Re: Best Practices - Multiple E-Mail Domains

Tech-Archive recommends: Fix windows errors by optimizing your registry

Hi Adam,

Here's detailed information on one way to do it, and have recipient policy
look after automatic email generation, based on security group membership.
There is also a way that doesn't involve ADSIEDIT - you can filter based on
the contents of an Organization tab field (user properties).

Create a security group such as DomainB - add a user (create a test user
account and add it to this group)
Install the support tools from Disk2 of your SBS Disk Set - Support | Tools,
run suptools.msi.
Once the tools are installed, browse to c:\Program Files\Support Tools, and
run ADSIEDIT.msc
This is a powerful tool, be careful not to make any changes.
Expand Domain | DC | OU=MyBusiness | OU=Security Groups
Right click DomainB and select properties.
Find the attribute distinguished Name, click on it and then the edit button.
Right click the value and select copy.
Cancel your way out.


Recipient Policy > Right Click > New Policy.
Select Email Address > OK
Name - give the policy a name, such as DomainB
Click the Modify Button
Click the Find select box, change it to User, Contacts, and Groups
Click the Advanced Tab.
In Field, select User > Member Of, in Condition select Is (exactly) in
Value, right click and paste the string we obtained with ADSIedit.
Click find now.
You'll see the user has been found. Click OK to apply the filter.
You'll get a pop-up box informing you to use 'apply now' when you're done,
if you want the policy applied immediately - ok that
Click on the Email Address policy.
Click the New button
Select SMTP address, and click OK.
Type @domainB.com in the address box. You can use other customizations if
you want for firstname lastname, etc. (seperate topic)
Leave the box selected for 'this exchange org is responsible' (seperate
topic if it's not), click OK.
Click in the box beside the new address to select it for generation.
Click on the Set as Primary button, to make this the primary address - you
can leave the rest of the addresses alone.
Click OK, and you'll get a box confirming the change - select yes.
Ensure the default policy is lowest, and the new policy is higher - if not,
move up the new policy by right clicking it and selecting all tasks > move
up.
Priority 1 is always the highest priority.
Right click the new policy and select apply this policy now, say yes to the
confirmation.
Go to the Users node of standard managment, and refresh the view.


The user should have the new primary email address.


Go to your Security Group, and add another user account to the group.
Wait a while, or refresh the policy. Refresh your Users view (or close/open
the console).
The added user will have the new primary address.


Note that the email generation process can take a few minutes, so give it
some time.


The above is different detail than we've previously discussed, and different
than I remember - but I've confirmed it works by doing it today. It seems
the recipient policy filtering cannot deal with the simple group name, it
needs the distinguished name hence the need to find it with ADSIEdit.



--
Les Connor [SBS Community Member - SBS MVP]
-----------------------------------------------------------
SBS Rocks !
----------------------
"Tell me and I'll forget. Show me and I'll remember. Involve me and I'll
understand." - Confucius


"Adam Selene" <as@xxxxxxxxxxxx> wrote in message
news:l166429loptmcj6qa9v5cvtgt356qulra3@xxxxxxxxxx
I'd like some serious advice on this one please.

A company has a SBS2k3 Premium server and all email is hosted by ISPs.
ISA and SQL are not yet installed. All service packs for SBS and
Exchange are installed.

The company has two email domains, each hosted by ISPs.

Some of the employees of the company use one domain (say,
domain-a.com) and others use the other (say, domain-b.com).

One user -- the company owner -- uses BOTH domain-a.com and
domain-b.com although he might be persuaded to drop one of these if
necessary. ( He's all excited by all the new Mobile capabilities in
Exchange SP2, which is already installed).

It's important that users of domain-a.com be identified as senders at
domain-a.com and conversely, that users of domain-b.com be identified
as senders at domain-b.com.

It would be preferable to leave the hosting where it is -- i.e., with
the ISP who hosts each domain. At the very least, it'd be great to
use the current ISP as a backup mail host.

I've been trying to get my arms around this one but so far it's been
beating me like a drum. :o(

I'd like to hear how to do this, how to maintain it and/or how to
find some tutorials that would lead me in the right direction. I'm
really interested in best practices consistent with low maintenance.

TIA,
-AS


--
ASelene


.

Quantcast