Yes you absolutely will run into the issue. The problem has nothing to do with load, it is how DSPROXY hands out GC's to clients. If you have GC's from multiple domains in the site where your exchange servers are, the exchange servers will have them all (up to I think 25 or something like that) in its GC list, any and all of those are valid to be given out to ANY client requesting a GC irregardless of the domain of the client or the user. You must break out your Exchange stuff into single domain AD sites or you must hard code the Exchange Servers DSACCESS list or hardcode the clients.
On the positive side I really escalated this problem within MS as an MVP and our MS Premier Alliance folks really escalated this problem through their channels. Although Exchange Dev dismissed and said it would be corrected previously, they are now being forced to look at it again. My recommendation to everyone this list is if you have multiple domain GCss in a single AD site and use Exchange 2000/3 call now and bitch to MS about this functionality. Initially they falled back on the old tried and true, people don't really have this problem, it is just you guys because you are doing things differently... Right off the bat we know it can affect DL's, Delegates, and email Certs. joe -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Tuesday, November 25, 2003 7:14 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Good Morning: Long time lurker, 1st time poster :-) This topic was somewhat covered in a thread initiated by Joe, but I have a follow-up question. Our scenario: Approximately 6800 users. A Windows 2003 AD design with an empty forest root domain, and 2 child domains, 2 DCs per domain. The bulk of the users will be in one child domain, and there won't be much interaction between the 2 child domains. The root and the main child domain will both be within the data centre in a single site. We will be deploying Exchange 2003 in the main child domain. We are in the lab proof of concept phase, and the question has arisen whether when users attempt to manage DLs once we're in Exchange native mode, if they'll be potentially referred to a GC in the root domain, thus having their modification attempt fail. The time to determine this is now, before we move to the pilot (which involves deploying AD, then deploying the 1st E2K3 server). My initial thought was to simulate a heavy messaging load to DLs (UGs) with Loadsim. Using that approach, though, is there a relatively easy way to determine what GCs are being hit? Or is there a completely different approach I should be taking? Or, is the thoughts of the big brains on this list that this won't be an issue at all? Any and all feedback would be greatly appreciated. ADthanksVANCE, Andy Schan Messaging Contractor List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
