Tips for Windows domain controller optimization

There are many different techniques for optimizing servers. To most Windows administrators, optimization means using the Performance Monitor to find out where a system's bottlenecks are, and then working to remove the cause of those bottlenecks. This is such a common optimization technique that Microsoft includes it as a part of many of its Windows certification classes. If you have ever attended any of these classes or read the various certification guidebooks, then you know that there are some very specific counters that Microsoft recommends monitoring.

I don't deny the importance of the more commonly used counters. In fact, they work really well. The problem is that although you can learn a lot about a system by monitoring the most basic counters, not all servers are created equally. Depending on a server's role, it may use some resources more heavily than others. Therefore, unless you know which resources a server is really depending on, you will never be able to fully optimize the system.

Microsoft has created Performance Monitor counters that are specific to some server roles. This is particularly true for Windows domain controllers. Let's take a look at some of those counters that I've found to be the most helpful.

Replication

The majority of Windows networks contain multiple domain controllers, and updates to the Active Directory database must be replicated to each DC.

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Windows Server Monitoring and Administration Top five Server Core management tips for Windows 2008 Top free tools for Windows server administration Windows Server 2008 Learning Guide A quick guide to Server Manager for Windows Server 2008 Moving dynamic disks to a new Windows server A first look at Storage Explorer for Windows Server 2008 Take control of server clusters with Microsoft's ClusDiag tool Analyze server history with new tool in Windows 2008 Determining the cause of Windows server hang Preparing to troubleshoot a hung Windows server Microsoft Active Directory Design and Administration Performing a staged installation of an RODC in Windows Server 2008 Using Active Directory to manage Macs in a Windows environment Scripting domain controller installations: A must for Server Core Taming the LSASS.exe process for Active Directory performance and security Top 5 Active Directory tips of 2008 Active Directory FAQs Active Directory database basics: Performing an offline defrag How to rebuild the SYSVOL tree when none exists in Active Directory New AD features in Windows 2008 Cleaning up Active Directory Windows Systems and Network Administration Cutting the cost of Windows identity and access management Using NTFS on a non-Windows OS with NTFS-3G Group Policy Object modeling simplifies network security Implementing simple Network Access Protection for Windows Server 2008 Immediate steps for Windows disaster recovery Quick hits: Troubleshooting service account failure, batch job execution Case Study: Troubleshooting Windows service dependency failures Troubleshooting common Windows service failures Reducing the size of network backups in Windows Monitor network bandwidth with CyberGauge

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary Active Directory  (SearchWindowsServer.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

Since the replication process plays such an important role in keeping domain controllers up to date, I tend to think that the replication-related counters are probably the most important ones to monitor. The table below lists some of the more helpful replication-related counters.

Authentication

One of a domain controller's primary jobs is to authenticate users when they attempt to log into a domain. Unfortunately, Windows does not provide a lot of authentication-specific counters, but the table below gives details for two important ones.

Database performance

It might seem odd to talk about database performance in an article on domain controller optimization, but if you stop and think about it, Active Directory is really just a big database that is available to clients by way of LDAP queries. If the database does not perform well, then you can't expect the domain controller to perform well either. The table below lists some of the more important database-related performance monitor counters.

Unfortunately, it is impossible to thoroughly discuss the topic of domain controller optimization within the confines of one article. However, these Performance Monitor counters will give you a better idea of why your domain controller is performing the way it is.