Exchange Availability service

Execute in Forest A.
powershell# Grant Cross-Forest Permission
Get-MailboxServer | Add-ADPermission -AccessRights ExtendedRight -ExtendedRights “ms-Exch-EPI-Token-Serialization” -User “companyB\ Exchange Servers”
# Add-AvailabilityAddressSpace
Add-AvailabilityAddressSpace -ForestName companyB.com -AccessMethod PerUserFB -UseServiceAccount $true
2. In Forest B run: powershell
# Grant cross-forest privileges
Get-MailboxServer | Add-ADPermission -AccessRights ExtendedRight -ExtendedRights “ms-Exch-EPI-Token-Serialization” -User “companyA\ Exchange Servers”
# Add-AvailabilityAddressSpace
Add-AvailabilityAddressSpace -ForestName companyA.com -AccessMethod PerUserFB -UseServiceAccount $true
3. Key Note: Replacing Real Domains
companyA.com and companyB.com need to be replaced with actual forest root domains (DNS names, not NetBIOS names).
Verifying Service Accounts
companyB\Exchange Servers must be the security group to which the Exchange servers in Forest B belong (default group name is Exchange Servers).
Two-way Trust Check
Ensure that two-way Kerberos trust exists between the two forests and that the domain in which the Exchange server resides participates in this trust.
Firewall Open Ports
Open TCP ports 80/443 (HTTP/HTTPS) and 808 (RPC over HTTP) between Exchange servers.
Quick Authentication.
Run the following command in any forest to check if the configuration takes effect:
powershell
Test-AvailabilityServiceConnectivity -TargetForest companyB.com -Verbose
If Success is returned, the configuration was successful.