If you've isolated Exchange Server 2007 to a dedicated Active Directory to keep Exchange-related AD requests from overloading certain domain controllers, it's time to rethink that tactic. Moving your Exchange servers into a non-dedicated site may raise concerns about their impact on existing domain controllers. This tip explains a couple ways to prevent domain controller overload, including load balancing and hardware selection.
By implementing DNS load balancing, you can distribute requests to each domain controller according to its hardware capabilities. If you look at Figure 1, you can see that I've opened the DNS Management console and navigated to DNS -> Forward Lookup Zones -> <my domain> -> _Sites -> Default-First-Site-Name -> _TCP. This is where _LDAP service records are stored.
I selected the _LDAP record for one domain controller. If you look at the last column on the right, you'll see a series of three numbers, each enclosed in brackets, followed by the server's fully qualified domain name. Each of these numbers has a special meaning.
The first number --  in this case -- reflects the record's priority. When a client performs a DNS query for a service resource, it must attempt to contact the server whose record has the lowest priority. All of my domain controllers have the same priority, which is the default setting. When this happens, Windows looks at the next set of numbers, or the record's weight.
Load balancing actually occurs at the weight setting. The higher the weight value, the higher the percentage of requests that are directed to that server. By default, all of the domain controllers are given equal weight, meaning that requests are evenly distributed. However, you can adjust weight based on the domain controller's capabilities.
The last set of numbers --  in this case -- is the network port number that the service record uses. This value does not affect load balancing.
You can change the priority and weight of a record by right-clicking on it and then selecting the Properties command. Windows will display a dialog box you can use to change the priority and weight values.
Using 64-bit hardware is another way to keep from overloading your domain controllers. Microsoft recommends that you maintain a 1:4 relationship of Global Catalog Server cores (i.e., domain controllers) to Exchange Server cores. For example, you'd have one single-core global catalog server for every four single-core Exchange servers or for every two dual-core Exchange servers).
However, that recommendation is based on the assumption that your global catalog servers are running 32-bit operating systems. If your global catalog servers are running 64-bit OSes, the recommended ratio goes from 1:4 to 1:8.
Keep in mind that 64-bit domain controllers only offer a substantial performance increase over 32-bit counterparts if they have enough memory to cache the entire AD database. Even then, Microsoft's ratios are only guidelines. The actual impact that Exchange Server 2007 will have on your domain controllers will vary by how Exchange Server is used and what other applications are using those domain controllers.
About the author: Brien M. Posey, MCSE, is a five-time recipient of Microsoft's Most Valuable Professional (MVP) award for his work with Exchange Server, Windows Server, Internet Information Services (IIS), and File Systems and Storage. Brien has served as CIO for a nationwide chain of hospitals and was once responsible for the Department of Information Management at Fort Knox. As a freelance technical writer, Brien has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies. You can visit Brien's personal website at www.brienposey.com.
Do you have comments on this tip? Let us know.