locked
share domain between two forests RRS feed

  • Question

  • Hi
    I am trying to share a single domain between two organisations and completely independent Active Directory Forests with no trusts in place.

    We use a third party company for scanning incoming/outgoing emails for viruses/spam etc. This third party company also has LDAP connections to both the AD forests and is able to deliver incoming emails on the shared domain to the appropriate site/forest.
    I have added the shared domain to a recipient policy on both Exchange organisations. If I select "This Exchange Organisation is responsible for all mail delivered to this address", the emails are delivered correctly to the mailboxes.

    The problem I have is sending emails using the shared domain between the two exchange organisations. My understanding is if I UNTICK "This Exchange Organisation is responsible for all mail delivered to this address", if an email sent to the shared domain is not destined for a mailbox on the local exchange org, it will be passed back out to the internet for delivery. If I do untick it, I am no longer able to receive any emails to that org on the shared domain. Emails sent get an "Unable to relay for that domain" error.

    What is the simplest and easiest to manage method of getting the emails between the two organisations?
    I could tick the above box and then add an SMTP connector for the shared domain pointing to the third party scanning company?
    That option is easy on one of the forests which is a single site AD. The other forest has 50 sites and very complex routing.

    Is there another simpler solution I am not thinking of?

    Thanks for any suggestions.
    Gordon
    Monday, September 28, 2009 8:46 PM

Answers

  • I worked it out...
    I had to restart the Exchange Routing engine before the changes worked ;-)
    • Marked as answer by Mike Shen Monday, October 5, 2009 6:33 AM
    Monday, September 28, 2009 11:57 PM

All replies