2. Organization Relationships
After you have created and configured a federation trust, you can establish organization relationships with other organizations (assuming that they have established a federation trust of their own).
Organization relationships provide the means to share availability (free/busy)
information between organizations. When you create an organization
relationship with an external organization, users in that external
organization can access availability information for your users. For
your users to access availability information from the external
organization, however, an organization relationship must be configured
on their side as well.
You can configure an organization relationship using either the EMC or the EMS. Having a federation trust in place is a prerequisite to successfully creating an organization relationship. In the EMC, you start the New
Organization Relationship Wizard by selecting Organization
Configuration on the navigation pane and then clicking New Organization
Relationship on the actions pane, as shown in Figure 5.
To create an organization
relationship to share availability information, on the Introduction
page of the wizard you define a name for the relationship, define the free/busy
data access level, and specify a security distribution group containing
the internal members whose free busy data will be accessible via the
relationship, as shown in Figure 6. The free/busy data access level can be set to three levels:
No Free/Busy Access (used when organization relationship is established for federated delivery only)
Free/Busy Access With Time Only
Free/Busy Access With Time, Plus Subject And Location
Note:
Details,
attachments, and attendees are not made accessible via the organization
relationship; to view that level of information, the user must create a
Sharing Invitation to the user in the other organization.
On the External Organization page of the wizard, you can specify a federated domain of the external organization and have the configuration information automatically discovered via the MFG as shown in Figure 7. Alternately, you can manually enter the configuration information in the bottom half of the screen.
Via the EMS, you can create
an organization relationship by automatically discovering the
configuration as shown in the following example:
Get-FederationInformation -DomainName Contoso.com | New-OrganizationRelationship -Name
"Contoso" -FreeBusyAccessEnabled $true -FreeBusyAccessLevel LimitedDetails
An important point to note is that for Get-FederationInformation
to work, DNS records must be correctly configured so that Autodiscover
is resolvable to an external-facing CA server. For example, for the
preceding cmdlet a CNAME record must be in place to resolve
autodiscover.contoso.com to an Exchange Server 2010 Client Access
server that is accessible from the Internet.
Alternatively, the
following example shows how you can configure an organization
relationship with Contoso by specifying the configuration information
manually if Autodiscover is unsuccessful:
New-OrganizationRelationship -Name "Contoso" -Domainnames "contoso.com","northamerica
.contoso.com"," europe.contoso" -FreeBusyAccessEnabled $true -FreeBusyAccessLevel
LimitedDetails -TargetAutodiscoverEpr "https://mail.contoso.com/autodiscover/
autodiscover.svc/wssecurity" -TargetApplicationUri "mail.contoso.com"
In most cases, it is recommended to resolve any Autodiscover issues, if possible, and then create the organization relationship by retrieving the configuration information from the Microsoft Federation Gateway automatically.