• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 406
  • Last Modified:

2 Domains One Exchange Server? Or use AD Federation Server?

Blue: Mother Company blue.com
Red: Subsidiary red.com  (IT Services Company)

What Red needs from Blue:
Red employees need access to Blue's servers and network resources.
Red need their own email id such as User@red.com
Ideally Red could have its own domain, and therefore its own security policies which may conflict with Blues policies

In a move to provide Red its own foundation and corporate Identity Red has invested in HR Dynamics (HR Payroll) and its required Infrastructure. (SAN + Virtualization etc)

Is it possible to configure Blues Exchange servers (where currently all red employees exist as red_employee@blue.com) to accept mail for red_employee@red.com & red_employee@blue.com?

Should we look into ADFS? (whats needed in this case is access to servers via RDC, no webapps as far as I know at this time, somehow still list red@red.com in Blue exchange directory.)

Its complex I know but essentially all red employees at this time still work for blue mostly. However the plan within the next 2 years or so is for Blue to start working on external company contracts in terms of IT Services.
1 Solution
yes.. you need to add the domain to the accepted domains
and then add the email addresses to the users for @red.com

have a look at http://www.petri.co.il/configure-exchange-2007-recieve-email-other-domains.htm for more details
KizmAuthor Commented:
What about ADFS would it be worth the trouble? Do you know of any organizations that have used it in a scenario similar to ours?
Naa sorry, I haven't done anything with ADFS before.
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Gaurav SinghSolution ArchitectCommented:
Adam BrownSr Solutions ArchitectCommented:
ADFS will not help you with Exchange. It's designed to provide Single Sign On for Web based applications only and can't be used to federate anything other than web based traffic. Exchange has a type of federation, but it's completely different from ADFS. Exchange Federation relies on using microsoft's federation gateway as an intermediary trust. http://technet.microsoft.com/en-us/library/dd335047.aspx has a lot of information on it.

There are a lot of different solutions for the scenario you outline. Each one depends on budget constraints and other things, though. Probably the simplest is to hold the Exchange infrastructure in the Blue forest and set up Linked Mailboxes for the users in the Red domain. http://technet.microsoft.com/en-us/library/dd298099.aspx should give you some good info on multiple forest design.
KizmAuthor Commented:
Sorry for the late reply, thank you all for your answers. I will look into the info you provided.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get 10% Off Your First Squarespace Website

Ready to showcase your work, publish content or promote your business online? With Squarespace’s award-winning templates and 24/7 customer service, getting started is simple. Head to Squarespace.com and use offer code ‘EXPERTS’ to get 10% off your first purchase.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now