Freigeben über

We trust each other don't we part II: Can I share Free/Busy information between two Exchange 2007 organizations?

  • Artikel

Here is some additional information to supplement Greg's post. I had the same question this week from a Pacific northwest university so this must be Free/Busy week.

 

Here are the prerequisites required for this to work:

1.  Representation of the target user contact objects in the source Exchange org directory. This can be either from CSV imports or some other sync mechanism such as using ILM 2007 FP1.

2.  Add an availability space for the target SMTP domain.  From the Exchange shell run: Add-AvailabilityAddressSpace task.  You can find more information here about that task.

How does this actually work between Exchange 2007 organizations?

image

1.  User performs a free/busy lookup for a user that is not in the same Exchange 2007 organization by selecting their contact. 
2.  The Availability Service finds the availability space for that SMTP domain space via the autodiscover SRV record in DNS.
3.  Availability services talks to the target domain's AutoDiscover service to determine the Availability Service URL responsible for the target mailbox.
4.  Either source user's credentials are used (trust scenario) or a free/busy account's credentials are used (non-trust scenario) to perform the F/B lookup.

 

How granular can this cross-org calendar information be?

It depends on whether the Exchange 2007 Org you are trying to retrieve availability information from is a trusted Forest or an untrusted Forest. If it is trusted Forest, the per user permissions will apply as to what can be viewed. If it is an untrusted Forest, a service account must be used and only the Free/Busy information can retrieved.

 

How do I set the cross org service account when no trust exists?

On the target CAS server Org, use the set-availabilityconfig command. See here for more information.

Here is an example using a local forest based free/busy account. This account should not be a mailbox or any type of elevated privileged account:

set-availabilityconfig -orgwideaccount "schooldomain\orgfbacct"

On the source CAS sever Org, use the Add-AvailabilityAddressSpace command. See here for more information.

Here is an example using the remote forest credentials you added above.

  1. From Exchange Management Console:type $a=get-credential - type in for exanple: schooldomain\orgfbacct and password in the PowerShell dialog box:

         image

  1. Next type: Add-AvailabilityAddressSpace -ForestName schoolsmtp.edu -AccessMethod OrgWideFB -Credential $a - The key here is to use the SMTP domain of the target Forest and NOT the actual Active Directory FQDN name.

You should see something like this:

image

That is it. Test it out.

Note:   If you want this cross-org availability lookup to work over the Internet,  make sure you have a CNAME record on your external DNS servers configured such as autodiscover.school.edu pointing to your CAS server or loadbalanced VIP name.

Comments

  • Anonymous
    January 01, 2003
    Jorge, Good question. These cmdlets would only apply in a scenario where you have Outlook 2007 clients connecting to Exchange 2007 server and you want to view free/busy on another Exchange org. If you have Outlook 2003 across the board in both orgs, Outlook would not know how to use autodiscover/web services (in diagram listed above) therefore you would not need the cmdlet until you switch to Outlook 2007.

  • Anonymous
    January 01, 2003
    12 Tips to Optimize an Exchange 2007 Infrastructure (Part 2) Managing Receive Connectors (Part 1) Security

  • Anonymous
    January 01, 2003
    Marc, Yes, this will work. For 2007 Forest to 2003 Forest scenario you will need to:

  1. Setup Interorg PF replication
  2. Replicate Schedule+ Free/Busy pf both ways
  3. Use this command on the Exchange 2007 server side: Add-AvailabilityAddressSpace -ForestName:school.edu -AccessMethod:PublicFolder Exchange 2003 users will access Exchange 2007 users Free/busy via Interorg PF replication.

  • Anonymous
    January 01, 2003
    Here is some additional information to supplement Greg's post. I had the same question this week

  • Anonymous
    January 01, 2003
    RSDTech, Give me a bit more info about the interop scenario.  Ex2007 to Ex2007 with Outlook 2007 on both sides or different?  Cross org free/busy in OWA works both ways? If yes, Outlook 2007 should leverage the same web service assuming autodiscover is working properly, etc.

  • Anonymous
    January 01, 2003
    Jorge, You have to use the SMTP domain vs. the actual Forestname for the Forestname parameter. That is the confusing part of the command. Here is a referenece: The ForestName parameter specifies the SMTP domain name of the target forest for users whose free/busy data must be retrieved. If your users are distributed among multiple SMTP domains in the target forest, run the Add-AvailabilityAddressSpace cmdlet once for each SMTP domain

  • Anonymous
    September 18, 2008
    What are the implication of being in mixted Mode (2003/2007) with respect to this. If we setup the Non-Trust Scenario;  Can a user that is still on an Exchange 2003 server see the availability of a user in the other forest and can the availability of user that is still on an Exchange 2003 be view by a user in the other forest?  I assume that in this scenario if both users are on Exchange 2007 servers they will be able to share Free/Busy accross forest?

  • Anonymous
    December 05, 2008
    I've done this and can only see the Free/Busy info with OWA, with Outlook 2007, the information is unavailable.  To fix this, I added Send-As permissions to NT AUTHORITY/SELF and if I am a local contact to a user in the other company, they can see my Free/Busy with Outlook.  If I am just a contact in their GAL, they cannot. Am I missing something?

  • Anonymous
    December 10, 2008
    Hi, Im having some doubts so I hope someone out there can help me. The scenario I have is the following: Forest 1: Forest1.com, Ex2003 Forest 2: Forest2.corp, Ex2007 I Have smtp sharing configured beetween both of them. On Forest2 Exchange server I have: Configuration for forest miDominio.com was not found in Active Directory. Run the Add-AvailabilityAddressSpace command in the Exchange Management Shell for an Exchange Server 2003 Active Directory forest So The question is... Why the error points to Forest "miDominio.com" and not the actual name of Forest1??? miDominio.com is my Email Public Domain but there is no Active Directory Forest with that name... What should I do?

  • Anonymous
    December 10, 2008
    I almost forgot... yep there is a Trust Forest Between them... Thank you in advance

  • Anonymous
    December 12, 2008
    Thank You so much markga for your quick answer..! One more question please... Right now I have InterOrg Replication Tool in production and it is working pretty well for getting free/busy information from users from both forests. (Ex2007 <> Ex2003) Outloook 2003 is the standard email client for everyone. Running this this cmdlet could affect or change the way free/busy information is being checked nowadays? Thank U in advance, Jorge

  • Anonymous
    December 16, 2008
    Thank you so much for your help and your time, I really appreciatte it..! Best Regards, Jorge

  • Anonymous
    December 16, 2008
    We have an Exchange (2007) resource forest with a ONE-WAY trust to our account forest/domain that does not have Exchange (i.e. no schema extensions). Free/Busy information does not seem to be available for users who are logging in with our account domain credentials. As an individual, I can set 'anonymous' permissions on my calendar to Free/Busy and that works but I can't seem to do the same for resources such as meeting rooms that people would like to have access to when booking events. Any ideas? Thanks, Trevor