Active Directory: Domain Controller

Hello,

I am trying to find out what is the current utilization on a domain controller, for capacity planning. I need to find out if I need another domain controller. What should I be looking for, and what counters do I need to monitor.

Looking forward to your assistance.

Thanks.
Parity123Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Will SzymkowskiSenior Solution ArchitectCommented:
Take a look at the link below which outlines everything you need to take in to consideration when deploying a DC for capacity.

http://social.technet.microsoft.com/wiki/contents/articles/14355.capacity-planning-for-active-directory-domain-services.aspx

Just another note that it is always a good idea to have N+1 in your DC placement. Not just for capacity but for redundancy.

Will.
Parity123Author Commented:
When we have enough 2012r2 domain controllers in the data center, and the bandwidth to regional sites are atleast 100mb/sec and the latency is less than 100ms, may be I was thinking in terms of removing domain controllers in these regions. Today we have a couple of regional sites with 1000 users with no domain controllers.


Your feedback is appreciated on removing domain controllers in regions.
Will SzymkowskiSenior Solution ArchitectCommented:
There are a couple of guidelines where i make the decision to add or remove a DC. They are the folloiwng...

Below is a guideline based on the site. There may be situations where DC's might be better.

No DC's Required
- Sites with less then 50 users
- no exchange hosted in the site
- less then 100/ms
- Network connection that is 10mbps or higher

DC's required
- Site more then 100 users
- Exchange needs to be hosted in the AD site (GC also required)
- latency between geographically closest site is higher than 100/ms
- network connection / bandwidth is less than 10mbps and or unstable

Will.
Parity123Author Commented:
@Will - What do you suggest for the following scenario, I was leaning toward no DC.

 - Site more then 100 users but less than 5000 users
 - No exchange
 - latency between geographically closest site is less than 100ms
 - network connection / bandwidth is greater than 10mbps and stable, and have redundant links
Will SzymkowskiSenior Solution ArchitectCommented:
Based on that configuration you have listed I would be hesitant without a DC for a site that is over 1000 users. What I would do if your thoughts were to remove a DC from this site is to remove the DC and monitor the performance for a couple of days/weeks and then from there evaluate weather or not it is worth it to have a DC at the site.

Another good thing about having DC at a site with that many users is that if the connection between the Remote site and the authenticating site goes down users will still be able to work and open file etc.

You also have to take into consideration external DNS (internet).

Just look at it this way, can you aford to have your site go down for a period of time?

If it was me 500-1000 users is considered a big site and i personally would have a DC there. regardless of the configuration.

Will.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.