Article ID: 951581 - View products that this article applies to.
On a Windows Server 2003-based or Windows Server 2008-based computer that uses an Active Directory Lightweight Directory Services (AD LDS) or Active Directory Application Mode (AD/AM) directory service, certain applications do not perform at the performance levels that are expected.
When you enable field engineering (debug) logging to trace an LDAP query, the following event log shows that the LDAP query is an inefficient query:
Event ID : 1644
Additionally, you experience a slow response time.
When you inspect the attributes in the search filter, you find that they all have indexes that are defined. Additionally, if attributes do not have indexes that are defined, and you add the indexes through a schema change, the problem persists.
When you create a network trace of the LDAP query, you notice that it is a paged query.
However, the LDAP server can only use one index to process a paged query. This is because LDAP does not have a transaction to end a query, and the implementation for paged searches does not create an expensive context for the query.
To work around this problem, you can send the query without using the paged query control. By default, paged queries are always enabled for some LDAP client libraries. Therefore, you may have to write additional code in your application to enable and disable paged queries as appropriate for your specific situation.
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
For more information, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/314980/ )How to configure Active Directory diagnostic event logging in Windows Server 2003 and in Windows 2000 Server
Article ID: 951581 - Last Review: November 9, 2010 - Revision: 3.0
Contact us for more help