I know that it has been officially unsupported forever and yet I have seen or heard about many small business installations of a single host running AD DS and Exchange simultaneously. For a resource-strapped small business the savings are compelling.
So assuming that we know somehow that usage requirements will never grow beyond 25 users, say 10 simultaneously,
- How "bad" is it really these days to run both Exchange and AD DS on the same machine (sans virtualization of any kind)?
- What specifically is bad about it? (Name the top 1 or 2 reasons that come to mind besides "Microsoft says so")
- What can be done to mitigate the "bad"ness, if anything?
You can assume that the business in question either:
- has a single physical on-site server with a reasonable commercial ISP or
- has a pool of virtual resources that is already tapped out and they do not want to spend more.
The situation I have in mind is the second, with just one VM that could possibly be a candidate for adding Exchange because it is the only Windows VM and has enough excess memory to make it happen.
In any case, the reasoning may not be all that, well, reasonable, but let's say those are the constraints you have to work with.
Assuming a virtualized environment, just install Exchange onto its own VM. When you phrase a question with "how bad is it", you know that what you're doing is against best practices... So the best approach is to avoid it in the first place.
Can you provide some information about why you wouldn't be willing to separate the duties? E.g. what is preventing you from doing the right thing? Budget? Cost? Resources?
For a small organization it MIGHT be ok. One of the main reasons to run Exchange on its own server is that Exchange is deliberately designed to try to as much RAM as possible to improve performance. Obviously that will impact other services running on the same machine.
Also, Exchange is highly dependent on Active Directory, and having both on the same machine could lead to AD being starved for resources by Exchange right at the time it's most needed. There are also problems with service start order, and various other gotchas. It is possible to work around these kinds of issues, but doing so will require more effort than you'd have to expend on two separate servers.
That said, it's all about the actual workload, and if email volume is low, users aren't doing extraordinary things (torrenting all day, bulk mailing, etc) you'd probably be fine.
Such a configuration is actually supported by Microsoft in their Small Business/Server Essentials products, which allow DC, Exchange, and SQL Server all to run on a single machine.
Server Essentials is a very limiting option, and really not scalable. If you're absolutely sure you'll never exceed 25 users, it might be an option.
If you must go with such a configuration, doing so with a product that is actually supported for this use case will help when you have problems, as you'll be able to get vendor support.
Well, for one thing, Exchange wants to talk to Active Directory before shutting down the Exchange Active Directory Topology Service. If they're on the same box (as they are in the discontinued SBS line), Exchange can sit there for 30 minutes spinning away going "Bueller... Bueller..." waiting for a domain controller to answer it. So you'll want a second DC. Honestly, even with a second DC, I have a shutdown script on the SBS server that shuts down the Exchange services before anything else.
Also, it's not supported to demote a DC with Exchange on it. Something to keep in mind.
I'm not really concerned about the load. As barbecue points out in his/her answer, the SBS line was targeted at installations about your size (less than 75 users for classic SBS). I'm pretty sure the box could handle the load, if it was a reasonable server.
If you're certain your server is beefy enough, go ahead and it, but set the maximum RAM on exchange (and SQL if you put this here), see http://www.bursky.net/index.php/2012/05/limit-exchange-2010-memory-use/
You are basically recreating server essentials / small business server; however I could see someone ending up in a scenario where scaling up looks more attractive than out and so the 25 isn't really a hard limit.