Link to home
Start Free TrialLog in
Avatar of ncomper
ncomper

asked on

Allow users from trusted forest to create / Edit Exchange 2010 mailboxes in another forest

Hi All

We have a single Windows 2008 R2 Forest / Domain that has our own Exchange 2010 org(forest A)
We have recently taken over another company that also has a Windows 2008 R2 Forest / single Domain with an Exchange 2010 org (Forest B)

We are trying to allow our 1st / 2nd line support staff who have their accounts in Forest A to be able to create and amend mailboxes in Forest B.

We have read that you need to use a powershell script to create a linked role group

New-RoleGroup <role group name> -LinkedForeignGroup <name of foreign USG> -LinkedDomainController <FQDN of foreign Active Directory domain controller> -LinkedCredential $ForeignCredential -Roles <role1, role2, role3


After running this script to add our Universal group from Forest A it says successful however when we look at the role group it does not show our UG as a member and the permissions do not work for our support staff.

When they try to run the EMC and connect to the Exchange org in Forest B they get an error that implies it is still trying to look at our own internal Exchange org

Anyone got any ideas as to how we can rectify
SOLUTION
Avatar of Exchange_Geek
Exchange_Geek
Flag of India image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of ncomper
ncomper

ASKER

Sorry i have been away, i will check that today

Thanks