Solved

2 Domains One Exchange Server? Or use AD Federation Server?

Posted on 2012-03-12
6
385 Views
Last Modified: 2012-06-04
Overview:
Blue: Mother Company blue.com
Red: Subsidiary red.com  (IT Services Company)

What Red needs from Blue:
Red employees need access to Blue's servers and network resources.
Red need their own email id such as User@red.com
Ideally Red could have its own domain, and therefore its own security policies which may conflict with Blues policies

Why?:
In a move to provide Red its own foundation and corporate Identity Red has invested in HR Dynamics (HR Payroll) and its required Infrastructure. (SAN + Virtualization etc)

How:
Is it possible to configure Blues Exchange servers (where currently all red employees exist as red_employee@blue.com) to accept mail for red_employee@red.com & red_employee@blue.com?

Should we look into ADFS? (whats needed in this case is access to servers via RDC, no webapps as far as I know at this time, somehow still list red@red.com in Blue exchange directory.)

Its complex I know but essentially all red employees at this time still work for blue mostly. However the plan within the next 2 years or so is for Blue to start working on external company contracts in terms of IT Services.
0
Comment
Question by:Kizm
6 Comments
 
LVL 14

Expert Comment

by:brendanmeyer
ID: 37709273
yes.. you need to add the domain to the accepted domains
and then add the email addresses to the users for @red.com

have a look at http://www.petri.co.il/configure-exchange-2007-recieve-email-other-domains.htm for more details
0
 

Author Comment

by:Kizm
ID: 37709482
What about ADFS would it be worth the trouble? Do you know of any organizations that have used it in a scenario similar to ours?
0
 
LVL 14

Expert Comment

by:brendanmeyer
ID: 37709505
Naa sorry, I haven't done anything with ADFS before.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 17

Expert Comment

by:Gaurav Singh
ID: 37709572
0
 
LVL 38

Accepted Solution

by:
Adam Brown earned 500 total points
ID: 37710699
ADFS will not help you with Exchange. It's designed to provide Single Sign On for Web based applications only and can't be used to federate anything other than web based traffic. Exchange has a type of federation, but it's completely different from ADFS. Exchange Federation relies on using microsoft's federation gateway as an intermediary trust. http://technet.microsoft.com/en-us/library/dd335047.aspx has a lot of information on it.

There are a lot of different solutions for the scenario you outline. Each one depends on budget constraints and other things, though. Probably the simplest is to hold the Exchange infrastructure in the Blue forest and set up Linked Mailboxes for the users in the Red domain. http://technet.microsoft.com/en-us/library/dd298099.aspx should give you some good info on multiple forest design.
0
 

Author Comment

by:Kizm
ID: 38046625
Sorry for the late reply, thank you all for your answers. I will look into the info you provided.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now