Configure your ISA Server for a Very Large Number of Authentication Requests (Full Version)

All Forums >> [ISA Server 2000 General] >> General



Message


lemonwater925 -> Configure your ISA Server for a Very Large Number of Authentication Requests (29.Jul.2002 4:36:00 PM)

Just saw this Qarticle and wonder if anyone has tried it.

HOW TO: Configure your ISA Server for a Very Large Number of Authentication Requests
The information in this article applies to:
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Server
Microsoft Internet Security and Acceleration Server 2000, 2000 SP1

IMPORTANT: This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:
Q256986 Description of the Microsoft Windows Registry
IN THIS TASK
SUMMARY
Add a Registry Key
REFERENCES
SUMMARY
This step-by-step article describes how to improve authentication throughput on your ISA Server.

If the Internet Security and Acceleration Server (ISA) computer is using NTLM or Basic authentication for a large number of Web clients, you may experience poor performance. This does not occur when authentication is turned off.

You can improve the authentication throughput by increasing the number of concurrent authentication calls that are in progress at one time between the ISA Server and the domain controller.

back to the top
Add a Registry Key
WARNING: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.

To increase the number of concurrent authentication calls in progress at one time between the IAS server and the domain controller:
Start Registry Editor. To do this, click Start, click Run, type Regedt32.exe, and then click OK.
Locate the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
On the Edit menu, click Add Value, and then add the following registry information (where 5 represents the heaviest loads):
Value Name: MaxConcurrentApi
Data Type: REG_DWORD
Value: between 2 and 5
NOTE: If value that you assign to MaxConcurrentAPI is too high, the ISA server can put a heavy load on the domain controller.

You can also use more ISA servers in an array to load balance the Web requests and authentication and increase performance. back to the top




Page: [1]