locked
ADRMS Deployment in a Resource Forest. RRS feed

  • Question

  • Hello All, 

    Today I have a 3 AD Forest:

    - AD1  : Account Forest - Windows 2012R2 Forest/domain level

    - AD2 : Account Forest - Windows 2016 Forest/domain level

    - AD3 : Resource Forest - Windows 2016 Forest/domain level with Exchange 2016

    - One way AD Trust with the 2 Account forest

    Users in account Forest have an linked Mailbox into the dedicated Exchange Forest. Everything works great.

    I want to deploy ADRMS for end users (it needs to cover AD1 and AD2) - For Exchange purpose only (Like Do Not Transfer mail and so on)

    I read last days many blog on the subject, and some points still unclear.

    https://blogs.technet.microsoft.com/zaid_arafehs_blog/2012/03/08/installing-adrms-in-an-ad-resource-forest/ 

    And : https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/ee918789(v=ws.10)

    What is the best design to implement ADRMS to achieve my goal? 

    If I deploy ADRMS on the resource forest, do I really need to sync user SidHistory with an ILM just for Exchange purpose?

    If I deploy Licensing servers on Resource Forest and Certifcation Servers on the two Account forest do I need SidHistory ILM too? 

    And finally if I deploy all ADRMS services just in Account Forest, do I need something on Resource forest side? 

    Thanks


    m.geyer


    Wednesday, August 14, 2019 10:36 AM