Video Screencast Help

Configuring EV and EVOWA in a Cross Forest environment

Created: 18 Apr 2013 • Updated: 22 Apr 2013
Language Translations
Nups's picture
+2 2 Votes
Login to vote

Following are the two scenarios considered for this excercise:-

 a)      User 1 with AD account and EV setup in Forest 2( with an Exchange mailbox in Forest 1(


Linked mailbox: Linked mailbox is a name for a mailbox that is accessed by a security principle (user) in a separate, trusted forest.

Linked mailbox can be created as per the document below:

b)      User 2 with AD account and mailbox in Forest 1 and EV in Forest 2:


Following are the pre-requistes for configuring Enterprise Vault archiving for Exchange to work in the cross forest environment.

  1. Trust relationship between two forests is essential for communication however before setting up a trust setup your DNS properly. There is a technote from microsoft which shall help as a quick checklist :              

  1. Once the DNS is setup correctly you can create a trust relationship between two forests.

  1. Enterprise Vault Service account (in Forest 2) requires full access to all mailboxes and public folders on Exchange that needs to be archived in Forest 1.


Assuming that above pre-requistes are met perform the following steps to configure EV:-

-   Add the domain in the Forest 1( into the Vault Admin console of the EV Server residing in Forest 2(


-    Add the exchange server in Forest 1(


-          Create a new provisioning group for the Exchange server.

-          Create an Exchange mailbox archiving task for Exchange server in Forest 1 and a provisioning task for the domain in Forest 1.

-          After running the provisioning task users can be enabled and the Exchange archiving should work as a normal process.

Enterprise Vault OWA configuration in a cross forest environment:-

-          Steps to configure Enterprise Vault OWA can be referred from the link below :-


-          For the cross forest configuration of OWA  following points should be noted:-

      a)      ExchangeServers.txt should be created on EV server enterprise vault installation folder in Forest 2 with the ip address of the                      Exchange server in Forest 1.

      b)      There should be anonymous user(EVanon) created in Forest 1 that should have permission on the EVAnon directory in Forest 2

      c)       In our case following script should be run on EV server in Forest2:-

                Cscript OWAUser.wsf /domain:domain(Forest1) /user:anonymous(Forest1) /password:<password>

      d)      Restart the EV admin service..

-  This should enable EV for the OWA users.

                 Below are few good articles for troubleshooting EV OWA issues:-

     1)      Enterprise Vault OWA Resource Tool (EVORT) - Troubleshooting


2)      Whitepaper: Troubleshooting OWA Extensions

3)      How To: Troubleshooting and Common Causes why Enterprise Vault (EV) Toolbars do not display in Outlook Web Access (OWA) 2007 or Outlook                                      Web App (OWA) 2010