Planning Active Directory
Applies to: Exchange Server 2010 SP3, Exchange Server 2010 SP2
Topic Last Modified: 2011-07-19
Microsoft Exchange Server 2010 uses Active Directory to store and share directory information with Microsoft Windows.
Active Directory forest design for Exchange 2010 is similar to Exchange 2007. The main change in Active Directory for Exchange 2010 is in the introduction of Role Based Access Control (RBAC). In Exchange 2007, Active Directory provides ways for you to delegate administrative authority to directory objects by using access control lists (ACLs). In Exchange 2010, you don't need to modify and manage ACLs. RBAC enables you to control, at both broad and granular levels, what administrators and end-users can do. For more information about RBAC, see Understanding Role Based Access Control.
For more information about planning for Active Directory in a new Exchange 2010 organization, see the following topics:
For more information about planning for Active Directory when your organization includes legacy versions of Exchange, see the following topics:
For comprehensive Active Directory deployment information, see the Windows Server 2003 Deployment Guide.
For more information about Active Directory forest design for your Exchange organization, see Guidance on Active Directory design for Exchange Server 2007 at the Exchange Team Blog.