Exchange design for smb
phoeneous
Member Posts: 2,333 ■■■■■■■□□□
My employer owns several companies. We are going to be opening an office in the next month, and this office will be completely autonomous from our existing network. However, we want the users in the new office to be able to use email address suffix from our existing domain. Is it possible for me to setup a dc and exchange box at this completely seperate office and setup our users to use email from our domain without using OWA? Email client will most likely be Outlook 2007.
Comments
OWA is simply the web page interface for Exchange.
From an DNS perceptive your DNS address would point to DNS MX address and then your router/firewall would use your public IP address to NAT a private address to port 25 to your Exchange server.
For users you have a couple of different options. Since you won't have the same resources as your existing company SIDs and ACLs won't matter. I would start fresh as a daisy and create a new forest/domain with your chosen AD name.
If you have a lot of users, there are several tools that can export users from AD.
Now if you still need access to your old work resources, then things get a bit more complicated. You would then setup a VPN tunnel to your "old work" and a forest-level trust.
JNCIA Firewall
CCNA:Security
CCNP
More security exams and then the world.
This is what I've decided to do. Besides, today they mentioned that they might want to connect the office to the existing network down the road...
Technically it is both.
Technically yes, but I want to make sure I use the correct deployment scenario. Looks like this is the one for my topology:
How to Deploy RPC over HTTP for the First Time on Exchange Server 2003 SP1, No Front-End Server
I'm looking at the existing ssl cert that owa uses but the common name isnt set to mail.company.com. Will I run into a problem with this and then need to create a new ssl cert?
Also another weird thing I just discovered is, none of our servers have certificate services installed... Where did the owa cert come from??? It isn't 3rd party either.
You do not need a certificate service to install a certificate only issue them, and you only really need a CA if you need to issue certs to you organisation, so that cert would probably been purchased via one of many websites, or it could have been generated using the iis recource kit self ssl tool.
If the cert does not match the URL being typed by the user you will get an error, also if you the self ssl tool was used ie will also throw an error....but this is a great tool for testing as you can generate certs as you need them.
Single Exchange servers are pretty easy to set up tbh so there is not much that can go wrong.
Are you suggesting I don't bother installing certificate services on the exchange box and then just use the self ssl tool to create a cert for mail.company.com?
Yes, you do not need to install certificate services, in fact I advise against it as than can become a bit of a bind. You can use SelfSSL for a free option or better still purchase a ssl cert from a company like go dadddy https://www.godaddy.com/ssl/ssl-certificates.aspx
Exchange 03 sp2 and IIS 6.
Winner then, play about with self ssl until you get used to certs, one cool thing btw is that as you can make your own custom certs you can make them valid for like 10 years.
Cool. One more question before I start tinkering around with self ssl. Is Default Website and the RPC virtual directory tied to the same cert? From what I see, I need to change the cert that is applied to Default Website because the 'Server Certificate' button in RPC is greyed out.
If the "Default website" is at the top of the directory tree for your Exhange pages etc then yes. (which it probably is unless you created more websites)
Thanks