RE: Exchange 2003 Share SMTP Name Space between Forests

From: Ryan Gilbert (RyanGilbert_at_discussions.microsoft.com)
Date: 10/18/04 

Date: Mon, 18 Oct 2004 12:49:01 -0700

I finally had to call Microsoft. After 6 hours we finally got it. Here's
the solution, it's a bit on the long side, but I have the configurations for
both of the servers. Something that all of these other solutions are missing,
which is pretty critical. I will keep checking back here to answer any
questions if you need help.

The microsoft Article is right, but does not give the full answer, imagine
that. We were so close!

http://support.microsoft.com/default.aspx?kbid=319759

The email server that is forwarding the mail to the other server is in
California, and my other server is in China. The California server has the MX
records pointing to it. Here's the setup for the California server. This
will be a down and dirty explanation, because it was pretty arduous.

Recipient Policies

1. In the System Manager, under Recipient Policies, you have to edit the
Defaul Policy. Either double click the Default Policy, or right click and go
to properties. Under the email tab, create a new SMTP address. It must have
the @ symbol in front of it. This address cannot be the main address that
you are trying to share, so if your email address is bob@bigtoys.com, you
cannot create another smtp address with @bigtoys.com. The new SMTP address I
created was @us.bigtoys.com. Make sure that the checkbox that says, "This
Exchange Organization is responsible for all mail delivery....." is checked.
Hit OK. Highlight your new SMTP address and then Set it as Primary by hitting
the button on the bottom right. Now, highlight the address that you are
trying to share, in our example it's, @bigtoys.com. Hit the Edit button, and
make sure that the, "This Exchange Organization is responsible...." checkbox
is NOT checked. Hit OK.

2. As you can see this is pretty much directly from the MS article 319759.
I'm going through the whole process here because there are minute differences
in my case that made all the difference in the world, in other words, from
not working to working like a champ. Now you have to create a new Recipient
Policy. In System Manager, right click on Recipient Policies, go to New, and
Recipient Policy. Put a check in E-Mail Addresses and hit ok. You can title
this new policy whatever you want, but I called mine User Addresses. After
naming it, on the General tab hit the Modify button on the bottom left. A
new window will open called, Find Exchange Recipients, with a bunch of stuff
checked. I wanted this policy to apply to everyone, so I made sure every box
was checked and hit ok. If you want to apply only to some, then you have to
change this configuration. Back on the properties page of my new Recipient
Policy, you can now see a bunch of code in the grayed out box. Select the
Email Addresses tab. If it is blank then you have to create your two SMTP
address that you created in step 1, @bigtoys.com and @us.bigtoys.com. The
difference is your address that you want to share needs to be set as the
primary(@bigtoys.com) and the new address(@us.bigtoys.com) is not. The
@bigtoys.com still needs to NOT have the checkbox selected for, "This
Exchange Organization...". The new address must have that box checked.

Recap:

Default Policy:
@bigtoys.com not primary checkbox not selected
@us.bigtoys.com primary checkbox selected

new policy(User Addresses)
@bigtoys.com primary checkbox not selected
@us.bigtoys.com not primary checbox selected

3. Now in System Manger, under Administrative Groups, First Group(or
whatever group your email server is under), Routing Groups, First Routing
Groups, Connectors, you have to create a new SMTP connector. Right click on
Connectors and select new SMTP Connector. You can call it whatever you want;
I called mine China Forwarder. In the General Page select the radio button
that says, Forward all mail through this connector to the following smart
hosts. In the box below put in the LAN ip address of your email server with
[] around it. So it will look like this, [192.168.0.5]. Then add the local
bridgehead which was my email server in Californa. When you add it, you will
see your email server name in the Local Bridgeheads box, which for me was
BTMAIL. Now select the address space tab. You have to add two new SMTP
address spaces. The first one must be the name of the address space you are
trying to share, in our example it's bigtoys.com. Make sure that you DO NOT
have the @ symbol in front of the bigtoys.com. In the address space box it
should just look like this, bigtoys.com. Now you have to add a second
address space. This address space is not the address space you created at
this location for example, us.bigtoys.com. THIS IS NOT the address space you
want here. The address space that you do want here is going to be the address
space that you are going to create at the remote location of where you are
forwarding the emails. In my case, China. Since you have created this
address yet, you must come up with a new address space that you are going to
use in the Remote location. I created this address space, cn.bigtoys.com. So
I added, cn.bigtoys.com in the SMTP address space box. Hit apply, and on the
bottom left make sure the check box, Allow messages to relayed to these
domains, is selected. Here's what it should look like:

bigtoys.com
cn.bigtoys.com

4. Stop and Start the SMTP service. Rebuild the Recipient Update
Service(update the one with your domain name, not the Enterprise one). I'm
getting lazy here, but the MS article explains how to do this.

5. This is where the MS article leaves us high and dry. In Active
Directory User and Computers(ADUC), select one of your local users in this
location. For us it's Bob. Under the email address tab, make sure that are
two new address are there; bob@bigtoys.com and bob@us.bigtoys.com. Make sure
the main address we are trying to share is set as the primary,
bob@bigtoys.com. If they are not there, then just manually add them. On the
bottom left of the Email Addresses page, make sure the box is checked that
says, "Automatically update email addresses on Recipient Policy."

bob@bigtoys.com primary
bob@us.bigtoys.com

6. This is the last step for this server. While still in ADUC, you want to
create a new mail enabled contact. This made sense for me, since I only had
to create about 50 mail enabled contacts. If you have a larger organization,
you might want to find a better way to do this. For each user that is located
in the remote site, China, I created a mail enabled contact. For example, I
have a user called Zhen. Right click on Users in ADUC, select New, select
Contact. Fill out the First Name, Last Name, Display Name as you would for
any account. Hit next. On the this page, make sure the box is checked that
says, "Create and Exchange email address". Then there is a button on the
right hand side that says modify. Hit that. Select SMTP address and hit next.
 In the email box type in the email address for the user, but do not use the
address you are trying to share, put in the address space of the new address
space of the remote location. For our example it would be,
zhen@cn.bigtoys.com. Hit Ok, then finish. Now go to the new conact we
created, Zhen. This is where I can't remember exactly correctly, but it
shouldn't matter. In the email addresses tab make sure that
zhen@cn.bigtoys.com is there. You must also have the email address that you
are trying to share, zhen@bigtoys.com. Just make sure the
zhen@cn.bigtoys.com is set as primary.

zhen@cn.bigtoys.com primary
zhen@bigtoys.com

Now wasn't that easy. The good news that only half of the equation, we
still have to configure the remote server in China.

For ease sake and laziness, I am just going to write down what the
configurations should look like on the remote server. The steps are exactly
the same as for the California server except we use a different SMTP Address.
 You cannot use the same one we created on the California side,
@us.bigtoys.com. It's as easy as replacing every instance of @us.bigtoys.com
with @cn.bigtoys.com and vice versa.

1.
cn.bigtoys.com

2.
Default Policy:
@bigtoys.com not primary checkbox not selected
@cn.bigtoys.com primary checkbox selected

new policy(User Addresses)
@bigtoys.com primary checkbox not selected
@cn.bigtoys.com not primary checbox selected

3.
bigtoys.com
us.bigtoys.com

4. Service Stop and Restart. Rebuild RUS.

5.
bob@bigtoys.com
bob@cn.bigtoys.com

6. You must create a mail enabled contact for every California User, even
though you have them as a User in your California ADUC.

bob@us.bigtoys.com primary
bob@bigtoys.com

The reason why I spent the time to post this, is because this was the first
time in my life where I wasn't able to solve a problem without having to call
Microsoft and was a little pissed that I couldn't find the COMPLETE answer
anywhere. I want to thank people who tried to help and want to help everyone
else by posting this $250 solution.

This new Posting system SUCKS!!!! I have to post 12 times before it finally
accepts it.