Planning Active Directory

Applies to: Exchange Server 2010

Microsoft Exchange Server 2010 uses Active Directory to store and share directory information with Microsoft Windows.

Active Directory forest design for Exchange 2010 is similar to Exchange 2007. The main change in Active Directory for Exchange 2010 is in the introduction of Role Based Access Control (RBAC). In Exchange 2007, Active Directory provides ways for you to delegate administrative authority to directory objects by using access control lists (ACLs). In Exchange 2010, you don't need to modify and manage ACLs. RBAC enables you to control, at both broad and granular levels, what administrators and end-users can do. For more information about RBAC, see Understanding Role Based Access Control.

Active Directory and a New Exchange 2010 Organization

For more information about planning for Active Directory in a new Exchange 2010 organization, see the following topics:

• Prepare Active Directory and Domains
• Understanding the Active Directory Driver
• Planning for Access to Active Directory
• Planning to Use Active Directory Sites for Routing Mail

Active Directory and Legacy Exchange Organizations

For more information about planning for Active Directory when your organization includes legacy versions of Exchange, see the following topics:

• Exchange 2010 Active Directory Schema Changes
• Prepare Active Directory and Domains
• Understanding the Active Directory Driver
• Planning for Access to Active Directory
• Planning to Use Active Directory Sites for Routing Mail
• Prepare Legacy Exchange 2003 Permissions
• Exchange Server 2003 and Active Directory
• Discontinued Features and De-Emphasized Functionality

For More Information

For comprehensive Active Directory deployment information, see the Windows Server 2003 Deployment Guide.

For more information about Active Directory forest design for your Exchange organization, see Guidance on Active Directory design for Exchange Server 2007 at the Exchange Team Blog.