Leveraging Multi-Forest Exchange Hybrid for Your Organization

Microsoft Exchange Hybrid is a well-understood configuration that is commonly set up between Office 365 and on-premises environments. However, when you have more than one Exchange forest, things can get a bit more complex. This blog post will explore how a multi-forest Exchange Hybrid can benefit your organization.

What is a Multi-Forest Exchange Hybrid?

A multi-forest Exchange Hybrid is defined as an organization having Exchange servers deployed in multiple forests. Organizations that utilize a resource forest for user accounts, but maintain all Exchange servers in a single forest, aren’t classified as multi-forest in hybrid deployment scenarios.

Key Benefits of Multi-Forest Exchange Hybrid

Secure Mail Routing

One of the key features of a hybrid deployment is secure mail routing between on-premises and Exchange Online organizations. This cannot be easily achieved with an SMTP gateway.

Shared Domain Namespace

With a hybrid deployment, both on-premises and Exchange Online organizations can use the same SMTP domain5. This allows for seamless integration and communication between different parts of your organization.

Unified Global Address List

A hybrid deployment enables a unified global address list (GAL), also known as a “shared address book”. This means that users from different forests can find and communicate with each other easily.

Autodiscover Endpoints

Each Exchange forest must be authoritative for at least one SMTP namespace and the corresponding Autodiscover namespace. This ensures that the Office 365 service can query the Autodiscover service in each Exchange forest.

Dedicated Certificates for Each Forest

For a multi-forest hybrid deployment, each forest must use a dedicated CA-issued certificate for secure mail transport to function correctly in a hybrid deployment.

Considerations for Multi-Forest Exchange Hybrid

While a multi-forest Exchange Hybrid offers numerous benefits, it does come with its own set of challenges. For instance, existing policies in Office 365 – Data Loss Prevention (DLP), archiving, transport rules – all require assessment, especially when integrating different geographies or companies and departments with differing cultures and languages.
Moreover, setting subsequent Exchange organizations into Federation can be achieved by the normal Hybrid Configuration Wizard (HCW), but some specialized configuration is required.


A multi-forest Exchange Hybrid can be a powerful tool for organizations with complex structures. It offers secure mail routing, shared domain namespace, and a unified global address list, among other benefits. However, it’s important to carefully consider the unique challenges that come with this configuration and plan accordingly.

About the author