Need input on Exchange 2010 handling multiple email domains

Have a customer with an SBS 2011 that has multiple email domains and was looking to use one Exchange server to manage them.

From what I have read it is possible,but looking for how to do articles or somebody that has done this before.

Any suggestions?
LVL 31
pgm554Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Michael OrtegaSales & Systems EngineerCommented:
Just add the 2nd domain to the accepted domains tab in Exchange Management Console and update your address policy to assign the new domain to the appropriate users/mailboxes.

MO
0
Michael OrtegaSales & Systems EngineerCommented:
1. Open Exchange Management Console on your SBS
2. Expand Microsoft Exchange
3. Expand Organization Configuration
4. Click on the Accepted Domains tab
5. Click on New Accepted Domain from the Actions column on the right hand side of EMC
6. Complete the wizard

If you want the domain to automatically be propagated to existing accounts you'll want to go Email Address Policies tab under Organization Configuration and add it there.

If you just want to manually add the domain for users you can just go into their individual mailboxes in EMC and add the address there.

MO
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
pgm554Author Commented:
Found that at the SBS Susan Bradly blog,but got a few ?'s.

Do I need to run the connect to the internet wizard and set up a separate SSL for each new domain I want to accept?

Does the new email user require an existing (default domain)Exchange mailbox or can I just set up a new user and manually add them in the user properties?
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Michael OrtegaSales & Systems EngineerCommented:
No need to run the Connect to the Internet Wizard.

If you have a single domain trusted SSL cert right now, you'll need to purchase a UCC (SAN) cert (with a minimum of 5 domains), so that you can put your current domain and your 2nd domain on the same cert. I would add autodiscover names to the cert as well. Your cert would contain at least all 4 names:

mail.currentdomain.com
mail.newdomain.com
autodiscover.currentdomain.com
autodiscover.newdomain.com

Of course, then you want to install the cert. You can create the CSR from within the EMC.

When you create the new user, you can modify their email addresses on the fly. Add the 2nd domain, remove the old one, keep both...whatever you want.

MO
0
pgm554Author Commented:
Just talked to godaddy and for another 300 bucks I can have a 10 ssl on my ucc.
0
Michael OrtegaSales & Systems EngineerCommented:
That's the way to go. One cert to rule them all!!!! =)

MO
0
JoeteckCommented:
Personally I would abandoned hosting your own exchange server and migrate to the cloud, such as office 365 or appriver.  Not having the worry about backing up the server or having a disaster plan for exchange is a huge WIN!! The auto discovery is just moved and works very well. I just finished doing a migration using MigrationWiz and it went flawlessly. Very in expensive too.

Sorry this is not an answer you were looking, but rather another option to relieve the stress of hosting your own exchange server..
0
Michael OrtegaSales & Systems EngineerCommented:
If you want the autodiscover component to work seamlessly my recommendation is to add the public email domains as UPN suffices in AD Domains and Trust and the update the user accounts in AD to use the new UPN suffixes for authentication. They can still use whatever private domain exists for authentication, e.g.

DOMAIN\username or username@domain.local

but they can also use the new UPN suffix, e.g.

username@publicdomain.com

To authentication with. The caveat, of course, is that their username has to match their email alias for this to work seamlessly. For example:

If jsmith's email address is John@publicdomain.com his username should be John as well...or the other way around jsmith for logon and jsmith for email alias.

MO
0
pgm554Author Commented:
migrate to the cloud, ?

Lot's of these folks have tried it and the customer service sucked.
If they have an issue,I get the call and I know what it is and what to do about it.

Network Solutions ,Register and Godaddy all have 3rd party email servers and the customer service flat out sucks.

Nobody knows a frigging thing.
M$ can be the same way.
I know my routers ,ISP and how my servers are patched.
0
Will SzymkowskiSenior Solution ArchitectCommented:
If you have multiple Accpeted Domains you do not need to add all of them to the cert. Are you hosting multi tenant or something? If you have a primary SMTP domain and have everyone connect using that (mail.primdomain.com).

This simplifies the entire process having all of your users connecting use one SMTP domain. If you have different lines of business that need to use a different STMP domain for sending and receive that is still accomplished this way.

SAN names would include..
- mail.primdomain.com
- autodiscover.primdomain.com

You will also save a lot of money going this way because the more SAN names you add to your cert the higher the cost.

You just need to have all of the MX records for all of the SMTP domains point to your Exchange server externally. Create your Accepted Domains on the Exchange server and then EAP (Email Address Policies).

This will allow all of the users to send and receive with the SMTP domain they are assigned, and only having one namespace to connect to rather than one for each Accepted Domain you have internally.

Will
0
pgm554Author Commented:
One company has several different email domains  ,but the hosting service (Network Solutions) has a policy now of charging $59 bucks if you want to talk to somebody that knows anything if the email has issues.

I just said screw it,they got the server ,I going to drop their hosting and bring it in house.
I got two other Exchange boxes that have been solid for a few years ,so biting the bullet.

<This will allow all of the users to send and receive with the SMTP domain they are assigned, and only having one namespace to connect to rather than one for each Accepted Domain you have internally.
What about activesync?
0
Will SzymkowskiSenior Solution ArchitectCommented:
You setup all virtual directories using the primary. Smtp domain. They will still be able to send/receive on the SMTP domain you specify.

Will.
0
pgm554Author Commented:
still working on solution.
Just need to test.
0
Will SzymkowskiSenior Solution ArchitectCommented:
I hope your solution only has the domains necessary added to your cert. As i outlined in my posts.

Will.
0
pgm554Author Commented:
Finally ,looking at doing a test run.
I have a question concerning mx records and cname changes.

Say old company email server was mail,dog.com and I want it to point to mail.cat.com ,do I have to create a cname alias for this to work?
0
Will SzymkowskiSenior Solution ArchitectCommented:
If you are changing your external SMTP Domain you need to create a new A host record for cat.com and then you need to create an associating record for mail.cat.com. You will then also need to make sure that your ISP points your external IP to the new mail.cat.domain (reverse) to ensure proper mail flow on the internet with out being blocked by spambots.

Will.
0
Michael OrtegaSales & Systems EngineerCommented:
...and if you want to be able to access the FQDN of your mailserver on either mail.cat.com or mail.dog.com you'll want to add both names to your UCC cert as well as their autodiscover FQDN's as I indicated in my post previously. If your intent is to make everyone simply use one domain then there is no need to do that.

MO
0
pgm554Author Commented:
I just set up email accounts on the new server to accept the new secondary mail domain and the new mail domain points to the new IP address ,but I am getting a bounce back.

host mail.xyz.com[50.242.94.xxx] said:
    550 5.7.1 Unable to relay (in reply to RCPT TO command)
0
Michael OrtegaSales & Systems EngineerCommented:
You added the domain to accepted domains, right? Did you create a new receive connector just for this domain? If so, it's not necessary. If you did, and there is a reason for that, make sure the authentication is set to just anonymous.

MO
0
pgm554Author Commented:
I just checked that and I thought I had ,but...

When I add the accepted domain ,do I need to add the FQDN (mail.xyz.com or just xyz.com)?
0
Michael OrtegaSales & Systems EngineerCommented:
just xyz.com

MO
0
pgm554Author Commented:
Changed it to the xyz.com.
Do I need to stop and start the transport hub again?
0
Michael OrtegaSales & Systems EngineerCommented:
Shouldn't be necessary.

MO
0
pgm554Author Commented:
Looks like I got it to send and receive(I had to add a new send connector for xyx.com smtp) .
0
pgm554Author Commented:
Things seem to be OK,but now I have to figure out why SP3 won't install on 2010.
It will be another question here.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.