I am sure only very few companies will be going for the federated sharing feature introduced in Exchange 2010. It makes sense to deploy it in acquisitions/mergers situation or when the company wants to run the acquired company as a separate entity, but still be able to share free/busy, calendar and contacts information. This feature is not something that exchange admins will be using on a day to day basis, but I have been getting number of questions regarding the feature & hence though of writing about the things to know/consider.
- Federated trust is easy to setup. You can use either EMC or shell for the same.
- You can share free/busy info, calendar and contacts with another user in a federated organization.
- Admin has full control on what can be shared, default being free/busy information.
- Attachments in a meeting request in a user’s calendar cannot be accessed by a federated user, even when the calendar is shared. No information leaks!
- Federated sharing doesn’t work with organizations with non-exchange messaging systems like Lotus Notes.
- You cannot setup federated sharing between an organization that runs Exchange 2010 with one that runs 2007 SP2.
- You can setup federated trust even if you have a mixed environment with 2007 SP2 & 2010 servers, provided that you have atleast one 2010 CAS. Additional config necessary.
- Certificates from internal CAs cannot be used to setup a federated trust.
- Neither can exchange 2010 self signed certificate be used, atleast now.
- Only commercial certificates from CAs approved by Microsoft Federation Gateway can be used. Check one of my previous article
- Federated sharing doesn’t need any service accounts or directory replication.
Thanks rajith, Useful to know.
[Reply]
Thanks for the comment Deepak.
[Reply]
Thanks for that. Very helpful… but
does it mean exactly this mixed environement or any like 2003 / 2010
[Reply]
Hi Tommy,
You can't have federation with a 2003 & 2010 forest. Purely 2010 feature, though you can make it work even if you have a mix of 2007 SP2 & 2010 in one forest and pure 2010 in another.
[Reply]
Thank you for your (very fast) help!
[Reply]
My company is EX2010 and my sister company is EX2007. We have a domain trust between us.
Can I set up Federated sharing to an EX2007 org?
[Reply]
Hi Scott,
You cannot setup federated sharing between an organization that runs Exchange 2010 with one that runs 2007 SP2.
You can setup federated trust even if you have a mixed environment with 2007 SP2 & 2010 servers, provided that you have atleast one 2010 CAS.
[Reply]
Ok, thank you!
[Reply]
No problem Scott.
[Reply]