Chat now with support
Chat with Support

Active Administrator 8.4 - Web Console User Guide

Active Administrator Web Console Overview Active Directory Health Alerts Notifications Active Directory Health Check
Using the Health Check landing page Creating a Health Check Setting options for Health Check tests Health check tests
Forest tests Domain tests Domain controller tests Site tests
Active Directory Topology Reports Network Operations Center

Memory page faults a second

Indicates that the performance of the server may be degraded because of too many page faults.

Supported on: Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, and Windows Server 2019
Required permissions: When monitored locally and remotely, only domain user privilege is required and the user must be a part of the Performance Logs user group.

Tests the Page Faults/sec performance counter on the domain controller to see if the number exceeds the configured threshold.

A page fault occurs whenever the Windows® 2000 operating system tries to access a virtual memory page that is not currently in memory or is in the incorrect place in memory. The process requesting the page must wait while the operating system makes room for the requested page in memory and reads it from disk or relocates it, which may cause a significant delay for the faulting process. If many processes are causing page faults, a condition known as thrashing can occur. If this happens, the performance of the server goes to zero as the operating system spends most of its time managing memory and very little running applications.

A continuously high page fault rate is an indication that the server is running too many processes with insufficient real memory. If left unattended, Active Directory® performance will suffer greatly, and eventually the directory system agent (DSA) will be unable to service requests, which can result in failed logins and authentications, as well as the inability of some applications and services to run at all.

First, determine if the page fault rate is too high or if the threshold is set too low. Assess the overall performance of the server while the page fault rate is high. If the performance seems adequate, increase the threshold; if the performance seems poor, try to reduce the page fault rate.

To reduce the page fault rate on the server, determine if the page faults are due to a single process or a combination of several processes.

2
Select View | Select Columns.
3
Select Memory Delta and Page Fault Delta, if necessary.

If there is only one process, run that program on another server or at a different time when the server is not as loaded.

If there are several processes that are generating high page fault rates, you will either have to run some of them on another server, or you will have to add more RAM to the server.

Missing domain controller SRV DNS record

Indicates one or more requisite Domain Name System (DNS) Service Locator (SRV) entries are not defined. DNS SRV entries are vital to the proper functioning of Active Directory®.

Supported on: Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, and Windows Server 2019
Required permissions: When monitored locally and remotely, only domain user privilege is required. When monitored remotely, the target server must have WMI remote access enabled and the user must be a member of the Distributed COM Users group.

This test queries the DNS service for the SRV entries required for each zone hosted on the server. Note that this applies exclusively to zones designated as primary. This test does not evaluate SRV entries for accuracy - only that the entries are, in fact, present.

This test confirms the existence of the following SRV entries for each zone hosted on the server:

_ldap._tcp.<zone-name>

This test is accompanied by a list of the missing SRV entries.

Whenever a domain controller is promoted, the Microsoft NetLogon process registers the applicable SRV entries with the primary DNS server of the affected domain. As SRV entries are used to identify the constituent domain controllers, the Primary Domain Controller(PDC), and the owner of the global catalog of each zone, the absence of an SRV entry can have serious consequences for Active Directory.

The presence of all requisite SRV locator entries is evaluated for top-level zones exclusively. However, SRV locator entries of sub-zones that host at least one domain controller (with a Active Directory Health Analyzer agent) are evaluated.

Typically, missing SRV entries indicate that Dynamic DNS has been disabled for one or more DNS zones. Active Directory relies on Dynamic DNS to update all affected entries when network resources are altered or relocated. Other possible causes include DCPROMO failure, and erroneous manual configuration of SRV entries.

Confirm that Dynamic DNS is enabled on all applicable zones. Either add the SRV entries manually in the DNS Management Console or cause the entries to be refreshed (for example, by demoting and subsequently promoting the effected domain controllers).

NetLogon folder shared

Indicates if the NETLOGON folder is shared. File Replication Service requires this folder to be shared on domain controllers for replication to work correctly.

Supported on: Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, and Windows Server 2019
Required permissions: When monitored locally and remotely, only domain user privilege is required. When monitored remotely, the target server must have WMI remote access enabled and the user must be a member of the Distributed COM Users group.

Logon scripts for a domain controller are found under the NETLOGON admin share for Windows® NT, whereas they are found under the SYSVOL share for Windows 2000, which can cause some confusion for Windows NT administrators not familiar with the name change. On Windows NT domain controllers, the %SystemRoot%\System32\Repl\Import\Scripts folder is shared as NETLOGON. Dcpromo modifies the registry value that defines the path to the NETLOGON share as part of the upgrade to %SystemRoot%\Sysvol\Sysvol\domain_name\Scripts.

The default folder structure for W2K is:

Any changes to the %systemroot%\SYSVOL folder on any domain controller are replicated to the other domain controllers in the domain. Replication is RPC based.

You can use NETLOGON and SYSVOL to distinguish between a domain controller and a member server. If both the NETLOGON and SYSVOL shares exist on a W2K server, it is a domain controller. When dcpromo demotes a domain controller to a member server, the NETLOGON share is removed, so the presence of only SYSVOL indicates a member server.

All potential source domain controllers in the domain should themselves have shared the NETLOGON and SYSVOL shares and applied default domain and domain controllers policy.

SYSVOL directory structure:

1
Click Start, Click Run, type regedit, and press ENTER.
2
Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters.
3
Right-click NetLogon, and select Modify.
4
In the Value data box, enter the new path, including the drive letter, and click OK.
1
Open My Documents in Windows Explorer.
2
Click Start, point to All Programs, point to Accessories, and click Windows Explorer.
4
Click Share this folder in File and Folder Tasks.
5
In the Properties dialog box, select Share this folder to share the folder with other users on your network.

NetLogon Windows service

Indicates if the NetLogon service is running on the domain controller.

Supported on: Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, and Windows Server 2019
Required permissions: When monitored locally, only domain user privilege is required. When monitored remotely, domain administrator privilege is required.

Use the Services MCC snap-in or another SCP application to restart the Net Logon service.

Related Documents