two Domain Controllers

[msw]

There are only three users and there are three servers when the network was
setup the person who installed the network made the first two servers as
Domain Controllers because one server is an exchange server and the other is
an application server and both domains can replicate each other from my
understanding and I think this is a trust domain structure (is this
correct), I am just trying to understand the lingo and be assured that this
is the best way to a secure a network and what is point of making the
exchange as a domain controller and part of trusted structure .

Does making the exchange as a trusted domain controller make the server
vulnerable?

Are there any ideas on whether this is the best approach or is there another
approach that may be better? and is this secure enght

Any ideas would be greatly appreciated as I am still learning and
experimenting.

Second the exchange server is runing as exchange as well as a dc and the
application server is also a seprate dc on the other hand they both
replicate but both are seprate DC. when I go inside Active Directory Site
the two domain are listed and I am 99% sure each one of them is a DC

I don't know why the exchange was setup on a server as a DC is there a
reason behind that.

Is it your recommended that exchange should not be a DC and just a part
of DC. I think IIS is runing on the exchange box I have Outlook OWA runing
already

Thank You

 

[Lanwench [MVP - Exchange]]

There are only three users and there are three servers when the
network was setup the person who installed the network made the first
two servers as Domain Controllers because one server is an exchange
server and the other is an application server and both domains can
replicate each other from my understanding and I think this is a
trust domain structure (is this correct), I am just trying to
understand the lingo and be assured that this is the best way to a
secure a network and what is point of making the exchange as a domain
controller and part of trusted structure .

My goodness, that was a very Faulkian run-on!

How many domains do you have? It sounds like there's only one, but with two
DCs and a member server. DCs in a domain do replicate with each other - they
have to. And wow, only three users for all of this?

Does making the exchange as a trusted domain controller make the
server vulnerable?

I don't see where a trust fits in at all. Do you have any network
documentation from the people who set this up?

This has nothing to do with security, if I understand your message properly.

Are there any ideas on whether this is the best approach or is there
another approach that may be better? and is this secure enght

Any ideas would be greatly appreciated as I am still learning and
experimenting.

Don't experiment on a production network, especially when you're still
learning.

Second the exchange server is runing as exchange as well as a dc and
the application server is also a seprate dc on the other hand they
both replicate but both are seprate DC. when I go inside Active
Directory Site the two domain are listed and I am 99% sure each one
of them is a DC

Two domains, or two DCs in a single domain?

I don't know why the exchange was setup on a server as a DC is there a
reason behind that.

Many people do this successfully. It's best to run Exchange on a member
server if possible, but don't try to demote it now - it can cause problems.

Is it your recommended that exchange should not be a DC and just a
part
of DC. I think IIS is runing on the exchange box I have Outlook OWA
runing already

IIS is installed on all W2k servers. And yes, you need it for OWA.

Thank You

I think you might want to see if there's any network doc - & perhaps get an
experienced consultant in to look at this for/with you.

Also note - this is a Windows 2000 DNS group - not the best place for your
question. Might want to post future questions in
microsoft.public.win2000.active_directory.