<div>
<div class="content wysiwyg-content">
Hi folks, we're running a Server 2003 base domain here with a huge number of objects in it (10k+ users, 10k+ PCs, plus groups and 1k+ servers etc. etc.)<br />
<br />
We have our main domain controllers set to limit the search default to 1k objects to speed up most user searches etc.<br />
<br />
However, we have a 3rd party application which pushes out content to 90% of the PCs and (IMHO) it is poorly written in that it to get the names of the PCs that it needs to roll out to it queries the DC and sends out the content to the PCs it find. However, because of the sheer number of PCs we have it only finds the first 1k of the PCs and thus only deploys content to those PCs.<br />
<br />
The 3rd party have suggested a fix of altering the registry on the default DC to read 20k searches, but I'm rather loath to do this, apart from making all searches take much longer, I don't fancy messing with the PDC just for a single application.<br />
<br />
So, I was thinking of adding a secondary virtual DC with the necessary registry changes, and pointing the application to this DC. I suppose my big question is can you &quot;hide&quot; a secondary DC so that only specific applications or servers connect to it? If so, how would I go about it?<br />
<br />
All the best,
</div>
</div>


Hi folks, we're running a Server 2003 base domain here with a huge number of objects in it (10k+ users, 10k+ PCs, plus groups and 1k+ servers etc. etc.)

We have our main domain controllers set to limit the search default to 1k objects to speed up most user searches etc.

However, we have a 3rd party application which pushes out content to 90% of the PCs and (IMHO) it is poorly written in that it to get the names of the PCs that it needs to roll out to it queries the DC and sends out the content to the PCs it find. However, because of the sheer number of PCs we have it only finds the first 1k of the PCs and thus only deploys content to those PCs.

The 3rd party have suggested a fix of altering the registry on the default DC to read 20k searches, but I'm rather loath to do this, apart from making all searches take much longer, I don't fancy messing with the PDC just for a single application.

So, I was thinking of adding a secondary virtual DC with the necessary registry changes, and pointing the application to this DC. I suppose my big question is can you "hide" a secondary DC so that only specific applications or servers connect to it? If so, how would I go about it?

All the best,

Adding an additonal Domain Controller for a specific application

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.

Active Directory

An application server is a software framework that provides both facilities to create applications and a server environment to run them. Most application server frameworks contain a comprehensive service layer model, acting as a set of components accessible to the software developer through an API defined by the platform itself. For Web applications, these components are usually performed in the same running environment as their web server(s), and their main job is to support the construction of dynamic pages. However, many application servers target much more than just Web page generation: they implement services like clustering, fail-over, and load-balancing.