We are running into some issues with our E2K migration plan. We are creating an "empty" root NATIVE AD domain. We are upgrading our NT4 master user domain to MIXED mode AD.
Original plan was to configure a DL connection agreement to create DLs as universal security groups in the native AD domain, and everything else in the mixed mode domain. Then, we found out that Outlook cannot be used to manage DLs that aren't in the same domain (Outlook only talks to GCs, and GCs only have read-only copies of groups from other domains). One possible solution is to use global groups instead of universal groups. We would write a script to read all of our MSX5.5 DLs and create corresponding AD global groups in a special OU. Then, we'd configure a CA to replicate DLs to this OU. I realize that global groups are limited to members from the local domain, but that is OK. However, my questions are: 1. If ADC attempts to replicate a DL from MSX5.5 to AD and finds a global group of the same name, will it populate the global group? In other words, will group membership replication work? 2. I've never heard of anyone doing this. Am I missing something that is going to bite me later? We would eventually move to all native mode AD, and at point we'd convert the global groups to universal security groups. Sound reasonable? _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
