Should my exchange server also be a domain controller?

active-directory exchange domain-controller
7,072

Solution 1

Pretty much what alphamikevictor said. I just wanted to add that Microsoft has contradictory information out in this regard, or did. Their Small Business Server (RIP) offering provided an all-in-one domain controller/Exchange/SharePoint server, but aside from that they say:

Microsoft Exchange Server 2013 Setup has detected that the computer you’re attempting to install Exchange 2013 on is an Active Directory domain controller. Installing Exchange 2013 on a domain controller isn’t recommended.

If you install Exchange 2013 on a domain controller, be aware of the following issues:

  • Configuring Exchange 2013 for Active Directory split permissions isn’t supported.

  • The Exchange Trusted Subsystem universal security group (USG) is added to the Domain Admins group when Exchange is installed on a domain controller. When this occurs, all Exchange servers in the domain are granted domain administrator rights in that domain.

  • Exchange Server and Active Directory are both resource-intensive applications. There are performance implications to be considered when both are running on the same computer.

  • You must make sure that the domain controller Exchange 2013 is installed on is a global catalog server.

  • Exchange services may not start correctly when the domain controller is also a global catalog server.

  • System shutdown will take considerably longer if Exchange services aren’t stopped before shutting down or restarting the server.

  • Demoting a domain controller to a member server isn’t supported.

  • Running Exchange 2013 on a clustered node that is also an Active Directory domain controller isn’t supported.

We recommend that you install Exchange 2013 on a member server.

I can personally vouch for "System shutdown will take considerably longer if Exchange services aren’t stopped before shutting down or restarting the server." In an SBS-style all-in-one environment with no backup domain controller, it can take an hour for the server to shut down while Exchange tries to contact a domain controller (which shut down before Exchange). ("Bueller... Bueller... Bueller... Bueller...")

The Small Business Server all-in-one offering has been replaced with cloud-based services.

Since the Exchange server is already a domain controller and they say, "Demoting a domain controller to a member server isn’t supported," this question is pretty much academic.

Solution 2

Normally the best practice is to seggregate different type of roles to different servers so a particular server does not plays many roles, or just avoid a problem with a particular service ends affecting other services running in the server.

But then it also plays your budget and your size, sometimes not justifying the extra budget for more servers, so in this situations it's ok to have more than one role in a server.

Share:
7,072

Related videos on Youtube

Jose
Author by

Jose

Updated on September 18, 2022

Comments

  • Jose
    Jose almost 2 years

    Please be kind in your response I'm no expert. I just want to know if it's a bad idea or good idea for my Server 2012 server that has Exchange 2013 to also be a domain controller.

    We currently have 3 servers that are configured as domain controllers (one of them is the exchange server in question). Is it better to have 2 or 3 domain controllers? We have about 90 workstations on the domain.

    I'm just wondering if it's better to have more or less. The more you have the more replication that needs to be happening so I'm thinking having the mail server have more roles may be a bad idea.

    Thoughts?

    • Dan
      Dan about 9 years
      You should maybe consider having two exchange servers in a cluster setup, it's not fun when all mail goes south and there is no redundancy
  • Jonathan J
    Jonathan J almost 9 years
    On Small Business Servers, my practice has been to shut down the Exchange services before shutting down or restarting the server. I can attest that when Exchange is installed in a dedicated server (or dedicated virtual machine), performance is greatly improved and reboots are much quicker.
  • Katherine Villyard
    Katherine Villyard almost 9 years
    Yeah, I have a shutdown script on that server that shuts down Exchange.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

PowerShell - IF statement case insensitive?
Find out my bind DN in a Windows network
How do I use (O365) Exchange Online custom attributes (1 to 15) when I have directory sync enabled and no exchange installed on-premises?
Active Directory/Exchange list users and mobile numbers
If my single domain controller is down, what happens?
Can't connect to domain controller
Exchange 2013 Error - MapiExceptionUnknownUser: Unable to open message store
Sync AD and Exchange Users
how long to replicate adprep /forestprep to second domain controller?
Cannot connect Windows 7 machine to windows 2003 domain