Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Configuring EV and EVOWA in a Cross Forest environment

Created: 18 Apr 2013 • Updated: 22 Apr 2013
Language Translations
Nups's picture
+2 2 Votes
Login to vote

Following are the two scenarios considered for this excercise:-

 a)      User 1 with AD account and EV setup in Forest 2(veritas.com) with an Exchange mailbox in Forest 1(Symantec.com)

Forest1.png

Linked mailbox: Linked mailbox is a name for a mailbox that is accessed by a security principle (user) in a separate, trusted forest.

Linked mailbox can be created as per the document below:

       http://technet.microsoft.com/en-in/library/bb123524(v=exchg.80).aspx

b)      User 2 with AD account and mailbox in Forest 1 and EV in Forest 2:

Forest2.png

Following are the pre-requistes for configuring Enterprise Vault archiving for Exchange to work in the cross forest environment.

  1. Trust relationship between two forests is essential for communication however before setting up a trust setup your DNS properly. There is a technote from microsoft which shall help as a quick checklist :

http://technet.microsoft.com/en-us/library/cc770907.aspx              

  1. Once the DNS is setup correctly you can create a trust relationship between two forests.

http://technet.microsoft.com/en-us/library/cc740018(v=ws.10).aspx

  1. Enterprise Vault Service account (in Forest 2) requires full access to all mailboxes and public folders on Exchange that needs to be archived in Forest 1.

           http://www.symantec.com/business/support/index?page=content&id=TECH76700

Assuming that above pre-requistes are met perform the following steps to configure EV:-

-   Add the domain in the Forest 1(symantec.com) into the Vault Admin console of the EV Server residing in Forest 2(veritas.com)

                            EV1.png

-    Add the exchange server in Forest 1(Symantec.com).

               EV2.png

-          Create a new provisioning group for the Exchange server.

-          Create an Exchange mailbox archiving task for Exchange server in Forest 1 and a provisioning task for the domain in Forest 1.

-          After running the provisioning task users can be enabled and the Exchange archiving should work as a normal process.

Enterprise Vault OWA configuration in a cross forest environment:-

-          Steps to configure Enterprise Vault OWA can be referred from the link below :-

            http://www.symantec.com/business/support/index?page=content&id=HOWTO38205

-          For the cross forest configuration of OWA  following points should be noted:-

      a)      ExchangeServers.txt should be created on EV server enterprise vault installation folder in Forest 2 with the ip address of the                      Exchange server in Forest 1.

      b)      There should be anonymous user(EVanon) created in Forest 1 that should have permission on the EVAnon directory in Forest 2

      c)       In our case following script should be run on EV server in Forest2:-

                Cscript OWAUser.wsf /domain:domain(Forest1) /user:anonymous(Forest1) /password:<password>

      d)      Restart the EV admin service..

-  This should enable EV for the OWA users.

                 Below are few good articles for troubleshooting EV OWA issues:-

     1)      Enterprise Vault OWA Resource Tool (EVORT) - Troubleshooting

                http://www.symantec.com/business/support/index?page=content&id=HOWTO59470

2)      Whitepaper: Troubleshooting OWA Extensions

https://www-secure.symantec.com/connect/articles/whitepaper-troubleshooting-owa-extensions

3)      How To: Troubleshooting and Common Causes why Enterprise Vault (EV) Toolbars do not display in Outlook Web Access (OWA) 2007 or Outlook                                      Web App (OWA) 2010

http://www.symantec.com/business/support/index?page=content&id=TECH68743