• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1016
  • Last Modified:

Browsing Active Directory on Windows Server 2012 is extremely slow

I have a configuration with two servers. One is domain controller, the second is mail server.
The DC is running on MS Windows Server 2012 STD. Further it is running from an ESXi server (so it is virtual) and has 16GB of RAM. It has the following roles installed:

1. Domain Controller (Active Directory)
2. DNS
3. File server
4. IIS
5. Print server

When I try to edit details in Active Directory, it is responding very slow. For example opening an user account takes up to 30 seconds, just to display the settings. When I try to change some items, applying it is taking very long as well. Also, just opening AD takes a long time. Just for the record, this only occurs to AD, all the other configured services are normal and respond quickly.

The DNS server is pointing to itself (127.0.0.1) and when I check the performance it is very regular. I performed a performance check when I tried to open AD which did not show any peaks on Memory, I/O, CPU etc.

Has anyone seen this before, and more important: does anyone have any ideas that can point me to the solution?
0
dtwild
Asked:
dtwild
  • 3
  • 2
  • 2
1 Solution
 
JurajUQUCommented:
It's an DNS issue. Don't set it as 127.0.0.0 as that's a loopback address but as the actuall IP of the server.
0
 
dtwildAuthor Commented:
I replaced the 127.0.0.1 with the actual IP address of the server.
Then I performed the following commands:

ipconfig /flushdns
ipconfig /registerdns

It seems to be only slower now though.
Is there anything else I might look into?
0
 
JurajUQUCommented:
look at the event view for DNS. This is def a network issue/DNS setup misconfiguration.
0
Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

 
Will SzymkowskiSenior Solution ArchitectCommented:
Using the loopback IP or the actual IP of the server will not change a thing, with regards to performance. Have you checked the processes that are running on your DC (CPU/RAM)? If you install RSAT (remote server admin tools) on another member server or a workstation do you experience the same slowness? Also check the disk access is it encountering a lot of read/writes? Use Performance Monitor to check this.

Will.
0
 
dtwildAuthor Commented:
Hi guys,

I checked the performance, but that looks all normal.
A funny thing though, I removed the antivirus which fixed it all. AD responds quick now..

I use Trend Micro Worry Free Business Security version 8.0. Do you have any ideas how to install the antivirus in such a way that it doesnt affect the performance? Obviously I like the server to be protected.

thanks!
0
 
Will SzymkowskiSenior Solution ArchitectCommented:
Well that makes perfect sense. Depending on the server you are installing the anti-virus software on there is usually some kind of exclusions that are recommended for performance issues.

Below is a link which outlines the recommended AV exclusions for domain controllers.
Domain Controller Exceptions

Will.
0
 
dtwildAuthor Commented:
awesome, this fixed it. Thanks!
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

  • 3
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now