Pity the Poor Pdc(e)
The Pdc emulater is a very busy bee. It has a multitude of tasks and roles in a busy Active Directory Environment. It can be especially in larger networks subject to what is known as "piling on" . Some of the main causes of this is due to the multitude of tasks it is expected to perform;
- DFS clients query the PDCE every 15 minutes.
- PDCE is inserted at the top of a WINS 1C response, making it the first DC down-level clients try to contact.
- Object picker queries the PDCE exclusively.
- Pass-through authentication utilizes the PDCE exclusively.
- Windows 2000 or higher clients in a mixed 2000 mode domain will only utilize 2000 or higher DCs even if NT4 BDCs exist.
- Windows 2000 clients in a NT4 domain are authenticated exclusively by the PDCE.
- High number of incorrect logon attempts.
- DFS servers pull the partition knowledge table (PKT) from the PDCE after any DFS configuration changes.
Techniques for addressing the possibility of PDC(e) overloading are listed below;
- Move the PDCE out of any sites that include Exchange servers or large numbers of users.
- Do not use the PDCE as a busy bridgehead server.
- Whenever possible, do not target the PDCE. Many administrators point manual settings at the PDCE. This includes using the PDCE as the primary DNS server for clients, monitoring tools, management tools, etc.
- Configure the PDCE to not register generic SRV records.
- Configure WINS to not insert the PDCE at the top of a 1C response.
- Do not make the PDCE a GC.
An good kbarticle for this is to be found at the following location;