Exchange on a Domain Controller
When installing Microsoft server software, I really like the separation of roles. I usually don't like to mix different Microsoft products on the same server.
In real world, my customer's IT budget is of course limited, so sometimes I must weight all the advantages and disadvantages of violating this rule. I don't mind that a DC is also a File&Print Server or that a SharePoint server can also have the WSUS role.
But there's an accumulation of roles that I don't recommend doing: Exchange on a DC. People ask me why, so each time this happens I have to explain them why is wrong to do that. Fortunately Michael has come up with a great blog post with all the reasons for not doing that: Exchange Server 2003 and Domain Controllers - A Summary.
"While installing Exchange Server 2003 on a domain controller is a supported operation, it is not a best practice or a generally recommended practice. As well, once Exchange Server 2003 is installed, it is not supported to change the domain controller status of the server. That is, if the server is already a domain controller, that's fine. Do not change the server to a member server. The opposite is also true - if you install Exchange Server 2003 on a member server, do not then dcpromo the server up to a domain controller.
If you do either of these, you will lose functionality in Exchange. Furthermore, this change is not supported by Microsoft (see KB 822179). For an example of one specific thing that stops working - if you demote a DC with Exchange Server install to a member server, the DS2MB service (which copies Active Directory data from A/D to the IIS metabase) stops working throughout an Exchange organization (see KB 822575). There are others. [...]"
Now, the next time someone asks me, I'll just send him/her Michael's post.