How and Why to Monitor Active Directory Performance

With Windows 2000 comes the need to monitor new and different processes on your server.

By Brien M. Posey | Posted Oct 18, 2000
Page 1 of 2
Print ArticleEmail Article
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn

Those of us who grew up with Windows NT are no stranger to performance monitoring. However, when making the transition from Windows NT to Windows 2000, it's easy to continue monitoring the same sorts of counters you monitored in Windows NT. After all, keeping an eye on your server's processor utilization and memory usage are still very important things to do. What many people don't realize, though, is that Windows 2000 is a much more complex operating system than Windows NT, and it has more system functions to watch. One such group of functions is related to the Active Directory. In this article, I'll explain how and why to monitor Active Directory's performance.

Why Monitor Active Directory?

It seems strange at first to gather performance data on your Active Directory. However, there are several good reasons for doing so:
  • The Active Directory is a big part of your system. Like any other system component, its performance can affect the rest of your system.

  • Like any other Windows component, Active Directory consumes resources. You need to be aware of how many of your system's overall resources are being consumed over the long term, so you can plan for future upgrades.

  • Gathering performance data gives you a good way to see the effects of any optimization efforts that you might attempt, and provides a great way for diagnosing problems when they occur.

Event Viewer

The two main tools for watching the Active Directory are the Event Viewer console and the Performance console. The Event Viewer console allows you to see detailed information relating to the Active Directory in the form of log files. You can access this information by clicking the Start button and selecting Programs|Administrative Tools|Event Viewer from the menu.

The Windows 2000 Event Viewer contains several more log files than the Windows NT Event Viewer. One of these logs is specifically dedicated to the Active Directory. As you can see in Figure 1, the Directory Service log contains information, warnings, and errors generated by the Active Directory.

Figure 1: The Event Viewer lets you see information, warnings, and errors that related to your Active Directory.

As with the Windows NT Event Viewer, the Windows 2000 Event Viewer contains all the basic functionality you've come to expect. For example, if you're trying to hunt down a specific error, you can export the log and send it to tech support or pull it into a spreadsheet to search for the error itself.

Performance Console

The other main tool used for watching over Active Directory is the Performance Console. The Performance Console's purpose is to allow you to record and view the performance of specific aspects of your system. For example, you can use the Performance Console to check your processor's current workload, or you can record your processor's utilization over a longer term, such as overnight. As with the Event Viewer, the Performance Console is actually a snap-in for Microsoft Management Console. You can access the Performance Console from the Start menu at Programs|Administrative Tools|Performance. When the Performance Console loads, you'll find that it's strikingly similar to the Windows NT Performance Monitor.

To monitor your Active Directory, navigate through the Performance Console to Console Root|System Monitor. With System Monitor selected, right-click on the System Monitor Details pane (the right side of the window) and select the Add Counters command from the context menu. When you do, you'll see the Add Counters dialog box. As you can see in Figure 2, this dialog box consists of a section in which you select the computer you want to monitor, a Performance Object section for selecting the type of counters you want to use, and a section in which you select the individual counters. As you can see in Figure 2, all the Active Directory-related counters fall under the NTDS section of the Performance Object drop-down list.

Figure 2
Figure 2: The NTDS option on the Performance Object drop-down list contains all the Active Directory-related counters.

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter