Federated Sharing – Points To Note…

I am sure only very few companies will be going for the federated sharing feature introduced in Exchange 2010. It makes sense to deploy it in acquisitions/mergers situation or when the company wants to run the acquired company as a separate entity, but still be able to share free/busy, calendar and contacts information. This feature is not something that exchange admins will be using on a day to day basis, but I have been getting number of questions regarding the feature & hence though of writing about the things to know/consider.

• Federated trust is easy to setup. You can use either EMC or shell for the same.
• You can share free/busy info, calendar and contacts with another user in a federated organization.
• Admin has full control on what can be shared, default being free/busy information.
• Attachments in a meeting request in a user’s calendar cannot be accessed by a federated user, even when the calendar is shared. No information leaks!
• Federated sharing doesn’t work with organizations with non-exchange messaging systems like Lotus Notes.
• You cannot setup federated sharing between an organization that runs Exchange 2010 with one that runs 2007 SP2.
• You can setup federated trust even if you have a mixed environment with 2007 SP2 & 2010 servers, provided that you have atleast one 2010 CAS. Additional config necessary.
• Certificates from internal CAs cannot be used to setup a federated trust.
• Neither can exchange 2010 self signed certificate be used, atleast now.
• Only commercial certificates from CAs approved by Microsoft Federation Gateway can be used. Check one of my previous article
• Federated sharing doesn’t need any service accounts or directory replication.