13.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

13.1 © 2004 Pearson Education, Inc.

Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure

Lesson 13: Monitoring Active Directory Performance

Introduce Active Directory performance monitoring tools

Monitor Active Directory performance counters

Create Performance Logs and Alerts

Identify Active Directory support tools

Monitor the File Replication Service

Resolve replication errors

Goals




Periodically monitoring the Windows Server 2003 Active Directory performance

Helps you anticipate problems

Allows you to take preventive measures

Maintains efficient functioning of the network

(Skill 1)

Introducing Active Directory Performance-Monitoring Tools




Use performance monitoring tools

To collect baseline data, which statistically shows the load placed on your resources over time

To troubleshoot problems

Use information obtained from performance monitoring tools

Diagnose and solve performance bottlenecks and problems

To understand the effects of Active Directory performance on the hardware resources of a computer

Introducing Active Directory Performance-Monitoring Tools (2)

(Skill 1)




Figure 13-1 Comparing current data with the baseline data

(Skill 1)




Figure 13-2 The Directory Service Event log

(Skill 1)




Widely used tools for monitoring Active Directory performance

Performance Console

System Monitor

Performance Logs and Alerts tools

Event Viewer


(Skill 1)




System Monitor

Used to view a graphical real-time representation of the performance of the resources on a computer or network

Data captured by the System Monitor is displayed as a chart, a histogram, or a report


(Skill 1)




Figure 13-3 The System Monitor

(Skill 1)




Performance Logs and Alerts tool

Records the performance of resources in logs

Used to configure alerts

An alert is configured to perform specific actions

An alert is activated when a threshold value set by an administrator has been met


(Skill 1)




Figure 13-4 The Performance Logs and Alerts snap-in

(Skill 1)




Event Viewer

Contains messages generated by applications and the operating system in different Event logs

The logs help in understanding problems relating to applications, services, and the operating system


(Skill 1)




Event logs

Application log

Security log

System log

Directory Service log

DNS Server log

File Replication Service log


(Skill 1)




Application log stores information, errors, or warnings generated by the applications on a computer

Security log

Stores auditing entries

After you configure auditing, use this log to track users who are trying to access objects for which they do not have permissions, among other auditing activities


(Skill 1)




System logStores information, errors, or warnings

generated by the operating system

If you are having trouble starting a service, such as the Task Scheduler, study this log to identify the cause of the problem


(Skill 1)




Figure 13-5 The System Event log

(Skill 1)




Directory Service log

Stores information, errors, or warnings generated by Active Directory

Available only on domain controllers

DNS Server log stores information, errors, or warnings generated by the Domain Name System (DNS) server


(Skill 1)





Stores information, errors, or warnings generated by the File Replication Service

This service is used to replicate the shared system volume (Sysvol) folder


(Skill 1)




Figure 13-6 The File Replication Service Event log

(Skill 1)




Event logs record five types of messages

Information

Warning

Error

Failure

Success


(Skill 1)




Performance console metrics

Performance objects are any system resource, such as memory, a disk, a processor, or a network interface, whose performance one can monitor

Performance counters are performance measures for the object that can be calculated and related as numeric figures

Monitoring Active Directory Performance Counters

(Skill 2)




Directory Replication Agent (DRA) counters

Largest group of Active Directory-related performance counters

Many of the counters refer to either bytes compressed or bytes not compressed

Record the inbound or outbound replication data sent to or received from other sites

Monitoring Active Directory Performance Counters (2)

(Skill 2)




Directory Replication Agent (DRA) counters

On some networks, a byte count may not be a valid measure of replication performance

The number of Active Directory objects that have been replicated reflect replication performance


(Skill 2)




Active Directory performance counters for NTDS

Directory Replication Agent (DRA) Inbound Bytes Total/sec

DRA Inbound Full Sync Objects Remaining

DRA Inbound Objects Applied/sec

DRA Inbound Object Updates Remaining in Packet

DRA Pending Replication Synchronizations

Lightweight Directory Access Protocol (LDAP) Client Sessions

LDAP Bind Time


(Skill 2)




Different performance objects and counters are used to monitor hardware resources

Memory

Processor

Hard Disk

Network


(Skill 2)




Figure 13-7 The Add Counter dialog box

(Skill 2)




Figure 13-8 Monitoring Active Directory performance

(Skill 2)




Performance Logs and Alerts snap-in

Used to collect and record data specific to hardware resources and services

Used to create

Counter logs

Trace logs

Alerts

Creating Performance Logs and Alerts

(Skill 3)




Counter logs

Use performance objects and performance counters to record data

About hardware resources

About Active Directory

Can be configured to record the statistics for performance counters to collect Active Directory baseline performance data

Creating Performance Logs and Alerts (2)

(Skill 3)




Figure 13-9 A counter log

(Skill 3)




Trace logs

Record data only when an event supported by an operating system or an application occurs

Used to study the effects of hardware resources on the performance of Active Directory


(Skill 3)




Figure 13-10 Creating a trace log

(Skill 3)




Alerts

Actions triggered when a resource or service-related performance counter either surpasses or falls below a specified threshold value

Generally based on baseline data you have collected

Deviations indicate problems with Active Directory performance or problems with various system resources


(Skill 3)




Figure 13-11 The New Log Settings dialog box

(Skill 3)




Figure 13-12 Creating a counter log




Figure 13-13 Adding performance counters




Figure 13-14 The new counter log in the Performance console




Support tools for monitoring and troubleshooting Active Directory performance

Identifying the Active Directory Support Tools

(Skill 4)

Sdcheck.exe

Nltest.exe

Acldiag.exe

Dsacls.exe

Ldp.exe

Replmon.exe

Repadmin.exe

Dsastat.exe




Ldp.exe

Graphical tool that provides information about objects

Other functions

Connect to domains

Search, modify, add, delete, and bind to LDAP-compatible directories

Troubleshoot problems with Active Directory

Identifying the Active Directory Support Tools (2)

(Skill 4)




Replmon.exe

Graphical tool providing various reportsReplication status and topology

Performance of domain controllers

Changes that have not replicated from a specified domain controller

Other functionsTroubleshoot replication-related problems

Force synchronization between domain controllers


(Skill 4)




Figure 13-15 The Active Directory Replication Monitor

(Skill 4)




Repadmin.exe

Command-line tool to diagnose replication problems

Functions

Modify and view replication topologies

View replication information

Force replication between domain controllers


(Skill 4)




Figure 13-16 Repadmin.exe

(Skill 4)




Dsastat.exe

Command-line tool to diagnose replication problemsCompares Active Directory replicas on various domain

controllers

Compares global catalog servers in a forest

Provides capacity statisticsMegabytes per server

Objects per server

Megabytes per object class

Attributes of replicated objects


(Skill 4)




Sdcheck.exe

Command-line tool that lists the security descriptors for Active Directory objects

Discretionary Access Control List (DACL)

System Access Control List (SACL)

Verifies the successful propagation of changes made to the DACLs of objects


(Skill 4)




Figure 13-17 The Security Descriptor Check utility

(Skill 4)




Nltest.exe

Command-line tool used to perform network administrative tasksCheck the status of trust relationships between domains

Check the connectivity and flow of traffic between domain controllers and computers in a network

Obtain a list of the primary domain controllers on the network

Check domain controller replication

Force a remote shutdown

Obtain data about Active Directory objects


(Skill 4)




Figure 13-18 Nltest.exe

(Skill 4)




Acldiag.exe is a command-line tool used to diagnose and troubleshoot problems related to permissions set on Active Directory objects

Dsacls.exe

Command-line tool used to manage ACLs

Used to query and modify security attributes of Active Directory objects to troubleshoot problems relating to permissions


(Skill 4)




File Replication Service (FRS)

Ensures that the Sysvol folder is automatically replicated between domain controllers

Is responsible for all automatic replication of Dfs replicas

Key service in Active Directory

FRS failure can have disastrous effects

Several tools are available for monitoring FRS

Monitoring the File Replication Service

(Skill 5)




Monitoring FRS


Should be closely monitored

Most common problems of FRS are logged as errors in the FRS log

Lists of common FRS problems, the Event IDs associated with them, and their solutions are downloadable

Monitoring the File Replication Service (2)

(Skill 5)




FRS-specific performance counters

FRSReplicaConn Bindings in Error

FRSReplicaConn Communication Timeouts

FRSReplicaSet Bindings in Error

FRSReplicaSet KB of Staging Space Free

FRSReplicaSet Packets Received in Bytes

FRSReplicaSet Packets Sent in Bytes


(Skill 5)




Microsoft tools to monitor and track FRS problems

Ultrasound

Downloadable tool used to monitor the health status of FRS replication sets

Can be configured to send an e-mail notification in case of a problem

FRSDiag

Downloadable graphical tool

Can take snapshots of the replication state and run tests against the service


(Skill 5)




Microsoft tools to monitor and track FRS problems

Ntfrsutl.exe

Command line utility included with Windows 2003 Server

Used to take snapshots of the replication state

Sonar

Downloadable command line utility

Used to monitor the status of FRS


(Skill 5)




Figure 13-19 Ntfrsutl.exe

(Skill 5)




You must be able to diagnose and resolve the more commonly experienced replication errors

Slow replication is the most common problem

Causes of replication latencyLink speed

Available bandwidth

Replication topology

Replication timers

Disabled Web sites

Overloaded domain controllers

Resolving Replication Errors

(Skill 6)




Common replication errors

Event ID 1311 shown in the Directory Service Log

Event ID 1265 and the error “RPC Server is Unavailable” shown in the Directory Service Log

“Access is denied” message when attempting to force replication

Resolving Replication Errors (2)

(Skill 6)

13.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

Documents

active directory support

performance bottlenecks

microsoft windows server

pearson education

network skill

baseline data skill

alerts tools event viewer

network data