To get delegation work between forests we need below prerequisites: –
- Forest Trust between Forests
- Cross-Forest Availability Configured
- GALSYNC configured with either ILM FP1 SP1 or FIM 2010 (or manual cross-forest mail contacts created)
- Exchange Server 2007 SP1+ and Exchange 2010 SP3
- Outlook 2007 SP1+
Below Attributes requires for cross forest delegation to work. We can sync below attributes between two forests using GAL Sync or can create these manually.
These attributes are below: –
Now manually create mailbox contact in Source with above attributes. After creating this contact, it showed as Cross forest contact in source forest.
In outlook go to delegation tab (Source Forest) and add delegates by selecting contact which created as cross forest contact.
Now open mailbox target Forest and add calendar for source forest. It will show source forest user calendar (For which target contact was delegated).
Here some attribute for contact which should have unique values. Those are below: –
- mAPIRecipient = TRUE
- msExchMasterAccountSID = objectSID from Mailbox
- msExchOriginatingForest = Target Forest FQDN
- msExchRecipientDisplayType = –1073741818
- msExchRecipientTypeDetails = 32768
- proxyAddresses = X500: + LegacyExchangeDN from Mailbox; existing addresses.
If ILM/FIM is used for Gal sync then there is option to get these attributes replicate during Galsync process.. Below is screen shot of this option in ILM/FIM.