0

We (as a company) 'd like to try exchange server to replace our mail server.

I downloaded the demo version from Microsoft website, but during the installation it wants administrator access to domain to edit the Active Directory database structure.

The test will last for (at least) a month to see if it will bring real advantages to our management systems.

Here is my question: Is it "dangerous"? If I uninstall the exchange server everything will be reverted to previous state? I'm kind of "scared" about the changes he may apply to our domain controllers.

AndreaCi
  • 135
  • 2
  • 9
  • 2
    If you don't feel confortable with Exchange modifying your production AD schema (which I fully understand) I recommend you to set up a simple test/QA AD environment and test it there. To see the AD changes: http://technet.microsoft.com/en-us/library/bb738144.aspx – jaume Oct 17 '12 at 12:58
  • yes.. I know that's the "solution".. but in a test environment.. we cannot test it with a real situation.. that was my problem... because a test environment doesn't have to 100 addresses with smtp support and synchronization with all clients :) –  Oct 17 '12 at 13:13
  • Still, I recommend you to test it first. You can export and import the users from production to QA with http://technet.microsoft.com/en-us/library/bb727091.aspx (just use an isolated network). Then generate mail with some automated script. And, which value has that somebody at SU tells you that it's not dangerous? If something went wrong, would your boss accept "someone at SU told me it was not dangerous"? It's basically you (and your company) trusting Microsoft. My experience: I installed and administered Exchange 2003 (many years ago) and we didn't have any problems with AD or something. – jaume Oct 17 '12 at 14:45

1 Answers1

1

If I uninstall the exchange server everything will be reverted to previous state?

No. Active Directory schema changes are permanent, and cannot be undone (at least, not without rolling your entire domain, including every domain controller, back to before the change).

Here is my question: Is it "dangerous"?

Not really. The permanent changes that cannot be undone are simply extra attributes and object types that are available in the directory, but won't hurt anything if they're not being actively used.

Many domains out in the real world are in this exact situation, as any organization that has ever used Exchange in their domain has some version or other of the schema extensions installed regardless of whether they're actively using Exchange today.

This isn't to say you shouldn't continue to be suspicious of applications wanting schema extensions - but Microsoft's extensions to Microsoft's LDAP schema are pretty likely to be safe. They're sometimes even useful if you're not planning on using Exchange at all - see this question, for example.

Everything other than the schema changes can essentially be blown away if you decide not to use Exchange.

Community
  • 1
Shane Madden
  • 114,520
  • 13
  • 181
  • 251
  • If all modifications are just new attributes (that we can leave there, unused) I think we will proceed in this way: full backup of my DC (and backup DC); exchange installation and configuration. If everything still works (it should!) we'll test it... if it doesn't.. I will revert to the backup.... – AndreaCi Oct 18 '12 at 18:16