.png){kind=spacer}
PDC emulator is not excluded from DSAccess topology
Topic Last Modified: 2011-10-19
The Microsoft Exchange Best Practices Analyzer Tool reads the following registry subkey to determine whether the Active Directory domain controller that is acting as the primary domain controller (PDC) emulator has been manually excluded from the list of domain controllers available for use by Microsoft Exchange Server:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeDSAccess\Profiles\Default\MinUserDC
If the Analyzer finds that the domain controller acting as PDC emulator has not been manually excluded from the list of domain controllers available for use by Exchange Server, the Analyzer displays a best practice recommendation.
A PDC emulator is an Active Directory operations master role computer that processes replication requests from Microsoft Windows NT Server 4.0 backup domain controllers and processes all password updates for clients that are not running Active Directory–enabled client software. PDC emulators are also domain controllers, and are therefore available for use by applications such as Exchange Server.
Directory Service Access (DSAccess) is an internal component in Exchange 2010 Server, in Exchange Server 2007, in Exchange Server 2003, and in Exchange Server 2000 that controls how all Exchange Server components access Active Directory. The primary function of DSAccess is to maintain information about various directory-related events and operations. For example, DSAccess discovers the Active Directory topology and detects if domain controllers and global catalog servers are available and responding to queries.
By default, DSAccess includes the PDC emulator computer in its list of available and usable domain controllers. If non-Exchange Server programs are making heavy use of the PDC emulator, use of the PDC emulator by DSAccess could cause performance problems on the PDC emulator computer and also on the Exchange server and the non-Exchange Server computer.
To prevent such performance issues, the MinUserDC registry value can be added to the registry on an Exchange server to force DSAccess to query all other available domain controllers before querying the domain controller that holds the PDC emulator operations master role.
 Important: |
|---|
| This article contains information about editing the registry. Before you edit the registry, make sure you understand how to restore the registry if a problem occurs. For information about how to restore the registry, view the "Restore the Registry" Help topic in Regedit.exe or Regedt32.exe. |
-
Open a registry editor, such as Regedit.exe or Regedt32.exe.
-
On a computer that is running Exchange Server 2010, locate the following subkey:
HKLM\System\CurrentControlSet\Services\MSExchange ADAccess\Profiles\Default\MinUserDC
On a computer that is running Exchange Server 2007, locate the following subkey:
HKLM\System\CurrentControlSet\Services\MSExchangeDSAccess\Profiles\Default
-
Locate the MinUserDC value and make any required changes. If this DWORD value does not exist, you can manually create it.
Note: The value data that is configured for the MinUserDC registry entry is the maximum number of domain controllers to contact before contacting the PDC emulator. For example, setting MinUserDC to 4 configures DSAccess to exclude the PDC emulator only when a total of four domain controllers are available.
Before you edit the registry, and for information about how to edit the registry, see the Microsoft Knowledge Base article 256986, Windows registry information for advanced users.
For more information about how to use the MinUserDC registry entry, see Knowledge Base article 298879, Exchange Server 2007, Exchange Server 2003, and Exchange 2000 Server may experience performance problems when the PDC emulator is used for DSAccess.
