Udostępnij za pośrednictwem


AD and DC Builds, tweaks, configurations... The Registry

The first installment, what our hardware looks like, may have been useful...but I know that's not really the juicy gossip that everyone is looking for...so here's a quick and follow-up with the registry tweaks that we set internally...

Strict Replication is enabled on Windows Server 2003 - For Windows 2000 there is the "Correct Missing Objects" key which has similar (though reversed) funcationality.  Basically, this stops a DC from replicating lingering objects
HKLM\system\currentcontrolset\services\NTDS\parameters" /v "strict replication consistency" /t REG_DWORD /d 0x1

The Exchange team requires this for RPC/HTTPS functionality
HKLM\system\currentcontrolset\services\NTDS\parameters" /v "NSPI interface protocol sequences" /t REG_MULTI_SZ /d "ncacn_http:6004"

Causes an event to be logged after each online defrag task.  The event includes file statistics about the DIT including whitespace.  We run a seperate task to harvest these events for database file maintenance.
HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Diagnostics /v "6 Garbage Collection" /t REG_DWORD /d 1

Set to 5 causes an event to be logged for "expensive" and "inefficient" queries.  Extremely useful during troubleshooting isolated load issues.
HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Diagnostics /v "15 Field Engineering" /t REG_DWORD /d 5

The following keys enable the database perfmon counters (note that these are just the reg keys, you have to enable the counters themselves as well using "Lodctr.exe Esentprf.ini")
 HKLM\system\currentcontrolset\Services\ESENT\Performance /v "Open" /t REG_SZ /d "OpenPerformanceData"
HKLM\system\currentcontrolset\Services\ESENT\Performance /v "Collect" /t REG_SZ /d "CollectPerformanceData"
HKLM\system\currentcontrolset\Services\ESENT\Performance /v "Close" /t REG_SZ /d "ClosePerformanceData"
HKLM\system\currentcontrolset\Services\ESENT\Performance /v "Library" /t REG_SZ /d "%systemroot%\system32\esentprf.dll"
HKLM\system\currentcontrolset\Services\ESENT\Performance /v "Squeaky Lobster" /t REG_DWORD /d 1

Just what it sounds like.  Causes DFS to use site costed referrals.
HKLM\System\Currentcontrolset\Services\DFS\Parameters" /v "SiteCostedReferrals" /t REG_DWORD /d 1

Last but not least, on some of the servers we set LdapSrvPriority and LdapSrvWeight.  These are used for load balancing and isolation, but are not consistent across all of our servers.  Older/slower hardware gets lower weight, and special case servers that we want to shield from general traffic get higher priorities.  Check here for more info on these keys:  https://support.microsoft.com/?id=306602

Comments