Quick Links
Sponsored
Popular Articles

Problems with Exchange 2003 Installed on Domain Controllers

by Daniel Petri - January 8, 2009
Printer Friendly Version

Why is it NOT recommended to install Exchange Server 2003 on a computer that is also a Domain Controller?

There are a few issues you should be aware of before installing Exchange Server 2003 on a computer that is also configured as a Domain Controller.

Discover, Map & Monitor Your Network in Minutes!

SolarWinds Network Performance Monitor (NPM) automatically discovers new devices from any vendor and quickly identifies the slowest-performing devices on your network.

Drag and drop network devices onto custom network maps to automatically view connections between devices and real-time performance statistics. Use SolarWinds NPM to configure alerts to notify you when network performance drops below key thresholds and to keep an eye on wired and wireless device performance from a single pane of glass. Download SolarWinds NPM today and be monitoring your network in under an hour!

Download a FREE, Fully-Functional 30-day Trial

  • The server must NOT be a cluster. Exchange 2003 clusters co-existing on Active Directory servers is not supported by Microsoft.
  • Installing Exchange 2003 and Active Directory on the same server has a significant performance impact.
  • The server must be a Global Catalog server (not just a DC).
  • DSAccess/DSProxy/Cat will not load-balance or fail-over to another DC/GC.
  • Avoid the use of the /3GB switch, otherwise the Exchange cache might monopolize system memory. Additionally, the number of user connections should be very low, therefore the /3GB switch should not be required.
  • All services run under LocalSystem so there is a greater risk of exposure should a security bug be found (e.g. a bug in AD which allows an attacker to access the AD will also allow them to access Exchange, and vice-versa)
  • If Exchange administrators will be able to logon to the local server. Because they have physical console access to a DC, potentially they can elevate their permissions in the AD.

  • It may take approximately 10 minutes for the server to shutdown. This is because the AD service (LSASS.EXE) shuts down before the Exchange services, and DSAccess will go through several timeouts before shutting down. The workaround for this issue is to manually stop the Exchange services (specifically the Store) before initiating a system shutdown or restart.

Note: You may want to read the following article for more info - Slow Shutdown of Exchange 2003 Server Installed on DC.

Related Articles




Get Our FREE Newsletter!

  • Gain access to white papers, special offers and the most recent IT tips!

Sponsors
*