2k3 Server with Active Directory. Runs DHCP and DNS.
XServe 10.3.9 OD Master, bound to Active Directory. Groups with Preferences set in Open Directory. Hosts home directories for Active Directory users (via SM
iMac clients bound to Active Directory and Open Directory.
It's a fairly standard setup in that the mac clients authenticate against Active directory and have their preferences specified by the OD master (dependent upon which OD group the AD user is in).
The problem is that when 60+ users start logging in to the system, the login times go through the roof. Looking at up to 10 minutes for some users (other blast straight in). The XServe is getting *thrashed* whilst this is going on with both CPU's at or near 100%.
Our friendly local hardware vendor (surprisingly enough) suggested throwing kit at the problem, but we decided to do a little investigation first. We obtained a dual G5 PowerMac and an unlimited client OS Server 10.3.9. We added this as an OD Replica and bound it to AD.
Only problem is, it just sits there looking pretty! It doesn't actually authenticate or dole out preferences to any of the clients. Is this just my misunderstanding of what an OD replica is supposed to do? Is it just there as a failover or is it supposed to actually load balance the authentication?
As an aside, KDC is stopped on both servers, despite there being A names and PTR records for both servers in DNS.
Any advice, ideas, input very much appreciated.
Thanks in advance,
Austin.