Forum Discussion
Exchange on premise + separate multi-forest AD + single server
I'm struggling here a bit to understand what I need to do and everything I look for online talks about O365 hybrid deployments but who the heck wants O365 and trusts M$ with their data is beyond me. ...
You are on the right track that this is a cross forest Exchange mailbox migration where companya.local is defined as the "resource forest" since it is hosting the exchange server and "companyb.local" will be the "account forest" hosting the accounts.
Migrate Security and Distribution Groups.
Migrate Mail Enabled Contacts.
Stage the accounts from company B into company A forest.
Unlike exchange 2007, the user account does not get created during the mailbox move if it doesn't exist in company A, so you need to manually sync it first (reference:
http://www.msexchange.org/blogs/walther/news/cross-forest-mailbox-moves-using-the-exchange-management-shell-426.html)
The final end state is that the company B mailboxes will become 'Linked Mailboxes' where the user accounts in companya.local will be in a disabled state, but company A's domain controllers will still authenticate the user.
FYI: to set your expectations, please know that these network.office.com forums will only take you so far.
I recommend contacting a Microsoft Partner for assistance with this project because there are lots of 'lessons learned' that you only get from doing these and failing at them... remember you don't know what you don't know when it comes to these. If you don't have the budget for a MSFT partner to help, then I recommend doing this in a LAB so you can document the steps before you do this in production.
There is a lot to consider including what you touched on with certificates, autodiscover, DNS, firewall rules, user experience, etc, etc, etc.
You may need to first migrate Security and Distribution Groups so that after user mailboxes are migrating they don't get NDR's when replying to groups. Same with Mail Enabled Contacts, migrate those before the user mailboxes to avoid NDRs later.
Here are a few resources to look at:
https://blogs.technet.microsoft.com/meamcs/2011/06/10/exchange-2010-cross-forest-migration-step-by-step-guide-part-i/>
Another step-by-step guide: http://www.careexchange.in/cross-forest-migration-guide-exchange-2010-to-exchange-2010/
Detailed guidance:
https://technet.microsoft.com/en-us/library/ee633491(v=exchg.150).aspx
Syntax examples: http://msexchangeguru.com/2013/11/03/e2013crossforestmigration/
Hope this helps.
Joe
Migrate Security and Distribution Groups.
Migrate Mail Enabled Contacts.
Stage the accounts from company B into company A forest.
Unlike exchange 2007, the user account does not get created during the mailbox move if it doesn't exist in company A, so you need to manually sync it first (reference:
http://www.msexchange.org/blogs/walther/news/cross-forest-mailbox-moves-using-the-exchange-management-shell-426.html)
The final end state is that the company B mailboxes will become 'Linked Mailboxes' where the user accounts in companya.local will be in a disabled state, but company A's domain controllers will still authenticate the user.
FYI: to set your expectations, please know that these network.office.com forums will only take you so far.
I recommend contacting a Microsoft Partner for assistance with this project because there are lots of 'lessons learned' that you only get from doing these and failing at them... remember you don't know what you don't know when it comes to these. If you don't have the budget for a MSFT partner to help, then I recommend doing this in a LAB so you can document the steps before you do this in production.
There is a lot to consider including what you touched on with certificates, autodiscover, DNS, firewall rules, user experience, etc, etc, etc.
You may need to first migrate Security and Distribution Groups so that after user mailboxes are migrating they don't get NDR's when replying to groups. Same with Mail Enabled Contacts, migrate those before the user mailboxes to avoid NDRs later.
Here are a few resources to look at:
https://blogs.technet.microsoft.com/meamcs/2011/06/10/exchange-2010-cross-forest-migration-step-by-step-guide-part-i/>
Another step-by-step guide: http://www.careexchange.in/cross-forest-migration-guide-exchange-2010-to-exchange-2010/
Detailed guidance:
https://technet.microsoft.com/en-us/library/ee633491(v=exchg.150).aspx
Syntax examples: http://msexchangeguru.com/2013/11/03/e2013crossforestmigration/
Hope this helps.
Joe