Thanks for the feedback accordingly.
Might need to up the memory in the X64 VM's accordingly, to cache the DIT. (Current DIT size on our DC's is only about 500MB right now, so basically it should defintely fit within memory if we allocate 4GB to the VM's accordingly) Which will minimize on the physical disk IO ( Although the LUN's to the SAN have about 48GB of Cache therefore I/O is being done at fibre channel speeds and cached in controller memory accordingly on the SAN backend before being committed to the underlying LUN) Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:[email protected] Cell:401-639-3505 From: Coleman, Hunter [mailto:[email protected]] Sent: Tuesday, August 10, 2010 9:51 AM To: NT System Admin Issues Subject: RE: Question about Spliting Active directory files on seperate volumes We're in that neighborhood for directory size/object count. We use: C:\ -> OS and Transaction logs D:\ ->Sysvol E:\ ->ntds.dit The politics of our shop dictate that lots of people have their hands in group policy, so we've had to deal with sysvol bloat. From a performance standpoint, it would be fine for us to dump everything on a single volume. Take your existing DCs and watch the physical disk perfmon counters for a couple of days. As long as your disk queue lengths aren't elevated, and the disk read times are staying low (~ <15ms), you should be OK using similar disk layouts on your new DCS. With x64 DCs, just make sure to put enough memory in them to cache the DIT. 4GB is probably the minimum to spec, but you might not need more than that depending on the DIT size. From: Ziots, Edward [mailto:[email protected]] Sent: Tuesday, August 10, 2010 6:55 AM To: NT System Admin Issues Subject: Question about Spliting Active directory files on seperate volumes Preface: Going from Windows 2003 R2 to Windows 2008 R2 domain ( X64), new Domain Controllers are going to be virtual ( ESX 4.x) all but one. I saw the following article from the Active Directory team about best practices and recommendations http://blogs.dirteam.com/blogs/sanderberkouwer/archive/2007/02/09/active -directory-on-separate-volumes.aspx I also saw the same recommendations in Miansi book, in splitting the sysvol/transaction Logs on separate Luns. Basically OS C:\ SYSVOL\NTDS.DIT ( D:\) Transaction Logs: E:\ Is anyone else doing this out there for a forest of less than 20K in users, and probably less than 100K in objects? Only issue I could see is usually we store additional virtual disks with the .VMX file which means they would be on the same SAN LUN, which would basically negate the benefit of splitting the IO and files on different disks in the virtual land. On the physical server I could go with 3 RAID 1 arrays and put each section on that accordingly. Thoughts, I am interested in hearin what others are doing, to increase the performance in there R2 AD environments. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:[email protected] Cell:401-639-3505 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
