Cross forest in Exchange

Cross forest in Exchange

How to open a mailbox cross forest in Exchange

We often migrate users between Exchange organisations/forests, or need to add coexistence between two or more Exchange organisations and forests.  The basic set up for coexistence includes the following:

  • Network coexistence
  • DNS coexistence
  • AD Trust
  • Autodiscover coexistence
  • Synchronisation of GAL objects
  • Accepted Domains
  • Remote Domains
  • Mail Routing
  • Availability Address Spaces

In this case we’re only looking at how to get mailboxes to open cross organisation, so we will assume that the above is in place already.  This means that the GALs are in sync, meaning the mailbox that needs to be accessed is available as an MEU in the Exchange organisation that is hosting the user who wants to access it as an additional mailbox.

In order to be able to open mailboxes cross organisation you need to ensure

  1. that the MEU has msExchRecipientDisplayType set to -1073741818.  This is to ensure that the mailbox user can pick the MEU to open their mailbox
  2. that the Mailbox has the legacyExchangeDNs of each MEU as an x500 proxyAddresses entry.  This is to ensure that Outlook can find the mailbox in the target environment using the MEU from the source LEDN
  3. that the SendAs right is applied on the MEU, if you need SendAs to work cross organisation.  This is because it is the originating Exchange organisation evaluates if send as is allowed

We have done this configuration many times for customers and it works seamlessly.  The user has no idea that the additional mailbox or profile is from a totally different Exchange organisation.