This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(297.6, 74%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3END%3C/text%3E%3C/svg%3E)
We have on-premise exchange server setup in windows server 2019 standard environment. Two for primary site and two for DR site with one Witness server (Domain Controller). Is it recommended to use DC as DAG witness or not. If not, how does it impact. Kindly share the recommended architecture for the witness server. Thank you
Its not, you should use a small sized server. Why? Because if you have to do any troubleshooting, avoid the need to mess with a DC.
It also means adding the Exchange Trusted SubSystem group to the DC:
So, all in all, not recommended for mgmt and security reasons.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hi @Narayan Das Kohli ,
Welcome to the Microsoft Q&A platform!
Microsoft generally does not recommend using a domain controller (DC) as a database availability group (DAG) witness server. Here are the reasons and recommended architectures:
Why not use a DC as a DAG witness server?
Recommended architecture for a witness server :
For detailed guidance on setting up a DAG and preferred architecture, you can refer to Microsoft's Exchange 2019 preferred architecture.
Please feel free to contact me for any updates. And if this helps, don't forget to mark it as an answer.
Best,
Jake Zhang
Hi @Narayan Das Kohli ,
Please kindly consider this comment as a warm follow up, I want to know if your problem has been solved. If you still have any other questions, please feel free to comment here and I'm glad to provide further support.If the above info is helpful to this question, you can click "Accept Answer". Have a nice day!
Best,
Jake Zhang
Hi @Narayan Das Kohli ,
Is there any update on this thread? If the issue has been resolved, please mark the helpful replies as answers, this will make answer searching in the forum easier and be beneficial to other community members as well. Thanks for your understanding.
Best,
Jake Zhang
Hi @Narayan Das Kohli ,
Since you haven't replied for a long time, I would like to ask if your problem has been solved. If it has been solved, I hope you can click the "Accept Answer" button on the answer to the useful reply. This will help other users with similar problems in the forum to find solutions to their problems under this answer. Thank you very much for your understanding and improvement of the forum environment! Have a nice day!
Best regards,
Jake Zhang
Hi @Narayan Das Kohli ,
Any updates so far? If you have solved your problem, could you share with us? Maybe it will help more people with similar problems. Don't forget to mark it as answer, this will be easy for other community members to find the useful one. Thanks for your understanding.
Best,
Jake Zhang