Hi, We have two AD forests with a two way trust. Both are running Exchange 2007 and using 3rd party certs (not self signed) I would like to be able to view free/busy across both forest but am having trouble getting this to work. The article I am reading is : http://technet.microsoft.com/en-us/library/bb125182%28EXCHG.80%29.aspx What I have does so far is: Source Forest - Add-AvailabilityAddressSpace -ForestName "<target forest name>" -AccessMethod PerUserFB -UseServiceAccount $true My questions are: - Do I have to ask the Mail admin in the target forest to execute the command for anything to work? Get-ClientAccessServer | Add-AdPermission -AccessRights ExtendedRight -ExtendedRights "ms-exch-epi-token-serialization" -User "Sourceforest\Exchange Servers" - Do I have to create a DNS record so we can resolve autodiscover in the external forest ? The article above says you can use DNS instead of exporting the SCP but what format does it take ? I read something about as SRV records not working across forests ?? I ran the following command to test .... [PS] C:\>Test-OutlookWebServices -Identity sourceforestuser@companyA.com -TargetAddress destinationforestuser@companyB.com | FL Id : 1003 Type : Information Message : About to test AutoDiscover with the e-mail address sourceforestuser@companyA.com. Id : 1006 Type : Information Message : The Autodiscover service was contacted at https://nymail.sourcecompany.com/Autodiscover/Autodiscover.xml. Id : 1011 Type : Error Message : The receipent address destinationforestuser@companyB.com is invalid. Please check your command parameters. Id : 1016 Type : Success Message : [EXCH]-Successfully contacted the AS service at https://nymail.sourcecompany.com/EWS/Exchange.asmx. The elapsed time was 46 milliseconds. Id : 1015 Type : Success Message : [EXCH]-Successfully contacted the OAB service at https://nymail.sourcecompany.com/EWS/Exchange.asmx. The elapsed time was 0 milliseconds. Id : 1005 Type : Error Message : When accessing https://nymail.sourcecompany.com/UnifiedMessaging/Service.asmx the error "RemoteCertificateNameMismatch:CN=nymail.sourcecompany.com Id : 1014 Type : Success Message : [EXCH]-Successfully contacted the UM service at https://nymail.sourcecompany.com/UnifiedMessaging/Service.asmx. The elapsed time was 15 milliseconds. Id : 1011 Type : Error Message : The receipent address destinationforestuser@companyB.com is invalid. Please check your command parameters. Id : 1016 Type : Success Message : [EXPR]-Successfully contacted the AS service at https://nymail.sourcecompany.com/EWS/Exchange.asmx. The elapsed time was 15 milliseconds. Id : 1015 Type : Success Message : [EXPR]-Successfully contacted the OAB service at https://nymail.sourcecompany.com/EWS/Exchange.asmx. The elapsed time was 0 milliseconds. Id : 1014 Type : Information Message : [EXPR]-The UM is not configured for this user. Id : 1017 Type : Success Message : [EXPR]-Successfully contacted the RPC/HTTP service at https://nymail.sourcecompany.com/Rpc. The elapsed time was 15 milliseconds. Id : 1006 Type : Success Message : The Autodiscover service was tested successfully.

I would use Federation Service (It's free) to achieve your requirements http://technet.microsoft.com/en-us/library/dd638083.aspx http://technet.microsoft.com/en-us/library/dd335047.aspxGulab Prasad, MCITP: Exchange Server 2010 | MCITP: Exchange Server 2007 MCITP: Lync Server 2010 | MCITP: Windows Server 2008 My Blog | Z-Hire Employee Provisioning App

I would use Federation Service (It's free) to achieve your requirements http://technet.microsoft.com/en-us/library/dd638083.aspx http://technet.microsoft.com/en-us/library/dd335047.aspxGulab Prasad, MCITP: Exchange Server 2010 | MCITP: Exchange Server 2007 MCITP: Lync Server 2010 | MCITP: Windows Server 2008 My Blog | Z-Hire Employee Provisioning App

Looks good but we are running Exchange 2007. I mistakenly said earlier that the target forest are also running Exchange 2007, they are actually using Exchange 2010. So we have an Exchange 2007 (us) and an Exchange 2010 (them) forest wishing to share free/busy and GAL. We have a trust in place.

Hi, We have two AD forests with a two way trust. Both are running Exchange 2007 and using 3rd party certs (not self signed) I would like to be able to view free/busy across both forest but am having trouble getting this to work. The article I am reading is : http://technet.microsoft.com/en-us/library/bb125182%28EXCHG.80%29.aspx What I have does so far is: ...... - Do I have to ask the Mail admin in the target forest to execute the command for anything to work? Get-ClientAccessServer | Add-AdPermission -AccessRights ExtendedRight -ExtendedRights "ms-exch-epi-token-serialization" -User "Sourceforest\Exchange Servers" Yes. - Do I have to create a DNS record so we can resolve autodiscover in the external forest ? The article above says you can use DNS instead of exporting the SCP but what format does it take ? I read something about as SRV records not working across forests ?? Using DNS method is used for non-trust exist forests environment. Not matter which method we use, we must make sure the external Autodiscover url of target forest be available, and don't forger the internal availability service url must also be available. so a DNS record should be created. Fiona Liao TechNet Community Support