We're in that neighborhood for directory size/object count. We use: C:\ -> OS and Transaction logs D:\ ->Sysvol E:\ ->ntds.dit
The politics of our shop dictate that lots of people have their hands in group policy, so we've had to deal with sysvol bloat. From a performance standpoint, it would be fine for us to dump everything on a single volume. Take your existing DCs and watch the physical disk perfmon counters for a couple of days. As long as your disk queue lengths aren't elevated, and the disk read times are staying low (~ <15ms), you should be OK using similar disk layouts on your new DCS. With x64 DCs, just make sure to put enough memory in them to cache the DIT. 4GB is probably the minimum to spec, but you might not need more than that depending on the DIT size. From: Ziots, Edward [mailto:[email protected]] Sent: Tuesday, August 10, 2010 6:55 AM To: NT System Admin Issues Subject: Question about Spliting Active directory files on seperate volumes Preface: Going from Windows 2003 R2 to Windows 2008 R2 domain ( X64), new Domain Controllers are going to be virtual ( ESX 4.x) all but one. I saw the following article from the Active Directory team about best practices and recommendations http://blogs.dirteam.com/blogs/sanderberkouwer/archive/2007/02/09/active-directory-on-separate-volumes.aspx I also saw the same recommendations in Miansi book, in splitting the sysvol/transaction Logs on separate Luns. Basically OS C:\ SYSVOL\NTDS.DIT ( D:\) Transaction Logs: E:\ Is anyone else doing this out there for a forest of less than 20K in users, and probably less than 100K in objects? Only issue I could see is usually we store additional virtual disks with the .VMX file which means they would be on the same SAN LUN, which would basically negate the benefit of splitting the IO and files on different disks in the virtual land. On the physical server I could go with 3 RAID 1 arrays and put each section on that accordingly. Thoughts, I am interested in hearin what others are doing, to increase the performance in there R2 AD environments. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:[email protected] Cell:401-639-3505 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
