Planning Your Active Directory and Administrative Model

 

After you have examined your current Microsoft® Active Directory® directory service model (if Active Directory is already implemented) and assessed your administrative requirements, you can plan how to integrate Microsoft Exchange Server 2003 into your Active Directory model. You can also plan Exchange administration by evaluating the roles in your organization as they relate to the administrative model you choose for your Exchange organization.

Because Microsoft Windows Server™ 2003 and Exchange 2003 both rely on Active Directory for directory services, you must determine how to integrate Exchange into your Active Directory structure.

To deploy Exchange, you need to begin with an established Active Directory infrastructure that is in a stable, working state. If you are upgrading from a Microsoft Windows NT® environment, the ideal condition for deploying Exchange is for all Windows NT accounts and resources to have been migrated to Active Directory. However, you can deploy Exchange even if you are still in the process of migrating Windows NT objects to Active Directory or if you need to retain a Windows NT forest to hold certain resource objects. Within each forest, you can combine resources for administering Windows Server 2003 and Exchange or you can manage these resources separately. The ability to combine resources is made possible by the integration between Exchange and Windows Server 2003.

There are four main scenarios for integrating Exchange with Active Directory:

  • Single forest

  • Dedicated Exchange forest

  • Multiple forests running Exchange

  • Mergers and acquisitions

Active Directory Scenarios for Exchange

Active Directory scenario Why use this scenario Related topic

Single forest 

Users and their mailboxes are contained in the same forest.

  • Richest set of mail system features.

  • Streamlined administration.

  • Uses existing Active Directory Structure.

  • Does not require synchronization with other forests.

Using a Single Forest Topology

Dedicated Exchange forest

(Resource forest)

One forest is dedicated to running Exchange and hosting Exchange mailboxes. The user accounts associated with the mailboxes are contained in one or more separate forests.

  • Security boundary between Active Directory and Exchange administration.

Using a Dedicated Exchange Forest

Multiple forests running Exchange

(Classic multiple forest)   

Exchange runs in separate forests, but mail functionality is available across forests.

  • You have multiple business units that require data and service isolation.

  • You have multiple business units that have separate schema requirements.

  • You are confronted with a merger, acquisition, or divestiture.

Using Multiple Forests with Exchange

Mergers and acquisitions   

Mergers and acquisitions often involve coexistence between Exchange organizations until they are merged. The planning considerations are similar to those of the multiple forest scenario, with additional migration concerns.

  • Mergers and acquisitions are a special case for a multiple forest deployment that requires more attention to migration issues.

Active Directory Implications of Mergers and Acquisitions

Once you have identified the Active Directory scenario that best matches your situation, see Selecting an Active Directory Administration Model.

For More Information

The following resources provide information that can help you with design decisions:

Note

Although some of these resources refer to Exchange 2000, the information is also applicable to Exchange 2003.