Re: Suggestion on setup
- From: "Lanwench [MVP - Exchange]" <lanwench@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sat, 29 Sep 2007 20:38:59 -0400
Zach Schaffner <zschaffner@xxxxxxxx> wrote:
Lanwench [MVP - Exchange] wrote:
Zach Schaffner <zschaffner@xxxxxxxx> wrote:
I am looking for some advice on how to setup a new domain/network.
Requirements:
I want a domain or child domain, what ever works best, that will
allow me to do several things.
There is an existing network and domain, company.com. My company
currently gets our email through that domain name via pop3 access
off of an exchange server. I have a vpn connection available to this
domain.
I am trying to setup a new network/domain that would allow our email
to be transfered from the front end exchange server to our back end
exchange server.
[Don't use the terms front-end and back-end in this context - they
mean something very specific in Exchange.] Normally, you'd just add
this Exchange server to the existing forest, and mail coming into
the parent company server destined for your own users, will
automatically be delivered to their mailboxes.
However, I don't want to be the same domain,
company.com for security reasons.
I don't know what sort of "security reasons" you refer to, but
domains are not security boundaries, and if you're thinking of
creating an entirely separate *forest* I think you won't have the
kind of connectivity you *do* want.
Don't create a child domain - it won't do what you want, and will
overly complicate matters. A single AD domain, with you in a
separate site/subnet, and your servers/computers/users in their own
OUs, is going to be much better overall.
I would be fine with
group.company.com as long as I can control the security and active
directory information. I have windows 2003 servers as does the
parent company of the top level domain.
Would a child domain be the best setup or would a trust between two
domains work better? I am open to any suggestions. Maybe you have an
idea not mentioned here.
If you need more clarification or information please let me know.
Much depends on what you're worried about securing. Additionally,
what about the parent company's network standards? Surely they have
some requirements and policies you have to adhere to -
Thanks,
Zach
I don't have to adhere to any standards from the parent company. The
security that I am concerned with is the parent company being able to
access our data/pc's/servers, etc. The only thin I want to be common
is the email. I have to receive email on my network via the domain
company.com. Other than that I don't have to do anything, and the
parent companies IT guy is willing to do whatever I want to try.
Thanks,
Zach
OK, then. However, it isn't really clear what degree of integration you
actually need. A subdomain won't cut it (won't help you, at any rate). A
trust is probably overkill....and I'm not sure a one-way trust will cut it.
If all you need is mail, and no AD integration (such as for the GAL), you
could simply have the parent company route all mail with an unresolved
recipient in the domain, directly to your server ...and keep the two
networks entirely separate. You might try posting in m.p.exchange.admin for
more help.
.
- References:
- Suggestion on setup
- From: Zach Schaffner
- Re: Suggestion on setup
- From: Lanwench [MVP - Exchange]
- Re: Suggestion on setup
- From: Zach Schaffner
- Suggestion on setup
- Prev by Date: Re: Renaming Domain Suffix
- Next by Date: Re: 2003 SBS Cals
- Previous by thread: Re: Suggestion on setup
- Next by thread: Renaming Domain Suffix
- Index(es):
Relevant Pages
|
