|
You could make yourself a .net console app
which took a couple of parameters – query, dc/gc, etc and returned the
time elapsed to execute the query. I don’t think MOM05 includes this but
it would be trivial to create rules to do this given such an app as described
above. --brian From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Centenni, Jason On the same topic. Anyone know of a
“free” LDAP response time tool? Anyone know if MOM does this? Jason From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Can you give some more information about
what those limits were and how they "worked" around them? I'm
interested in context because there are a lot of variables here. I've typically seen a lot of folks that
just write poor apps and trip the thresholds of AD that are there to protect
the DC/GC's. Those thresholds are typically set by engineers meaning that the
conversation often goes something like, "Q:Where should we set the limits
to protect as many people as possible? A:50 Real Answer: 75, but if we let them
get that close, they'll likely go over, so let's set it to 50 and they'll never
break that threshold" The apps that are well written can often
deal with this without issue, but it would help to know the app, how they ran
into a problem and what you did to get them around it. Al From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rachui, Scott I have an interesting question that's come up recently... I have some customers who have recently seen some issues
with their application and the default LDAP Query Policy limits. We've
worked through that issue, but the customer is now wanting us to explain to
them how we're going to monitor LDAP performance and capacity so that we see
problems in the future before the customer encounters them. At the same
time, the customer is asking us to give them the theoretical limits that we can
set our LDAP Query Policies to without harming our Active Directory
infrastructure. This will theoretically give them some sense of their
boundaries (if they want to extend their application, and they know that there
is a theoretical limit to the Query Policy, then they know that's as far as
they can go without overloading AD). At this point, I am not finding much data on how I would go
about this, so I thought I'd throw the question open and see if any of you have
had this experience in the past. Any ideas on where I can go for tools or
solutions, or even ideas of things that I need to be monitoring that will give
me this sort of data, will be much appreciated. Thanks, Scott Rachui |
Title: [ActiveDir] Black Login Screen
