Active Directory Web Services – ADWS Configuration Parameters

Parameter name Default value Description
MaxConcurrentCalls 32 Specifies the maximum number of simultaneous service requests that the ADWS service is configured to process at a given time. Set a higher value for this parameter if the ADWS service on your Windows Server 2008 R2 server must be able to process more than 32 service requests at any given time.
MaxConcurrentSessions 500 Specifies the maximum number of client sessions that the ADWS service can accept at any given time. Set this parameter to a higher value if the ADWS service on your Windows Server 2008 R2 server must be able to accept more than 500 concurrent client sessions at any given time.
MaxReceivedMessageSize 1 MB Specifies the maximum message request size, in megabytes (MB), that a client computer can send to the directory service instances that the ADWS service supports. This setting can affect the memory consumption of the ADWS service. For example, if MaxConcurrentCalls is set to 32 and MaxReceivedMessageSize is set to 1 MB, the ADWS service is configured to process a maximum of 32 MB in client message requests at any given time.
MaxStringContentLength 32 KB Specifies the maximum string size, in kilobytes (KB) of a Lightweight Directory Access Protocol (LDAP) attribute that the ADWS service is configured to process in a message request that a client computer sends to a directory service instance that the ADWS service supports. Increasing this value can increase the maximum possible memory consumption of the ADWS service.
MaxPoolConnections 10 Specifies the maximum number of LDAP connections for each directory service instance that is used by the ADWS service that is running on a given Windows Server 2008 R2 server.

For example, if MaxPoolConnections on a particular Windows Server 2008 R2 server is set to 10 and there are 3 directory service instances running on this server, ADWS uses a maximum of 10 LDAP connections to each of these directory service instances to process requests that are sent to the ADWS service. Along with MaxConcurrentCalls, this can affect the maximum number of simultaneous requests that the ADWS service can process. Set this parameter to a higher value if you notice that client service requests are timing out while they wait for an LDAP connection to be available to process their request.

MaxPercentageReservedConnections 50% Specifies the percentage of LDAP connections that are reserved for performing query operations for each directory service instance that the ADWS service supports on a given Windows Server 2008 R2 server. Set this parameter to a higher percentage if the ADWS service on this Windows Server 2008 R2 server is used mostly for running queries.
MaxConnectionsPerUser 5 Specifies the maximum number of LDAP connections (to a single directory service instance) that the ADWS service permits to be used at one time for operations that are associated with a single set of client credentials (one user). Set this parameter to a higher value if you are experiencing more than five concurrent client requests by one user to a single directory service instance running on your Windows Server 2008 R2 server. The value of MaxConnectionsPerUser cannot be greater than the value of MaxPoolConnections. If the value of MaxConnectionsPerUser is equal to the value of MaxPoolConnections, it will allow a single set of client credentials (for a single client computer) to consume all available LDAP connections for a given directory service instance.
MaxEnumContextExpiration 30 minutes Specifies the maximum allowed time period during which the ADWS service processes and retrieves the results of a query request from a client computer.

MaxPullTimeout 2 minutes Specifies the maximum allowed time-out value that a client computer can set when it retrieves one page of search results. Set this parameter to a higher value if slow wide area network (WAN) traffic results in a time-out value for returning one page of search results that is longer than two minutes

MaxEnumCtxsPerSession 5 Specifies the maximum number of search requests (search contexts) that can be submitted over a single client session to the ADWS service.
MaxEnumCtxsTotal 100 Specifies the maximum number of search requests (search contexts) that can be submitted over all active client sessions to the ADWS service.
MaxGroupOrMemberEntries 5000 Specifies the maximum number of group members (recursive or non-recursive), group memberships, and authorization groups that can be retrieved by the Active Directory module Get-ADGroupMember, Get-ADPrincipalGroupMembership, and Get-ADAccountAuthorizationGroup cmdlets. Set this parameter to a higher value if you anticipate these cmdlets to return more than 5000 results in your environment.

OperationTimeout 2 minutes Specifies the timeout limit for any ADWS service-based query request. Set this parameter to a higher value if you expect your query to return an exceptionally large results set that might take longer than 2 minutes to retrieve.

Leave a Reply

Your email address will not be published. Required fields are marked *