Single Forest Multiple Domains RRS feed

  • Question

  • Hi,


    We are currently deploying OCS 2007 Enterprise edition in a consolidated topology. Our AD consists of a single forest with a root domain (no users) and two child domains used by different organisations.


    Root Domain ggg.com

    Child Domains - domain1.ggg.com and domain2.ggg.com


    Because we are seperate organisations the plan is only to support users in the domain1.ggg.com domain. It is possible that domain2 will deploy their own independent install of OCS in the future.


    I just want to confirm what I do now will not cause problems. My main concern is around the default SIP domain when preparing the Forest. If I choose domain1.ggg.com as the default SIP domain will this cause problems? Should I be leaving this as the default ggg.com?


    Any help much appreciated.



    Thursday, July 10, 2008 10:30 AM

All replies

  • Do these seperate child domains happen to have their own email namespace as well?  You can define specific SIP domains within OCS during the initial setup which don't have to be the same as the AD namespace.  So if domain1.ggg.com users have a UPN and/or SMTP of companyA.net while the other domain is companyB.net, then you could use the same configuration for OCS.  IT's typically best practice to configure user's SIP addresses to the same as their SMTP address if possible.  It's easier for the users to deal with, regardless of whether the true AD namespace matches that or not.


    To deploy OCS you will have to prep the Schema and Forest which is clearly forestwide, but doesn't adversal effect any domain.  You can then prep just the root domain and domain1.ggg.com and install OCS servers into that domain.  Don't use the root AD name for the SIP name if you can help it, use either the child's FQDN or a seperate namespace altogether.

    Friday, July 11, 2008 8:35 PM

    Hi Jeff,


    Thanks for the reply.


    The two child domains each have their own e-mail namespace. For users in both child domains the UPN is different from the SMTP address. E.g UPN: user@domain1.rootdomain.co.uk SMTP address would be user@domain1.co.uk


    For various reasons we might be frowned at for using the FQDN of domain1 as the default SIP domain at forest level unless there is a reason for doing this? What would be the reason for using a separate name space instead of the root AD name? From what I can see we won't be using this for anything as when we install OCS our preference will be to use the SMTP addresses. If domain2 proceed to install their own OCS installation at a later date I would expect they would do the same.


    Am I right that because no users are located in the root domain we wouldn't need to prep this?


    One more thing. I notice during Forest prep I am asked where I wish to store the OCS universal groups. Thinking about our shared environment am I right that we should be locating these in the root domain, otherwise there is always going to be a dependence on groups in one of the child domains?







    Monday, July 14, 2008 6:04 PM
  • Sounds like your configuration is what I imagined.  Since you plan to use the SMTP address of users as their SIP address, then you want to configure the SIP domain in OCS as that domain, which appears to be domain1.co.uk in your example.  Keeping the SMTP and SIP addresses in the same domain is highly recommended.


    And yes, I would store those forest-wide groups in the root.  When (if) the domain2 org wishes to deploy OCS they will not need to run schema or forest prep steps, only the DomainPrep process on their child domain.  Obviously there will need to be some coordination and sharing of resources, but I'm sure you have already crossed that bridge with things like Enterprise Admin access and other shared-forest issues.


    Monday, July 14, 2008 6:14 PM
  • Thanks again.


    One last thing. All is becoming much clearer but I'm still just a little unsure about what to set as the SIP domain for default routing when performing the Forest Prep. I would expect to configure the SIP domain for the users in domain1.co.uk when installing OCS in that domain and the same for same in domain2.co.uk if they proceed at a later date.


    From what you have said and what I have read what I set as the default SIP domain during forest prep isn't going to cause any problems it is just that the other domain might not be happy if we appear to be setting ourselves as a 'default' in a shared forest, so would perhaps wish to use something universal here - but it wouldn't be used for anything?


    Can you confirm.



    Monday, July 14, 2008 9:54 PM
  • As I see it you have two options here:


    1. Set rootdomain.com as the default SIP domain and define child1.rootdomain.com as a secondary SIP domain.  When org #2 moves to OCS then define a third SIP domain called domain2.rootdomain.com.  This might avoid any 'favoritism' by defaulting to the root.


    2. Specify only child1.rootdomain.com and then later add child2 for the other org.


    Functionally this shouldn't cause issues as long as you correctly assign the child1 and child2 SIP domains throughout OCS and AD.

    Monday, July 14, 2008 10:33 PM