1 / 56

Introduce Active Directory performance monitoring tools

Goals. Introduce Active Directory performance monitoring tools Monitor Active Directory performance counters Create Performance Logs and Alerts Identify Active Directory support tools Monitor the File Replication Service Resolve replication errors. (Skill 1).

cecily
Download Presentation

Introduce Active Directory performance monitoring tools

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Goals • Introduce Active Directory performance monitoring tools • Monitor Active Directory performance counters • Create Performance Logs and Alerts • Identify Active Directory support tools • Monitor the File Replication Service • Resolve replication errors

  2. (Skill 1) Introducing Active Directory Performance-Monitoring Tools • Periodically monitoring the Windows Server 2003 Active Directory performance • Helps you anticipate problems • Allows you to take preventive measures • Maintains efficient functioning of the network

  3. (Skill 1) Introducing Active Directory Performance-Monitoring Tools (2) • Use performance monitoring tools • To collect baseline data, which statistically shows the load placed on your resources over time • To troubleshoot problems • Use information obtained from performance monitoring tools • Diagnose and solve performance bottlenecks and problems • To understand the effects of Active Directory performance on the hardware resources of a computer

  4. (Skill 1) Figure 13-1 Comparing current data with the baseline data

  5. (Skill 1) Figure 13-2 The Directory Service Event log

  6. (Skill 1) Introducing Active Directory Performance-Monitoring Tools (3) • Widely used tools for monitoring Active Directory performance • Performance Console • System Monitor • Performance Logs and Alerts tools • Event Viewer

  7. (Skill 1) Introducing Active Directory Performance-Monitoring Tools (4) • System Monitor • Used to view a graphical real-time representation of the performance of the resources on a computer or network • Data captured by the System Monitor is displayed as a chart, a histogram, or a report

  8. (Skill 1) Figure 13-3 The System Monitor

  9. (Skill 1) Introducing Active Directory Performance-Monitoring Tools (5) • Performance Logs and Alerts tool • Records the performance of resources in logs • Used to configure alerts • An alert is configured to perform specific actions • An alert is activated when a threshold value set by an administrator has been met

  10. (Skill 1) Figure 13-4 The Performance Logs and Alerts snap-in

  11. (Skill 1) Introducing Active Directory Performance-Monitoring Tools (6) • Event Viewer • Contains messages generated by applications and the operating system in different Event logs • The logs help in understanding problems relating to applications, services, and the operating system

  12. (Skill 1) Introducing Active Directory Performance-Monitoring Tools (7) • Event logs • Application log • Security log • System log • Directory Service log • DNS Server log • File Replication Service log

  13. (Skill 1) Introducing Active Directory Performance-Monitoring Tools (8) • Application log stores information, errors, or warnings generated by the applications on a computer • Security log • Stores auditing entries • After you configure auditing, use this log to track users who are trying to access objects for which they do not have permissions, among other auditing activities

  14. (Skill 1) Introducing Active Directory Performance-Monitoring Tools (9) • System log • Stores information, errors, or warnings generated by the operating system • If you are having trouble starting a service, such as the Task Scheduler, study this log to identify the cause of the problem

  15. (Skill 1) Figure 13-5 The System Event log

  16. (Skill 1) Introducing Active Directory Performance-Monitoring Tools (10) • Directory Service log • Stores information, errors, or warnings generated by Active Directory • Available only on domain controllers • DNS Server log stores information, errors, or warnings generated by the Domain Name System (DNS) server

  17. (Skill 1) Introducing Active Directory Performance-Monitoring Tools (11) • File Replication Service log • Stores information, errors, or warnings generated by the File Replication Service • This service is used to replicate the shared system volume (Sysvol) folder

  18. (Skill 1) Figure 13-6 The File Replication Service Event log

  19. (Skill 1) Introducing Active Directory Performance-Monitoring Tools (12) • Event logs record five types of messages • Information • Warning • Error • Failure • Success

  20. (Skill 2) Monitoring Active Directory Performance Counters • Performance console metrics • Performance objects are any system resource, such as memory, a disk, a processor, or a network interface, whose performance one can monitor • Performance counters are performance measures for the object that can be calculated and related as numeric figures

  21. (Skill 2) Monitoring Active Directory Performance Counters (2) • Directory Replication Agent (DRA) counters • Largest group of Active Directory-related performance counters • Many of the counters refer to either bytes compressed or bytes not compressed • Record the inbound or outbound replication data sent to or received from other sites

  22. (Skill 2) Monitoring Active Directory Performance Counters (3) • Directory Replication Agent (DRA) counters • On some networks, a byte count may not be a valid measure of replication performance • The number of Active Directory objects that have been replicated reflect replication performance

  23. (Skill 2) Monitoring Active Directory Performance Counters (4) • Active Directory performance counters for NTDS • Directory Replication Agent (DRA) Inbound Bytes Total/sec • DRA Inbound Full Sync Objects Remaining • DRA Inbound Objects Applied/sec • DRA Inbound Object Updates Remaining in Packet • DRA Pending Replication Synchronizations • Lightweight Directory Access Protocol (LDAP) Client Sessions • LDAP Bind Time

  24. (Skill 2) Monitoring Active Directory Performance Counters (5) • Different performance objects and counters are used to monitor hardware resources • Memory • Processor • Hard Disk • Network

  25. (Skill 2) Figure 13-7 The Add Counter dialog box

  26. (Skill 2) Figure 13-8 Monitoring Active Directory performance

  27. (Skill 3) Creating Performance Logs and Alerts • Performance Logs and Alerts snap-in • Used to collect and record data specific to hardware resources and services • Used to create • Counter logs • Trace logs • Alerts

  28. (Skill 3) Creating Performance Logs and Alerts (2) • Counter logs • Use performance objects and performance counters to record data • About hardware resources • About Active Directory • Can be configured to record the statistics for performance counters to collect Active Directory baseline performance data

  29. (Skill 3) Figure 13-9 A counter log

  30. (Skill 3) Creating Performance Logs and Alerts (3) • Trace logs • Record data only when an event supported by an operating system or an application occurs • Used to study the effects of hardware resources on the performance of Active Directory

  31. (Skill 3) Figure 13-10 Creating a trace log

  32. (Skill 3) Creating Performance Logs and Alerts (4) • Alerts • Actions triggered when a resource or service-related performance counter either surpasses or falls below a specified threshold value • Generally based on baseline data you have collected • Deviations indicate problems with Active Directory performance or problems with various system resources

  33. (Skill 3) Figure 13-11 The New Log Settings dialog box

  34. Figure 13-12 Creating a counter log

  35. Figure 13-13 Adding performance counters

  36. Figure 13-14 The new counter log in the Performance console

  37. (Skill 4) Identifying the Active Directory Support Tools • Support tools for monitoring and troubleshooting Active Directory performance • Ldp.exe • Replmon.exe • Repadmin.exe • Dsastat.exe • Sdcheck.exe • Nltest.exe • Acldiag.exe • Dsacls.exe

  38. (Skill 4) Identifying the Active Directory Support Tools (2) • Ldp.exe • Graphical tool that provides information about objects • Other functions • Connect to domains • Search, modify, add, delete, and bind to LDAP-compatible directories • Troubleshoot problems with Active Directory

  39. (Skill 4) Identifying the Active Directory Support Tools (3) • Replmon.exe • Graphical tool providing various reports • Replication status and topology • Performance of domain controllers • Changes that have not replicated from a specified domain controller • Other functions • Troubleshoot replication-related problems • Force synchronization between domain controllers

  40. (Skill 4) Figure 13-15 The Active Directory Replication Monitor

  41. (Skill 4) Identifying the Active Directory Support Tools (4) • Repadmin.exe • Command-line tool to diagnose replication problems • Functions • Modify and view replication topologies • View replication information • Force replication between domain controllers

  42. (Skill 4) Figure 13-16 Repadmin.exe

  43. (Skill 4) Identifying the Active Directory Support Tools (5) • Dsastat.exe • Command-line tool to diagnose replication problems • Compares Active Directory replicas on various domain controllers • Compares global catalog servers in a forest • Provides capacity statistics • Megabytes per server • Objects per server • Megabytes per object class • Attributes of replicated objects

  44. (Skill 4) Identifying the Active Directory Support Tools (6) • Sdcheck.exe • Command-line tool that lists the security descriptors for Active Directory objects • Discretionary Access Control List (DACL) • System Access Control List (SACL) • Verifies the successful propagation of changes made to the DACLs of objects

  45. (Skill 4) Figure 13-17 The Security Descriptor Check utility

  46. (Skill 4) Identifying the Active Directory Support Tools (7) • Nltest.exe • Command-line tool used to perform network administrative tasks • Check the status of trust relationships between domains • Check the connectivity and flow of traffic between domain controllers and computers in a network • Obtain a list of the primary domain controllers on the network • Check domain controller replication • Force a remote shutdown • Obtain data about Active Directory objects

  47. (Skill 4) Figure 13-18 Nltest.exe

  48. (Skill 4) Identifying the Active Directory Support Tools (8) • Acldiag.exe is a command-line tool used to diagnose and troubleshoot problems related to permissions set on Active Directory objects • Dsacls.exe • Command-line tool used to manage ACLs • Used to query and modify security attributes of Active Directory objects to troubleshoot problems relating to permissions

  49. (Skill 5) Monitoring the File Replication Service • File Replication Service (FRS) • Ensures that the Sysvol folder is automatically replicated between domain controllers • Is responsible for all automatic replication of Dfs replicas • Key service in Active Directory • FRS failure can have disastrous effects • Several tools are available for monitoring FRS

  50. (Skill 5) Monitoring the File Replication Service (2) • Monitoring FRS • File Replication Service log • Should be closely monitored • Most common problems of FRS are logged as errors in the FRS log • Lists of common FRS problems, the Event IDs associated with them, and their solutions are downloadable

More Related