Exchange 2016 for Multiple Tree Domains

Shafaqat Ali 2 Reputation points
2021-09-04T14:36:13.27+00:00

Dear Experts,

One of my client is asking to configure multiple AD Domains on single Exchange Server (2016).

Domain1.com AD Domain with PDC & ADC
Domain2.com AD Domain with PDC & ADC

Exchange Server is configured for Domain1.com and working just fine. Now client got another company and their AD infrastructure is already in place which they want to keep as they got it from the old management. But they want to just configure their existing Exchange Server for Domain2.com with their existing AD infrastructure.

I was looking on internet but I'm just getting multiple SMTP domains to be added in Exchange. there is not article about Multiple AD Domains on Exchange Server.

If anybody could shed some light on this. I would really appreciate it.

Thanks.

Ali.

Exchange Server Management
Exchange Server Management
Exchange Server: A family of Microsoft client/server messaging and collaboration software.Management: The act or process of organizing, handling, directing or controlling something.
7,706 questions
{count} votes

3 answers

Sort by: Most helpful
  1. Andy David - MVP 150.3K Reputation points MVP
    2021-09-04T14:48:26.993+00:00

    Easy! All you need to do is run:
    Setup.exe /IAcceptExchangeServerLicenseTerms /PrepareAllDomains

    for the CU Exchange is on now

    https://learn.microsoft.com/en-us/exchange/plan-and-deploy/prepare-ad-and-domains?view=exchserver-2019

    or for just that domain:

    E:\Setup.exe /IAcceptExchangeServerLicenseTerms /PrepareDomain:Domain2.com

    This will give Exchange permissions to create and manage mail-enabled objects in Domain2

    I assume this is all in the same AD forest...

    0 comments No comments

  2. Joyce Shen - MSFT 16,671 Reputation points
    2021-09-06T07:14:07.677+00:00

    Hi @Anonymous

    Agree with the reply above from Andy, this thread discussed the similar question as yours and some points we need to notice
    Deploy Exchange 2013 in multiple domain scenario

    You need to prepare the domain to accept the exchange organization into it. (Note you can't have a seperate exchange org, it will be conencted to the existing org, but with different user scope)

    Make sure to follow the full preparation steps as in for the first exchange deployment.

    The final step to get Active Directory ready for Exchange is to prepare each of the Active Directory domains where Exchange will be installed or where mail-enabled users will be located. This step creates additional containers and security groups, and sets permissions so that Exchange can access them.

    The account you use needs permissions depending on when the domain was created:

    • Domain created after PrepareAD was run If the domain was created after you ran the PrepareAD command in step 2 above, then the account you use needs to 1) be a member of the Organization Management role group and 2) be a member of the Domain Admins group in the domain you want to prepare.
    • Wait until Active Directory has replicated the changes made in step 2 to all of your domain controllers. If you don't, you might get an error when you try to prepare the domain.

    When you're ready, do the following to prepare an individual domain in your Active Directory forest for Exchange.

    1. Open a Windows Command Prompt window and go to where you downloaded the Exchange installation files.
    2. Run the following command. Include the FQDN of the domain you want to prepare. If you want to prepare the domain you're running the command in, you don't have to include the FQDN.
      Setup.exe /PrepareDomain:<FQDN of the domain you want to prepare> /IAcceptExchangeServerLicenseTerms
    3. Repeat the steps for each Active Directory domain where you'll install an Exchange server or where mail-enabled users will be located.

    Note If you are joining an existing Exchange site, the account that you use to log on must have the following permissions to access the Exchange Server directory:

    • Exchange must recognize the site services account name and password.
    • The Exchange Server site naming context for the Exchange Server site you want to join.
    • Admin role on the Exchange Server configuration naming context for the Exchange Server site that you want to join.
    • A two-way trust is required between the domain where you are installing Exchange and the domain where the Exchange Server computer exists.

    If an Answer is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


  3. Joyce Shen - MSFT 16,671 Reputation points
    2021-09-08T07:48:44.527+00:00

    Hi @Anonymous

    We could move different company/domain people to different OU

    Create RBAC with recipient read /write scope

    Detailed information here: Understanding management role scopes


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.