when to split up exchange 2013 roles


I was looking for a website with specific scenarios of when someone would want to split up the exchange 2013 roles. I have only found websites that say "you would need a very good reason to split the roles up"

I have found sites that say "you would want to split the roles if you were using nlb for the cas HA and something about certificates."

 I understand the NLB point.  Other than that, It is all very vague
Who is Participating?
Simon Butler (Sembee)Connect With a Mentor ConsultantCommented:
As far as I am concerned, there is no good reason to split the roles. Simple as that.
The Exchange product team don't recommend the use of WNLB, which is great because it largely sucks. Therefore if you take that reason out, there is nothing left.

The best practise for the last couple of years with Exchange 2010 has been to have all roles on all servers and that has followed through to Exchange 2013. I haven't done a single design with separate CAS role servers, and have no intention of doing so now.

Instead of deploying separate CAS, spend the money on a hardware load balancer instead.

SteveConnect With a Mentor Commented:
Exchange 2007 onwards was designed with a role based layout to allow you to separate the roles as needed. When 2007 first came out, Microsoft were heavy handed in stating that the roles should not be on the same box unless really necessary.
This was mostly for performance reasons as each role takes up a good chunk of the available resources.

I have done some installations where there is a good reason to separate some of the roles, but the reasons are usually quite specific and often offer no advantage to other clients.
In general, its the really big implementations that benefit from separating the roles.
Systems with 1000s of mailboxes may need multiple mailboxs servers with big disks and loads of memory, but could cope with 2 CAS boxes of fairly standard spec.
Sometimes its the security element that dictates separation, where the CAS role can be opened to the internet a bit more while the mailbox role is locked down and not accessible at all.

In practice, most people install all the roles on each box and everything works fine.

Interestingly, Exchange 2013 has gone backwards a bit and there are now only 2 roles: CAS & Mailbox (The transport role is split between the CAS & Mailbox roles.)

This is based on the idea of the CAS being internet facing and the mailbox role being protected (sounds a lot like the old frontend-backend in 2003 to me... )
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.