Jump to content

How can I separate Exchange and Domain Controller?

Guest spacegoat

By Guest spacegoat
September 2, 2007 in Windows 2003 Server

Share

https://extremetechsupport.com/topic/30647-how-can-i-separate-exchange-and-domain-controller/

Recommended Posts

Guest spacegoat

Guest spacegoat

Posted September 2, 2007

Posted September 2, 2007

I don't know if this is even practicle or possible but here is the

senario.

I have walked into an existing network that has one 2003 Enterprise

Server running as a Domain Controller/Active Directory. and as an

Exchange Server.

It is also the DHCP and DNS server. Not only that but it is also the

RAS server providing NAT routing as well as VPN access.

There is another 2003 Enterprise Server on the network that is just a

file and print server.

Needless to say this configuration is less than desirable!

My goal is to add an ISA Server to handle the Firewall/Routing and VPN

services and promote the file/print server to Domain Controller/Active

Directory and move the Exchange Server into the DMZ of the ISA Server.

Is there any practicle way to approach this in the hopes of not

starting over from scratch.

Any advice would be much appreciated.

IP

Popular Days

Popular Days

Guest ThatsIT.net.au

Guest ThatsIT.net.au

Posted September 2, 2007

Posted September 2, 2007

Re: How can I separate Exchange and Domain Controller?

"spacegoat" <rfarrer@gmail.com> wrote in message

news:1188691324.913078.323970@y42g2000hsy.googlegroups.com...

>I don't know if this is even practicle or possible but here is the

> senario.

>

> I have walked into an existing network that has one 2003 Enterprise

> Server running as a Domain Controller/Active Directory. and as an

> Exchange Server.

> It is also the DHCP and DNS server. Not only that but it is also the

> RAS server providing NAT routing as well as VPN access.

> There is another 2003 Enterprise Server on the network that is just a

> file and print server.

>

> Needless to say this configuration is less than desirable!

I wouldent say that

how many users do you have?

for example Windows SBS has SQL Exchange DHCP DNS ISA all running on the

same server and is aimed at businesses up to 75 users.

>

> My goal is to add an ISA Server to handle the Firewall/Routing and VPN

> services and promote the file/print server to Domain Controller/Active

> Directory and move the

I agree up to here

>Exchange Server into the DMZ of the ISA Server.

use ISA to publish your exchange server

>

> Is there any practicle way to approach this in the hopes of not

> starting over from scratch.

>

> Any advice would be much appreciated.

>

moving your exchange is a pain. make sure you back it up.

I would also use exmerge to back up mail boxes into pst files. just incase

you have problems restoring. this has saved me in the past.

Then I would set up exchange on another server, and move mailboxes across.

Once you are happy all is running fine decommission the first exchange

server

> IP

>

Guest Lanwench [MVP - Exchange]

Guest Lanwench [MVP - Exchange]

Posted September 2, 2007

Posted September 2, 2007

Re: How can I separate Exchange and Domain Controller?

spacegoat <rfarrer@gmail.com> wrote:

> I don't know if this is even practicle or possible but here is the

> senario.

>

> I have walked into an existing network that has one 2003 Enterprise

> Server running as a Domain Controller/Active Directory. and as an

> Exchange Server.

> It is also the DHCP and DNS server. Not only that but it is also the

> RAS server providing NAT routing as well as VPN access.

> There is another 2003 Enterprise Server on the network that is just a

> file and print server.

>

> Needless to say this configuration is less than desirable!

>

> My goal is to add an ISA Server to handle the Firewall/Routing and VPN

> services and promote the file/print server to Domain Controller/Active

> Directory and move the Exchange Server into the DMZ of the ISA Server.

>

> Is there any practicle way to approach this in the hopes of not

> starting over from scratch.

>

> Any advice would be much appreciated.

>

> IP

Hi - this is multiposted. See your replies in

microsoft.public.exchange.admin (that's the best place for Exchange

questions anyway).

Guest Phillip Windell

Guest Phillip Windell

Posted September 4, 2007

Posted September 4, 2007

Re: How can I separate Exchange and Domain Controller?

Except for SBS environments,...

ISA needs to be on a machine by itself

Exchange needs to be on a machine by itself with IIS

The DC can run DNS, DHCP, WINS perfectly fine

You don't need a DMZ. DMZs over complicate things and most often than not

don't do "squat" to improve security. How is the single Exchange Server

going to work with AD [required] from the DMZ without enabling all kinds of

communication between the LAN and DMZ,...if you enable all that

communicatrion,...then what good is the DMZ?

--

Phillip Windell

http://www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,

or anyone else associated with me, including my cats.

-----------------------------------------------------

Understanding the ISA 2004 Access Rule Processing

http://www.isaserver.org/articles/ISA2004_AccessRules.html

Troubleshooting Client Authentication on Access Rules in ISA Server 2004

http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-fd6eeb6cfa07/ts_rules.doc

Microsoft Internet Security & Acceleration Server: Partners

http://www.microsoft.com/isaserver/partners/default.asp

Microsoft ISA Server Partners: Partner Hardware Solutions

http://www.microsoft.com/forefront/edgesecurity/partners/hardwarepartners.mspx

-----------------------------------------------------

"spacegoat" <rfarrer@gmail.com> wrote in message

news:1188691324.913078.323970@y42g2000hsy.googlegroups.com...

>I don't know if this is even practicle or possible but here is the

> senario.

>

> I have walked into an existing network that has one 2003 Enterprise

> Server running as a Domain Controller/Active Directory. and as an

> Exchange Server.

> It is also the DHCP and DNS server. Not only that but it is also the

> RAS server providing NAT routing as well as VPN access.

> There is another 2003 Enterprise Server on the network that is just a

> file and print server.

>

> Needless to say this configuration is less than desirable!

>

> My goal is to add an ISA Server to handle the Firewall/Routing and VPN

> services and promote the file/print server to Domain Controller/Active

> Directory and move the Exchange Server into the DMZ of the ISA Server.

>

> Is there any practicle way to approach this in the hopes of not

> starting over from scratch.

>

> Any advice would be much appreciated.

>

> IP

>

Share

https://extremetechsupport.com/topic/30647-how-can-i-separate-exchange-and-domain-controller/

Go to topic listing

Similar Content
- How to restrict domain users from removing computers from domain?
  
  By Guest Hana Wudu, October 27, 2024
  - 0 replies
  - 23 views
  - Guest
  - October 27, 2024
- Domain Controller not replicating DNS
  
  By Guest /u/The_Great_Sephiroth, September 18, 2024
  - 0 replies
  - 17 views
  - Guest
  - September 18, 2024
- Will DHCP settings replicate between 2 domain controllers?
  
  By Guest /u/NSFW_IT_Account, October 15, 2024
  - 0 replies
  - 18 views
  - Guest
  - October 15, 2024
- Domain Admins member of Domain Admins
  
  By Guest Gregory B. Duenow, October 31, 2024
  - 0 replies
  - 26 views
  - Guest
  - October 31, 2024
- Upgrading FRS to DFS on single domain controller
  
  By Guest /u/NSFW_IT_Account, September 25, 2024
  - 0 replies
  - 15 views
  - Guest
  - September 25, 2024

×

Browse
- Back
- Forums
- Resources
- Downloads
- Link Directory
- Online Users
- Staff
- Blogs
- Events
- Videos
- Leaderboard
Activity
- Back
- All Activity
- Search
- Our Picks
Site Info
Support

×

Create New...