Hi
We have a strange requirement, where we have two Exchange organizations running in two forests. First organization (let’s call it source) has been acquired by parent organization (target) and we wish to have around 600 mailboxes from source to be re-created in target organization. Existing mailbox data is not a concern for us. There’s no trust between the two forests, although there’s network connectivity between the two organizations (we can ping entities in one forest from other) but there’s no name resolution setup between them.
What we’ve planned is that we’ll have an e-mail flow setup between the two organizations unless we create all the mailboxes from source in target (will be done in batches). The end result would be that employees in source organization will have to logon to systems joined to source forest and will use a second set of credentials to access their mailboxes hosted in target Exchange organization. For this strategy to work, we’re trying to list out requirements, need help in finding out we’ve missed and correcting/validating that are listed below:
1. For the outlook 2007/ 2010 clients connecting from source organization, do we need to setup any kind of name resolution setup or having IP routing is enough?
What confuses us here is that how client will be authenticated for access to mailbox by DCs, do we need to have name resolution setup so that client can resolve the names of Exchange as well as domain controllers?
2. How will the AD authentication for the outlook connections happen in this case?, will Exchange handle it on behalf of client and verifies the authenticity of the client with target DCs?
3. We need to open required ports between client-to-domain controllers and client-to-Exchange servers (please correct me if this is not correct), but do we need to open them for all the Exchange servers and DCs or only opening for some selected one’s would do?
4. Do we need to allow the Default receive connectors on HTs (in each forest) to allow anonymous connections, or simply adding the IP address of the remote SMTP will work in this case?
Thanks
Taranjeet Singh
zamn