In Exchange 2010 a new feature will be available called Address Book Policies which makes it possible to use multiple Address Books in Exchange 2010, completely separated from each other. It is sometimes referred to as multi-tenancy for Exchange 2010 although this is not entirely true. In this article I’d like to explain a bit more.
Address List Segregation
For Exchange 2007 Microsoft has a whitepaper available that describes how to implement Address List Segregation to achieve multiple Address Lists completely invisible for each other. In other words, users in the Contoso.com Address List don’t see other Address Lists and users, like the Fabrikam Address List or the Tailspintoys Address List. In Exchange 2007 this is implemented using Access Control Lists (ACL’s) to set permissions for specific Address Lists. This works fine for Exchange 2007 but Exchange 2010 uses a different technique called the Address Book Service running on the Client Access Server. Therefore, if using (or trying to use) the Address List Segregation whitepaper on Exchange 2010 things will horribly break. Continue reading Exchange 2010 SP2 Address Book Policies
In the old days when using Exchange 2007 for hosting scenarios you would use the Configuring virtual organizations and address list segregation in Exchange 2007 whitepaper. In Exchange 2007 the msExchQueryBaseDN property on a mailbox was used to limit the search scope of users in OWA. The typical setting of this property is the OU where the users would reside in Active Directory.
The msExchUseOAB property on a mailbox is used to select an Offline Address Book in a hosting environment (where multiple OAB exist of course). This way the user would receive the OAB of his particular organization.
Continue reading msExchQueryBaseDN and Exchange 2010
In my earlier blog posts Building Hosted Exchange Part I (overview) and Building Hosted Exchange Part II (Active Directory) I explained the basics and how to configure Active Directory for a multi-tenant environment. In this posting we’re going to continue with the Exchange part of the multi-tenant environment.
Exchange 2010 SP2
In the previous post I used a simple Powershell script to create the Organization Units in Active Directory for three different companies that will be hosting in our sample environment. Besides the creation of the OU’s the script also sets the appropriate permission on the OU’s. The structure looks like this: Continue reading Building Hosted Exchange – Part III