Forest Trust + Dedicated Exchange Forest

Need to setup a trust relationship between 2 AD forest. The requirement are as below :
1. TM5 Q2 environment has its own AD environment, but does not have exchange.
2. DEV-AHB has its own AD environment including 2 exchange servers.
3. AmIdentity is going to do a UAT test on TM5 Q2, which requires users to be created in TM5 Q2 environment, users will have mailboxes created.
4. Exchange could not be installed in TM5 Q2 environment, due to licensing issue.
5. Suggestion is to create a trust realtionship between TM5 Q2 and DEV-AHB, and let users in TM5 Q2 to be able to utilize the exchange in DEV-AHB.

I have never done this before, so it's actually very challenging. The trusting part could be easy, but the exchange part might require some skills.

1. TM5 Q2 hasn't been /ADPREP yet, so users will not have exchange properties.
2. TM5 Q2 has a different time zone due to business requirement. Building a trust between these 2 environment might sync time on the servers.

So, before actually doing it on the real environment, i'm now building a virtual server with a AD forest. And i'm gonna build a trust with this server to DEV-AHB. And try to see whether new users can be created with mailbox on them.

================================

So after some research and testing. Here are the findings:

To allow an AD forest's user to utilise the Exchange resource in another AD forest. There will be a few requirements.

1. Exchange Forest need to trust Account Forest.
2. A mailbox-enabled disabled account need to be created in Exchange Forest for every user in Account forest who require a mailbox.
3. If you are using exchange 2007, there is an linked mailbox function where you can go thru a wizard and provision the users.
4. If you are using exchange 2003 or below, you will have to manually go thru the creation of accounts and disabling them and assigning the neccessary rights.

Using a Dedicated Exchange Forest
Using Multiple Forests with Exchange
How to Deploy Exchange 2007 in a Cross-Forest Topology
Deploying an Exchange 2007 Resource Forest (Part 1)
Understanding and using the External Associated Account in Windows Server 2003 and Exchange 2003

=============================================
Now, the steps to manual provision Associated External Accounts in exchange 2003, 2000.


Forest A (with exchange), Forest B (User account forest), Forest A Trust Forest B

1. Create a User in ForestA, with mailbox enabled.
2. Disable ForestA\User.
3. Create a User in ForestB. ForestB\User
4. Under ForestA\User properties, under "Securities", add ForestB\User into the ACL and allow "Send As"
5. Under ForestA\User Properties, under "Exchange Advanced" > "Mailbox Rights", add ForestB\User into the ACL and allow "Read Permission", "Full Mailbox Access" and "Associated External Account"
6. Verified by logging on to OWA using ForestB\User credentials.
7. The email address for this account will be the email address as seen under ForestA\User email address.