*** BLATANTLY STOLEN FROM DEVIN GANGER & ED CROWLEY on [EMAIL PROTECTED] You might want to check the archives there too :)
<devin> You can do Active Directory and Exchange on one server; it's a Microsoft-supported configuration (otherwise, Small Business Server would be a lot more exciting). Having said that, most Exchange experts I know strongly recommend against it for the following reasons: 1) Performance -- Exchange wants to use a lot of memory to cache mailbox data. AD wants to use memory. Neither one will be very happy on a shared box. And most shared boxes don't have a robust disk subsystem, so they've got disk contention issues as well. 2) Shutdown issues -- this is a minor one, but Exchange servers need to talk to AD a lot. When you shut down a single-server configuration, the AD services shut down before the Exchange services -- and they'll hang for approximately 10 minutes before they timeout and let shutdown proceed. It's a simple fix -- shut down the Exchange services manually before shutting down/rebooting the server -- but if you forget, you get to wait. 3) Redundancy -- Exchange on a domain controller will *only* use that domain controller for AD lookups, even if you have other domain controllers/global catalog servers in your network. 4) Backup/restore -- this is the big one. It is MUCH harder to rebuild a combined server from backups than it is to rebuild a stand-alone DC or Exchange server (or even both at the same time). Lots more edge cases, lots more room for tiny errors that give you no options but to flatten it and start over from scratch (and lose all your data). Boxes are cheap these days. You can get white-box PCs to be your domain controller, and at today's prices, you can even get two of them for redundancy without spending an arm and a leg. You will probably, in the long run, have far fewer problems by splitting Exchange and AD onto separate servers. </devin> <ed> Performance is only an issue when servers are rather heavily loaded, but normally people looking to combine Exchange with a domain controller won't have a lot of users on the server. Reasons not to install Exchange Server on a domain controller include (1, 3, and 5 duplicate Devin's reasons): 1. Performing a disaster recovery on a DC is quite a bit more difficult than on a member server. 2. Once you make the decision to install Exchange on a domain controller, you cannot demote it later. 3. Exchange 2003 directory services won't fail over to other domain controllers when it is installed on a domain controller. 4. Exchange admins must have log on locally rights to the Exchange server, so when Exchange is on a domain controller they must have that right in the entire domain. 5. Exchange takes longer to shut down when installed on a domain controller. 6. Use the /3GB switch can cause Exchange to monopolize the memory on the domain controller. 7. All services run under the LocalSystem context, so any attacker gaining access to Active Directory will also have access to Exchange. </ed> -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of R Pickens Sent: Wednesday, October 25, 2006 12:26 PM To: Exchange Discussions Subject: Exchange as DC Hello everyone. Long story short, new job, new challenges. Ex 2003 enterprise. Exchange server here is also a domain controller. I remember reading somewhere that it was not the best idea to do that. Does anyone have pros or cons on this? thank you for you time Rachel (am also parsing the archives hereits been discussed. _________________________________________________________________ Stay in touch with old friends and meet new ones with Windows Live Spaces http://clk.atdmt.com/MSN/go/msnnkwsp0070000001msn/direct/01/?href=http://spa ces.live.com/spacesapi.aspx?wx_action=create&wx_url=/friends.aspx&mkt=en-us _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange To subscribe: http://e-newsletters.internet.com/discussionlists.html/ To unsubscribe send a blank email to [EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with. _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange To subscribe: http://e-newsletters.internet.com/discussionlists.html/ To unsubscribe send a blank email to [EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with.
