Can Exchange 2007 Mailbox Server DSProxy referral direct Outlook clients to GCs in user domains?
Background info: Exchange 2007 Ent Ed server is installed in parent domain (corp.myco.com), user accounts and distribution lists are in regional sub domains (usa.corp.myco.com, apac.corp.myco.com, etc...). The AD site the Exchange server is in has GC domain controllers for the corp.myco.com domain and all our subdomains. Problem: Users are not able to update distribution lists because the Exchange server is directing Outlook clients to the GC domain controllers in the corp.myco.com domain, not a GC in their user domain. I have checked our Transport and CAS servers and they connect to the DCs for the corp.myco.com domain and all subdomains, but the Mailbox server only connects to the corp.myco.com DCs. Question: Why doesn't the mailbox server refer Outlook clients to a GC domain controller in their user domain? (again, there are GC DCs in the same AD site as the mailbox server)
November 10th, 2010 1:54pm

It's because the Exchange Server resided in the parent domain and that is where the local GC is. If you have an Exchange located in usa.corp.myco.com then it will look for the GC in the usa domain etc. If you want the users in the usa domain to look at the local GC then you will need to put in a CAS so it does the lookup locally first then to the parent domain.
Free Windows Admin Tool Kit Click here and download it now
November 10th, 2010 4:31pm

Michael, thank you for the reply. I am not sure I understand what you're saying tho. Its my understanding that Outlook clients in a 2007 environment connect to the mailbox server, which uses the DSProxy service to direct OL to a GC. So putting a CAS server in the subdomains would not fix the problem. I also thought Exchange will use all DCs in the same AD site - the Transport/CAS servers in my environment do and they are in the same site/subnet as the mailbox server. Exchange 2003 SP2 changed the way the OL to GC referral was done, making the dsproxy service give higher priority to GCs in the OL clients user domain (so long as it was in the same AD site). Was this functionality not carried over in the 2007 dsproxy?
November 10th, 2010 8:53pm

My apologise, I misread your question. You are correct about DSProxy looking at the GC as long as it's in the same AD site. Can you see the DCs/GCs in EMC -> server configuration -> mailbox -> properties of the mailbox server -> system settings? Is your corp DCs/GCs and usa DCs/GCs replicating with each other in AD Sites and Services i.e. Actie Directory Sites and Services |->Sites |-> Corp |-> Servers |->Corp1 |-> NTDS Settings Are there Corp and usa DCs displaying in the above location?
Free Windows Admin Tool Kit Click here and download it now
November 11th, 2010 5:49pm

The transport/CAS servers have all the DCs in the AD site listed in EMC, but the Mailbox server does not. Mailbox server only shows connections to the corp.myco.com DCs. Yes, all the DCs are listed in ADSS although they are not all replication partners.
November 12th, 2010 2:59pm

Does event 2080 on the mbx servers show that its "sees" those out-of site GCs ( the ones that are in the domain of the mail-enabled users?) Was domainprep run in the user's domain? ( I assume it was since you can mail-enable them) What version of Outlook is this?
Free Windows Admin Tool Kit Click here and download it now
November 12th, 2010 6:32pm

Hi, Which domain does the user login into? Parent domain or Sub domain? Did the parent domain and sub domain belong to the same AD site? Actually, that's random for the mailbox server refers the GC to the Outlook clients. If you can confirm the all the GC or DC is connected by using 2080 Event ID, that means the connection is fine. Thus, you should use the registry to specify the GC for the Outlook. http://support.microsoft.com/kb/319206 Thanks Allen Allen Song
November 18th, 2010 2:42am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics