Configure Tenant Organizations for Cross-Premises Communication

  • Article

 

Applies to: Exchange Server 2010 SP2

Cross-premises communication or cloud-based co-existence is a deployment model in which part of a tenant organization's mailboxes are hosted and part of the organization mailboxes aren't hosted but exist in the organization's own Exchange 14 on-premises deployment.

Note

Although this topic describes the steps that are required to correctly configure the organization for cross-premises communication, a Directory sync application that will automatically synchronize the organizations is required to fully implement this model.

If done correctly, users whose organization is configured in a cross-premises scenario shouldn't be able to detect that they aren't in the same Exchange organization.

Prerequisite

  • Create the tenant organization.

Mailbox in hosting with mail-enabled user on-premises

This procedure explains how to setup cross-premises communication with mailboxes that are being hosted.

Step 1: Create the accepted domains

When you create a tenant organization, the New-Organization cmdlet performs several actions to automate the organization's creation. One of the actions that it performs is that it creates an Authoritative accepted domain for the organization based on the domain name that you provide in that command. Because you need to relay e-mails to and from the on-premises organization, you'll need to create an internal relay accepted domain in the same namespace. This will ensure that mail gets routed correctly to the on-premises organization if the mailboxes aren't hosted in the tenant organization. For more information about configuring accepted domains, see Create an Accepted Domain.

For example, the tenant organization that you've just created in the hosted organization has the domain name contoso.com. When you created the contoso.com organization, an authoritative accepted domain was also created for the domain contoso.com. Next, you make the internal relay accepted domain and give it the name onprem.contoso.com. In the on-premises organization, you will also need to create an authoritative accepted domain and an internal relay accepted domain that matches the domains you've created here. However, in that organization, the authoritative accepted domain is onprem.contoso.com and the internal relay is contoso.com.

This example creates an internal relay accepted domain named for the Contoso.com organization.

New-AcceptedDomain -Name "Contoso On-Premises" -Organization Contoso.com -DomainName onprem.contoso.com DomainType InternalRelay

For detailed syntax and parameter reference, see New-AcceptedDomain.

Step 2: Create the hosted mailbox

In the hosted organization, use New-Mailbox to create the hosted mailbox. Certain properties in the hosted mailbox will need to match the properties that you create for the matching mail-enabled user account on-premises. The following parameters are required to correctly configure the mailbox:

  • Name   The name that you provide here must match the name in the mail-enabled user account.

  • Password   The password that you provide here must match the password in the mail-enabled user account.

  • Organization   Assign the mailbox to the correct tenant organization.

  • Alias   The alias that you provide here must match the alias in the mail-enabled user account.

In addition to the above required parameters, it is a best practice to ensure that the following properties also match on the hosted mailbox and the on-premises mail-enabled user account.

  • DisplayName

  • FirstName

  • LastName

  • Initial

This example creates a hosted mailbox for Tony Smith in the Contoso.com and because the mailbox plan isn't specified, Tony Smith will get added to the default mailbox plan for his organization. Exchange Management Shell will prompt for the value of the initial password because it's not specified.

New-Mailbox -Name TonySmith -UserPrinciplanName "tony@contoso.com" -Alias tony -Organization Contoso.com -DisplayName "Tony Smith" -FirstName Tony -LastName Smith -Initials J

For detailed syntax and parameter reference, see New-Mailbox.

Step 3: Configure e-mail addresses for the hosted mailbox

In the hosted organization, use Set-Mailbox to configure the primary smtp address and the proxy address for the mailbox. The primary SMPT address will be the authoritative accepted domain and the proxy address will be the internal relay domain name. However, in order to use those parameters, you also first disable the e-mail address policy.

This example sets the mailbox for Tony Smith to use tony@contoso.com as the primary SMTP address and tony@onprem.contoso.com as an additional e-mail address and it also disabled the e-mail address policy. Because the Set-Mailbox cmdlet doesn't have an organization parameter, you will need to specify the organization in the Identity.

Set-Mailbox -Identity Contoso.com\Tony@contoso.com -EmailAddressPolicyEnabled $false -EmailAddresses SMTP:tony@contoso.com, tony@onprem.contoso.com

To verify that you have completed this successfully, you can run the following command:

Get-Mailbox -Organization Contoso.com -Identity tony@contoso.com | format-list name, emailaddresses, primarysmtpaddress

For detailed syntax and parameter reference, see the following topics:

Step 4: Create the mail-enabled user

In the on-premises organization, use New-MailUser to create the mail-enabled user that matches the hosted mailbox. The following parameters are required to correctly create the mail-enabled user:

  • Name   The name that you provide here must match the name in the mail-enabled user account.

  • Password   The password that you provide here must match the password in the mail-enabled user account.

  • Alias   The alias that you provide here must match the alias in the mail-enabled user account.

  • ExternalEmailAddress   This will match the primary SMTP address.

In addition to the above required parameters, it is a best practice to ensure that the following properties also match on the hosted mailbox and the on-premises mail-enabled user account.

  • DisplayName

  • FirstName

  • LastName

  • Initials

This example creates the on-premises mail-enabled user account for Tony Smith, because this command is running in the on-premises Exchange, you won't specify the organization. Because you didn't specify a password, you will be prompted for one.

New-MailUser -Name TonySmith -ExternalEmailAddress tony@contoso.com -UserPrinciplanName tony@contoso.com -Alias tony -Organization Contoso.com -DisplayName "Tony Smith" -FirstName Tony -LastName Smith -Initials J

For detailed syntax and parameter information, see New-MailUser.

Step 5: Configure e-mail addresses for a mail-enabled user

In the on-premises organization, use Set-MailUser to configure the primary SMTP address and the proxy address. The primary SMTP address will match the authoritative accepted domain of the on-premises organization, which is onprem.contoso.com. The proxy address will match the internal relay accepted domain in the on-premises organization, which is contoso.com. Note that these are opposite to the authoritative accepted domain and the internal relay domain in the hosted environment. Because the Set-MailUser cmdlet doesn't have an organization parameter, you will need to specify the organization in the Identity.

Set-MailUser -Identity tony@contoso.com -EmailAdressPolicyEnabled $false -EmailAddresses SMTP:tony@onprem.contoso.com, tony@contoso.com

To verify that you have completed this successfully, you can run the following command:

Get-MailUser -Identity tony@contoso.com | format-list name, emailaddresses, primarysmtpaddress, externalemailaddress

Mail-enabled user in hosting with mailbox on-premises

Step 1: Create the accepted domains

In the on-premises organization, create the Accepted Domains. You will need to create an authoritative accepted domain and an internal relay accepted domain.

Step 2: Create the on-premises mailbox

In the on-premises Exchange organization, use New-Mailbox to create the on-premises mailbox.

Step 3: Configure the e-mail addresses for the on-premises mailbox

In the on-premises Exchange organization, use Set-Mailbox to configure the proxy addresses for the mailbox. This proxy address will match the authoritative domain name.

Step 4: Create the hosted mail-enabled user

In the hosted Exchange organization, use New-MailUser to create the mail-enabled user that matches the on-premises mailbox.

Step 5: Configure the e-mail addresses for the mail-enabled user

In the hosted Exchange organization, use Set-MailUser to create a proxy address. This proxy address will match the internal relay domain name.

 © 2010 Microsoft Corporation. All rights reserved.