Windows 2008 R2 Multiple Roles on a Single Physical Server
I have a standard Windows 2008 R2 edition. The server has to host Exchange 2010, Certificate Server, AD, DNS, DHCP, VPN, WDS, WSUS, IIS. I have more or less configured the setup. Though i am not encountering any major problems but still i feel something odd. One thing that i would like to know is that should some of the service be installed in a particular order. Like I install AD & DNS first, then IIS, then CS, then Exchange 2010, then others. Or is it that i can go for Exchange first and then install CS. I know that it is not advisable to put all on one server but as of now this has to be done. Later in future the roles will be moved to different machines. And i cannot use VMs because of memory constraints.
June 8th, 2010 6:29pm
Hello, running Exchange on a DC isn't recommended from Microsoft, this belongs to each Exchange version: http://technet.microsoft.com/en-us/library/aa997407(EXCHG.80).aspx Also IIS or VPN isn't a good solution to run on a DC, this opens the heart of your domain for people that you don't wont have on a DC. So remove this both. Also if you use more then one ip address you will run into trouble with domain join, group policies, slow logons etc., etc. DHCP if possible should also run on a member server becasue of security reason or should at least configured with it's own user account for updating DNS. At least in a domain you should also have 2 DC/DNS/GC for failover and redundancy.Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
June 8th, 2010 7:46pm
I completely agree with Meinolf. There are too many eggs in this basket and you are increasing the chance of problems in the future with server given the addtional complexity in roles installed. For instance, once you add the CA role, the server can NOT be renamed. You will probably find other gotchas as you go along which will make the future migration of these roles more difficult. Visit: anITKB.com, an IT Knowledge Base.
June 8th, 2010 8:29pm
Thanks for the replies. I know that it is not at all recommended but as of now this has to be done for the time being. Slowly more servers will be procured and the roles will be moved on to them. This is being done only for time being. Business requirements are always strange :) So are you aware of any documents that might help to complete this fully. Or what all tools can i use to check that my AD, Exchange and CS are working fine. Though till now i am not seeing any error messages in the eventviewer and things are working as required. Thanks again for the advice.
June 8th, 2010 8:53pm
For AD, DCDIAG, DNSLint can be used. Of course, the event logs should be checked regularly.Visit: anITKB.com, an IT Knowledge Base.
June 8th, 2010 10:05pm
Hello, in addition to the already mentioned tools you can use the Best practise analyzer included with Windows server 2008 R2 and also for Exchange 2010. http://technet.microsoft.com/en-us/library/dd392255(WS.10).aspx http://technet.microsoft.com/en-us/library/ee428171(EXCHG.80).aspx See here about some documents regarding to not recommended installations: http://technet.microsoft.com/en-us/library/aa997407(EXCHG.80).aspx http://msmvps.com/blogs/acefekay/archive/2009/08/17/multihomed-dcs-with-dns-rras-and-or-pppoe-adapters.aspxBest regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
June 9th, 2010 10:03am