ADFS Domain Connections Test
An AD FS server relies on multiple domains such as Active Directory domain, federated domain, etc. for user authentication. In the process, the AD FS server interacts with the domain controllers in the domains to authenticate users, issue tokens, and validate credentials. If the AD FS server frequently experiences slow responses from the PDC (Primary Domain Controller) or connection failures during query processing, it will lead to overall delays in the AD FS authentication process. This in turn will adversely impact the performance of applications that rely on the AD FS server for authentication. To avoid such anomalies, administrators should monitor how quickly the domains process the queries and easily identify the connections failures (if any). The ADFS Domain Connections test can help administrators in this regard!
This test auto-discovers the domains associated with the target AD FS server and reports the average time taken by each domain to process the PDC queries. This test also reports the connection failures (if any) occurred during the query processing.
Target of the test : An AD FS server
Agent deploying the test : An external agent
Outputs of the test : One set of results for each domain used by the AD FS server being monitored
Parameters | Description |
---|---|
Test Period |
How often should the test be executed. |
Host |
The host for which the test is to be configured. |
Port |
The port at which the AD FS server listens. |
Measurement | Description | Measurement Unit | Interpretation |
---|---|---|---|
Average PDC query time |
Indicates the time taken by this domain to perform a PDC query. |
Seconds |
A PDC (Primary Domain Controller) query typically refers to a request for information about the PDC Emulator, a specific role within an Active Directory (AD) environment. The PDC Emulator is one of the five Flexible Single Master Operations (FSMO) roles, and it plays a crucial part in AD operations, especially concerning time synchronization, password changes, and compatibility with legacy systems. A high value for this measure indicates that the particular domain is taking longer time to process the queries. |
PDC connection failures |
Indicates the number of failures occurred while processing the PDC query by this domain. |
Number |
A non-zero value is a cause for concern. |