Applies to: Exchange Server 2010 SP3, Exchange Server 2010 SP2
Topic Last Modified: 2011-07-19
Microsoft Exchange Server 2010 uses Active Directory to store and share directory information with Microsoft Windows.
Active Directory forest design for Exchange 2010 is similar to Exchange 2007. The main change in Active Directory for Exchange 2010 is in the introduction of Role Based Access Control (RBAC). In Exchange 2007, Active Directory provides ways for you to delegate administrative authority to directory objects by using access control lists (ACLs). In Exchange 2010, you don't need to modify and manage ACLs. RBAC enables you to control, at both broad and granular levels, what administrators and end-users can do. For more information about RBAC, see Understanding Role Based Access Control.
Active Directory and a New Exchange 2010 Organization
For more information about planning for Active Directory in a new Exchange 2010 organization, see the following topics:
Active Directory and Legacy Exchange Organizations
For more information about planning for Active Directory when your organization includes legacy versions of Exchange, see the following topics:
2010 Active Directory Schema Changes
Active Directory and Domains
- Understanding the Active
- Planning for
Access to Active Directory
- Planning to
Use Active Directory Sites for Routing Mail
Legacy Exchange 2003 Permissions
- Exchange Server 2003 and Active Directory
For More Information
For comprehensive Active Directory deployment information, see the Windows Server 2003 Deployment Guide.
For more information about Active Directory forest design for your Exchange organization, see Guidance on Active Directory design for Exchange Server 2007 at the Exchange Team Blog.