Monitoring Performance in Active Directory |
The Windows 2000 MMC provides several snap-ins that are available from the Administrative Tools menu. The Active Directory Sites and Services snap-in enables you to view information that is related to sites and replication topology. The Performance snap-in provides a graphical way to view performance of Active Directory according to measurements, or counters, that you select. Also, you can log activity according to those counters and print them or view them online. Finally, Event Viewer enables you to view log files and error messages sent by applications.
The Performance snap-in enables you to monitor the performance of local and remote computers anywhere in your network and summarize the performance at selected intervals. The Performance snap-in uses a range of counters for monitoring real-time resource usage. The Performance snap-in can log results to a file so that you can analyze the performance history of a computer. You can monitor resource usage of other Windows 2000 servers on the network providing you have the right permission. You can also use the Performance snap-in to collect baseline performance data and send alerts to the event log about exceptions to the baseline that you configure.
The Performance snap-in is a command on the Administrative Tools menu, and it has two tools: System Monitor and Performance Logs and Alerts.
For more information about performance monitoring tools, see "Overview of Performance Monitoring" in the Microsoft Windows 2000 Server Resource Kit Server Operations Guide.
The System Monitor tool enables you to display performance data in real-time charts and reports, collect data in files, and generate alerts that warn you when critical events occur. This information is classified as a performance object by the component (whether it is a service, computer, or mechanism) that generates the data. Examples of performance objects include Processor, Print Queue, and SMTP service. To monitor Active Directory, you monitor the activity reported by the NTDS performance object.
By using System Monitor, you can track the activity of performance objects through the use of counters. Performance counters measure the parameters that apply to a performance object. For example, if you need to discover whether a server is receiving directory replication updates and applying the updates in a timely fashion, you can select one or more counters from the NTDS object and then view the current activity by using System Monitor. For more information about using System Monitor, see System Monitor Help.
For example, to ensure a timely replication of all network servers, you can use the DRA Pending Replication Synchronizations counter from the NTDS object to check the number of directory synchronizations that are queued for a server but not yet processed. This counter provides a visual representation of how quickly objects are being applied to the server, which helps you to determine whether a server is replicating normally.
The Performance Logs and Alerts tool enables you to log performance counters and system alerts. You can optionally collect data using the Windows Management Instrumentation (WMI) interface for hardware resources installed on the system. WMI can trace data available in Active Directory for core directory service Lightweight Directory Access Protocol (LDAP), Key Distribution Center (KDC), Security Accounts Manager (SAM), Local Security Authority (LSA), and Net Logon service. When enabled, trace logging continuously captures key events such as network logons, authentications, LDAP operations, and SAM operations, and it also records the CPU time, timestamp, and thread identifier. You can enable or disable trace logging by using the Performance Logs and Alerts tool. To produce transaction-level costing information trace data, you must use the trace application programming interfaces (APIs). For more information about trace APIs for third-party systems management vendors, see the Microsoft Platform SDK link on the Web Resources page at http://windows.microsoft.com/windows2000/reskit/webresources.
Similar to the System Monitor tool, the Performance tool enables you to select performance counters in a performance object, such as NTDS, for purposes of tracking certain types of activity. Furthermore, you can select the time intervals during which to log the activity, and you can print the logs or view them online by using System Monitor.
For more information about using the Performance snap-in, see Windows 2000 Server Help.
Windows 2000 provides the Event Viewer snap-in as a way to monitor system events, such as application or system errors and the successful starting of services. These events are recorded in event logs. For example, if you need detailed information about when directory partitions are replicated, you would use Event Viewer to study the event log.
Also, if you suspect any problem with the directory operation, such as information not being replicated, it is recommended that you first investigate the event logs to determine the cause of the problem. By using information from the event logs, you can better understand the sequence and types of events that led to the performance problem. For more information about how to use the Event Viewer snap-in, see Windows 2000 Server Help.