davidndallas
asked on
Exchange 2003 and Domain Controllers
I have 3 exchange 2003 servers and 1 AD server (separate box)
Exchange1 – First Exchange Server – Role: domain controller
Exchange2 – Role: Server
Exchange3 – Role: Server
I’m taking out the Exchange1 (the first exchange server) and went thru all the steps as per MS KB 822931 and 152959.
Do I need to change the role of Exchange2 to Domain controller? And if so, does anybody have any tips on how to go about this and will this affect Exchange in anyway?
Thank you.
Exchange1 – First Exchange Server – Role: domain controller
Exchange2 – Role: Server
Exchange3 – Role: Server
I’m taking out the Exchange1 (the first exchange server) and went thru all the steps as per MS KB 822931 and 152959.
Do I need to change the role of Exchange2 to Domain controller? And if so, does anybody have any tips on how to go about this and will this affect Exchange in anyway?
Thank you.
ASKER
Thanks for the quick response.
What I'm trying to do is to take out the First Exchange server in the domain.
We are in a mixed enviroment - Linux and Windows 2000 and 2003
2 domains:
Domain1 - Linux (samba) and other windows server. Our DNS and DHCP is on Linux boxes
Domain2 - Windows2003 and Exchange2003 -- this domain was created for e-mail purposes only.:
1. AD server -- does not do anything, since we were advised not to have AD server and Exchange2003 on the same box.
2. Exchange1 --- First Exchange Server from the First Administrator Group - also has the role of Domain Controller
Then we added:
3. Exchange2 --- This is another server on the First Administrator Group - role is a server
4. Exchange3 --- Another server added to the Frist Admistrator Group - role is a server
Exchange1 needs to be retired and taken our from Domain2. I need Exchange2 to take over the role of Exchange1.
Thanks.
What I'm trying to do is to take out the First Exchange server in the domain.
We are in a mixed enviroment - Linux and Windows 2000 and 2003
2 domains:
Domain1 - Linux (samba) and other windows server. Our DNS and DHCP is on Linux boxes
Domain2 - Windows2003 and Exchange2003 -- this domain was created for e-mail purposes only.:
1. AD server -- does not do anything, since we were advised not to have AD server and Exchange2003 on the same box.
2. Exchange1 --- First Exchange Server from the First Administrator Group - also has the role of Domain Controller
Then we added:
3. Exchange2 --- This is another server on the First Administrator Group - role is a server
4. Exchange3 --- Another server added to the Frist Admistrator Group - role is a server
Exchange1 needs to be retired and taken our from Domain2. I need Exchange2 to take over the role of Exchange1.
Thanks.
2. Exchange1 --- First Exchange Server from the First Administrator Group - also has the role of Domain Controller
If this is a DC then I think you do have AD on this server.
What are the roles of this server ? Schema master ? PDC Emulator ?
If this server has any FSMO role I would suggest transfering it to another DC.
Afther that is done you can safely remove the DC from the domain.
If this is a DC then I think you do have AD on this server.
What are the roles of this server ? Schema master ? PDC Emulator ?
If this server has any FSMO role I would suggest transfering it to another DC.
Afther that is done you can safely remove the DC from the domain.
do not promote a server that is an exchange server, things are likely to go haywire.....it is not reccomended at any stage to promote an existing exchange box to DC and vice versa, dont demote a DC that is running exchange
ASKER
OK .. just read an article stating that I can't promote a server that is an exchange server ..from this article:
Overview of operating system and Active Directory requirements for Exchange Server 2003
http://support.microsoft.com/?kbid=822179
The AD Server (#1, see above) is manages the RID pools, a PDC emulator, a infrastructure master and the schema master and the domain naming operations master.
Does anybody have an suggestions on how I should take this Exchange1 out of my domain without breaking my exchange?
Thanks.
Overview of operating system and Active Directory requirements for Exchange Server 2003
http://support.microsoft.com/?kbid=822179
The AD Server (#1, see above) is manages the RID pools, a PDC emulator, a infrastructure master and the schema master and the domain naming operations master.
Does anybody have an suggestions on how I should take this Exchange1 out of my domain without breaking my exchange?
Thanks.
seeking some exchange help for you
ASKER
Thank you .. one more thing .. is it necessary to make Exchange2 a domain controller. I already have one server, the AD Server (the #1 server).
In this domain we only have 2 Exchange and 1 Active Directory Server.
In this domain we only have 2 Exchange and 1 Active Directory Server.
man i would have 2 DC's and one exchange box...but like i said above, you cannot promote or demote an exchange box without things goin NuuUuUuUts, i have mailed the two best people i know with exchange, hopefully they will be along shortly
You cannot change the Domain Controller role of an Exchange server.
I would get exchange of server1 (move mailboxes, public folders, etc over over to the other servers)
then uninstall it totally -> http://support.microsoft.com/kb/822931/
Once exchange is off, then build another domain controller (no from server 2 or 3, you will need a new server)
Move all the roles to that new domain controller, and then configure exchange in 2 and 3 to point at the new server for RUS and DNS, etc.
DCPromo server1 down to a member server, and shut it off - then ensure exchange works and then you can wipe server 1
-red
I would get exchange of server1 (move mailboxes, public folders, etc over over to the other servers)
then uninstall it totally -> http://support.microsoft.com/kb/822931/
Once exchange is off, then build another domain controller (no from server 2 or 3, you will need a new server)
Move all the roles to that new domain controller, and then configure exchange in 2 and 3 to point at the new server for RUS and DNS, etc.
DCPromo server1 down to a member server, and shut it off - then ensure exchange works and then you can wipe server 1
-red
ASKER
--- "I would get exchange of server1 (move mailboxes, public folders, etc over over to the other servers)
then uninstall it totally -> http://support.microsoft.com/kb/822931/ "------- Yes, I've already done this. The only thing that I cannot do was removing the Exchange 2003 from this server. It is not showing as one of the components installed. This is the reason why I want to start over with this Exchange1 Server. I want to wipe it and start over again.
---"Once exchange is off, then build another domain controller" ----- is another domain controller necessary since I already have one, the one I called the AD Server (see above comments on its roles)?
Thank you.
Sorry, I can see you used that guide now - I missed it as it wasn't a link
If you are ready to get rid of server 1, use this to remove exchange -> http://support.microsoft.com/kb/833396
All you need is a minimum of 1 domain controller - my recommendation to build another was simply so that you at least had 1.
Jay has already said, and I agree, that you should have more than 1 DC - but 1 will work (as long as the server doesn't crash)
-red
If you are ready to get rid of server 1, use this to remove exchange -> http://support.microsoft.com/kb/833396
All you need is a minimum of 1 domain controller - my recommendation to build another was simply so that you at least had 1.
Jay has already said, and I agree, that you should have more than 1 DC - but 1 will work (as long as the server doesn't crash)
-red
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You can install Exchange on a DC and it will work, but it is not recommended, or supported by Microsoft.
The problems that it causes mean that there are only 2 times when I will install exchange on a DC;
1. When it is SBS and I have no choice
2. When I have only 1 server
The problems include, but are not limited to;
Security concerns
Loss of redundancy (as exchange will only ever ask itself for domain information)
Long shutdown and restart times
Memory problems
Disaster recovery problems
Performance problems
The following sites may include more information, or will at the very least agree with me and give you more information as to why this is a problem.
http://www.petri.co.il/problems_with_exchange_2003_installed_on_domain_controllers.htm
http://articles.techrepublic.com.com/5100-1035-6070680.html
http://hellomate.typepad.com/exchange/2004/02/exchange_on_a_d.html
Long story short - if you have the option to not have exchange on a DC - TAKE IT
-red
The problems that it causes mean that there are only 2 times when I will install exchange on a DC;
1. When it is SBS and I have no choice
2. When I have only 1 server
The problems include, but are not limited to;
Security concerns
Loss of redundancy (as exchange will only ever ask itself for domain information)
Long shutdown and restart times
Memory problems
Disaster recovery problems
Performance problems
The following sites may include more information, or will at the very least agree with me and give you more information as to why this is a problem.
http://www.petri.co.il/problems_with_exchange_2003_installed_on_domain_controllers.htm
http://articles.techrepublic.com.com/5100-1035-6070680.html
http://hellomate.typepad.com/exchange/2004/02/exchange_on_a_d.html
Long story short - if you have the option to not have exchange on a DC - TAKE IT
-red
Red , I did not said I would not like to have Exchange and DC separated , I just said it works ok. If I had an option to not do it I would :)
Jay never said to not have Exchange on a DC.
He said, don't change the role of a DC with Exchange on it - which is also true
Just making sure all is correct :)
-red
He said, don't change the role of a DC with Exchange on it - which is also true
Just making sure all is correct :)
-red
Jump in all you like, thats what the boards are for.....best practices is to have exchange on a separate server......doesnt mean its the only way, its just best practice and i think this an example of why it is so....if you wanted to demote one of your exchange boxes that was a DC...you would be having a lovely time of it......I dont envy that setup
and Cheers Red :)
and Cheers Red :)
I know is the best practice not to have them both on one machine , but we are not always doing what the best practice says don't we ?
Iv'e been here in his situation about 10 times now when I had to replace hardware on all those Exchange / DC's ...
As you say , sometimes the operation is a pain , but at the end there was light every time and everything works.
Iv'e been here in his situation about 10 times now when I had to replace hardware on all those Exchange / DC's ...
As you say , sometimes the operation is a pain , but at the end there was light every time and everything works.
Well i think i can only advice one thing, Make a planning and post it here to check if there is anything left out.
Just an example;
1. Plan a rollback scenario for the worst case situations
2. Secure the data that is likly to be affected and or secure it all (roll back?)
3. Write out a new configuration plan on both the Domain controllers and the resp. Exchange Instances
4. Define the dependancies of the new configuration to figure a logical order of approach.
5. Write out a logical plan of actions and define fases to test, accept the new configuration and where rollback
to the previous situation is still possible. (demote is quite definite)
6. Think out a alternative in case the machines are not available (guarantee the information flow to the organisation)
7. Execute the plan...
Please leave out all "technical details" and only define the major steps. This will help you putting it all in context and small bits and pieces. This way you will know what to do and where you are. This will remove allot of stress and chaos from the job...
Next the technical steps can be defined if needed, but most should be hand on knowledge...
Regards,
Just an example;
1. Plan a rollback scenario for the worst case situations
2. Secure the data that is likly to be affected and or secure it all (roll back?)
3. Write out a new configuration plan on both the Domain controllers and the resp. Exchange Instances
4. Define the dependancies of the new configuration to figure a logical order of approach.
5. Write out a logical plan of actions and define fases to test, accept the new configuration and where rollback
to the previous situation is still possible. (demote is quite definite)
6. Think out a alternative in case the machines are not available (guarantee the information flow to the organisation)
7. Execute the plan...
Please leave out all "technical details" and only define the major steps. This will help you putting it all in context and small bits and pieces. This way you will know what to do and where you are. This will remove allot of stress and chaos from the job...
Next the technical steps can be defined if needed, but most should be hand on knowledge...
Regards,
ASKER
Thanks to everybodys responses... I appreciate it .. I will definitely read up on all the links suggested and plan out my next action.
{HOSTNAME}
DNS
DHCP
WINS
PDCE
RID
IFM
DNM
FM
File Server
Print Server
{HOSTNAME2}
Exchange Server (First Administrative Group)
OWA
OMA
{HOSTNAME3)
MSSQL 2005 Server
MOSS BACKEND
{HOSTNAME4}
MOSS Front end
etc.
On the domain part, Is this server the only domain controller in your network? and if thats the case, yes it will definitly have a huge impact on exchange as programm. Better it will stop being a mail server... This because exchange relies heavly on the account data and meta data stored in the AD. All the logic on "who" the owner is of a mailbox object to what "is" the alias of a mail account comes from the AD. Exchange might best be considered an extension of your NOS (Network Opperating System) wich the AD actually is...
So please be more specific on what you are trying to do....
regards,