Optimize Windows 2000 Active Directory Server

Source: Internet
Author: User

The user and configuration information of the Exchange 2000 Server depend on Microsoft Windows 2000 Active Directory. Exchange 2000 primarily uses Lightweight Directory Access Protocol (LDAP) to communicate with domain control sites and generic Directory servers. Exchange 2000 uses Active Directory very efficiently, but there are many server and user actions that need to be viewed using the LDAP Directory.

When a Windows 2000 platform contains multiple Exchange 2000 servers, a large LDAP load is attached to the Active Directory Server. By default, the value of MaxActiveQueries in Active Directory is 20 (LDAP query ). The value is the maximum number of LDAP queries that can be processed by Active Directory.

If this limit is reached, Active Directory returns the error message "LDAP_ADMIN_LIMIT_EXCEEDED", and does not continue to process LDAP queries. Generally, the value 20 of MaxActiveQueries is sufficient for most Active Directory servers, but if you run the domain control site on a server with six or eight processors and receive this error message, you may need to add this value.

Other information

You can use the Windows 2000 Ntdsutil.exe tool to increase the MaxActiveQueries value.

If you increase this value, the Lsass.exe program in Active Directory will consume more memory, so please increase this value as needed. Follow these steps to change the value:
C: \> ntdsutil.exe
Ntdsutil: Ldap policies
Ldap policy: connections
Server connections: Connect to server DCServer1
Binding to DCServer1...
Connected to DCServer1 using credentials of locally logged on user
Server connections: q
Ldap policy: Show Values
Policy Current (New)
MaxPoolThreads 8
Maxcomputeramrecv 1024
MaxReceiveBuffer 10485760
InitRecvTimeout 120
# MaxConnections 5000
MaxConnIdleTime 900
MaxActiveQueries 20
MaxPageSize 1000
Maxqueryduration120
MaxTempTableSize 10000
MaxResultSetSize 262144
MaxNotificationPerConn 5
Ldap policy: set MaxActiveQueries to 40
Ldap policy: Commit Changes
Ldap policy: Show Values
Policy Current (New)
MaxPoolThreads 8
Maxcomputeramrecv 1024
MaxReceiveBuffer 10485760
InitRecvTimeout 120
# MaxConnections 5000
MaxConnIdleTime 900
MaxActiveQueries 40
MaxPageSize 1000
Maxqueryduration120
MaxTempTableSize 10000
MaxResultSetSize 262144
MaxNotificationPerConn 5
Ldap policy: q
Ntdsutil: q
Disconnecting from DCServer1

You can apply this change without restarting Active Directory. In this step, each Active Directory program has no more than 40 LDAP queries.

Note:: This setting is valid for all Active Directory servers in the entire tree. If you change this value on an Active Directory Server, all other domain control sites in the tree will apply this change.


Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.