Windows 2012 Domain Controller Exchange 2010/2013

Posted on 2014-01-28
Last Modified: 2014-01-29

We are currently running Windows Small Business Server 2008.  This server is currently experiencing various issues and needs to be replaced.

As an equivalent option, because Microsoft no longer offers SBS, we are planning on deploying a Windows 2012 R2 server which will act as a file & print server, DNS, DHCP, and Domain Controller.  We will also need an internal mail which in our case would be Microsoft Exchange 2013.

I understand Microsoft frowns upon installing Exchange on the same server that is acting as a domain controller.  We have been successful in using a single server to host all services listed above in addition to Exchange 2010 (although Microsoft also says not to have Exchange 2010 on the same machine as a domain controller).

I’m looking for input in this regard.  What are the primary concerns of having both services run on a single machine?  Can it be done anyway?  What potential issues could we face?  If in fact there is no option to setup two separate machines, could we minimize potential issues by sticking with Exchange 2010 rather than Exchange 2013?

Thanks in advance.

Question by:realtimer

Assisted Solution

by:Ned Ramsay
Ned Ramsay earned 100 total points
ID: 39816464
Its not recommended but it is supported.

You would need to setup and maintain the Domain Controller side of it first as promoting or demoting a domain controller containing exchange is not supported.

The main concern is that exchange required internet access, open ports, means of direct attack to the server it resides on. Which in this case is your primary server. I personally would find a cheap second box to run DHCP/DNS/Domain Controller/File Server as exchange can be an absolute monster.

Hope that helps.

Author Comment

ID: 39816467
Thanks Nedramsay - I imagine that the same issues pertain to both Exchange 2010 and Exchange 2013?

Accepted Solution

EEhotline earned 200 total points
ID: 39816469
You can do that but it is not recommended.

01. Redundancy and Stability: If both of these are running on the same system, it may reduce the performance and stability of server. If in any case Exchange Server services fails, the whole DC will fail, which may create critical problems.
02. Port Conflict: Domain Controller & Exchange Server both uses port 389 for LDAP queries, which creates conflict.
03. Disaster & Recovery: Disaster & Recovery can not be performed.
04. DSAccess: DSAccess, DSProxy and many other services will perform well.
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.


Expert Comment

by:Ned Ramsay
ID: 39816475
No Problem realtimer.
Ive been in the same situation and its not fun. If you can separate the two its better, the same issue will arise with 2010 or 2013.

If you can find an old server for Domain Control, DNS, DHCP, another old one for File Stores and a new one for exchange that would be best. Depending on the number of users of course.

If you need further advice let me know... just MAKE SURE you install and configure the DC before you touch exchange :) don't want you annoying microsofts support!!

Assisted Solution

EEhotline earned 200 total points
ID: 39816476
LVL 57

Assisted Solution

by:Cliff Galiher
Cliff Galiher earned 100 total points
ID: 39816484
I won't bother going into details what others have said: technically supported but heavily discouraged, etc.  But I will say this:

With 2012 (and 2012 R2) standard, you get 1+2 virtualization rights.  When you separate the two, in a small environment (which can be assumed if you really were going to run all of this on a single server anyways), the DC requirements are fairly light. *ALMOST* any server capable of running Exchange would be capable of running two VMs with very little impact to performance. The simple truth is, while it is supported, there is rarely (if ever) a good reason to run them all on the same OS anymore. The cost difference is simply negligable and the tools are there to make separation dead simple.

LVL 31

Expert Comment

by:Gareth Gudger
ID: 39816624
What about if you pushed the Exchange piece into the cloud with Office 365? Mailboxes are only $4 a user/mo.

That will also include all your email anti-virus / anti-spam protection as well.
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 100 total points
ID: 39817029
While SBS 2011 isn't sold by Microsoft, sales only stopped at the end of last year. There are plenty of supplies still floating around, so if you are quick you could deploy SBS 2011 instead. Rock solid product, if setup correctly it gives no hassles at all. I have done three installations this year already.


Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
In this Micro Tutorial viewers will learn how they can get their files copied out from their unbootable system without need to use recovery services. As an example non-bootable Windows 2012R2 installation is used which has boot problems.
This tutorial will walk an individual through the process of configuring basic necessities in order to use the 2010 version of Data Protection Manager. These include storage, agents, and protection jobs. Launch Data Protection Manager from the deskt…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question