Equitrac does not recommend installing Equitrac server software (including Equitrac Professional, Equitrac Office and Equitrac Express) on a domain controller, for multiple reasons, including:
- There are known security issues and risks to install applications on domain controllers.
- Performance may suffer (for both Equitrac and Active Directory) if the server is busy.
- Further, Equitrac server software requires the Internet Information Services (IIS) Web server for the Web client and Web Status web pages and per Microsoft, it does not recommend the installation of IIS on a on a Domain controller:
Please refer to the Microsoft Web site, searching on the following phrases for more information:
- Whenever possible, do not install IIS on a domain controller for the following reasons:
- The networking and processor load generated by authentication and other domain controller processes can degrade IIS performance.
- Adding users to a group that can log on locally to the domain controller can increase the attack surface that is exposed by a Web application. If security is compromised on the domain controller, security is compromised on the entire domain.