Personally I would always insist on a second domain controller, even if it was an old cast-off desktop machine.
Some time ago when I ran the server group at a previous employer, our NT PDC was the only remaining 486 we had. Being a PDC was about all it could handle, and since it was a ProLiant, we could monitor it with Insight Manager. Of course, if it had kicked, we'd have just tossed it and promoted another DC. Ed Crowley MCSE+I MVP "There are seldom good technological solutions to behavioral problems." -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean Cunningham Sent: Wednesday, October 25, 2006 2:29 PM To: Exchange Discussions Subject: RE: Exchange as DC Thinking about mitigating devins 4) I'd suggest if you have not got another domain controller, you find an old PC and another copy of windows 2003 and run a backup domain controller. I'd suspect that if everything did hit the fan with your main box and you needed to do a rebuild, at least you would have a running domain controller to start a rebuild from and then you could build the exchange server from scratch and not have it as a domain controller. Of course I have never done this :-) How many users/Pcs do you have? How many servers and are we talking about one site? Ed, do you have any comments on this concept? -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of R Pickens Sent: Thursday, 26 October 2006 07:23 To: Exchange Discussions Subject: RE: Exchange as DC THANKYOU! Will subscribe to other group. # 3 was the one I was thinking of. But with the caveat of #2a it looks like we are stuck with it this config for now. >From: "Howard Rappaport" <[EMAIL PROTECTED]> >Reply-To: "Exchange Discussions" <[email protected]> >To: "Exchange Discussions" <[email protected]> >Subject: RE: Exchange as DC >Date: Wed, 25 Oct 2006 12:37:36 -0400 > >*** BLATANTLY STOLEN FROM DEVIN GANGER & ED CROWLEY on >[EMAIL PROTECTED] >You might want to check the archives there too :) > ><devin> >You can do Active Directory and Exchange on one server; it's a >Microsoft-supported configuration (otherwise, Small Business Server >would be a lot more exciting). > >Having said that, most Exchange experts I know strongly recommend >against it for the following reasons: > >1) Performance -- Exchange wants to use a lot of memory to cache mailbox >data. AD wants to use memory. Neither one will be very happy on a shared >box. And most shared boxes don't have a robust disk subsystem, so >they've got disk contention issues as well. > >2) Shutdown issues -- this is a minor one, but Exchange servers need to >talk to AD a lot. When you shut down a single-server configuration, the >AD services shut down before the Exchange services -- and they'll hang >for approximately 10 minutes before they timeout and let shutdown >proceed. It's a simple fix -- shut down the Exchange services manually >before shutting down/rebooting the server -- but if you forget, you get >to wait. > >3) Redundancy -- Exchange on a domain controller will *only* use that >domain controller for AD lookups, even if you have other domain >controllers/global catalog servers in your network. > >4) Backup/restore -- this is the big one. It is MUCH harder to rebuild a >combined server from backups than it is to rebuild a stand-alone DC or >Exchange server (or even both at the same time). Lots more edge cases, >lots more room for tiny errors that give you no options but to flatten >it and start over from scratch (and lose all your data). > >Boxes are cheap these days. You can get white-box PCs to be your domain >controller, and at today's prices, you can even get two of them for >redundancy without spending an arm and a leg. You will probably, in the >long run, have far fewer problems by splitting Exchange and AD onto >separate servers. ></devin> ><ed> >Performance is only an issue when servers are rather heavily loaded, but >normally people looking to combine Exchange with a domain controller won't >have a lot of users on the server. > >Reasons not to install Exchange Server on a domain controller include (1, >3, >and 5 duplicate Devin's reasons): > >1. Performing a disaster recovery on a DC is quite a bit more difficult >than >on a member server. > >2. Once you make the decision to install Exchange on a domain controller, >you cannot demote it later. > >3. Exchange 2003 directory services won't fail over to other domain >controllers when it is installed on a domain controller. > >4. Exchange admins must have log on locally rights to the Exchange server, >so when Exchange is on a domain controller they must have that right in the >entire domain. > >5. Exchange takes longer to shut down when installed on a domain >controller. > >6. Use the /3GB switch can cause Exchange to monopolize the memory on the >domain controller. > >7. All services run under the LocalSystem context, so any attacker gaining >access to Active Directory will also have access to Exchange. ></ed> > >-----Original Message----- >From: [EMAIL PROTECTED] >[mailto:[EMAIL PROTECTED] On Behalf Of R >Pickens >Sent: Wednesday, October 25, 2006 12:26 PM >To: Exchange Discussions >Subject: Exchange as DC > >Hello everyone. >Long story short, new job, new challenges. >Ex 2003 enterprise. >Exchange server here is also a domain controller. >I remember reading somewhere that it was not the best idea to do that. >Does anyone have pros or cons on this? >thank you for you time >Rachel > >(am also parsing the archives hereits been discussed. > >_________________________________________________________________ >Stay in touch with old friends and meet new ones with Windows Live Spaces >http://clk.atdmt.com/MSN/go/msnnkwsp0070000001msn/direct/01/?href=http: //spa >ces.live.com/spacesapi.aspx?wx_action=create&wx_url=/friends.aspx&mkt=e n-us > > >_________________________________________________________________ >List posting FAQ: http://www.swinc.com/resource/exch_faq.htm >Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange >To subscribe: http://e-newsletters.internet.com/discussionlists.html/ >To unsubscribe send a blank email to >[EMAIL PROTECTED] >Exchange List admin: [EMAIL PROTECTED] >To unsubscribe via postal mail, please contact us at: >Jupitermedia Corp. >Attn: Discussion List Management >475 Park Avenue South >New York, NY 10016 > >Please include the email address which you have been contacted with. > > >_________________________________________________________________ >List posting FAQ: http://www.swinc.com/resource/exch_faq.htm >Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange >To subscribe: http://e-newsletters.internet.com/discussionlists.html/ >To unsubscribe send a blank email to >[EMAIL PROTECTED] >Exchange List admin: [EMAIL PROTECTED] >To unsubscribe via postal mail, please contact us at: >Jupitermedia Corp. >Attn: Discussion List Management >475 Park Avenue South >New York, NY 10016 > >Please include the email address which you have been contacted with. > _________________________________________________________________ Stay in touch with old friends and meet new ones with Windows Live Spaces http://clk.atdmt.com/MSN/go/msnnkwsp0070000001msn/direct/01/?href=http:/ /spaces.live.com/spacesapi.aspx?wx_action=create&wx_url=/friends.aspx&mk t=en-us _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange To subscribe: http://e-newsletters.internet.com/discussionlists.html/ To unsubscribe send a blank email to [EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with. ********************************************************************** Have you clicked on yet? www.nrc.govt.nz ********************************************************************** NORTHLAND REGIONAL COUNCIL This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify [EMAIL PROTECTED] ********************************************************************** _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange To subscribe: http://e-newsletters.internet.com/discussionlists.html/ To unsubscribe send a blank email to [EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with. _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange To subscribe: http://e-newsletters.internet.com/discussionlists.html/ To unsubscribe send a blank email to [EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with.
