just use Outllok Web on the other domain this way he can have both mailboxes opened on the one PC, or access both remotly. If it just a short term thing that should be fine
0
 

Author Comment

by:Figin
ID: 34951004
All good thoughts and comments!

The user refuses to use OWA and doesn't want things forwarded.  He wants to use the mailbox in Outlook native.

I guess I'm just wondering what the rationale is for having the resource mailbox account disabled?  He would not be using that account to access mail (he wants to use only his current trusted domain account) but wants to use the same mailbox account for other access.  We're having a time working through all the domain migration details so we can't just do it in one fell swoop.  But yes, this would be a temporary thing, just trying to confirm whether not disabling the account will break anything else on the mailbox account.

Thanks again.
0
 
LVL 12

Assisted Solution

by:Navdeep
Navdeep earned 250 total points
ID: 34954696
Disabling the account in resource forest is a requirement the way Linked mailbox works. mailbox will still be accessible because user in account forest will have full access and external associate rights on it.

It shudn't be breaking anything unless he uses resources forest account for some other purpose like file access, login, etc etc
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now