Hi guys, I've a few doubts about sizing ADDS when what matters is limits por example

A customer has an amount of 10.000.000 users on their LDAP database and they have 6000 simultaneous authentication proccess during a period as describerd below. 

(oracle database)--<>--WEB-SYSTEM  <---------<ADDS-auth>-----------<-------customer-employee(authentication)

They had tried a lot of LDAP solutions to keep it running and now we have the chance with ADDS to improve it.

What do you have to say about it? how to size this solution?

here what we have found

https://technet.microsoft.com/en-us/library/cc753439(v=ws.10).aspx
https://technet.microsoft.com/en-us/library/cc753439(v=ws.10).aspx
http://social.technet.microsoft.com/wiki/contents/articles/14355.capacity-planning-for-active-directory-domain-services.aspx#Evaluating_Current_Capacity_Consumed
http://blogs.technet.com/b/qzaidi/archive/2010/09/02/override-the-hardcoded-ldap-query-limits-introduced-in-windows-server-2008-and-windows-server-2008-r2.aspx

https://technet.microsoft.com/pt-br/library/active-directory-maximum-limits-scalability(v=ws.10).aspx
http://www.microsoftnow.com/2008/10/increasing-number-of-objects-returned.html

thanks in advance,

Hi Thiago,

Are these users in the same site? Based on the description, we need to deploy multiple DCs to share the working load. Active Directory has build-in load balancing capabilities. Windows clients knows how to locate the redundant domain controllers in its own site, and how to use another one if the first one is unavailable.  If all the DCs in a site fail or if the site has no DCs, then the clients will pick a DC from another site.

Best regards,

Frank Shen

You should have at least two DCs for the high availability and load balancing. However, you need to be aware of the LDAP policy applied in your environment: https://support.microsoft.com/en-us/kb/315071

Please note that Windows systems use DC locator to locate the closest DC: http://social.technet.microsoft.com/wiki/contents/articles/24457.how-domain-controllers-are-located-in-windows.aspx

Thank you guys, but the problem is just how to size an active directory to answer too many requests from an application that will receive a lots of access simultaneously during a period and now is suffering by "requests time out" on this scenario. The customer requested a solution based in MSFT (Active Directory) and talking to a friend (PFE @MSFT) he told me that to use a HLB to balance LDAP (athentication requests) from the application (web based) to ADDS is a good way to solve it but we still need to know how many GCs (global catalogs) we need on this scenario and we're going to size it with all the technet links available to help us.

once again, thank you so much for the help.