General discussion

Locked

Exchange vs. AD/domain controller

By lvaquerano ·
Hi
Here is my dilemma, I currently running on a Dell PowerEdge server several services,
Exchange, Active Directory/Domain controller, Shared files, Norton AV Corp.
We recently purchase another server to divide this services in.

I would like to reduce the number of services running on this server,
But I?m not quiet sure how to divide the services or/and what will be the easiest/less complicated
way of doing this. And what I mean is,
should I moved the Exchange to the new server???
leaving AD/Domain controller and NAV/Shared files in the old one
or should I moved AD/domain controller/NAV and Shared files to the new one???
what ever I moved over to the new server I have to consider all the changes I will
be force to do on my firewall, down time etc?.

Please advice.
Thanks

This conversation is currently closed to new comments.

6 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

move exchange

by w2ktechman In reply to Exchange vs. AD/domain co ...

But before totally removing it from the old svr, make sure it is working properly.
Moving the whole AD may cause too many problems, network-wide, as moving exchange would only be email-wide (lesser of the 2).

Unless you also had other network issues.

Collapse -

Move Domain Controller

by faradhi In reply to Exchange vs. AD/domain co ...

Best Practices are that the domain controller should be on its own box.

Remember that domain controllers do not have a local admin. The local admin is the administrator account of Active Directory.

Therefore, if some service that is running on the DC is compromised in such a way to elevate privileges to local administrator, the attacker has full access to everything on your network.

--edited for speling

Collapse -

move exchange.

by cscott In reply to Move Domain Controller

You can not uninstall the domain controller with out breaking exchange. so it would be your best bet to move exchange to another box.

Collapse -

move exchange ....

by laduerksen In reply to move exchange.

Please elaborate on that. Are you saying that if your original domain controller goes away Exchange gets broken? Why can't you move your domain by adding a secondary domain controller and demoting the first? My main reason for having a secondary domain controller is to keep Exchange going if something should happen to the first domain controller. What am I missing here?

Collapse -

re

by cscott In reply to move exchange ....

From my experience you can not demote a domain controller running exchange, Even if you have other domain controllers. It screws up the permissions for exchange., and exchange will not start up again.

In the end if you demote the the domain server running exchange, you will have to reinstall exchange after..

So if you are not looking at wiping the box and starting over, it would be simplest if you move exchge.
Btw I believe Microsoft has a white paper on this issue..

Collapse -

re: re:

by laduerksen In reply to re

Got it.

Yes, I now understand why you were saying that. I know alot of strangeness happens when running Exchange on a domain controller. Because of time, hardware failures and new hardware availability I had to install Exchange on a Domain controller but moved Exchange off to another server just as soon as possible, cause everyone warned of possible problems including Microsoft District Engineers. I understand that SBS has specially modified version of both to make things work together better.

Back to Software Forum
6 total posts (Page 1 of 1)  

Related Discussions

Related Forums