Presentation is loading. Please wait.

Presentation is loading. Please wait.

70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 13: Monitoring and Optimizing Active Directory.

Similar presentations


Presentation on theme: "70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 13: Monitoring and Optimizing Active Directory."— Presentation transcript:

1 70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 13: Monitoring and Optimizing Active Directory

2 Guide to MCSE 70-294, Enhanced2 Objectives Use performance counters to monitor Active Directory performance Maintain the Active Directory store Optimize the location of Active Directory files Work with application directory partitions

3 Guide to MCSE 70-294, Enhanced3 Using Performance Counters to Monitor Active Directory Server performance can deteriorate for a number of reasons over time Monitoring health of server Can help alert you to problems before they occur or become more serious Baseline performance Normal behavior of system

4 Guide to MCSE 70-294, Enhanced4 Performance Console Administrative tool Allows detailed information to be gathered

5 Guide to MCSE 70-294, Enhanced5 Performance Console (continued) Consists of two different tools: System Monitor Allows administrator to view data gathered from wide variety of counter objects in real time Performance Logs and Alerts Allows administrator to gather similar information to System Monitor Periodically logs samples to data file to be imported into other applications

6 Guide to MCSE 70-294, Enhanced6 Performance Console (continued)

7 Guide to MCSE 70-294, Enhanced7 System Monitor Collects data that you can use for: Server performance Problem diagnosis Capacity planning Testing Define Components you want to monitor Type of data you want to collect

8 Guide to MCSE 70-294, Enhanced8 System Monitor (continued) Use System Monitor to gather data from: Local computer Network computer By default, tool displays data related to: Memory Processor Physical disk objects

9 Guide to MCSE 70-294, Enhanced9 Default Display of System Monitor

10 Guide to MCSE 70-294, Enhanced10 System Monitor (continued) Views: Graph Histogram Report

11 Guide to MCSE 70-294, Enhanced11 Activity 13-1: Exploring System Monitor Settings Objective: Explore Windows Server 2003 System Monitor settings Follow instructions to open System Monitor and view settings

12 Guide to MCSE 70-294, Enhanced12 Performance Objects and Counters Performance objects that should be included when monitoring performance: % Processor Time % Interrupt Time Pages/second Page Faults/second % Disk Time Average Disk Queue Length

13 Guide to MCSE 70-294, Enhanced13 Performance Objects and Counters (continued) Performance objects that should be included when monitoring domain controller: DRA Inbound Bytes Compressed (Between Sites, After Compression)/sec DRA Outbound Bytes Compressed (Between Sites, After Compression)/sec DRA Inbound Bytes Not Compressed (Within Site)/sec DRA Outbound Bytes Not Compressed (Within Site)/sec

14 Guide to MCSE 70-294, Enhanced14 Performance Objects and Counters (continued) Performance objects that should be included when monitoring domain controller: DRA Inbound Bytes Total/s DRA Outbound Bytes Total/sec DS Search Suboperations/sec LDAP Searches/sec LDAP Client Sessions NTLM Authentications/sec

15 Guide to MCSE 70-294, Enhanced15 Performance Objects and Counters (continued) Performance objects that should be included when monitoring domain controller: KDC AS Requests KDC TGS Requests % Processor Time LSASS Private Byte LSASS Handle Count LSASS

16 Guide to MCSE 70-294, Enhanced16 Performance Objects and Counters (continued) Gathering data easy Interpreting information to determine what component is affecting performance more difficult Performance of some components can affect other components

17 Guide to MCSE 70-294, Enhanced17 Maintaining the Active Directory Database Active Directory uses tombstones To ensure objects are removed from all domain controllers Active Directory becomes fragmented as new objects are added and deleted Related information is spread out in little pieces everywhere Defragmentation: Physically grouping related information together inside of file

18 Guide to MCSE 70-294, Enhanced18 Managing Deleted Objects Deleted object Not immediately purged from database Object is tagged as being in tombstone state Tombstone Allows all other domain controllers to delete object

19 Guide to MCSE 70-294, Enhanced19 Managing Deleted Objects (continued) Tombstone lifetime: By default 60 days Should be significantly higher than total replication latency across entire forest Garbage collection Removes tombstones from domain controller’s directory database Runs every 12 hours

20 Guide to MCSE 70-294, Enhanced20 Activity 13-3: Modifying the Tombstone Lifetime Objective: Modify the tombstone lifetime in an Active Directory forest Use ADSI Edit to modify tombstone lifetime

21 Guide to MCSE 70-294, Enhanced21 Online Defragmentation Performed on domain controller Every 12 hours, by default Part of garbage collection process Performed with Active Directory Store online Users can continue to read and write to directory Space used by deleted objects is reclaimed (freed) for later use by new objects

22 Guide to MCSE 70-294, Enhanced22 Online Defragmentation Data inside database is reorganized to optimize performance Does not shrink Active Directory database file NTDS.DIT

23 Guide to MCSE 70-294, Enhanced23 Offline Defragmentation In most situations: Number of new objects created exceeds number of objects deleted Directory database typically grows more than it shrinks Administrator can manually perform offline defragmentation to compact database

24 Guide to MCSE 70-294, Enhanced24 Activity 13-4: Defragmenting and Compacting the Active Directory Database Objective: Defragment and compact the Active Directory database Follow instructions to defragment and compact database

25 Guide to MCSE 70-294, Enhanced25 Optimizing the Location of Active Directory Files Optimize placement of Active Directory files

26 Guide to MCSE 70-294, Enhanced26 Optimizing File Location Understand how different types of files are used Active Directory store Accessed in random fashion Active Directory log files Accessed sequentially

27 Guide to MCSE 70-294, Enhanced27 Optimizing File Location (continued) Windows system files Accessed in random fashion Windows page file Accessed randomly Separate randomly accessed files from sequentially accessed files Requires two physical redundant drives: One for Active Directory store, system files, and page file Another for Active Directory log files

28 Guide to MCSE 70-294, Enhanced28 Optimizing File Location (continued) Place Active Directory store and/or Windows page file on their own disk Moving page file to its own disk improves performance More than moving Active Directory store to its own disk

29 Guide to MCSE 70-294, Enhanced29 Moving Active Directory Files May be necessary to move Active Directory store or log files

30 Guide to MCSE 70-294, Enhanced30 Activity 13-5: Moving Active Directory Log Files Objective: Move the Active Directory log files to a second hard drive Follow instructions to move log files

31 Guide to MCSE 70-294, Enhanced31 Working with Application Directory Partitions Using application partitions Administrator has fine-grain control over where data is replicated Replication traffic can be lowered

32 Guide to MCSE 70-294, Enhanced32 Creating Application Directory Partitions Ways to create partition Third-party tool Ntdsutil utility First select name for partition Part of forest’s namespace Follow same DNS naming conventions as any other domain in forest Replication of application partition works in same way as for domain partition

33 Guide to MCSE 70-294, Enhanced33 Creating Application Directory Partitions (continued) Potential issue when using application partitions and default security descriptors: Ambiguous references To solve: Each application partition has default security descriptor reference domain set when partition is created

34 Guide to MCSE 70-294, Enhanced34 Adding and Removing Application Directory Partition Replicas Can add or remove replicas of partition from one or more domain controllers as needed Tools: Third-party tools Ntdsutil

35 Guide to MCSE 70-294, Enhanced35 Deleting Application Directory Partitions When partition deleted Any replicas of partition automatically removed from all domain controllers in forest Configuration data about application partition is also removed from directory To delete partition use: Third-party tool Ntdsutil

36 Guide to MCSE 70-294, Enhanced36 Summary Performance console Primary server-monitoring utility provided with Windows Server 2003 Deleted objects are not removed from Active Directory immediately Online defragmentation of Active Directory store is automatically performed every 12 hours Offline defragmentation of Active Directory must be performed manually

37 Guide to MCSE 70-294, Enhanced37 Summary (continued) To optimize performance Location of Active Directory database and log files can be changed Use Ntdsutil utility to: Create application partitions Add and remove application partition replicas Delete application partitions from directory


Download ppt "70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 13: Monitoring and Optimizing Active Directory."

Similar presentations


Ads by Google