Hey Al,
Good to hear from you again :)
1. Exchange 12 --> Now known as --> Microsoft Exchange Server 2007
How many times have we heard and or recommenced not to run anything on
the precious domain controller (unless you running SBS but thats another
story), installing Exchange with IIS is also a issue (for me at least)
IIS on a domain controller hell you might as well have a huge sign
saying attack me please.
I see your point and agree with some of the points though, I think the
maturity of the product (Exchange 2k3) at the moment plays a part why
you would not add that additional service to your Domain Controller.
I have seen some weird scenarios with Exchange DSAccess, where by it
specifies DCs on a completely different site as the preferred GC, and
DCs and granted this was a combination of malconfigured {does that word
even exist ;)) Site Subnets and DNS but that could and does happen in
many organizations. What would guarentee you that having Exchange on a
DC that you would have the Exchange server always using itself as the
DC/DC {Besides manually specifing the GC/DC}
With all that said I think the argument for having Exchange on a DC
{cough} is related to network topology and specific company needs. Us
here across the pond often deal with large networks but really slow {I m
talking about 9600} connections, so I am one that understands slow
connection speeds.
Anyway good to hear from you and have a good one
Carlos
Al Mulnick wrote:
<trying this in rich text from gmail to see if it floats; let me know
if you can't see the text joe :)>
Um, no. (Yes, it does have to be a DC to be a GC.) But other than
scalability and simplicity related to troubleshooting/recoverability,
what exactly do you sacrifice if you put Exchange on a GC?
There are those that think that putting Exchange on a GC is the way to
go. There are others that would disagree but what else is new. For
those that have been implementing and designing Exchange for a number
of years (joe's not really that old compared to Dean ;-) this concept
would seem familiar to the Exchange 4-5x days.
As a number of apps were promised to do, Exchange heavily utilizes and
therefore relies on the AD directory for authentication,
authorization, and directory services (identification) (i.e. directory
lookups to aid in mail routing, server lookups (DNS), configuration
settings (GPO), and GAL services, etc). Exchange actually does it
better than most, although as joe points out, there is always room for
improvement.
If you look at the history, there were some dark days around the
Exchange 2000 deployments for Exchange. 2003 got much better and
hopefully E12 (what's it called now? I forget) won't get "office-ized"
by the org changes going on at Microsoft. I've seen the "servers" that
the office team put out and I'm thoroughly less than impressed.
Hopefully that gets better, but I'm not a desktop guy and I'm not
interested in becoming a desktop focused expert. Those desktop
machines and office productivity apps are prime targets for
commoditization over the next 5 years IMHO. Too much is at stake for
it not to be. But I digress.
<history> The original implementation of AD was expected by Microsoft
architects to replace ALL of the other directory services you might
have and become the centerpiece to your networked computing
infrastructure. It's why you'll find things like DNS integrated into
the directory. Well, one reason anyway. Anyhow, as time wore on,
adoption was slower than hoped for and one reason was that it was a
big pill to swallow. Many large companies already had a working NT
model (I say that tongue in cheek: it was limping along in large
orgs), had working DNS models including administrivia and DR processes
(shame on you if you don't), and a working directory structure based
on the LDAP standards that, although they started as a client access
protocol to X.500 directories, become synonymous with server side
implementations. Whatever, only a purist cares I'm sure. It was
realized that although AD had a place in the environment, it was not
likely going to rule the world overnight as originally expected and
designed and marketed and.... It could however be made to play well
and nicely and a lot of refinement was put into that release and now R2.
Meanwhile, Exchange was the "killer" app that caused people to even
consider that major leap from NT4 to AD (which we know now is really
not that big a deal, but boy was it scary then, right?) Some are
still migrating or just getting started, but to each their own.
Exchange was often bashed for not being scalable soooooo.... it makes
sense to off-load some of the services to a single purpose machine -
we know it as a domain controller/dns host/directory server/etc.
Wow. What a great idea. Wait. What if you don't have a network
design that can take advantage of that? Maybe it was geared up and
refined to be better with a mainframe centric computing model and
maybe NT 4.0 was existing there? Hmm... Or maybe your company doesn't
have a network that looks like a single 40-story (storey for those
across the pond) building with one single high-speed network? Maybe
you have users accessing your email and directory from around the
globe and maybe 40% of your users are mobile at any given time? Maybe
more. Exchange won't play nice with a network like that out of the
box because it was geared up to be scalable. Want a single server to
handle 4,000 heavy mapi users? You can't do that with Exchange 5.x,
but you can with Exchange 200x. Why? Many reasons and I won't bore you
with the details. What's important is that if you look at the
topology, it might make more sense to put the directory back onto
Exchange computers based on the way your network works. Can you scale
it as high? No. Is it simple to recover? No (it should be easier than
it is IMHO). But does it serve the purpose better? Yes. Can it handle
that 150 user density South African office without being hampered by
the hamstrung internet connection off the continent? I've been told
it's much better performance than using something like cached mode
clients or OWA if the server is local. I can believe that.
Help me understand why I wouldn't put Exchange on a GC in more
situations than I don't? What would I lose?
Neil, I'm curious about what you'd pick for an authentication service
over AD?
Heck, now I'm just rambling though, 'cause this is likely blank ;)
Al
On 5/18/06, Carlos Magalhaes <[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>> wrote:
> Well currently to have a GC you need that machine to be a DC and as we
> all know you don't put Exchange on a DC ;)
>
> Exchange already feels special ;)
>
> Carlos Magalhaes
>
> Krenceski, William wrote:
> > Why can't exchange just have the GC on it somehow. I'm not a
developer
> > by any means of the word. It just seems that if Exchange is "SPECIAL"
> > make it feel special......
> >
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>
> > [mailto:[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>] On Behalf Of joe
> > Sent: Wednesday, May 17, 2006 7:21 PM
> > To: [email protected] <mailto:[email protected]>
> > Subject: RE: [ActiveDir][OT] DNS on a DC or NOT
> >
> > LOL.
> >
> > For those not at the DEC 2006 Dean and joe show presentation, Mark's
> > 'Exchange is "SPECIAL"' comment is a direct reference to something I
> > said when bouncing around talking about AD and bad applications. I
> > miraculously stopped and looked straight at a Microsoft MVP for
Exchange
> > (Mark) while spouting the truism Exchange is "SPECIAL" in relation to
> > how it abuses AD. I was in a groove when I said it so I didn't
actually
> > realize I was looking at Mark or else I probably would have bust out
> > laughing as I did later when he explained what I had done.
> >
> > I think all of the Exchange MVPs tend to have a special place in their
> > heart for me as does the entire Exchange Dev team. ;o)
> >
> >
> > joe
> >
> >
> >
> > --
> > O'Reilly Active Directory Third Edition -
> > http://www.joeware.net/win/ad3e.htm
<http://www.joeware.net/win/ad3e.htm>
> >
> >
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>
> > [mailto: [EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>] On Behalf Of Mark Arnold
> > Sent: Wednesday, May 17, 2006 5:29 PM
> > To: [email protected] <mailto:[email protected]>
> > Subject: RE: [ActiveDir][OT] DNS on a DC or NOT
> >
> > Laura, a "Mucker" is, in English, a good friend.
> > You are probably not to be termed a Mucker, other words might
apply, but
> > Jimmy is one of mine and Dean/Joe is one of yours.
> >
> > Oh, and Joe is old and smells of wee, so pay no heed to his Exchange
> > rants.
> > Exchange is indeed "special" because it's such a wonderful
solution. OK,
> > I should shut up now and go back to my padded cell.
> >
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>
> > [mailto: [EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>] On Behalf Of Laura E. Hunter
> > Sent: 17 May 2006 21:39
> > To: [email protected] <mailto:[email protected]>
> > Subject: Re: [ActiveDir][OT] DNS on a DC or NOT
> >
> >
> >> BTW, anyone know what a mucker is? I am trying to figure out if I am
> >> supposed to be morally outraged. <eg>
> >>
> >> joe
> >>
> >>
> >
> > I use "mucker" as a compliment, but in my vernacular it's used in
> > reference to a semi-skilled hockey player whose lack of scoring
ability
> > is balanced by his ability to check an opposing player into sometime
> > next week.
> >
> > So I guess what I'm saying is...draw your own conclusions. :-)
> > List info : http://www.activedir.org/List.aspx
<http://www.activedir.org/List.aspx>
> > List FAQ : http://www.activedir.org/ListFAQ.aspx
> > List archive:
> > http://www.mail-archive.com/activedir%40mail.activedir.org/
> >
> >
> >
> > This message has been scanned by Antigen. Every effort has been
made to
> > ensure it is clean.
> >
> > List info : http://www.activedir.org/List.aspx
> > List FAQ : http://www.activedir.org/ListFAQ.aspx
<http://www.activedir.org/ListFAQ.aspx>
> > List archive:
> > http://www.mail-archive.com/activedir%40mail.activedir.org/
> >
> > Confidentiality Notice: The information contained in this message
may be legally privileged and confidential information intended only
for the use of the individual or entity named above. If the reader of
this message is not the intended recipient, or the employee or agent
responsible to deliver it to the intended recipient, you are hereby
notified that any release, dissemination, distribution, or copying of
this communication is strictly prohibited. If you have received this
communication in error please notify the author immediately by
replying to this message and deleting the original message. Thank you.
> >
> > List info : http://www.activedir.org/List.aspx
> > List FAQ : http://www.activedir.org/ListFAQ.aspx
<http://www.activedir.org/ListFAQ.aspx>
> > List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
> >
> >
>
> List info : http://www.activedir.org/List.aspx
> List FAQ : http://www.activedir.org/ListFAQ.aspx
> List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
>
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
