• RSS
  • Twitter
  • FaceBook

Exchange Server Forums

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Create Exchange Mailbox on seperate forest??

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Microsoft Exchange 2003] >> Migration >> Create Exchange Mailbox on seperate forest?? Page: [1]
Login
Message << Older Topic   Newer Topic >>
Create Exchange Mailbox on seperate forest?? - 18.Aug.2008 8:54:10 PM   
jcassianna

 

Posts: 11
Joined: 22.Oct.2007
Status: offline
    Is it possible to use ADUC to create a new AD account/mailbox in a forest from an Exchange server in a different forest but, have the mailbox be in a mailstore that lives on the same exchange server that I'm using to create the account?  I have a validated two way forest trust in place.  If yes, what needs to be done to make it possible.  I have this in place and can create the AD account but, get an error when trying to create the mailbox.  Here is the error from the end of the xml output:

  ....<progress code="-4" milliseconds="391">Saving changes to the directory</progress>   <summary isWarning="false" errorCode="0x8007202f">A constraint violation occurred.</summary>   </item>   </items>   </taskWizardRun>

< Message edited by jcassianna -- 18.Aug.2008 8:58:11 PM >
Post #: 1
RE: Create Exchange Mailbox on seperate forest?? - 19.Aug.2008 5:58:47 AM   
javedmse

 

Posts: 14
Joined: 21.Jun.2007
Status: offline
r u trying to create link mailbox?? if yes, you have to use the exchange management console to create the new mailbox as link mailbox and associate the mailbox the user in different forest.



_____________________________

Javed Khan
Specialist Exchange
Tata Communications

(in reply to jcassianna)
Post #: 2
RE: Create Exchange Mailbox on seperate forest?? - 19.Aug.2008 1:51:28 PM   
jcassianna

 

Posts: 11
Joined: 22.Oct.2007
Status: offline
quote:

ORIGINAL: javedmse

r u trying to create link mailbox?? if yes, you have to use the exchange management console to create the new mailbox as link mailbox and associate the mailbox the user in different forest.




Sorry but, I'm not sure what a link mailbox is.  To provide more backround... I have an Exchange server I'm trying to decommision in the other forest from where I'm trying to create the account.  I need to be able to create user accounts in the other forest/domain then associate them with mailboxes throw a two way forest trust to the Exchange server.

Another explaination:
Two way forest trust from forest A to forest B.  I need to be able to create new user accounts in forest A but, put those account's mailboxes in the Exchange server in forest B.  Is this possible with just a two way forest trust.  This is all Windows/Exchange 2003.

(in reply to javedmse)
Post #: 3
RE: Create Exchange Mailbox on seperate forest?? - 20.Aug.2008 1:07:32 AM   
javedmse

 

Posts: 14
Joined: 21.Jun.2007
Status: offline
Yeah... this is very well possible.. This scenario is called Resource forest model where mailboxes will be hosted in one forest (ForestA) and user accounts should located in another forest (Forest B).

As u said you are using Exchange 2003 server. still it is possible, provided you have Two way forest trust in place.

If you are trying to migrate the mailboxes, the whole procedure is different...

But if you trying to build a new setup, it is very simple...

Steps for new setup:-

1) Build AD forest (ForestA)
2) Raise both Forests functional level to Windows 2003
3)Raise both Domain functional level to Windows 2003 ( you should not have any windows 2000 domain controllers, if you have then, raise the functional level to windows 2000 native.

4)Establish Two way forest trust with Forest B (which is account Forest where all user accounts will exist) and validate the trust from both sides.  
To validate more:- Create a folder in Forest A and give security rights to Forest B administrator.
5)Install Exchange 2003 and install the SP2.
6) Give Exchange admin privillages to ForestB administrator account by delegating admin rights to that user


User mailbox creation:-

1)Create an AD user account(John) in Forest B. In Forest A where you have Exchange, Create an AD user account (John) with the same name and create a Mailbox.
2) Disable the AD user(John) in Forest A(where  u have mailbox). After disabling, the mailbox doesnt have AD user account associated with.
3) Right click the Disabled account, select Exchange Tasks, select "Associate to external Account" and select the user(John from Forest B), click finish..

Now the mailbox can be accessible using Forest B, John's credentials.

** Try to check whether you can able to change the password through OWA after this setup...

Have a nice day...  
Let me know if u need any more info...

_____________________________

Javed Khan
Specialist Exchange
Tata Communications

(in reply to jcassianna)
Post #: 4
RE: Create Exchange Mailbox on seperate forest?? - 20.Aug.2008 7:10:09 PM   
jcassianna

 

Posts: 11
Joined: 22.Oct.2007
Status: offline
Thanks again for the suggestion javedmse but, I am also trying to migrate existing mailboxes to the other forest.  I'm trying to avoid having to change the user's computer's domain therefore having to deal with Windows profiles.  Microsoft sure didn't make this very easy and I imagine it happens ALL the time with mergers/acquisitions and such.

I learned recently about Microsoft's IIFP.  Do you, or anyone else think this would be a worth while solution?

Also, does anyone know if it's possible to migrate the mailboxes then perhaps covert Forest A to be a tree domain in Forest B so that I'm left with just one big Forest?

(in reply to javedmse)
Post #: 5
RE: Create Exchange Mailbox on seperate forest?? - 21.Aug.2008 2:24:40 AM   
javedmse

 

Posts: 14
Joined: 21.Jun.2007
Status: offline
Hi jcassianna,
 
How many mailboxes do you have in your environment??
How they connect? MAPI, POP3 etc.
R u planning for single shot migration or phased migration?
 
Here i will tell you the procedure of simple migration and based on your migration plan, u decide how to a go-ahead with migration.
 
For migration, As we discussed early, you need to have two way trust in-place and you already established.
The second approach would be,
Delegate the administrator role to Forest B admin in Forest A Exchange Org and vice versa...
 
If u decided for phased migration
1) Configure SMTP Domain share and create connectors according to that.
 So that there will be mailflow enabled between migrated and non-migrated users.
Make sure, all recipient policies configured as Non-authoritative.
2) Configure IIFP to do the initial GAL synchronization
    Which will provide the GAL visibility to migrated users and using the contacts we can enable free/busy synchronization.
 3) Use move mailbox wizard to migrate the mailboxes to new exchange organization. When u r moving, you can able to see the other exchange organization.
4) Once you migrate the mailbox, it will create a Disabled AD user account in destination Forest and the mailbox appears as disconnected maibox in the destination forest.
5) once you migrate all your mailboxes, you need to run the Mailbox Recovery center (which is available in Exchange System Manager, Tools) destination Forest Exchange Org.
While running Mailbox recovery center , you may list all disconnected mailboxes.
Select all and find the match.... where you need to select the "Account Forest"...
 
After migration, Configure IIFP to provision the user accounts in Destination forest by configuring management agents...
 
Once you create new accounts in Account Forest (source forest), it will get  syncronized using IIFP and you need to create new mailbox for that account....
 
 

_____________________________

Javed Khan
Specialist Exchange
Tata Communications

(in reply to jcassianna)
Post #: 6
RE: Create Exchange Mailbox on seperate forest?? - 21.Aug.2008 6:37:53 PM   
jcassianna

 

Posts: 11
Joined: 22.Oct.2007
Status: offline
javedmse
I have 98 mailboxes I need to merge.  They connect using Outlook IMAP and MAPI.  No POP3.  I'd like to do whichever method makes most sense.

Thank you for your guide.  It's a bit advanced for me but, I may give it a try.  I still need to find a W2k3 Ent license.

If you don't mind, I may be back to pick your brain.

(in reply to javedmse)
Post #: 7
RE: Create Exchange Mailbox on seperate forest?? - 22.Aug.2008 3:55:29 AM   
javedmse

 

Posts: 14
Joined: 21.Jun.2007
Status: offline
Sure, you can take my help at any point of time.
But when you have only 98 mailboxes then it is better to do singleshot migration.
By this approach you can eliminate SMTP domain share.
After establishing the trust, just migrate the mailboxes. It will create disabled AD accounts in the destination forest.

Do you have any public folders? If yes, migrate it using inter-org replication tool.



_____________________________

Javed Khan
Specialist Exchange
Tata Communications

(in reply to jcassianna)
Post #: 8
RE: Create Exchange Mailbox on seperate forest?? - 22.Aug.2008 2:34:27 PM   
jcassianna

 

Posts: 11
Joined: 22.Oct.2007
Status: offline
Understood.  The trust has been in place for some time and is functional.  I do have public folders and have started using the inter-org synch tool.  It works well.  I just wish they had the same for mailboxes/ad accounts ;).

(in reply to javedmse)
Post #: 9
RE: Create Exchange Mailbox on seperate forest?? - 26.Aug.2008 1:34:51 PM   
javedmse

 

Posts: 14
Joined: 21.Jun.2007
Status: offline
Hi,

When you have public folders in place, then it is not enough just using InterOrg.
It just only replicate the folders and its contents. W
You should use PFDavAdmin tool to migrate the permissions...
Lets, run the PFDavAdmin tool run on source exchange org and export all the permissoins to a text file.

If the source and destination Exchange organization is having the same name then, use PFDavAdmin to import the same permissions in the destination forest.. But dont forget, you have Import the permission only after migrating all the mail boxes.

For safe side, export all permissions and keep that aside..

Have a better luck

_____________________________

Javed Khan
Specialist Exchange
Tata Communications

(in reply to jcassianna)
Post #: 10

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Microsoft Exchange 2003] >> Migration >> Create Exchange Mailbox on seperate forest?? Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts


Follow TechGenix on Twitter