"Jaap Wesselius" wrote:

> Hi,
>
> a client is migrating from NT4 to Windows 2003 AD. They setup a new 2003
> environment and are going to implement the trusts needed for the migration.
> They have over 1000 NT4 domain and some administrators want to setup over
> 1000 trusts concurrently.
> What will be the effect on Active Directory performance and stability by
> doing this (besides the potential adminsitrative mess and potential security
> holes)?
> I'm thing about the number of Trusted Domain Objects and a performance hit
> on the PDC emulator...
>
> Thanks,
> Jaap
>
> IT-Support BV Netherlands
> jaap@*removethis*it-support.nl
>
>
>

"Neil Ruston" <NeilRus***@discussions.microsoft.com> skrev i meddelandet
news:4F0AA3B1-B925-4952-B7E3-2953B6166FE5@microsoft.com...
> I doubt there is a technical limit (and if there is, it will be a huge
number
> :)
>
> Have you assessed the need for so many trusts? The PDC will incur a
> performance hit - I suggest you monitor the PDC as you add more trusts to
the
> environment.
>
> neil
>
>
>
>
> "Jaap Wesselius" wrote:
>
> > Hi,
> >
> > a client is migrating from NT4 to Windows 2003 AD. They setup a new 2003
> > environment and are going to implement the trusts needed for the
migration.
> > They have over 1000 NT4 domain and some administrators want to setup
over
> > 1000 trusts concurrently.
> > What will be the effect on Active Directory performance and stability by
> > doing this (besides the potential adminsitrative mess and potential
security
> > holes)?
> > I'm thing about the number of Trusted Domain Objects and a performance
hit
> > on the PDC emulator...
> >
> > Thanks,
> > Jaap
> >
> > IT-Support BV Netherlands
> > jaap@*removethis*it-support.nl
> >
> >
> >

"chriss3 [MVP]" wrote:

> a good solution for performance issues on the PDC is to create a dummy site
> in AD for the PDC DC, that will prevent the DC from being used for
> authentication, so the PDC only will handle the special operations.
>
> --
> Regards
> Christoffer Andersson
> Microsoft MVP - Directory Services
> ----------------------------------------------------------------
> "Neil Ruston" <NeilRus***@discussions.microsoft.com> skrev i meddelandet
> news:4F0AA3B1-B925-4952-B7E3-2953B6166FE5@microsoft.com...
> > I doubt there is a technical limit (and if there is, it will be a huge
> number
> > :)
> >
> > Have you assessed the need for so many trusts? The PDC will incur a
> > performance hit - I suggest you monitor the PDC as you add more trusts to
> the
> > environment.
> >
> > neil
> >
> >
> >
> >
> > "Jaap Wesselius" wrote:
> >
> > > Hi,
> > >
> > > a client is migrating from NT4 to Windows 2003 AD. They setup a new 2003
> > > environment and are going to implement the trusts needed for the
> migration.
> > > They have over 1000 NT4 domain and some administrators want to setup
> over
> > > 1000 trusts concurrently.
> > > What will be the effect on Active Directory performance and stability by
> > > doing this (besides the potential adminsitrative mess and potential
> security
> > > holes)?
> > > I'm thing about the number of Trusted Domain Objects and a performance
> hit
> > > on the PDC emulator...
> > >
> > > Thanks,
> > > Jaap
> > >
> > > IT-Support BV Netherlands
> > > jaap@*removethis*it-support.nl
> > >
> > >
> > >
>
>
>

"Jaap Wesselius" <JaapWessel***@discussions.microsoft.com> wrote in message
news:C67965EE-5134-42EA-8397-C1DA801E1FC9@microsoft.com...
> Great idea this dummy site, thanks Neill and Chris for your comments
>
> Regards,
> Jaap
>
>
> "chriss3 [MVP]" wrote:
>
>> a good solution for performance issues on the PDC is to create a dummy
>> site
>> in AD for the PDC DC, that will prevent the DC from being used for
>> authentication, so the PDC only will handle the special operations.
>>
>> --
>> Regards
>> Christoffer Andersson
>> Microsoft MVP - Directory Services
>> ----------------------------------------------------------------
>> "Neil Ruston" <NeilRus***@discussions.microsoft.com> skrev i meddelandet
>> news:4F0AA3B1-B925-4952-B7E3-2953B6166FE5@microsoft.com...
>> > I doubt there is a technical limit (and if there is, it will be a huge
>> number
>> > :)
>> >
>> > Have you assessed the need for so many trusts? The PDC will incur a
>> > performance hit - I suggest you monitor the PDC as you add more trusts
>> > to
>> the
>> > environment.
>> >
>> > neil
>> >
>> >
>> >
>> >
>> > "Jaap Wesselius" wrote:
>> >
>> > > Hi,
>> > >
>> > > a client is migrating from NT4 to Windows 2003 AD. They setup a new
>> > > 2003
>> > > environment and are going to implement the trusts needed for the
>> migration.
>> > > They have over 1000 NT4 domain and some administrators want to setup
>> over
>> > > 1000 trusts concurrently.
>> > > What will be the effect on Active Directory performance and stability
>> > > by
>> > > doing this (besides the potential adminsitrative mess and potential
>> security
>> > > holes)?
>> > > I'm thing about the number of Trusted Domain Objects and a
>> > > performance
>> hit
>> > > on the PDC emulator...
>> > >
>> > > Thanks,
>> > > Jaap
>> > >
>> > > IT-Support BV Netherlands
>> > > jaap@*removethis*it-support.nl
>> > >
>> > >
>> > >
>>
>>
>>