I have three servers in my network all behind a firewall. I am looking for an answer to the best practice on how to configure my network. This is the functionality I need to support:
1. Mail Server (Exchange)
2. Web Server (IIS)
3. File Server
Currently, this is split into two domains: 1 machine is the mail server and webserver. It is in it's own domain on the private network (xxx.net). It is running AD and DNS, and is a DC. One other server is the file server, and it is in another domain (.org). It is running AD, is a DC, and is running DNS. The final server is also in the .org domain, and is currenlty just a back for the main server's AD, so it is also running AD, is a DC, and is running DNS.
My question is this. Should I keep it this way? It seems like they should all be in the .net domain, using the same AD. That way, I don't have to run the Exchange server as a DC, and can demote it to a member server using the AD from the "main" server. The last server I can use as a backup server in case one of the other servers goes down.
Any comments or suggestions are welcome as to how to configure these servers.