Hey I can read it! Good show Al!
Dean is a complete noob in terms of Exchange next to me.
;o) But I am not an Exchange guy by any stretch, I am an AD guy who digs into
Exchange problems as if they were just any other problem. I know nothing about
E5.5. I constantly hear how the admin tools etc suck in E2K+ compared to E5.5, I
have no clue, I look away when I see it, I don't want to learn it.
> Exchange actually does it better than most, although as joe
>
points out, there is always room for improvement.
Does what better? Exchange certainly uses the
directory more than most, it would be a rough morning after the night I said it
uses it better than most things and I might find myself married with a crashed
car and having a massive hangover at about the same time I start the regrets on
saying Exchange did something better... ;o)
Good comments on the original idea for AD. I recall itching
everytime I heard folks (even Stuart) saying it was the every-directory as I was
looking at Enterprise level companies with 10-15+ directories and no one even
close to wanting to go to a single one especially the one made by the company
who couldn't produce a domain that could reliably go over 40k users (slight
exageration there, we were running domains with 60-100k users on them but I was
waiting for the bomb to drop)....
> Meanwhile, Exchange was the "killer" app that caused people to even
>
consider that major leap from NT4 to AD
I think this helped but in a lot of larger orgs I know they
were going to AD before Exchange 2K was considered. The earlier mentioned
problem of NT domains that were barely running was a big pusher for very large
orgs as well as the idea of getting to a more standards based environment. I
feel for anyone who does their AD and Exchange migrations at the same time
because they end up building a directory that is dedicated to Exchange and tend
to run into fun when trying to do other things. There are a lot of Exchange
consultant with a lot of silly ideas on how AD should be configured. If someone
was lucky enough to have been running AD as a NOS directory for some time they
had enough understanding and ammo to tell those MCS guys to bag it when they
were saying Exchange-centric things.
> Want
a single server to handle 4,000 heavy mapi users?
> You
can't do that with Exchange 5.x, but you can with Exchange
200x.
Just make sure they are *just* heavy MAPI users and not
heavy MAPI AND (Blackberry OR Desktop Search) users. I swear I hear
more issues because of those two addons than anything else I have heard of (DT
Search also includes, probaby incorrectly, apps that archive content). Once you
start adding those side apps each user needs to be considered much more
than one user, they should be considered 3,4,5,6 users and E2K doesn't
scale well to handle that if you are counting users in the singular. Sorry that
was wildly OT but I keep hearing about folks complaining that their servers
should handle 4000 users fine but they are finding that 1000 users may be a
stretch if they are BB or DTS users as well.
Good comments overall, bonus that I could actually read
it. :o)
joe
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Al Mulnick
Sent: Thursday, May 18, 2006 9:03 AM
To: [email protected]
Subject: Re: [ActiveDir][OT] DNS on a DC or NOT
<trying this in rich text from gmail to see if it floats; let me know if
you can't see the text joe :)>
Um, no. (Yes, it does have to be a DC to be a GC.) But other than scalability and simplicity related to troubleshooting/recoverability, what exactly do you sacrifice if you put Exchange on a GC?
There are those that think that putting Exchange on a GC is the way to go. There are others that would disagree but what else is new. For those that have been implementing and designing Exchange for a number of years (joe's not really that old compared to Dean ;-) this concept would seem familiar to the Exchange 4-5x days.
As a number of apps were promised to do, Exchange heavily utilizes and therefore relies on the AD directory for authentication, authorization, and directory services (identification) (i.e. directory lookups to aid in mail routing, server lookups (DNS), configuration settings (GPO), and GAL services, etc). Exchange actually does it better than most, although as joe points out, there is always room for improvement.
If you look at the history, there were some dark days around the Exchange
2000 deployments for Exchange. 2003 got much better and hopefully E12
(what's it called now? I forget) won't get "office-ized" by the org changes
going on at Microsoft. I've seen the "servers" that the office team put out and
I'm thoroughly less than impressed. Hopefully that gets better, but I'm not a
desktop guy and I'm not interested in becoming a desktop focused expert.
Those desktop machines and office productivity apps are prime targets for
commoditization over the next 5 years IMHO. Too much is at stake for it not to
be. But I digress.
<history> The original implementation of AD was expected by Microsoft
architects to replace ALL of the other directory services you might have and
become the centerpiece to your networked computing infrastructure. It's
why you'll find things like DNS integrated into the directory. Well, one
reason anyway. Anyhow, as time wore on, adoption was slower than hoped for and
one reason was that it was a big pill to swallow. Many large companies
already had a working NT model (I say that tongue in cheek: it was limping along
in large orgs), had working DNS models including administrivia and DR processes
(shame on you if you don't), and a working directory structure based on the LDAP
standards that, although they started as a client access protocol to X.500
directories, become synonymous with server side implementations. Whatever, only
a purist cares I'm sure. It was realized that although AD had a place in the
environment, it was not likely going to rule the world overnight as originally
expected and designed and marketed and.... It could however be made to play well
and nicely and a lot of refinement was put into that release and now R2.
Meanwhile, Exchange was the "killer" app that caused people to even
consider that major leap from NT4 to AD (which we know now is really not that
big a deal, but boy was it scary then, right?) Some are still migrating or
just getting started, but to each their own.
Exchange was often bashed for not being scalable soooooo.... it makes sense
to off-load some of the services to a single purpose machine - we know it as a
domain controller/dns host/directory server/etc. Wow. What a great
idea. Wait. What if you don't have a network design that can take
advantage of that? Maybe it was geared up and refined to be better with a
mainframe centric computing model and maybe NT 4.0 was existing there? Hmm... Or
maybe your company doesn't have a network that looks like a single 40-story
(storey for those across the pond) building with one single high-speed network?
Maybe you have users accessing your email and directory from around the globe
and maybe 40% of your users are mobile at any given time? Maybe
more. Exchange won't play nice with a network like that out of the
box because it was geared up to be scalable. Want a single server to
handle 4,000 heavy mapi users? You can't do that with Exchange 5.x, but
you can with Exchange 200x. Why? Many reasons and I won't bore you with the
details. What's important is that if you look at the topology, it might
make more sense to put the directory back onto Exchange computers based on the
way your network works. Can you scale it as high? No. Is it simple to recover?
No (it should be easier than it is IMHO). But does it serve the purpose better?
Yes. Can it handle that 150 user density South African office without being
hampered by the hamstrung internet connection off the continent? I've been told
it's much better performance than using something like cached mode clients or
OWA if the server is local. I can believe that.
Help me understand why I wouldn't put Exchange on a GC in more situations
than I don't? What would I lose?
Neil, I'm curious about what you'd pick for an authentication service over
AD?
Heck, now I'm just rambling though, 'cause this is likely blank ;)
Heck, now I'm just rambling though, 'cause this is likely blank ;)
Al
On 5/18/06, Carlos Magalhaes <[EMAIL PROTECTED]> wrote:
> Well currently to have a GC you need that machine to be a DC and as we
> all know you don't put Exchange on a DC ;)
>
> Exchange already feels special ;)
>
> Carlos Magalhaes
>
> Krenceski, William wrote:
> > Why can't exchange just have the GC on it somehow. I'm not a developer
> > by any means of the word. It just seems that if Exchange is "SPECIAL"
> > make it feel special......
> >
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED]] On Behalf Of joe
> > Sent: Wednesday, May 17, 2006 7:21 PM
> > To: [email protected]
> > Subject: RE: [ActiveDir][OT] DNS on a DC or NOT
> >
> > LOL.
> >
> > For those not at the DEC 2006 Dean and joe show presentation, Mark's
> > 'Exchange is "SPECIAL"' comment is a direct reference to something I
> > said when bouncing around talking about AD and bad applications. I
> > miraculously stopped and looked straight at a Microsoft MVP for Exchange
> > (Mark) while spouting the truism Exchange is "SPECIAL" in relation to
> > how it abuses AD. I was in a groove when I said it so I didn't actually
> > realize I was looking at Mark or else I probably would have bust out
> > laughing as I did later when he explained what I had done.
> >
> > I think all of the Exchange MVPs tend to have a special place in their
> > heart for me as does the entire Exchange Dev team. ;o)
> >
> >
> > joe
> >
> >
> >
> > --
> > O'Reilly Active Directory Third Edition -
> > http://www.joeware.net/win/ad3e.htm
> >
> >
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto: [EMAIL PROTECTED]] On Behalf Of Mark Arnold
> > Sent: Wednesday, May 17, 2006 5:29 PM
> > To: [email protected]
> > Subject: RE: [ActiveDir][OT] DNS on a DC or NOT
> >
> > Laura, a "Mucker" is, in English, a good friend.
> > You are probably not to be termed a Mucker, other words might apply, but
> > Jimmy is one of mine and Dean/Joe is one of yours.
> >
> > Oh, and Joe is old and smells of wee, so pay no heed to his Exchange
> > rants.
> > Exchange is indeed "special" because it's such a wonderful solution. OK,
> > I should shut up now and go back to my padded cell.
> >
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto: [EMAIL PROTECTED]] On Behalf Of Laura E. Hunter
> > Sent: 17 May 2006 21:39
> > To: [email protected]
> > Subject: Re: [ActiveDir][OT] DNS on a DC or NOT
> >
> >
> >> BTW, anyone know what a mucker is? I am trying to figure out if I am
> >> supposed to be morally outraged. <eg>
> >>
> >> joe
> >>
> >>
> >
> > I use "mucker" as a compliment, but in my vernacular it's used in
> > reference to a semi-skilled hockey player whose lack of scoring ability
> > is balanced by his ability to check an opposing player into sometime
> > next week.
> >
> > So I guess what I'm saying is...draw your own conclusions. :-)
> > List info : http://www.activedir.org/List.aspx
> > List FAQ : http://www.activedir.org/ListFAQ.aspx
> > List archive:
> > http://www.mail-archive.com/activedir%40mail.activedir.org/
> >
> >
> >
> > This message has been scanned by Antigen. Every effort has been made to
> > ensure it is clean.
> >
> > List info : http://www.activedir.org/List.aspx
> > List FAQ : http://www.activedir.org/ListFAQ.aspx
> > List archive:
> > http://www.mail-archive.com/activedir%40mail.activedir.org/
> >
> > Confidentiality Notice: The information contained in this message may be legally privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any release, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error please notify the author immediately by replying to this message and deleting the original message. Thank you.
> >
> > List info : http://www.activedir.org/List.aspx
> > List FAQ : http://www.activedir.org/ListFAQ.aspx
> > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
> >
> >
>
> List info : http://www.activedir.org/List.aspx
> List FAQ : http://www.activedir.org/ListFAQ.aspx
> List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
>
On 5/18/06, Carlos Magalhaes <[EMAIL PROTECTED]> wrote:
> Well currently to have a GC you need that machine to be a DC and as we
> all know you don't put Exchange on a DC ;)
>
> Exchange already feels special ;)
>
> Carlos Magalhaes
>
> Krenceski, William wrote:
> > Why can't exchange just have the GC on it somehow. I'm not a developer
> > by any means of the word. It just seems that if Exchange is "SPECIAL"
> > make it feel special......
> >
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED]] On Behalf Of joe
> > Sent: Wednesday, May 17, 2006 7:21 PM
> > To: [email protected]
> > Subject: RE: [ActiveDir][OT] DNS on a DC or NOT
> >
> > LOL.
> >
> > For those not at the DEC 2006 Dean and joe show presentation, Mark's
> > 'Exchange is "SPECIAL"' comment is a direct reference to something I
> > said when bouncing around talking about AD and bad applications. I
> > miraculously stopped and looked straight at a Microsoft MVP for Exchange
> > (Mark) while spouting the truism Exchange is "SPECIAL" in relation to
> > how it abuses AD. I was in a groove when I said it so I didn't actually
> > realize I was looking at Mark or else I probably would have bust out
> > laughing as I did later when he explained what I had done.
> >
> > I think all of the Exchange MVPs tend to have a special place in their
> > heart for me as does the entire Exchange Dev team. ;o)
> >
> >
> > joe
> >
> >
> >
> > --
> > O'Reilly Active Directory Third Edition -
> > http://www.joeware.net/win/ad3e.htm
> >
> >
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto: [EMAIL PROTECTED]] On Behalf Of Mark Arnold
> > Sent: Wednesday, May 17, 2006 5:29 PM
> > To: [email protected]
> > Subject: RE: [ActiveDir][OT] DNS on a DC or NOT
> >
> > Laura, a "Mucker" is, in English, a good friend.
> > You are probably not to be termed a Mucker, other words might apply, but
> > Jimmy is one of mine and Dean/Joe is one of yours.
> >
> > Oh, and Joe is old and smells of wee, so pay no heed to his Exchange
> > rants.
> > Exchange is indeed "special" because it's such a wonderful solution. OK,
> > I should shut up now and go back to my padded cell.
> >
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto: [EMAIL PROTECTED]] On Behalf Of Laura E. Hunter
> > Sent: 17 May 2006 21:39
> > To: [email protected]
> > Subject: Re: [ActiveDir][OT] DNS on a DC or NOT
> >
> >
> >> BTW, anyone know what a mucker is? I am trying to figure out if I am
> >> supposed to be morally outraged. <eg>
> >>
> >> joe
> >>
> >>
> >
> > I use "mucker" as a compliment, but in my vernacular it's used in
> > reference to a semi-skilled hockey player whose lack of scoring ability
> > is balanced by his ability to check an opposing player into sometime
> > next week.
> >
> > So I guess what I'm saying is...draw your own conclusions. :-)
> > List info : http://www.activedir.org/List.aspx
> > List FAQ : http://www.activedir.org/ListFAQ.aspx
> > List archive:
> > http://www.mail-archive.com/activedir%40mail.activedir.org/
> >
> >
> >
> > This message has been scanned by Antigen. Every effort has been made to
> > ensure it is clean.
> >
> > List info : http://www.activedir.org/List.aspx
> > List FAQ : http://www.activedir.org/ListFAQ.aspx
> > List archive:
> > http://www.mail-archive.com/activedir%40mail.activedir.org/
> >
> > Confidentiality Notice: The information contained in this message may be legally privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any release, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error please notify the author immediately by replying to this message and deleting the original message. Thank you.
> >
> > List info : http://www.activedir.org/List.aspx
> > List FAQ : http://www.activedir.org/ListFAQ.aspx
> > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
> >
> >
>
> List info : http://www.activedir.org/List.aspx
> List FAQ : http://www.activedir.org/ListFAQ.aspx
> List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
>
