|
You have actually created a problem by generating separate user accounts (one for their mailboxes and another for their domain). In a single Active Directory forest, this is not necessary regardless of the number of trees and domains.
There is a tool that can help you out here; it is called the Active Directory Account Cleanup Wizard. It is included with the Exchange System Tools on the Exchange Server 2003 CD. When you run this tool, it will help you identify duplicate accounts and then let you merge them together into one account. Be careful that the target account is the one in the user's domain. Once the two accounts are merged, then you can use a single username and password.
It is possible to change the User Principal Name (UPN) suffix of you child domains' user accounts to be the same as the root domain. In fact, you can change it to be whatever you like. However, it will not change the actual domain they are in. If your users log on using their UPN (what looks like their email address), then the Domain field should be grayed out. In fact, Windows XP Professional doesn't even have a Domain field with its logon so the domain can be transparent to the end user.
Do you have comments on this Ask the Expert Q&A? Let us know.
Related information from SearchExchange.com:
Expert Advice: Deploying Exchange Server on the parent domain controller
Expert Advice: Synchronizing two Active Directory domains
Tip: Pros and cons of multiple Exchange Server organizations
Reference Center: Active Directory tips and resources
Reference Center: Exchange Server permissions and authentication
|
