when to split up exchange 2013 roles

Posted on 2014-03-07
Last Modified: 2014-03-12

I was looking for a website with specific scenarios of when someone would want to split up the exchange 2013 roles. I have only found websites that say "you would need a very good reason to split the roles up"

I have found sites that say "you would want to split the roles if you were using nlb for the cas HA and something about certificates."

 I understand the NLB point.  Other than that, It is all very vague
Question by:cmatchett
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 63

Accepted Solution

Simon Butler (Sembee) earned 250 total points
ID: 39914509
As far as I am concerned, there is no good reason to split the roles. Simple as that.
The Exchange product team don't recommend the use of WNLB, which is great because it largely sucks. Therefore if you take that reason out, there is nothing left.

The best practise for the last couple of years with Exchange 2010 has been to have all roles on all servers and that has followed through to Exchange 2013. I haven't done a single design with separate CAS role servers, and have no intention of doing so now.

Instead of deploying separate CAS, spend the money on a hardware load balancer instead.

LVL 27

Assisted Solution

Steve earned 250 total points
ID: 39920790
Exchange 2007 onwards was designed with a role based layout to allow you to separate the roles as needed. When 2007 first came out, Microsoft were heavy handed in stating that the roles should not be on the same box unless really necessary.
This was mostly for performance reasons as each role takes up a good chunk of the available resources.

I have done some installations where there is a good reason to separate some of the roles, but the reasons are usually quite specific and often offer no advantage to other clients.
In general, its the really big implementations that benefit from separating the roles.
Systems with 1000s of mailboxes may need multiple mailboxs servers with big disks and loads of memory, but could cope with 2 CAS boxes of fairly standard spec.
Sometimes its the security element that dictates separation, where the CAS role can be opened to the internet a bit more while the mailbox role is locked down and not accessible at all.

In practice, most people install all the roles on each box and everything works fine.

Interestingly, Exchange 2013 has gone backwards a bit and there are now only 2 roles: CAS & Mailbox (The transport role is split between the CAS & Mailbox roles.)

This is based on the idea of the CAS being internet facing and the mailbox role being protected (sounds a lot like the old frontend-backend in 2003 to me... )

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question