I am sure only very few companies will be going for the federated sharing feature introduced in Exchange 2010. It makes sense to deploy it in acquisitions/mergers situation or when the company wants to run the acquired company as a separate entity, but still be able to share free/busy, calendar and contacts information. This feature is not something that exchange admins will be using on a day to day basis, but I have been getting number of questions regarding the feature & hence though of writing about the things to know/consider.
- Federated trust is easy to setup. You can use either EMC or shell for the same.
- You can share free/busy info, calendar and contacts with another user in a federated organization.
- Admin has full control on what can be shared, default being free/busy information.
- Attachments in a meeting request in a user’s calendar cannot be accessed by a federated user, even when the calendar is shared. No information leaks!
- Federated sharing doesn’t work with organizations with non-exchange messaging systems like Lotus Notes.
- You cannot setup federated sharing between an organization that runs Exchange 2010 with one that runs 2007 SP2.
- You can setup federated trust even if you have a mixed environment with 2007 SP2 & 2010 servers, provided that you have atleast one 2010 CAS. Additional config necessary.
- Certificates from internal CAs cannot be used to setup a federated trust.
- Neither can exchange 2010 self signed certificate be used, atleast now.
- Only commercial certificates from CAs approved by Microsoft Federation Gateway can be used. Check one of my previous article
- Federated sharing doesn’t need any service accounts or directory replication.
Cloud Architect & Blogger with interests in Office 365, Enterprise Mobility & Security and Azure. I am active on Experts Exchange & TechNet forums and I am a technical author for SearchExchange. Follow me on Twitter, LinkedIn, Facebook or Google+ for the latest updates. For consultancy opportunities, drop me a line.