Question:
My organization have AD domain on one machine including windows server 2003 and exchange 2003. The company has bought another company with difference entity, so I created a child domain with the exiting windows 2000 server machine from the new company. Is it possible to have users on a child domain to connect to exchange server on a root domain? Thank you in advance.
Answer:
Yes it is possible, with the right ACL in place, as the trust is transitive.
—- Added by Bharat Suneja —–
Yes, it is possible and quite common to have users in child domains have mailboxes in a parent domain or a different domain in the Active Directory Forest. The Organization container resides in the Configuration partition (aka “naming context”) in AD. As a result, an Exchange Organization spans the entire AD Forest. Recipients can reside in any domain in the Forest.
What needs to be done:
– Run Setup /DomainPrep in the domain where users or any Exchange servers reside (you’ve already done this for the parent domain where Exchange server resides. You will need to run /DomainPrep in the child domain).
– Create a Recipient Update Service (RUS) and point it to a Domain Controller in the child domain.
References:
– KB 275294: Creating Exchange Recipient Update Service instances for remote domainshttps://support.microsoft.com/en-us/kb/275294
安装完子域Sales默认林根域委派了DNS解析,域树abc.com和林根域之间这需要进行相互条件转发,其实三个域之间都配置为条件转发即可,这样域名解析就不成问题了。如下图,林根域默认委派了sales子域,同时我也手动在林根域创建条件转发
我在域树配置了条件转发
看下站点配置,dc01为根域DC, DC20为子域DC, DC30为域树abc.com,因为三台DC同时都是GC,他们之间都自动生成复制拓扑
子域和域树,都需要使用林根域的Exchange服务器资源,子域和域树都需要进行“域的准备”
如下图,我在域树abc.com上进行了域的准备,准备成功
如下图,在林根域的Exchange上我们可以为根域,子域或者域树中的用户启用邮箱
总之,一个Exchange服务器可以给林中的所有域使用,同理Lync之类的服务器也是同样的道理,记住“配置分区”是深林范围级别的复制方式。
