Topic Last Modified: 2007-03-28
The Microsoft® Exchange Server Analyzer Tool queries the Win32_ComputerSystem Microsoft Windows® Management Instrumentation (WMI) class to determine the value of the DomainRole key. Valid values for this key are shown in the following table.
Backup domain controller
Primary domain controller
In addition, the Exchange Server Analyzer also queries the Win32_Service WMI class to determine the value of the Started key for ClusSvc, the Cluster service.
The Exchange Server Analyzer also queries the Active Directory® directory service to determine the value of the serialNumber attribute of all directory objects that have an object category of msExchExchangeServer. The value for the serialNumber attribute indicates the version of Exchange Server in use.
If the Exchange Server Analyzer determines that the value for the DomainRole key is greater than 3 on an Exchange Server computer, and that the Exchange Server computer is not running Exchange Server version 5.5 or running in a Windows cluster, a warning is displayed.
If you are running Exchange Server as a part of Microsoft Small Business Server 2000 or Windows Small Business Server 2003, you can install Exchange Server on a domain controller. However, if you are not running Exchange Server as part of Small Business Server, it is recommended that you avoid running Exchange Server on a domain controller.
If you are running Exchange Server on a domain controller without Small Business Server, be aware of the following issues:
- Exchange Server and Active Directory are both
resource-intensive applications. There are performance implications
to be considered when both are running on the same computer.
- If Exchange Server is running on a domain controller, you must
also make that domain controller a global catalog server. For more
information about creating a global catalog server, see the
Microsoft Knowledge Base article 313994, "How to create or move a
global catalog in Windows Server 2003, Windows 2000, or Small
Business Server 2000" (http://go.microsoft.com/fwlink/?linkid=3052&kbid=
- Several Exchange Server directory components, such as Directory
Service Access (DSAccess), Directory Service Proxy (DSProxy) and
the Message Categorizer will not fail over to any other domain
controller or global catalog server.
- You should not take advantage of the /3GB startup switch in
Windows because it could cause Exchange Server to consume all
memory, thus reducing the memory available for Active
- System shutdown will take considerably longer if the Exchange
Server services are not stopped before shutting down or restarting
- This configuration is less secure because Exchange
administrators will have local administrative access to Active
Directory, enabling them to elevate their own privileges. In
addition, any security vulnerability found in either Exchange
Server or Active Directory exposes the other to compromise.
- If you are running Exchange Server 2003 or Exchange
Server 2007 on a domain controller, using the domain
controller promotion tool (DCPromo) to change the computer role is
not supported, and is known to break components such as Microsoft
Outlook® Mobile Access.
- Running Exchange Server 2003 or Exchange Server 2007
on a clustered node that is also an Active Directory domain
controller is not supported and should never be done. This means
that if you are running Exchange 2000 Server on a node in a
cluster that is also a domain controller, you must demote the
server to a member server prior to upgrading from
Exchange 2000 Server to Exchange Server 2003.
If the computer is running Exchange 2000 Server, it is recommended that you demote the server to a member server using DCPromo at your earliest opportunity. If the computer is running Exchange Server 2003, use the following procedure to correct this warning.
To correct this warning
Install Exchange Server on a different computer.
Use Move Mailbox in the Exchange Task Wizard to move any existing mailboxes from the domain controller to the new Exchange server.
Rehome any public folders and roles held by the old Exchange Server computer to the new Exchange Server computer.
Uninstall Exchange Server from the domain controller.
For more information about installing Exchange Server on a domain controller, see the Microsoft Knowledge Base article 250989, "XADM: Installing the ADC on a Windows 2000 Domain Controller That Also Runs Exchange Server" (http://go.microsoft.com/fwlink/?LinkId=3052&kbid=250989).