Q: Is there a tool available to test Active Directory performance on?
A: Back in the Windows Server 2003 and Windows 2000 Server days Microsoft provided a tool called the Active Directory Performance Testing Tool (ADTest.exe), which you can still download. I haven't been able to find a newer version of the tool, or an alternative tool. However, because this tool is based on LDAP to communicate with Active Directory, it will work on Windows Server 2012. (Note, though, that Microsoft no longer supports the tool.)
Some changes are necessary because of the switch to 64-bit. The Microsoft white paper "Active Directory Performance for 64-bit Versions of Windows Server 2003" discusses these changes. In addition, you should use the updated configuration file for ADTest.exe for 64-bit operating systems, which is provided in white paper's appendix.
One key Active Directory change is necessary to configure the dsHeuristics attribute to have a 9th bit of 1 (i.e., 000000001).
- Click Start, Run, and enter adsiedit.msc. Click OK.
- Double-click Configuration, CN=Configuration, CN=Services, CN=WindowsNT, CN=Directory Service.
- Right-click CN=Directory Service, then click Properties
- Click dSHeuristics.
- Click Edit.
- Set the 9th bit to 1 (i.e., change the value to 000000001).
- Click OK, Apply, OK.
Changes are also required on the server and client related to the number of user connections that can be used. You can use the following code:
netsh int ipv4 set dynamicport tcp start=1025 num=64511
Ignore the recommendation to change TcpWindowsSize; you don't need to configure this option in Windows Server 2008 and later.