Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 404
  • Last Modified:

2 Domains One Exchange Server? Or use AD Federation Server?

Overview:
Blue: Mother Company blue.com
Red: Subsidiary red.com  (IT Services Company)

What Red needs from Blue:
Red employees need access to Blue's servers and network resources.
Red need their own email id such as User@red.com
Ideally Red could have its own domain, and therefore its own security policies which may conflict with Blues policies

Why?:
In a move to provide Red its own foundation and corporate Identity Red has invested in HR Dynamics (HR Payroll) and its required Infrastructure. (SAN + Virtualization etc)

How:
Is it possible to configure Blues Exchange servers (where currently all red employees exist as red_employee@blue.com) to accept mail for red_employee@red.com & red_employee@blue.com?

Should we look into ADFS? (whats needed in this case is access to servers via RDC, no webapps as far as I know at this time, somehow still list red@red.com in Blue exchange directory.)

Its complex I know but essentially all red employees at this time still work for blue mostly. However the plan within the next 2 years or so is for Blue to start working on external company contracts in terms of IT Services.
0
Kizm
Asked:
Kizm
1 Solution
 
brendanmeyerCommented:
yes.. you need to add the domain to the accepted domains
and then add the email addresses to the users for @red.com

have a look at http://www.petri.co.il/configure-exchange-2007-recieve-email-other-domains.htm for more details
0
 
KizmAuthor Commented:
What about ADFS would it be worth the trouble? Do you know of any organizations that have used it in a scenario similar to ours?
0
 
brendanmeyerCommented:
Naa sorry, I haven't done anything with ADFS before.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
Gaurav SinghSolution ArchitectCommented:
0
 
Adam BrownSr Solutions ArchitectCommented:
ADFS will not help you with Exchange. It's designed to provide Single Sign On for Web based applications only and can't be used to federate anything other than web based traffic. Exchange has a type of federation, but it's completely different from ADFS. Exchange Federation relies on using microsoft's federation gateway as an intermediary trust. http://technet.microsoft.com/en-us/library/dd335047.aspx has a lot of information on it.

There are a lot of different solutions for the scenario you outline. Each one depends on budget constraints and other things, though. Probably the simplest is to hold the Exchange infrastructure in the Blue forest and set up Linked Mailboxes for the users in the Red domain. http://technet.microsoft.com/en-us/library/dd298099.aspx should give you some good info on multiple forest design.
0
 
KizmAuthor Commented:
Sorry for the late reply, thank you all for your answers. I will look into the info you provided.
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now