gallery.technet.microsoft.com · web viewits time configure the cross forest mail-flow. when it...
TRANSCRIPT
Cross forest Mail-flow under Two way AD trust
Now as we successfully configured the cross forest AD two way trust in my previous post which you can find over here https://gallery.technet.microsoft.com/Lab-for-cross-forest-AD-e40c001f . Its time configure the cross forest Mail-flow.
When it comes to the question about how the email flow will work when two AD forests are in trusts with each other. I could have thought about sending an email to internet and made the DNS MX records for the target forest exchange server and shot email expecting it to reach over there. But in actual scenario this does not work as there is a strong reason behind it. So when an AD trust is established, the point till you get in order to establish an AD trust you have to be able to ping the DC in the forest on the FQDN and vice-versa. Now the important thing to keep in mind is the two DCs are able to Ping each other only because there are we used conditional forwarders in the first place to be able to route the ping query to destination forest. And that is the main reason why DNS MX record query will not be used for mail delivery in this case. As when an email is shot according to AD topology configuration DNS will recognize that the domain for which the email is intended to is already in trust with it. So because of that reason it will look for a connector instead of going to the internet and look for a Public DNS MX record. So if connectors with the destination server IP address are not configured mail delivery will not be possible. Check the steps on how to create cross forest connectors.
Now we need to do the same in the exchange server of the other forest
Time to test Sending email from user [email protected] to [email protected]
And the email arrives