I am spear heading a project where we are moving from communigate to Exchange 2010. We have multiple business units each with its own email domain and stand alone AD. Our goal is to consolidate to a centralized AD while deploying Exchange. Each of the business units operates in a different market space and we are operating under the guidelines that users will only be able to browse AD objects of their business unit. We need to effectively block the users from browsing or exploring the other business units.
Here are the different scenarios we’ve been looking into (I am looking for feedback from users who have worked in these different environments):
Single forest single domain
Pro’s- ease of management and account provisioning
Con’s – Setting up permissions in AD to prevent business units from seeing each other is problematic at best. The one work around I found was frowned upon in other MS boards http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/b9b1c1ee-408b-4db0-8b9e-6102497039a6 Difficult to customize OWA experience.
Single forest multiple domain non hosted exchange
**Disclaimer I have a background working with Exchange 2003 and 2007 in a single forest single domain model only. This is new ground and my only exposure is what I have read.
From what I have read it should be possible to have a single forest and multiple domains. Host Exchange in the root domain for the different domains? Which is the better path to take? Discontiguous name space with separate domain trees in the forest (BusinesUnit1.com, businessUnit2.com, etc). Or have a contiguous forest where the domains are hierarchical, then set up UPN suffixes for the desired friendly user-logon name.
Multiple forests with dedicated Exchange forest
http://technet.microsoft.com/en-us/library/aa997312(EXCHG.65).aspx While this model would work it’s seems like a bit overkill when each business unit has roughly 20-50 staff members. Plus the cost is a bit prohibitive. Account provisioning seems like it would take a bit more administrative time. If anyone has real world experience with this sort of set up I would to hear what your impression of this design is.
Fred Sawyer MCP
san francisco architecture firms art deco architecture golf course architecture architecture schools in florida google architecture program
No comments:
Post a Comment