RE: New Exchange 2003 server in existing AD/DC environment

  • From: "Lara, Greg" <GLara@xxxxxxx>
  • To: "'[ExchangeList]'" <exchangelist@xxxxxxxxxxxxx>
  • Date: Tue, 21 Dec 2004 10:27:11 -0500

Andrew, the term for a server with "AD itself" is a Domain Controller, or
DC. This is what was unclear in your response.

Greg Lara

This e-mail message may contain privileged, confidential and/or proprietary
information intended only for the person(s) named. If you are not the
intended recipient, please destroy this message, and any attachments, and
notify the sender by return e-mail. If you are not the intended
recipient(s), or the employee or agent responsible for delivering the
message to the intended recipient(s), you are hereby notified that any
dissemination, disclosure or copying of this communication is strictly

-----Original Message-----
From: Andrew English [mailto:andrew@xxxxxxxxxxxxxxxxxxxxxx] 
Sent: Tuesday, December 21, 2004 1:03 AM
To: [ExchangeList]
Subject: [exchangelist] RE: New Exchange 2003 server in existing AD/DC

Hi Mike, 

I was referring to installing Exchange on AD itself, not on a network
running AD, this a big difference. I know when you install Exchange on
the AD itself that a few system policies which are outlined for
administrators are changed so that everyone has access to them, which in
itself is a security problem.

Running Exchange on a Standalone box attached to the AD like you would
normally attach any workstation is the only way to go, do not dcpromo
the Exchange server!

Good luck

-----Original Message-----
From: A. M. Salim [mailto:msalim@xxxxxxxxxxxx] 
Sent: Monday, December 20, 2004 8:29 PM
To: [ExchangeList]
Subject: [exchangelist] RE: New Exchange 2003 server in existing AD/DC

Hi Andrew,

Thanks for your feedback, the Exchange server will be a separate
server, not the same one as that running the AD or GC.  Does that
the issue you raised?

As for not installing Exchange 2k3 on a AD for security reasons, I did
know there was a way to run Exchange without AD - is it not a basic
requirement for Exchange 2003 that it be installed within an Active
Directory with a Domain Controller and Global Catalog somewhere on the

best regards

> Installing Exchange 2k3 on a AD is not recommended by Microsoft
> of security issues.
> With 350 users you may end up tanking the AD if you install Exchange
> on it. Your client is better off buying another box and installing
> Exchange 2k3 on it to save him/herself problems down the road. I also
> hope they have an efficient backup system already in place.
> Regards,
> Andrew

Other related posts: