Ask the Expert

Logging into Exchange with NT vs. AD accounts in mixed mode

I'm planning an NT 4.0/Exchange 5.5 to Windows Server 2003/Exchange 2003 upgrade. In a new, parallel Active Directory deployment, I will use the Active Directory Migration Tool to migrate/copy user accounts to Active Directory. Then, I will use it again to modify the access control lists (ACLs) of the Exchange 5.5 mailboxes, so that the new Active Directory accounts would become the new owners.

After I run that, can I still log in with the old NT accounts and access those mailboxes? Or can I only log in with the Active Directory account from that point on?

    Requires Free Membership to View

It depends on the permissions that are modified during the ACL update. If you leave the old NT account as the primary NT account of the Exchange 5.5 mailbox, then the new account should still have access to the resource via SIDHistory. But it would require you to keep the legacy domain online indefinitely, and have a functioning trust in place.

You should determine how long you want to keep the legacy domain online, then re-ACL the primary NT accounts to the new accounts. After that, you can have your users log into the Active Directory domain versus NT.


Do you have comments on this Ask the Expert Q&A? Let us know.
Related information from SearchExchange.com:

  • Learning Center: Toolbox for Exchange administrators
  • Learning Guide: Exchange Server migration
  • Reference Center: Exchange permissions and authentication

  • This was first published in November 2005

    There are Comments. Add yours.

     
    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to: