question

Chong-7118 avatar image
0 Votes"
Chong-7118 asked KaelYao-MSFT commented

Freebusy not work between cross-forest exchange servers

Hi,

We have 2 AD forest and setup the trust relationship to perform domain migration. The mailbox in forest A will migrate to forest B. The exchanges information as below

Forest A (abc.com):
- Exchange 2013
- email address: @xyz.com
- EWS URL: mail.xyz.com
Forest B (xyz.com):
- Exchange 2019
- email address: @xyz.com
- EWS URL: mail1.xyz.com

We tested the mailbox cam migrate from "abc.com" to "xyz.com", but the free/busy between 2 exchange forest not work.

Tried to follow below documents to add Availability Address Space and ADpermission on both exchange, but the problem didn't solve:
https://docs.microsoft.com/en-us/exchange/architecture/client-access/availability-service-for-cross-forest-topologies?view=exchserver-2019

Any idea?


Best Regards
Chong




office-exchange-server-administrationoffice-exchange-server-connectivity
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

2 Answers

imamitsingh avatar image
0 Votes"
imamitsingh answered Chong-7118 commented

Configure the external URL for Exchange Web Services for the target forest. To do this, run this command in Windows PowerShell for Exchange:

 Set-WebServicesVirtualDirectory -identity "server_name\EWS (Default Web Site)" -ExternalURL
· 1
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Chong-7118 avatar image Chong-7118 ·

Hi @imamitsingh,

I already configure the externalURL in both exchange servers and it don't work.

Forest A (abc.com):
- Exchange 2013
- email address: @xyz.com
- EWS internal URL: https://mail.xyz.com/ews/Exchange.asmx
- EWS external URL: https://mail.xyz.com/ews/Exchange.asmx

Forest B (xyz.com):
- Exchange 2019
- email address: @xyz.com
- EWS internal URL: https://mail1.xyz.com/ews/Exchange.asmx
- EWS external URL: https://mail1.xyz.com/ews/Exchange.asmx

Best Regards
Chong

0 Votes 0 ·
KaelYao-MSFT avatar image
0 Votes"
KaelYao-MSFT answered KaelYao-MSFT commented

Hi @Chong-7118

I would suggest this link: How to Configure the Availability Service for Cross-Forest Topologies

In general, you may need to ensure:
1. autodiscover and EWS urls can be resolved correctly and are accessible in both forests
2. Exchange certificates are trusted
3. Permissions are configured correctly

And have you used FIM/MIM to perform a GALSync between the two forests, or manually created cross-forest contacts?
Based on my test, it is also required.

Besides, please also note that there is a known issue on the cross-forest free/busy information.
Here is the link: "(400) Bad Request" error during Autodiscover for per-user free/busy in a trusted cross-forest topology
This issue would occur on Exchange servers that have April 2021 and May 2021 security update installed.

If it is the case, please follow the workarounds in this link.

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

· 9
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Chong-7118 avatar image Chong-7118 ·

Hi @KaelYao-MSFT,

  1. The EWS url in both exchanges are fine. However, since forest A and forest B also using "xyz.com", the autodiscover on both of them will be "autodiscover.xyz.com". Therefore, I just use internal DNS of each domain so forest A client resolve autodiscover to forest A exchange, and forest B user resolve to forest B exchange

  2. The certificate include both domain name and SAN already.

  3. Do the permission means the "ms-Exch-EPI-Token-Serialization" in this documents? (https://docs.microsoft.com/en-us/exchange/architecture/client-access/availability-service-for-cross-forest-topologies?view=exchserver-2019)

We are using "Prepare-Moverequest.ps1" and ADMT to perform domain migration to migrate user from forest A to B. So users will exist in both forest A and B.

Since the autodiscover cannot be resolve to each other, do this is the cause of the problem? But the forest A and B shuld use the same smtp domain xyz.com, how to solve the problem?

Thanks

Best Regards
Chong

0 Votes 0 ·
KaelYao-MSFT avatar image KaelYao-MSFT Chong-7118 ·

Hi,

Since the autodiscover cannot be resolve to each other, do this is the cause of the problem? But the forest A and B shuld use the same smtp domain xyz.com, how to solve the problem?

Yes I suppose it may cause problems. As cross-forest free/busy depends on autodiscover.

Sorry currently I don't have much thought on this issue.
I wonder if creating additional accepted domains, bind additional email address to the mailboxes in the forests and corresponding autodiscover records to point to the Exchange servers would help with this issue.

0 Votes 0 ·
Chong-7118 avatar image Chong-7118 KaelYao-MSFT ·

Hi @KaelYao-MSFT ,

If I creating additional accepted domains (e.g. test.com), bind additional email address to the mailboxes and DNS point to new exchange server. Anything I need to configure in exchange so the client will use this domain for autodiscover and free/busy? (such as "set-clientaccessservice –autodiscoverserviceinteraluri https://autodiscover.test.com/autodis........""


Thanks

Best Regards
Chong

0 Votes 0 ·
Show more comments