Knowledge Base Article

Configuring EV and EVOWA in a Cross Forest environment

 

Following are the two scenarios considered for this excercise:-

 a)      User 1 with AD account and EV setup in Forest 2(veritas.com) with an Exchange mailbox in Forest 1(Symantec.com)

Forest1.png

 

Linked mailbox: Linked mailbox is a name for a mailbox that is accessed by a security principle (user) in a separate, trusted forest.

Linked mailbox can be created as per the document below:

       http://technet.microsoft.com/en-in/library/bb123524(v=exchg.80).aspx

 

b)      User 2 with AD account and mailbox in Forest 1 and EV in Forest 2:

 

Forest2.png

 

 

Following are the pre-requistes for configuring Enterprise Vault archiving for Exchange to work in the cross forest environment.

 

  1. Trust relationship between two forests is essential for communication however before setting up a trust setup your DNS properly. There is a technote from microsoft which shall help as a quick checklist :

http://technet.microsoft.com/en-us/library/cc770907.aspx              

 

  1. Once the DNS is setup correctly you can create a trust relationship between two forests.

http://technet.microsoft.com/en-us/library/cc740018(v=ws.10).aspx

 

  1. Enterprise Vault Service account (in Forest 2) requires full access to all mailboxes and public folders on Exchange that needs to be archived in Forest 1.

           http://www.symantec.com/business/support/index?page=content&id=TECH76700

 

 

Assuming that above pre-requistes are met perform the following steps to configure EV:-

       

-   Add the domain in the Forest 1(symantec.com) into the Vault Admin console of the EV Server residing in Forest 2(veritas.com)

 

                            EV1.png

 

 

      

-    Add the exchange server in Forest 1(Symantec.com).

 

               EV2.png

 

 

 

-          Create a new provisioning group for the Exchange server.

-          Create an Exchange mailbox archiving task for Exchange server in Forest 1 and a provisioning task for the domain in Forest 1.

-          After running the provisioning task users can be enabled and the Exchange archiving should work as a normal process.

Enterprise Vault OWA configuration in a cross forest environment:-

 

-          Steps to configure Enterprise Vault OWA can be referred from the link below :-

            http://www.symantec.com/business/support/index?page=content&id=HOWTO38205

 

-          For the cross forest configuration of OWA  following points should be noted:-

      a)      ExchangeServers.txt should be created on EV server enterprise vault installation folder in Forest 2 with the ip address of the                      Exchange server in Forest 1.

      b)      There should be anonymous user(EVanon) created in Forest 1 that should have permission on the EVAnon directory in Forest 2

      c)       In our case following script should be run on EV server in Forest2:-

                Cscript OWAUser.wsf /domain:domain(Forest1) /user:anonymous(Forest1) /password:<password>

      d)      Restart the EV admin service..

         

-  This should enable EV for the OWA users.

 

                 Below are few good articles for troubleshooting EV OWA issues:-

     1)      Enterprise Vault OWA Resource Tool (EVORT) - Troubleshooting

                http://www.symantec.com/business/support/index?page=content&id=HOWTO59470

2)      Whitepaper: Troubleshooting OWA Extensions

https://www-secure.symantec.com/connect/articles/whitepaper-troubleshooting-owa-extensions

3)      How To: Troubleshooting and Common Causes why Enterprise Vault (EV) Toolbars do not display in Outlook Web Access (OWA) 2007 or Outlook                                      Web App (OWA) 2010

http://www.symantec.com/business/support/index?page=content&id=TECH68743

 

 

 

 

 

Published 12 years ago
Version 1.0
No CommentsBe the first to comment