Forum Discussion
SB V
Mar 05, 2019Brass Contributor
Questions on Multi-forest - Hybrid Exchange scenario
Hi Experts, One of our customer raised the below query: They have the below environment: -Forest A & B have a forest trust configured -Both forests use Exchange 2010 mailboxes on premise...
Brian Reid
Mar 06, 2019MVP
This works as long as the UPN is not in use in both forests. If you have ADFS the forest in which authentication occurs needs a UPN suffix for the UPN pointing to other forest for auth to work. This is very complex - avoid it. If you use PTA+SSO, similar issue based on forest in which you install the auth agent. Password Hash auth done in Azure AD - this works fine. If you have the user migrated to other forest, don't sync that OU that contains the duplicate user - the user can only be synced once (unless linked mailboxes, but you did not say that)