Previous Page | Next Page

  1. Introduction
  2. Windows 2000 Professional
  3. Windows 2000 Server
  4. Windows 2000 Advanced Server
  5. Windows 2000 Datacenter Server
  6. Application Support
  7. System Operation
  8. Disks and Volumes
  9. Filesystems
  10. Configuration Files
  11. Security
  12. Network Support
  13. Access Management
  14. Processes
  15. AD Structure
  16. AD Objects
  17. AD Object Naming
  18. AD Schema
  19. AD Sites
  20. Domains
  21. AD Functions
  22. AD Replication
  23. DNS
  24. AD Security
  25. AD Installation
  26. AD Configuration
  27. AD Performance
  28. Installation
  29. Installation Options
  30. Unattended Installation
  31. Software Distribution
  32. Remote Installation Service
  33. Language
  34. Accessibility
  35. File Attributes
  36. Shares
  37. Distributed File System
  38. Control Panel
  39. Active Directory Tools
  40. Computer Management Console Tools
  41. MMC Tools
  42. Network Tools
  43. Network Monitor
  44. System Performance Monitoring
  45. Tools
  46. Managing Services
  47. Connections
  48. TCP/IP
  49. DHCP
  50. Printing
  51. Routing
  52. IPSec
  53. ICS
  54. Fault Tolerance
  55. Backup
  56. System Failure
  57. Services
  58. Remote Access
  59. WINS
  60. IIS
  61. Certificate Server
  62. Terminal Services
  63. Web Services
  64. Authentication
  65. Accounts
  66. Permissions
  67. Groups
  68. User Rights and Auditing
  69. Auditing
  70. User Profiles
  71. Policies
  72. Group Policies
  73. Miscellaneous
  74. Terms
  75. Credits

Active Directory Performance

The System Monitor object NTDS is useful for monitoring domain controller performance. The below counters in the Performance Monitor tool show replication traffic information.

  • DRA Inbound Bytes Total/sec
  • DRA Outbound Bytes Total/sec
  • DRA Inbound Bytes Not Compressed - Replicated uncompressed bytes that are probably from a Directory Services Agent (another controller sending data) in the same site.
  • DRA Inbound Bytes Compressed (Before Compression) - Replicated bytes received (as though in uncompressed form).
  • DRA Inbound Bytes Not Compressed (After Compression) - Replicated bytes received (as in compressed form).
  • DRA Inbound Bytes Total The sum of the DRA Inbound Bytes Not Compressed plus the DRA Inbound Bytes Not Compressed (After Compression).
  • DRA Outbound Bytes Not Compressed - Replicated uncompressed bytes that are being sent to another domain controller in the same site.

Active Directory Replication Monitor

The Active Directory Replication Monitor is used to monitor Active Directory database replication between domain controllers.

The Active Directory Replication Monitor is one of the Windows 2000 support tools. Install it from the Windows 2000 Server installation CD. When the menu comes up, select browse, and double click each of "SUPPORT", "TOOLS" and "SETUP". Enter appropriate information when prompted to complete the Windows 2000 Support Tools installation.

The Active Directory Replication Monitor is run by selecting "Start", "Run", and typing "replmon" on the command line. You can add monitored servers to its monitor list. Replication can be forced by right clicking on a partition, then selecting "Synchronize this Directory Partition with All Servers".

Some of the following functions can be done with Active Directory Replication Monitor.:


  • Manually make two domain controllers replicate Active Directory database information between each other.
  • View replication partner information.
  • View unreplicated objects, list object metadata, and find out why a replication attempt may have failed.
  • Log and monitor the domain or forest replication state and statistics.
  • Change replication time intervals.
  • Setup the system response to exceeding replication thresholds. The system response may be to log the event or send an e-mail.

Network Monitor

This tool can be used to observe replication data and help with diagnosis of any replication problems. TCP port 25 is monitored to observe replication using mail transfers. When RPC is used for replication, which is the normal method, the following entry in the registry may be modified to a particular port number to cause RPC traffic to use the same port:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NTDS\Parameters\TCP/IP Port

Active Directory Queries

LDAP queries are used by Active Directory to find objects and the query is passed from domain controller to domain controller until the object is found. Active directory objects must be in the current tree for an LDAP query to find the object.

Adding more global catalog servers will make searching the forest faster, but more network bandwidth will be required for replication between global catalog servers.