Microsoft Active Directory Storage and Replication Impact
| Archived content. No warranty is made as to technical accuracy. Content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist. |
Published: May 3, 2001
The information that Microsoft Internet Security and Acceleration (ISA) Server stores in the Active Directory occupies space in the directory storage. It also generates network traffic when domain controllers replicate directory contents. This section documents the effects of installing ISA Server on Active Directory storage and network traffic requirements. The table below lists upper bounds on Active Directory storage and replication traffic that ISA Server generates. Note that the requirements for a specific domain controller combine those of several containers. Global catalog servers, for example, will contain replicas of the configuration container and the global catalog. The combined requirements for an ISA Server installation on a global catalog server is 2MB of storage and 6MB of replication traffic.
Also note that ISA Server uses the Active Directory to store access policies, rules and related objects. The size of these objects and the replication traffic they generate varies. Typical replication traffic for a protocol rule, for example, is 10KB.
Active Directory replicates the contents of the containers listed in the table below as follows:
Active Directory replicates the contents of the domain container to every domain controller in the domain.
Active Directory replicates the contents of the global catalog to every global catalog server in the forest.There is at least one global catalog server in each domain.
Active Directory replicates the contents of the global catalog to every global catalog server in the forest. There is one global catalog server in each domain.
Action |
Domain Container Memory Requirements |
Configuration Container Memory Requirements |
Global Catalog Memory Requirements |
|---|---|---|---|
Install ISA Server |
1MB for storage, 1 MB for replication traffic |
1MB for storage, 5MB for replication traffic |
1MB for storage, 1 MB for replication traffic |
Create a domain array |
0.5MB for storage, 1 MB for replication traffic |
0.5MB for storage, 1 MB for replication traffic |
0.5MB for storage, 1 MB for replication traffic |
Create a new object |
storage requirements vary, 0.1MB for replication traffic (typical) |
storage requirements vary, 0.1MB for replication traffic (typical) |
storage requirements vary, 0.1MB for replication traffic (typical) |
About Active Directory Containers
ISA Server stores information in several containers within the Active Directory. The Domain container stores information about a specific domain. Each Active Directory domain has its own domain container. ISA Server stores information about domain arrays in the domain container. Active Directory replicates the contents of the domain container to all domain controllers of a domain, but not to domain controllers of other domains.
The Configuration container stores information that is global to all domains in a forest. ISA Server stores information about enterprise policies and objects in the configuration container. The configuration container also contains the Active Directory schema. The schema specifies the types of all objects in the Active Directory. Active Directory replicates the contents of the configuration container, including the schema, to all domain controllers in a forest.
The Global Catalog (GC) stores parts of all objects in all domains in an Active Directory forest. One domain controller in each domain stores a copy of the global catalog.