Synchronizing two AD domains

Published: 12 Apr 2005

We recently acquired a company and are in the process of testing our network setup. Our forest master and Exchange are on Domain A. Domain B is trying to access e-mail in Domain A. So there is a user account on Domain B and a user account with an Exchange mail store on Domain A. Right now, they are set up as a tree in our forest. I want to see if it is possible to synchronize Domain A's Active Directory with Domain B's Active Directory, so we don't have to change passwords in two domains. How do we accomplish this?

If Domain A trusts Domain B, you should just be able to give all the Domain B accounts rights to access the Domain A mailboxes. That way, you don't need to worry about the passwords for Domain A accounts. In other words, the only accounts you'd need to manage for the time being are Domain B accounts. To set this up:

Step 2 of 2:

You forgot to provide an Email Address.

This email address doesn’t appear to be valid.

This email address is already registered. Please login.

You have exceeded the maximum character limit.

Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

Launch Active Directory Users and Computers (ADUC) on a machine with Exchange System Manager installed and connected to Domain _.
View the properties of each mailbox and switch to the Exchange Advanced tab. (If you don't see this tab in ADUC, see KB article 326894, How to Access the Exchange Advanced Tab in Active Directory Users and Computers).
Now select Mailbox Rights.
Make sure the Domain B account is added to the list of security principals having access (typically only "self") in order to facilitate the two-domain coexistence scenario.

Essentially, you're asking how to simplify management of your users' identities across multiple accounts and passwords. Various solutions exist focused on identity management. Microsoft has a solution called Microsoft Identity Integration Server (MIIS) that permits exactly what you're asking, namely synchronization of passwords across multiple domains as you described.

More importantly, in your case, I believe you can use a free scaled down version of MIIS called the Identity Integration Feature Pack 1a for Microsoft Windows Server Active Directory, which can synchronize passwords across Active Directory, ADAM and Exchange Server environments. You'll also want to install the update.

If you want a more sophisticated solution that will do all this plus assist once you start migrating users from Domain B into Domain A, I suggest looking at third-party migration solutions.

Do you have comments on this Ask the Expert Q&A? Let us know.

Dig Deeper on Exchange Server setup and troubleshooting

All
News
Get Started
Evaluate
Manage
Problem Solve

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

Meet all of our Windows Server experts

View all Windows Server questions and answers

What's new with the Exchange hybrid configuration wizard?

Exchange troubleshooting tools help unclog email issues

3 steps to prepare for Exchange updates

Install Exchange Server 2019 on Server Core 2019 to boost security

Exchange 2016 CU1 overshadowed when mailbox anchor drops

Should admins consider an Exchange 2016 upgrade?

Surprise changes in the Exchange 2016 release

The new rules for becoming a Microsoft MVP

3 steps to prepare for Exchange updates

How to successfully migrate Exchange Servers

How should you handle Exchange Server updates?

How to uninstall Exchange 2013 after a cutover migration

What's new with the Exchange hybrid configuration wizard?

Migrate to Exchange 2016 and beat the rush

More Exchange backup options cover various deployment types

Email options: Upgrade Exchange or go another way?

3 steps to prepare for Exchange updates

Install Exchange Server 2019 on Server Core 2019 to boost security

How to export an Outlook calendar and contacts

Why should I use Exchange Server maintenance mode?

Exchange troubleshooting tools help unclog email issues

How do I avoid Exchange disk space issues?

How to export an Outlook calendar and contacts

Migrate Exchange to Office 365 with these tips

Please create a username to comment.

Understand and deploy IBM Cloud for VMware Solutions

How AppDefense works to detect app and VM anomalies

Import and export Hyper-V VMs with Hyper-V Manager and PowerShell

Get to know Microsoft Azure Cosmos DB use cases

Microsoft cybersecurity training to become mandatory for its workers

IBM's financial services cloud offers developer opportunity

SQL Server database design best practices and tips for DBAs

SQL Server in Azure database choices and what they offer users

Using a LEFT OUTER JOIN vs. RIGHT OUTER JOIN in SQL

Jamf Protect offers visibility, protection for macOS admins

Compare Windows 10 OS editions to determine the best fit

New Microsoft Edge browser gets competitive with Chrome

Compare offerings from 3 major desktop-as-a-service providers

How to use VMware Horizon Performance Tracker

10 Microsoft Ignite 2019 sessions for VDI admins

Dig Deeper on Exchange Server setup and troubleshooting

Have a question for an expert?

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.