• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 297
  • Last Modified:

Active Directory and Exchange

Hi Folks

What are the differnces between active directory and exchange.
Can both be on one machine ?

Thank you
1 Solution
Active Directory: Stores security/service/account information for a Forest of Domains (a domain is a group of computers operating in the same security boundary).
Exchange: Messaging and collaboration server: e-mail, calendaring, scheduling. Exchange 2000/2003 use Active Directory to store/retrieve Security/account information.
Both can be on one machine just fine, although MS advises to keep it oon separate machines for security and reliabilty.
You can compare Active Directory with a phonebook. It contains information about all the computers, servers, services, users and many other things in the Windows environment (Forrest).

Exchange is nothing more than a postoffice.

Now Exchange is using AD to store information (which Exchangeserver contains which mailbox) and you can use Microsoft Outlook to query the addressbook (which is the AD most of the time). So if you send a mail in the same Forrest, you type in the name of that person, and Outlook checks with the AD or Exchange for the corresponding mail-address (which often remains hidden for the user as it is just another AD-object). When the name is resolved it becomes underlined. When you actually send the message, Exchange knows the userobject of the receipient and checks in the AD which Exchange-server contains the mailbox. If it is serving the mailbox by itself, the message is delivered straight away. Otherwise Exchange checks the AD for routing-rules to learn how to send the message to the correct mailserver. (As it might be possible that the message has to be routed to another exchangeserver on the headoffice for example).

The Active Directory can be accessed thru the Domain Controllers (do not confuse them with DNS). Any Windows 2000 or 2003 server version can act like a domaincontroller, except 2003 Webedition. If you have only one domain, it does not matter to which domain-controller you connect as they all share the same information. But if you have multiple domains in the forrest, your clients and Exchange need access the 'Global Catalog', which is in fact a read-only copy of all the domains in the forrest. Used for inter-domain communications, but also for user-authentication. Usually the 'Global Catalog' is installed on the first domaincontroller in the first domain of the forrest. But it can be assigned to another DC's as well.

So setting up AD on your Exchangeserver is possible, but Exchange would be happier if it has an Global Catalog nearby. But you don't want your Exchangeserver to suffer from all the logon-requests, so you probably wouldn't want to place it on the same server.

However, if you have a small business with only one server and a few workstations, you can install the AD with all the operation-masters and global-catalog along with Exchange on the same server. It works fine for small networks. But if you have two or more servers you might want to seperate AD and Exchange for performance and security reasons.

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now