How To Configure Cross Premise Free/Busy - Bits & Bytes
20120
post-template-default,single,single-post,postid-20120,single-format-standard,ajax_fade,page_not_loaded,,qode-theme-ver-11.1,qode-theme-bridge,wpb-js-composer js-comp-ver-5.1.1,vc_responsive

How To Configure Cross Premise Free/Busy

With the way things are going there may be very few on premise mailboxes left in a few years. I was recently asked to help setup Exchange federation of free/ busy calendar information between an on premises Exchange 2010 environment and a company that is hosted in Office 365. You too may one day find yourself asked to make this happen so I decided to jot down my notes on the solution so hopefully they lend a hand to someone else.

Things to understand about the configuration:

This is not a Hybrid configuration for an exchange online scenario. This is simply a situation where two companies (one in Office 365 and one on premises) need to share free/busy calendar information otherwise known as cross-premises free/busy. A minimum of Exchange 2010 w/SP1 Client Access Server is required on premise.

 

Environment details:

On Premise – exchange 2010 w/SP2

Local domain name: localdomain.com

Primary email domain name: emaildomain.net

Public Facing OWA, EWS, OA, EAS, OAB address: webmail.emaildomain.net

Exchange Online –

Primary email domain name: bigdeal.com

High-level overview:

On Premise Server

  1. Create Federation trust with the Microsoft Federation Gateway
  2. Create the federated domain proofs of the federated domain/s and publish to public dns
  3. Update the federation trust with the account namespace
  4. Verify Autodiscover
  5. Create the Organization Relationship with the Exchange Online organization
  6. Setup the Sharing Policy
  7. Create contacts on Premise for the users that reside in the Exchange Online Org

Exchange Online Organization

  1. Access Exchange Online via PowerShell
  2. Test the federation information of the federated domain
  3. Create the Organization Relationship with the on premise organization
  4. Setup the sharing policy
  5. Create contacts in the Exchange Online Org for the users that reside on premise

On premise organization procedure:

Step 1Create Federation trust with the Microsoft Federation Gateway

In this step we are creating the initial federation trust and SSL certificate to connect to the Microsoft Federation Gateway.

  1. Open your Exchange Management console on your 2010 CAS server and click on ‘organization configuration’.
  2. In the actions pane click on the federation trusts tab and click ‘New Federation Trust’
  3. On the ‘New Federation Trust’ window click new. This wizard automagically creates a self-signed certificate for the new federation trust with the Federation Gateway.
  4. Once you receive a status of ‘completed’ click finish.

Step 2 Create the federated domain proofs of the federated domain/s and publish to public dns

**on premise exchange organization uses ‘emaildomain.net’ as their primary email domain. This step takes the Proof variables and ensures that you are the owner of the domain names.

  1. Open the Exchange management shell on your 2010 CAS server and type in the below commands and copy the resulting ‘proof’ values into a notepad.
  • Get-FederatedDomainProof –DomainName exchangedelegation.emaildomain.net
  • Get-FederatedDomainProof –DomainName emaildomain.net
  1. Go to your public dns provider for emaildomain.net and create the following DNS records
  • @emaildomain.net TXT= INSERTTHEPROOFVARIABLE
  • @exchangedelegation.emaildomain.net TXT= INSERTTHEPROOFVARIABLE
  • A record for exchangedelegation.emaildomain.net to point to the same public IP address as Public Facing CAS

Step 3Update the federation trust with the account namespace

In this step we are editing the federation trust and designating the new namespace in which to communicate over ‘exchangedelegation.emaildomain.net’. We are also telling Exchange that the emaildomain.net is a federated domain. You may have to wait up to 24 hours for your previous DNS changes to propagate.

  1. Open the Exchange management shell on your 2010 CAS server
  2. Run the following command
  • Set-FederatedOrganizationIdentifier –DelegationFederationTrust ‘Microsoft Federation Gateway’ –AccountNamespace ‘exchangedelegation.emaildomain.net’ –OrganizationContact ‘postmaster@emaildomain.net’ –Enabled:$true

3. Run the following command

  • Add-FederatedDomain –DomainName emaildomain.net

Step 4Verify Autodiscover

We are verifying that autodiscover is functioning correctly for the emaildomain.net domain. I have provided two different mechanisms to test with however; my preference is the first one.

  1. Either by using http://testexchangeconnectivity.com (my favorite) or other means verify that autodiscover is solid and completes successfully.
  2. You can also use the “Test email auto configuration” utility in outlook
    1. How to guide provided here

Step 5Create the Organization Relationship with the Exchange Online organization

Now we will be defining the relationship parameters between the two companies.

  1. Open the Exchange management shell on your 2010 CAS server
  2. Run the following command
  • Get-FederationInformation –DomainName ‘bigdeal.com’ | New-OrganizationRelationship –Name ‘Sharing with Big Deal’ –Enabled:$true –FreeBusyAccessEnabled:$true –FreeBusyAccessLevel:limiteddetails

Step 6Setup the Sharing Policy

In this step we are further defining the relationship by adjusting the sharing policy and applying it to mailboxes.

  1. Open the Exchange management shell on your 2010 CAS server
  2. Let’s look to see how the current Sharing policy is configured.
  • Get-SharingPolicy ‘Default Sharing Policy’ | FL
  1. If you want to configure the policy you can use the Set-SharingPolicy cmdlet or via the Exchange Management Console.
    1. For more info on Set-SharingPolicy cmdlet http://technet.microsoft.com/en-us/library/dd297931(v=exchg.141).aspx
  • IE: Set-SharingPolicy –Identity ‘Default Sharing Policy’ –Domains ‘bigdeal.com: CalendarSharingFreeBusySimple’
  1. Or EMC – organization configuration – mailbox – sharing policies

Step 7Create contacts on Premise for the users that reside in the Exchange Online Org

To be able to share with users in the other location your exchange server needs an object to work with. The contact object will work in this case and a Contact object will need to be created in the on premise Exchange org for each user that will participate with this function.

  1. Open the Exchange Management Shell, Edit and run the following command for each contact you need to create.
    1. New-MailContact –Name “John Doe” –ExternalEmailAddress jdoe@bigdeal.com
  1. If you have quite a few contacts you may want to import these by another means such as a CSV file or perhaps using the new Azure Active Directory Sync or Forefront Identity Manager for Syncing
    1. Using csv – http://blogs.technet.com/b/bill_long/archive/2010/04/23/importing-public-folder-contacts-from-a-csv-file.aspx

Exchange Online Organization Procedure:

Step 1Access Exchange Online via PowerShell

We will be connecting to Exchange Online via PowerShell. For additional information refer to this link. http://technet.microsoft.com/en-us/library/jj984289(v=exchg.150).aspx

  1. Open PowerShell on the 2010 CAS Server and run the following commands
    1. $UserCredential = Get-Credential
    2. $Session = New-PSSession –ConfigurationName Microsoft.Exchange –ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential –Authentication Basic –AllowRedirection
    3. Import-PSSession $Session

Step 2Test the federation information of the federated domain

  1. In the same PowerShell session from above
  2. Run the following command:
    1. Get-FederationInformation emaildomain.net

Step 3Create the Organization Relationship with the on premise organization

  1. In the same PowerShell session from above
  2. Run the following command:
    1. Enable-OrganizationCustomization
  3. Run the following command:
    1. Get-FederationInformation emaildomain.net | New-OrganizationRelationship –Name “On-Premise” –FreeBusyAccessEnabled:$true –FreeBusyAccessLevel:LimitedDetails

Step 4Setup the Sharing Policy

  1. In the same PowerShell session from above
  2. Looking at the current Sharing policy is configured.

Get-SharingPolicy

  1. If you want to configure the policy you can use the Set-SharingPolicy cmdlet.
    1. For more info on Set-SharingPolicy cmdlet http://technet.microsoft.com/en-us/library/dd297931(v=exchg.141).aspx
  • IE: Set-SharingPolicy –Identity ‘Default Sharing Policy’ –Domains ‘bigdeal.com: CalendarSharingFreeBusySimple’

Step 5Create contacts in the Exchange Online Org for the users that reside on premise

To be able to share with users in the other location your exchange server needs an object to work with. The contact object will work in this case and a contact object will need to be created in the Exchange Online Org for each user that will participate with this function.

  1. Open PowerShell and connect to the Exchange Online org, Edit and run the following command for each contact you need to create.
    1. New-MailContact –Name “John Doe” –ExternalEmailAddress jdoe@bigdeal.com
  1. If you have quite a few contacts you may want to import these by another means such as a CSV file
    1. Using csv – http://community.office365.com/en-us/w/exchange/579.aspx

Testing the configuration

You should be able to test free busy information. You can also configure this to share calendars and contacts cross-premise. Start by using OWA and check the functionality. For additional troubleshooting of this scenario please find the below links:

http://technet.microsoft.com/en-us/library/ff601760(v=exchg.141).aspx

http://technet.microsoft.com/en-us/library/hh310374(v=exchg.141).aspx

No Comments

Post A Comment