Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Unity 5.0 with multiple domains

Hi,

I have to install a new Unity 5.0 (with failover) UM mode for Exchange 2003 for a customer.

An existing Unity 4 UM is running but I will install both new servers on new hardware servers.

According to what I read, I can do the new installation in parallel of Unity 4 production, extend the AD schema with the unity 5 assistant, and migrate subscribers using GSM and COBRAS tools to finalize the migration.

But I want to receive confirmation from you guys about the AD integration.

Customer has a single forest with two child domains. Currently, subscribers are only on one of both domains but with the new Unity 5.0 infrastructure, subscribers will be from both domains.

What I want to know if it's a supported design: using one unity server (with failover) to manage subscribers from two different domains (but into a single forest).

If it works technically, how? Because Unity servers must be members of an existing domain, but which one should I choose?

Thank you for your help.

Best regards,

Yorick

1 ACCEPTED SOLUTION

Accepted Solutions
Bronze

Re: Unity 5.0 with multiple domains

Hi,

That is a supported design. We have configurations that have a single forest with multiple peer and/or child domains in our QA test lab. If you've got Exchange servers in the different domains, you'll need to run Permissions Wizard on the different mail stores before installing Unity.

I'm not an AD expert, so I can't explain how it works technically. I'll leave that to somebody else.

As to which domain to add the Unity server to, I don't think it matters.

I was looking through the Unity Design Guide chapter on Exchange (http://www.cisco.com/en/US/docs/voice_ip_comm/unity/5x/design/guide/5xcudg040.html) to see what it has to say on the issue, and the only thing I saw was the following:

"If Cisco Unity subscribers are homed in more than one domain, a DC for each domain must be in the same data center as the Cisco Unity server.

Nancy

4 REPLIES
Bronze

Re: Unity 5.0 with multiple domains

Hi,

That is a supported design. We have configurations that have a single forest with multiple peer and/or child domains in our QA test lab. If you've got Exchange servers in the different domains, you'll need to run Permissions Wizard on the different mail stores before installing Unity.

I'm not an AD expert, so I can't explain how it works technically. I'll leave that to somebody else.

As to which domain to add the Unity server to, I don't think it matters.

I was looking through the Unity Design Guide chapter on Exchange (http://www.cisco.com/en/US/docs/voice_ip_comm/unity/5x/design/guide/5xcudg040.html) to see what it has to say on the issue, and the only thing I saw was the following:

"If Cisco Unity subscribers are homed in more than one domain, a DC for each domain must be in the same data center as the Cisco Unity server.

Nancy

New Member

Re: Unity 5.0 with multiple domains

Hi Nancy,

Thank you very much for your complete response.

Sounds good for the deployment. Because I can build the new Unity 5.0 servers in parallel of the current 4.x ones, I will try as soon as possible the schema extension and some beta users migrations.

You deserve your 5 points rating ;).

Best regards,

Yorick

New Member

Re: Unity 5.0 with multiple domains

Nancy,

Is it possible to work a similar scenario but with two separate and distinct domains?.. not at all in the same forest.

If we setup a trust with the domains, will that work?

any thoughts are appreciated.

thanks

-Sam

Bronze

Re: Unity 5.0 with multiple domains

Hi,

No, this won't work. Unity needs to be in the same AD forest that Exchange and all the subscriber mailboxes are in. You will need a Unity server in each AD forest and configure VPIM networking in between. Here's the link to the Unity Networking Guide for the gory details: http://www.cisco.com/en/US/docs/voice_ip_comm/unity/5x/networking/guide/ex/5xcunetexx.html

A one-way trust and running the GrantUnityAccess tool would allow a user account from one forest to authenticate to the Unity subscriber in a different forest. In this scenario, there is one Unity subscriber with a AD user account for themselves in two different forests. This is what some customers with Unity in the voice-mail-only configuration do. Their users have two mailboxes and AD accounts -- one in the corporate forest for email, and one in the Unity forest for voicemail.

Nancy

203
Views
0
Helpful
4
Replies