Windows NT Domain Controller Synchronization and Replication Parameters

by Wayne Maples [Published on 20 April 2004 / Last Updated on 20 April 2004]

NetLogon registry keys that control domain controller synchronization.

How often the PDC NetLogon service checks for changes to the database and sends a pulse, or change notice, to the BDCs. Its the replication interval:

Important if you need to update many BDCs or as another method to prevent the synchronization from eating up too much network capacity. Increase and it increases load on the PDC; decrease and it increases time to update BDCs in the domain. To control how many BDCs the PDC updates simultaneously:

Hive: HKEY_LOCAL_MACHINE
Key: SYSTEM\CurrentControlSet\Services\NetLogon\Parameters
Type: REG_DWORD
Name: PulseCurrency
Value: # of BDCs to simultaneously update
Default=10 BDCs, min=1, max=500

Defines the pulse frequency. All SAM database changes since the last pulse are collected and sent to each BDC when the pulse time has expired. No pulse is sent to up-to-date BDCs. Hive: HKEY_LOCAL_MACHINE
Key: SYSTEM\CurrentControlSet\Services\NetLogon\Parameters
Type: REG_DWORD
Name: Pulse
Value: value in seconds
min=60 ; default= 300 (5 min) ; max=172,800 (48hrs)

Maximum period the PDC NetLogon service waits before sending a pulse to the BDCs - sends pulse whether or not the BDC's SAM is uptodate:

Hive: HKEY_LOCAL_MACHINE
Key: SYSTEM\CurrentControlSet\Services\NetLogon\Parameters
Type: REG_DWORD
Name: PulseMaximum
Value: value in seconds
min=60 ; default=7200 ; max=86400

time PDC will wait for BDC to respond to a pulse. If the BDC does not respond, it is considered nonresponsive. If there are very many nonresponsive BDCs, it can take a long time to finish the domain synchronization process:

Hive: HKEY_LOCAL_MACHINE
Key: SYSTEM\CurrentControlSet\Services\NetLogon\Parameters
Type: REG_DWORD
Name: PulseTimeout1
Value: value in seconds
min=1 ; default=5 ; max=120

time PDC will wait for BDC to complete partial synchronization. If the BDC will be considered noresponsive if it stops calling the PDC during synchronization. If too low, the load on PDC will increase; if number too high, the BDC will be slow and take up PulseConcurrency slots:

Hive: HKEY_LOCAL_MACHINE
Key: SYSTEM\CurrentControlSet\Services\NetLogon\Parameters
Type: REG_DWORD
Name: PulseTimeout2
Value: value in seconds
min=60 ; default=300 ; max=3600

% of 128K standard package used for domain synchronization:

Hive: HKEY_LOCAL_MACHINE
Key: SYSTEM\CurrentControlSet\Services\NetLogon\Parameters
Type: REG_DWORD
Name: ReplicationGovernor
Value: % bandwidth
min=0 Default=100%
Zero would prevent synchronization. A low value could prevent synchronization from occuring.

The domain db, the domain controller's SAM can be a maximum of 40 MB. The SAM has three types of records: user accounts, computer accounts, and group groups. Each takes space: 1K for a user account, 512 bytes (1/2 K) for computer accounts, global groups 512 bytes, and each member of a global group takes 12 bytes. This means that the SAM can contain approximately 25,000 user accounts and leave space for computer accounts and groups.

Featured Links