determining the minimum number of domain controllers required

Chapter 4: Planning Domain Controller Capacity

Microsoft CorporationVersion 2.0

July 2004

Developed by Windows Server User AssistanceAcknowledgements

Special thanks to Hewlett-Packard for providing the lab equipment used in the tests that provided data for this chapter.

C H A P T E R 4

Planning domain controller capacity helps you determine the appropriate number of domain controllers to place in each domain that is represented in a site. Capacity planning also assists you in estimating the hardware requirements for each domain controller so that you can minimize cost and maintain an effective service level for your users.

In This ChapterOverview of Planning Domain Controller CapacityCollecting Site Topology Design InformationDetermining the Number of Domain ControllersAssessing Disk Space and Memory RequirementsMonitoring Domain Controller PerformanceAdditional Resources

Related Information For more information about planning sites and site topology, see “Designing the Site

Topology” in this book.

For more information about designing the Active Directory® directory service forest and domain structure, see “Designing the Active Directory Logical Structure” in this book.

For more information about Active Directory data storage and directory partitions, see the Directory Services Guide of the Microsoft® Windows® Server 2003 Resource Kit (or see the Directory Services Guide at http://www.microsoft.com/reskit).

Planning Domain Controller Capacity

4 Chapter 4: Planning Domain Controller Capacity

Overview of Planning Domain Controller Capacity

By helping you predict your organization’s needs, planning domain controller capacity protects you from underestimating hardware requirements. Underestimating your hardware requirements can cause poor performance and application response time, and can prevent users from quickly logging on to the network to access resources. Effectively planning domain controller capacity also helps to protect against overloading domain controllers that are running the Microsoft® Windows® Server 2003, Standard Edition; Windows® Server 2003, Enterprise Edition; and Windows® Server 2003, Datacenter Edition operating systems.

Before you plan domain controller capacity, your Active Directory site topology design must be complete. Part of designing your site topology involves deciding which locations require domain controllers and what type of domain controllers are required in each location. After your site topology is designed, planning domain controller capacity helps you to determine the number of domain controllers that you need in each domain for each site and the hardware that is required for each domain controller. For more information about designing your site topology, see “Designing the Site Topology” in this book.

Planning domain controller capacity helps you estimate the hardware requirements for domain controllers that are running Windows Server 2003. Your actual hardware requirements depend on the specific usage patterns in your environment.

After your Active Directory deployment project is complete, continue to monitor the performance of your domain controllers. It is not possible to predict the actual load that client and network traffic put on your domain controllers. Continually monitoring performance helps you understand system workloads and the corresponding effect on your system resources. It also helps you to be aware of changes and trends in workloads and resource usage so that you can plan for future upgrades.

Process for Planning Domain

Controller CapacityTo begin the process of planning domain controller capacity, gather the necessary information recorded earlier in the Active Directory design process. Use this information to determine the hardware requirements for the domain controllers in your environment. Finally, continue to monitor domain controller performance well after the deployment project is complete.

NoteFor a list of the job aids that are available to assist you in planning domain controller capacity, see “Additional Resources” later in this chapter.

Additional Resources 5

Figure 4.1 shows the tasks that you must perform to plan domain controller capacity for a Windows Server 2003 Active Directory environment.

Figure 4.1 Planning Domain Controller Capacity

Background Information for Planning Domain Controller Capacity

Several factors influence domain controller capacity, including the number of objects in the domain, the number of users who are logging on to the domain, and the role of the domain controller and the services installed on it. Be aware of those operations and services that affect domain controller performance so that you can anticipate your requirements and better plan for future growth. Table 4.1 lists how operations and services affect domain controller performance. The operations and services that have the greatest effect on domain controllers are listed first.


Table 4.1 Effect of Operations and Services on Domain Controller PerformanceOperation/Services Variables Affecting Performance

PDC emulator operations master

The following operations typically have a high impact on the performance of the PDC emulator: Password change forwarding and logon

forwarding requests with mismatched passwords for users, computers, and service accounts.

Group Policy updates The initial update of Distributed File System

(DFS) Replicating directory changes to Microsoft®

Windows NT® 4.0 backup domain controllers.Active Directory replication Replication to

partner domain controllers

The impact varies based on the number of replication partners. Replicating to more than fifteen intersite partners has a high impact on performance.

Workstation logon Startup process

The impact varies based on the number of workstations.

Application directory partition hosting

The impact varies based on the use of data that is contained in the application directory partition.

Global catalog operations Universal group

membership lookups

Forestwide searches

If this domain controller functions as a global catalog server, performance varies according to the type of programs that are used. Programs that use global catalog searches extensively, such as Exchange 2000, have a high impact on performance.

Other operations File and print

The impact varies based on the number of users who are using the domain controller as a file and print server.

Network Services DNS WINS DHCP Internet Protocol

security (IPSec)

The impact varies based on the number of services that are performed by the domain controller. For example, hosting multiple services, such as DNS, WINS, and DHCP, typically has a high impact on performance. Hosting a single service, such as DNS, typically has a low impact on performance. For IPSec, the impact on performance varies according to the number of connections.

Users logging on User authentication Authorization for

resource access requests

The impact varies based on the number of users.

Look-up operations Lightweight

Directory Access Protocol (LDAP)

The impact varies based on the type of searches and the number of searches that the program performs.


searchesInfrastructure operations master

The validation of links to moved objects typically has a low impact on performance.

RID pool operations master

RID pool distribution typically has a low impact on performance.

Schema operations master

Modification to the schema typically has low impact on performance.

Domain naming operations master

The addition or deletion of domains typically has low impact on performance.

Collecting Site Topology Design Information

Begin the process for planning domain controller capacity by collecting the information that was recorded during the site topology design process. Figure 4.2 shows where this step happens in the domain controller capacity planning process.

Figure 4.2 Collecting Site Topology Design Information

During the site topology design process, the Active Directory design team records site topology design information in worksheets. Use these worksheets to determine the number of domain controllers that are required in each domain that is represented in each site, and the hardware that is required for each of these domain controllers to support client requests and service operations in each domain.

Use the “Associating Subnets with Sites” worksheet to determine the name of each site in the forest, and then review the “Domain Controller Placement” worksheet to determine the locations that require domain controllers. To review examples of these worksheets, see “Designing the Site Topology” in this book.

For each site, determine the following:


The name of each domain in the site

The number of users for each domain in the site

The distribution of global catalog servers

Record the design information in a new worksheet so that you can complete the process for planning domain controller capacity. Figure 4.3 shows an example of a worksheet that contains domain controller design information for the Trey Research forest. For a worksheet to assist you in collecting domain controller design information, see “Domain Controller Design Information” (DSSDCC_1.doc) on the Windows Server 2003 Deployment Kit companion CD (or see “Domain Controller Design Information” on the Web at http://www.microsoft.com/reskit).

Figure 4.3 Example of a Domain Controller Design Information Worksheet

Determining the Number of Domain Controllers

To maintain an effective service level, make sure that you place a sufficient number of domain controllers in each domain that is represented in a site. First, for each domain represented in a site, determine the minimum number of domain controllers needed to support the number of domain users in that site, and the minimum CPU speed required to support the workload of each domain controller. If a domain controller in a site has a large number of outbound connections, add additional domain controllers for that domain to support the additional replication traffic across sites. Figure 4.4 shows the process for determining the number of domain controllers to place in each domain that is represented in a site.


Figure 4.4 Determining the Number of Domain Controllers for Each Domain in a Site

Determining the Minimum Number of Domain Controllers Required

Use the design information that you recorded in the Domain Controller Design Information worksheet to determine the minimum number of domain controllers that are required in a domain that is represented in a site, based on the number of users in that domain in that site. Use the graphs in Figure 4.5 and Figure 4.6 to help determine the minimum number of domain controllers required to support a given number of domain users; do this for each domain that is represented in each site.

The graph in Figure 4.5 shows average CPU usage for Active Directory domain controllers in a network operating system (NOS) environment. The workload on domain controllers in an outward-facing, or extranet, role is different, and requires further testing in your lab environment. Figure 4.6 shows average CPU usage for global catalog servers in an Exchange environment. Both graphs reflect tests performed on Hewlett-Packard Proliant servers with the configurations shown in Table 4.2.

Table 4.2 Domain Controller Capacity Test ConfigurationsConfiguration Description CPU Memory

Configuration A

HP Proliant DL360 G1 One Intel 800 MHz Pentium III with 256 KB L2 cache

512 MB

NoteIf your environment supports more than 100,000 users in a single domain in a site, do not use these graphs to plan capacity for that domain in that site. Instead, consider using a consulting firm that has experience deploying Active Directory in complex environments. Be sure to test your configuration in a lab environment that is as close to your production environment as possible.

ImportantThese graphs provide a good starting point for planning domain controller capacity. To obtain the most accurate results for your organization, however, it is important to test your specific configurations in a lab environment that simulates your production environment as closely as possible.


Configuration B

HP Proliant DL320 G2 One 2.26 GHz Intel Pentium 4 with 512 KB L2 cache

1 GB

Configuration C

HP Proliant DL380 G3 Two Intel 2.8 GHz Pentium 4 Xeon with Hyper-Threading technology and 512 KB L2 cache

4 GB

Configuration D

HP Proliant DL580 G2 Four Intel 2.8 GHz Xeon MP with Hyper-Threading technology and 2 MB L3 cache

4 GB

To use the graphs in Figure 4.5 and Figure 4.6, perform the following steps:

1. On the vertical axis, find the point that represents the percentage of CPU usage that is acceptable for operating your domain controllers. It is recommended that you operate your domain controllers at no more than 50% CPU usage to allow for sudden increases in workload.

2. On the horizontal axis, find the number of users that each configuration can support at the chosen level of CPU usage.

3. Select a configuration based on cost, availability, and other relevant factors. You might select more than one configuration.

4. Determine how many domain controllers of the configuration you selected are required to support the number of users you have. Be sure to consider future growth when calculating the minimum number of domain controllers required.

5. Repeat steps 1–4 for each domain in each site to determine the total number of domain controllers that your environment requires.

If your environment supports Exchange, consider how many of your domain controllers you will configure as global catalog servers, and add your results from the graph in Figure 4.6 to your results from the graph in Figure 4.5 to determine overall CPU usage.


Figure 4.5 Capacity Planning for Domain Controllers

Example 1By using this graph, you determine that an existing domain controller with a single 800 MHz processor (Configuration A) is adequate to support 800 users at 50% CPU usage. However, if you expect to support a greater number of users in the near future, you might decide to either add another domain controller with the same configuration or replace your existing domain controller with a higher-end model.

Example 2For an environment that must support 7,000 users, you might decide to deploy one domain controller with Configuration D or to deploy two domain controllers with Configuration C, with both domain controllers operating at 50% CPU usage.

Example 3For an environment that must support 15,000 users and for which you decide you want your domain controllers to average 30% CPU usage (to accommodate spikes and future growth), the graph shows that, at 30% CPU usage, Configuration B can support about 1,300 users, Configuration C can support 2,200 users, and Configuration D can support 4,500 users. Based on these numbers, you decide to deploy twelve domain controllers with Configuration B, seven domain controllers with Configuration C, or four domain controllers with Configuration D. If you have budget constraints, you could deploy three domain controllers with Configuration D and one domain controller with Configuration C.

If domains in some sites in your environment have servers running Exchange 2000 or Exchange 2003, you must also consider the incremental load imposed on these servers (primarily on global catalog servers) within the site. In this case, add the results from the graph in Figure 4.6 to overall CPU usage when sizing global catalog servers for each domain in each site.


Figure 4.6 Capacity Planning for Global Catalog Servers in an Exchange Environment

Example 1In this example, you decide (based on the data in Figure 4.5) that at 50% CPU usage, an 800 MHz server (Configuration A) is sufficient to support 800 users. To support Exchange in this site, you decide to make this domain controller a global catalog server. Based on the graph in Figure 4.6,, the additional workload due to Exchange accounts for almost 30% CPU usage by itself on a global catalog server with Configuration A. Combining that number with the results in Figure 4.5, your global catalog server would operate at 80% CPU usage (50% from Figure 4.5 plus 30% from Figure 4.6). In this case, you might decide to deploy two servers with Configuration A, or one higher-end server.

Example 2In this example, you decide that at 50% CPU usage, two servers with Configuration C are sufficient to support 7,000 users. To support Exchange in this site, you need at least one global catalog server. You could convert the two Configuration C servers to global catalog servers and operate at 75% CPU usage (50% from Figure 4.5 plus 25% from Figure 4.6, keeping in mind that the numbers are halved because the number of servers is doubled).

However, if you want to sustain 50% average CPU usage, you could replace one Configuration C server with a Configuration D server. From Figure 4.5, you determine that the Configuration C domain controller can handle 3,500 users at 50% CPU usage, and the Configuration D domain controller can handle the remaining 3,500 users at 25% CPU usage. From Figure 4.6, you determine that the additional workload due to Exchange would consume 25% CPU for 7,000 users on the Configuration D domain controller. Therefore, you decide to convert the Configuration D domain controller to a global catalog server, with a total of 50% CPU usage (25% from Figure 4.5 plus 25% from Figure 4.6).


Example 3In this example, you decide that at almost 30% CPU usage, four servers with Configuration D are sufficient to support 15,000 users.

To support Exchange in this site, you need at least one global catalog server. From Figure 4.6, you determine that the added Exchange workload for a Configuration D domain controller that is a global catalog server is an additional 60% CPU usage for 15,000 users. Accordingly, you might choose any of the following configurations:

Add two additional Configuration D servers and convert all six domain controllers to global catalog servers. This configuration keeps each server at 30% CPU usage.

Use only the four Configuration D servers and convert all of them to global catalog servers. This configuration keeps each server at about 45% CPU usage, which is higher than the 30% usage originally planned, but possibly acceptable if there are budget constraints.

Use only the four Configuration D servers and convert just two of them to global catalog servers. This configuration keeps the two global catalog servers at about 60% CPU usage, while the two other domain controllers remain at 30% CPU usage.

For information about how memory allocation affects domain controller performance, see “Determining Required Memory Allocation” later in this chapter.

Adding Domain Controllers to

Support Replication Between SitesReplicating Active Directory to a large number of sites increases the workload on domain controllers. After you determine the minimum number of domain controllers that you require for each domain that is represented in a site and where the global catalog servers will be located, determine whether you need to add domain controllers or global catalog servers to support replication between sites.

In Microsoft® Windows® 2000, replication between domains that are hosted in a large number of sites is performed by the domain controller in each domain that is designated by the Knowledge Consistency Checker (KCC) as the bridgehead server. In Windows Server 2003, every domain controller in a domain is designated a candidate bridgehead server; therefore, the outbound replication connections that are created by the KCC are randomly distributed between all candidate bridgehead servers in a domain to share the replication workload. In Windows Server 2003, when a domain is represented in more than one site, replication to all other sites where that domain is represented is distributed between the domain controllers in the domain.

NoteAlthough one domain controller per domain might be sufficient to handle the workload related to Active Directory, you must always have a minimum of two domain controllers per domain to provide for fault tolerance and failure recovery.


If the Windows Server 2003–based domain controllers in a site are replicating to between 15 and 31 other sites that are hosting the same domain, add one domain controller to the minimum number of domain controllers required (2+1) in that domain. If the domain controllers in that same site are replicating to between 32 and 45 other sites that are also hosting the same domain, the number of domain controllers required is (2+1+1). Continue adding domain controllers for every 15 replication connections.

The same rule applies to the number of global catalog servers in a site if only one global catalog server in the site is replicating to between 15 and 31 global catalog servers from other sites. For every 15 additional replication connections, add another global catalog server to the site. For more information about global catalog server placement, see “Designing the Site Topology” in this book.

Assessing Disk Space and Memory Requirements

After you determine the number of domain controllers to place in each domain represented in a site, assess the disk space and memory requirements for each domain controller. Figure 4.7 shows the process for assessing disk space and memory requirements.

Figure 4.7 Assessing Disk Space and Memory Requirements

Determining Required Disk SpaceThe disk space that is required for a domain controller varies based on the number of objects in the domain, whether the domain controller is a global catalog server, and whether the domain controller hosts application directory partitions. To determine disk space requirements, perform the following tasks:

Determine the minimum disk space requirement for the domain controllers in each respective domain.

Add disk space to the domain controllers on which you plan to host the global catalog.


Add disk space to the domain controllers on which you plan to host application directory partitions.

Use a hardware assessment worksheet to record the disk space that is required on each domain controller. For an example of a completed hardware assessment worksheet, see “Example: Assessing Disk Space and Memory Requirements” later in this chapter. For a worksheet to assist you in determining required disk space, see “Hardware Assessment” (DSSDCC_2.doc) on the Windows Server 2003 Deployment Kit companion CD (or see “Hardware Assessment” on the Web at http://www.microsoft.com/reskit).

Determining Minimum Disk Space RequirementsDomain controllers require at least enough disk space for the Active Directory database, Active Directory log files, the SYSVOL shared folder, and the operating system. Use the following guidelines to determine how much disk space to allot for your Active Directory installation:

On the drive that will contain the Active Directory database, NTDS.dit, provide 0.4 gigabytes (GB) of storage for each 1,000 users. For example, for a forest with two domains (domain A, domain B), with 10,000 and 5,000 users respectively, provide a minimum of 4 GB of disk space for each domain controller that hosts domain A and a minimum of 2 GB of disk space for each domain controller that hosts domain B.

On the drive that will contain the Active Directory transaction log files, provide at least 500 megabytes (MB) of available space.

On the drive that will contain the SYSVOL shared folder, provide at least 500 MB of available space.

On the drive that will contain the Windows Server 2003 operating system files, provide at least 1.5 GB to 2 GB of available space.

To prevent single disk failures, many organizations use a redundant array of independent disks (RAID). For domain controllers that are accessed by fewer than 1,000 users, all four components generally can be located on a single RAID 1 array. For domain controllers that are accessed by more than 1,000 users, place the log files on one RAID array and keep the SYSVOL shared folder and the database together on a separate RAID array, as specified in Table 4.3.

Table 4.3 RAID System RequirementsComponent Operations Performed RAID System

Operating system files Read and write operations RAID 1Active Directory log files Mostly write operations RAID 1Active Directory database and SYSVOL shared folder

Mostly read operations RAID 1 or RAID 0+1


Adding Disk Space for Global Catalog Servers

After you determine the minimum disk space requirements for your domain controllers, add disk space to the domain controllers that you want to use as global catalog servers. A global catalog server is a domain controller that stores a full replica of the domain directory partition for the domain where it is located and a partial replica of every other domain directory partition in the forest. Because the global catalog server stores partial information about every other domain directory partition in the forest, global catalog servers require additional disk space.

If your forest contains only one domain, designating a domain controller as a global catalog server does not increase the database size. However, if your forest contains more than one domain, each additional domain adds approximately 50 percent of its own database size to the global catalog.

The disk space requirements for a global catalog server that is running Windows Server 2003 are lower than those for a global catalog server that is running Microsoft® Windows® 2000 Server if Active Directory–integrated DNS is configured to use application directory partitions instead of the domain directory partition to store DNS zone data. Application directory partition data does not replicate to the global catalog.

Use the formula in Figure 4.8 to determine the disk space requirements for a global catalog server.

Figure 4.8 Disk Space Requirements for a Global Catalog Server

Table 4.4 shows the storage requirements for a domain controller and a global catalog server for a forest that contains two domains with 10,000 users (domain A) and 5,000 (domain B) users, respectively.

Table 4.4 Storage Requirements for the Active Directory Database

Number of Usersper Domain Domain Controller

Active Directory Database

Storage Requirements10,000 Domain controller (domain A) 4 GB

NoteIf cost is a factor in planning for disk space, you can place the operating system and Active Directory database on one RAID array (such as RAID 0+1) and the Active Directory log files on another RAID array (such as RAID 1). However, it is recommended that you store the Active Directory database and the SYSVOL shared folder on the same drive.


5,000 Domain controller (domain B) 2 GB10,000 Global catalog server (domain

A)4 + 2/2 = 5 GB

5,000 Global catalog server (domain B)

2 + 4/2 = 4 GB

Adding Disk Space for Application Directory PartitionsApplications that depend on Active Directory can use application directory partitions to store application-specific data. Application directory partitions can be created either by applications, by services, or by administrators as container objects. Storing application data in an application directory partition instead of in a domain directory partition can help reduce replication traffic if the application data is replicated to only the domain controllers that require the application data. Currently, Active Directory–integrated DNS is the only Windows Server 2003 service that is configured to use application directory partitions by default. However, you do not need to plan for additional disk space for DNS because the DNS-related disk space requirements have already been factored into the disk space recommendations in this chapter based on numbers of users.

If you are planning to use application directory partitions to store data for applications other than DNS, consult the application developer to determine how much additional disk space to allot for the application directory partition in which the data will be stored.

Determining Required Memory Allocation

Use the number of users per domain in a site to determine the minimum memory requirements for each domain controller in that domain. Table 4.5 gives a conservative estimate of the minimum required memory allocation for a domain controller.

Table 4.5 Determining Domain Controller Memory Requirements

Users per Domain in a Site Minimum Memory Requirements per Domain Controller

1 – 499 512 MB500 – 999 1 GB1,000 - 2,999 2 GB3,000 – 10,000 2 GB> 10,000 users 2 GB

After you determine the minimum memory requirements for each domain controller, consider using the /3GB switch to allow the Lsass process (the process in which Active Directory runs) to cache a larger number of directory objects.

Lsass memory usage on domain controllers has two components:

Data structures, which are like other processes and consist of threads, heaps, and stacks.

Database buffer cache, which consists of database pages and index pages for the directory.


In Windows 2000, the memory that can be used by the database buffer cache without adding the /3GB switch to the Boot.ini file is .5 GB. With the /3GB switch in place, the database buffer cache is still limited to 1 GB.

In Windows Server 2003, there is no limit to how large the database buffer cache can grow. However, with the /3GB switch in place on a 32-bit computer, virtual address space is limited to 4 GB, with 3 GB allocated for user mode processes and 1 GB for kernel mode processes. Therefore, on a 32-bit computer, the database buffer cache never grows greater than 3 GB with the /3GB switch in place, and it does not grow that large because of the memory that is used by other processes. For information about modifying the Boot.ini file, see "Bootcfg" in Help and Support Center for Windows Server 2003.

Use a hardware assessment worksheet to record the required memory allocation for each domain controller. For an example of a completed hardware assessment worksheet, see “Example: Assessing Disk Space and Memory Requirements” later in this chapter. For a worksheet to assist you in assessing hardware requirements, see “Hardware Assessment” (DSSDCC_2.doc) on the Windows Server 2003 Deployment Kit companion CD (or see “Hardware Assessment” on the Web at http://www.microsoft.com/reskit).

NoteThe /3GB switch can be added to domain controllers that are running Windows Server 2003, Standard Edition; Windows Server 2003, Enterprise Edition; and Windows Server 2003, Datacenter Edition. Do not add the /3GB switch to the Boot.ini file if you have less than 2 GB of physical memory.


Example: Assessing Disk Space and Memory Requirements

Figure 4.9 shows an example of a hardware assessment worksheet for the domain controllers in the Trey Research forest. The worksheet shows each site in the Trey Research forest, the domains located in each site, a number to identify the domain controllers in the domain (domain controllers in the Trey Research forest have not been named yet), and the existing hardware configuration on each domain controller. For a worksheet to assist you in assessing hardware requirements, see “Hardware Assessment” (DSSDCC_2.doc) on the Windows Server 2003 Deployment Kit companion CD (or see “Hardware Assessment” on the Web at http://www.microsoft.com/reskit).

Figure 4.9 Example of a Hardware Assessment Worksheet


Monitoring Domain

Controller PerformanceAfter your Active Directory deployment project is complete, continuously monitor your domain controllers and Active Directory. Monitoring the distributed Active Directory directory service and the services that it depends on helps to maintain consistent directory data and a consistent level of service throughout the forest. Figure 4.10 shows monitoring domain controller performance as the final step in the process for planning domain controller capacity.

Figure 4.10 Monitoring Domain Controller Performance

As a distributed service, Active Directory depends on many interdependent services that are distributed across many devices and in many remote locations. As you increase the size of your network to take advantage of the scalability of Active Directory, monitoring becomes more important.

Monitoring Active Directory assures administrators that:

All necessary services that support Active Directory are running on each domain controller.

Data is consistent across all domain controllers and end-to-end replication completes in accordance with service level agreements.

NoteThis Hardware Assessment worksheet does not include Exchange.


Lightweight Directory Access Protocol (LDAP) queries respond quickly.

Domain controllers do not experience high CPU usage.

Organizations with few domains and domain controllers, or organizations that do not provide a critical level of service, might only have to check the performance of a single domain controller periodically by using the built-in tools that are provided with Windows Server 2003, such as System Monitor. For a list of acceptable values for counters to use with System Monitor, see “Using System Monitor” in Help and Support Center for Windows Server 2003.

Larger organizations that have many domains, domain controllers, and sites, or that provide a critical service and cannot afford the cost of lost productivity because of a service outage, must use an enterprise-level monitoring solution, such as Microsoft® Operations Manager (MOM). Use the monitoring solution that best meets your requirements, but monitor the important indicators to make sure that all aspects of Active Directory are functioning correctly. MOM monitors all the important indicators. Implement your monitoring solution in a lab before you deploy it in your production environment.

For more information about monitoring Active Directory, see the Active Directory link on the Web Resources page at http://www.microsoft.com/windows/reskits/webresources. Search under Administration and Configuration Guides and download the Active Directory Operations Guide.

For more information about MOM, see the Microsoft Operations Manager link on the Web Resources page at http://www.microsoft.com/windows/reskits/webresources.

Additional ResourcesThese resources contain additional information and tools related to this chapter.

Related Information “Designing the Site Topology” in this book.

The Directory Services Guide of the Windows Server 2003 Resource Kit (or see the Directory Services Guide on the Web at http://www.microsoft.com/reskit) for information about Active Directory replication and data storage.

The Active Directory Branch Office Planning Guide link on the Web Resources page at http://www.microsoft.com/windows/reskits/webresources.

Related Help TopicsFor best results in identifying Help topics by title, in Help and Support Center, under the Search box, click Set search options. Under Help Topics, select the Search in title only check box.

“Bootcfg” in Help and Support Center for Windows Server 2003.

“Using System Monitor” in Help and Support Center for Windows Server 2003.

Related Job Aids “Domain Controller Design Information” (DSSDCC_1.doc) on the Windows Server 2003

Deployment Kit companion CD (or see “Domain Controller Design Information” on the Web at http://www.microsoft.com/reskit).

“Hardware Assessment” (DSSDCC_2.doc) on the Windows Server 2003 Deployment Kit companion CD (or see “Hardware Assessment” on the Web at http://www.microsoft.com/reskit).

determining the minimum number of domain controllers required

Documents