How bad is it to run Exchange 2016 on a Windows 2012 R2 domain controller for a small organization with assuredly fewer than 25 users?

best-practices domain-controller exchange

For a small organization it MIGHT be ok. One of the main reasons to run Exchange on its own server is that Exchange is deliberately designed to try to as much RAM as possible to improve performance. Obviously that will impact other services running on the same machine.

Also, Exchange is highly dependent on Active Directory, and having both on the same machine could lead to AD being starved for resources by Exchange right at the time it's most needed. There are also problems with service start order, and various other gotchas. It is possible to work around these kinds of issues, but doing so will require more effort than you'd have to expend on two separate servers.

That said, it's all about the actual workload, and if email volume is low, users aren't doing extraordinary things (torrenting all day, bulk mailing, etc) you'd probably be fine.

Such a configuration is actually supported by Microsoft in their Small Business/Server Essentials products, which allow DC, Exchange, and SQL Server all to run on a single machine.

Server Essentials is a very limiting option, and really not scalable. If you're absolutely sure you'll never exceed 25 users, it might be an option.

If you must go with such a configuration, doing so with a product that is actually supported for this use case will help when you have problems, as you'll be able to get vendor support.


Assuming a virtualized environment, just install Exchange onto its own VM. When you phrase a question with "how bad is it", you know that what you're doing is against best practices... So the best approach is to avoid it in the first place.

Can you provide some information about why you wouldn't be willing to separate the duties? E.g. what is preventing you from doing the right thing? Budget? Cost? Resources?


Well, for one thing, Exchange wants to talk to Active Directory before shutting down the Exchange Active Directory Topology Service. If they're on the same box (as they are in the discontinued SBS line), Exchange can sit there for 30 minutes spinning away going "Bueller... Bueller..." waiting for a domain controller to answer it. So you'll want a second DC. Honestly, even with a second DC, I have a shutdown script on the SBS server that shuts down the Exchange services before anything else.

Also, it's not supported to demote a DC with Exchange on it. Something to keep in mind.

I'm not really concerned about the load. As barbecue points out in his/her answer, the SBS line was targeted at installations about your size (less than 75 users for classic SBS). I'm pretty sure the box could handle the load, if it was a reasonable server.

Related

Are PCIE slots coupled with CPU slots?
"MySQL server has gone away" when attempting to import a large dump file
What happens when a load balancer fails?
Verify connectivity to a server on a UDP port
What's the difference between Mercurial's "tip" tag and the "default" branch
How to know storage engine used of a database?
Controlling Nginx proxy target using a cookie?
How to check when yum update was last run
Exclude a specific repo from YUM Update
Get postfix to forward root's mail
Reduce firewall rules by half - one iptables rule for tcp and udp
How can I customize the default settings when deploying Google Chrome for Business?