Reducing the workload on the PDC emulator master
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
In addition to processing normal domain controller load from clients, the PDC emulator must also process password changes. In order to mitigate some of the load that is caused by normal domain controller traffic, the PDC can be protected, so the load is distributed to other domain controllers that are capable of processing the requests.
You can configure DNS so that a domain controller is queried less frequently than others. Reducing the number of client requests helps reduce the workload on a domain controller, giving it more time to function as an operations master, and is especially important for the PDC emulator. Of all the operations master roles, the PDC role has the highest impact on the domain controller hosting that role.
To receive information from the domain, a client uses DNS to locate a domain controller and then sends the request to that domain controller. By default, DNS performs rudimentary load balancing and randomizes the distribution of client requests so they are not always sent to the same domain controller. If too many client requests are sent to a domain controller while it attempts to perform other duties, such as those of the PDC emulator, it can become overloaded, which has a negative impact on performance. To reduce the number of client requests that are processed by the PDC emulator, you can adjust its weight or its priority in the DNS environment.
Adjusting the Weight for DNS SRV Records in the Registry
Adjusting the weight of a domain controller to a value less than that of other domain controllers reduces the number of clients that DNS refers to that domain controller. The value is stored in the LdapSrvWeight registry entry. The default value is 100, but it can range from 0 through 65535. By reducing this value, DNS refers clients to a domain controller less frequently based on the proportion of this value to the value of other domain controllers. For example, to configure the system so that the domain controller hosting the PDC emulator role receives requests only half as many times as the other domain controllers, configure the weight of the domain controller hosting the PDC emulator role to be 50. DNS determines the weight ratio for that domain controller to be 50/100 (50 for that domain controller and 100 for the other domain controllers). After you reduce this ratio to 1/2, DNS refers clients to the other domain controllers twice as often as it refers to the domain controller with the reduced weight setting. By reducing client referrals, the domain controller receives fewer client requests and has more resources for other tasks, such as performing the role of PDC emulator.
Adjusting the Priority for DNS SRV Records in the Registry
Adjusting the priority of the domain controller also reduces the number of client referrals. However, rather than reducing it proportionally to the other domain controllers, changing the priority causes DNS to stop referring all clients to this domain controller unless all domain controllers with a lower priority setting are unavailable.
To prevent clients from sending all requests to a single domain controller, the domain controllers are assigned a priority value. Clients always send requests to the domain controller that has the lowest priority value. If more than one domain controller has the same value, the clients randomly choose from the group of domain controllers with the same value. If no domain controllers with the lowest priority value are available, then the clients send requests to the domain controller with the next highest priority.
A domain controller's priority value is stored in its registry. When the domain controller starts, the Net Logon service registers with the DNS server. The priority value is registered with the rest of its DNS information. When a client uses DNS to discover a domain controller, the priority for a given domain controller is returned to the client with the rest of the DNS information. The client uses the priority value to help determine to which domain controller to send requests.
The value is stored in the LdapSrvPriority registry entry. The default value is 0, but it can range from 0 through 65535.
Note
A lower value that is entered for LdapSrvPriority indicates a higher priority. Clients will attempt to use a domain controller with an LdapSrvPriority setting of 0 before a domain controller with an LdapSrvPriority setting of 1, just as domain controllers with LdapSrvPriority settings of 1 would be used before domain controllers with LdapSrvPriority settings of 2.
Task Requirements
The following tool is required to perform the procedures for this task:
- Regedit.exe
To complete this task, perform the following procedures: