How to check if the link between a VM and the DC (Domain Controller) is slow?
I recently saw a user asking on EUC Slack “is there a Domain controller response time in <UNNAMED MONITORING PRODUCT>?”. Unfortunately for him, his choice of monitoring product doesn’t include such metrics. However, it did make me wonder if Citrix admins are aware of the importance of getting metrics about Domain Controllers, simply because many EUC monitoring tools fail to monitor them.
The Quick Answer
If you are an eG Enterprise user wondering if the link between the VM and the Domain Controller (DC) is slow, all you need to do is pop open your real-user session data for the user with an issue:
- Domain Controller discovery time (in seconds)
- Estimated network bandwidth between VM and Domain Controller (in Kbps)
- The health check – “Is link between VM and Domain Controller slow?” alongside all the other relevant metrics and signals associated with that user’s session logon.
Actually, you don’t even need to drill down and check whether you have a DC problem or not. eG Enterprise’s built-in metric thresholds, auto-baselining, and AIOps-based root cause analysis capability will identify any such problem and raise an alert in the operator’s alert console.
If you are looking to get an overview of the overall Domain Controller performance across all users logged on a server, simply select the comparison icon (highlighted by the red circle in Figure 2) for “Citrix Session Start-up Details” within the “Citrix Users” Layer of a Citrix Virtual App server model in eG Enterprise.
What is the difference between Active Directory (AD) and Domain Controllers (DCs)?
Active Directory is just like a database that stores information as an object of users and computers. But a Domain Controller (DC) is a server that runs the Active Directory and uses data stored on the AD for authentication and authorization of users.
Domain Controllers also manage security policies for OSs. As such, Domain Controllers are in the critical path for logon success and performance.
It’s a best practice to monitor latencies to your domain controllers. DCs at remote sites can increase latency, thus resulting in slow logons. In such a scenario, you may need to review your AD topology and ensure that enough of your AD servers are strategically placed so that query times to the AD are as low as possible.
Read more: If you found this blog useful, you might enjoy Abhilash’s recent blog post: “The importance of Active Directory for Fast Citrix Logon Time”, which includes several sections on best practices and troubleshooting Domain Controller configurations.