Exchange Server

Chuck · Guest

Hi there,

I've inherited a rather AD/Exch infrastructure and was hoping someone might
be able to clarify the best migration approach.

We have: W2K forest with an Exch 2K3 Native mode org installed into the
forest root all OK. In the 2nd domain in our forest (different domain tree)
we have W2K AD and an Exch 5.5 org with no ADC.

We want: one forest and the existing Exch 2K3 org.

The catch: due to the size of our IS, number of mailboxes & the business
reliance on mail I need to allow for a period of co-existence with message
flow and GAL synch. Message flow I understand. But configuring the ADC to
synch between a 55 org and an existing 2K3 org within the same forest has me
concerned. In my VM test lab it works - sort of. The ADC CA Wizard errors
when I try to run it, saying "There is an existing org in this forest." I've
configured CAs manually but I don't trust what it might do to my production
AD.

The question: is this possible given the 1forest = 1org rule? Is this a
supportable migration path? If not are there any workarounds that enable me
to put in GAL synch during the co-existence?

Appreciate any feedback at all.

cheers

Chuck

Chuck · Guest

Thanks Al. To clarify then - does it matter that the inter-org CA is
connecting two orgs within the same AD forest? I've read exhaustively on this
approach and all of the docs deal with an inter-org CA across a trust between
a source forest and a target forest.

Thanks for your feedback..

Chuck

"Al Mulnick" wrote:

Al Mulnick · Guest

Migrating from one 5.5 org to a 2003 org (whether built or not) is what
Interorg ADC CAs are for.
FWIW, you could just migrate the user mailboxes and manually configure the
GAL objects, but the ADC makes it easier and it stays in sync.

Other options? MIIS, SimpleSync, or similar products might be useful, but I
don't think it's a great idea. You could manually create the contact/custom
recips if you wanted but again, why bother when this is what the ADC is for?

Al

"Chuck" <charlie@discussions.microsoft.com> wrote in message
news:A16D058F-0340-485D-A29B-BB72C4041513@microsoft.com...

Al Mulnick · Guest

No, because 5.5 doesn't know a thing about the forest boundary.
5.5 does know about the security context in the sense that it uses accounts
in the forest for the credentials to access it's resources.

The ADC can address the GAL sync needs while you migrate (you'll have to use
migration tools, vs. the aduc tools) which is good because you'll need to
join the 5.5 and 2003 GALs together in order for the users to see the GAL
objects to pick and send mail to.

Like I said before, you could do the GAL population manually, but that can
be overhead you don't need.

Don't forget to put a RUS object in place for the new domain (and domain
prep it of course).

Al

"Chuck" <charlie@discussions.microsoft.com> wrote in message
news:D67BD94D-0D80-4CBF-9B0D-1BC3B8314878@microsoft.com...

Guest

We went through something similar to this recently, but it was a
tiresome task and we didn't have the time. We bought a product from
Priasoft and we had it done in a weekend. You can read about it at
http://www.priasoft.com. I highly recommend getting it because it made
our problem a lot easier.

Guest

We went through something similar to this recently, but it was a
tiresome task and we didn't have the time. We bought a product from
Priasoft and we had it done in a weekend. You can read about it at
http://www.priasoft.com. I highly recommend getting it because it made
our problem a lot easier.

Chuck · Guest

Thanks very much Al,

You've be very helpful - and I can't tell you how much this has reduced the
fear factor!

Take it easy

Chuck

"Al Mulnick" wrote:

	Exchange Server Forum Index -> Design	All times are GMT
Page 1 of 1