Windows NT 4.0 source code leak
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

325 lines
12 KiB

/*++
Copyright (c) 1987-92 Microsoft Corporation
Module Name:
iniparm.h
Abstract:
Initiail values of startup parameters.
Author:
Ported from Lan Man 2.0
Revision History:
21-May-1991 (cliffv)
Ported to NT. Converted to NT style.
07-May-1992 JohnRo
Use net config helpers for NetLogon.
--*/
#ifndef _INIPARM_
#define _INIPARM_
//
// Pulse period (in seconds):
//
// Defines the typical pulse frequency. All SAM/LSA changes made within this
// time are collected together. After this time, a pulse is sent to each BDC
// needing the changes. No pulse is sent to a BDC that is up to date.
//
#define DEFAULT_PULSE (5*60) // 5 mins
#define MAX_PULSE (48*60*60) // 2 days
#define MIN_PULSE 60 // 1 min
//
// Pulse concurrency (in number of concurrent mailslot messages).
//
// Netlogon sends pulses to individual BDCs. The BDCs respond asking for any
// database changes. To control the maximum load these responses place on the
// PDC, the PDC will only have this many pulses "pending" at once. The PDC
// should be sufficiently powerful to support this many concurrent replication
// RPC calls.
//
// Increasing this number increases the load on the PDC.
// Decreasing this number increases the time it takes for a domain with a
// large number of BDC to get a SAM/LSA change.
#define DEFAULT_PULSECONCURRENCY 10
#define MAX_PULSECONCURRENCY 500
#define MIN_PULSECONCURRENCY 1
//
// Maximum pulse period (in seconds):
//
// Defines the maximum pulse frequency. Every BDC will be sent at least one
// pulse at this frequency regardless of whether its database is up to date.
//
#define DEFAULT_PULSEMAXIMUM (2*60*60) // 2 hours
#define MAX_PULSEMAXIMUM (48*60*60) // 2 days
#define MIN_PULSEMAXIMUM 60 // 1 min
//
// Pulse timeout period (in seconds):
//
// When a BDC is sent a pulse, it must respond within this time period. If
// not, the BDC is considered to be non-responsive. A non-responsive BDC is
// not counted against the "Pulse Concurrency" limit allowing the PDC to
// send a pulse to another BDC in the domain.
//
// If this number is too large, a domain with a large number of non-responsive
// BDCs will take a long time to complete a partial replication.
//
// If this number is too small, a slow BDC may be falsely accused of being
// non-responsive. When the BDC finally does respond, it will partial
// replicate from the PDC unduly increasing the load on the PDC.
//
#define DEFAULT_PULSETIMEOUT1 10 // 10 seconds
#define MAX_PULSETIMEOUT1 (2*60) // 2 min
#define MIN_PULSETIMEOUT1 1 // 1 second
//
// Maximum Partial replication timeout (in seconds):
//
// Even though a BDC initially responds to a pulse (as described for
// PULSETIMEOUT1), it must continue making replication progress or the
// BDC will be considered non-responsive. Each time the BDC calls the PDC,
// the BDC is given another PULSETIMEOUT2 seconds to be considered responsive.
//
// If this number is too large, a slow BDC (or one which has its replication
// rate artificially governed) will consume one of the PULSECONCURRENCY slots.
//
// If this number is too small, the load on the PDC will be unduly increased
// because of the large number of BDC doing a partial sync.
//
// NOTE: This parameter only affect the cases where a BDC cannot retrieve all the
// changes to the SAM/LSA database in a single RPC call. This will only
// happen if a large number of changes are made to the database.
#define DEFAULT_PULSETIMEOUT2 (5*60) // 5 minutes
#define MAX_PULSETIMEOUT2 (1*60*60) // 1 hour
#define MIN_PULSETIMEOUT2 (1*60) // 1 minute
//
// BDC random backoff (in seconds):
//
// When the BDC receives a pulse, it will back off between zero and RANDOMIZE
// seconds before calling the PDC. In Lanman and NT 1.0, the pulse was
// broadcast to all BDCs simultaneously and the BDCs used this mechanism to
// ensure they didn't overload the PDC. As of NT 1.0A, the pulse is sent
// to individual BDCs so this parameter should be minimized.
//
// This parameter should be smaller than PULSETIMEOUT1.
//
// Consider that the time to replicate a SAM/LSA change to all the BDCs in a
// domain will be greater than:
//
// ((RANDOMIZE/2) * NumberOfBdcsInDomain) / PULSECONCURRENCY
//
#define DEFAULT_RANDOMIZE 1 // 1 secs
#define MAX_RANDOMIZE 120 // 2 mins
#define MIN_RANDOMIZE 0 // 0 secs
//
// BDC Replication Governor (in percent)
//
// If the BDC is connected to the PDC via a slow WAN link, the amount of
// replication load on the WAN link can be adjusted. Lowering this percentage
// reduces both the size of the data transferred on each call to the PDC and
// frequency of those calls. For instance, setting ReplicationGovernor to 50%
// will use a 64Kb buffer rather than a 128Kb buffer and will only have a
// replication call outstanding on the net a maximum of 50% of the time.
//
// Don't be tempted to set the ReplicationGovernor too low. Otherwise,
// replication may never complete.
//
// A value of 0 will cause netlogon to NEVER replicate. The SAM/LSA database
// will be allowed to get completely out of sync.
//
// This parameter must be set individually on each BDC.
//
#define DEFAULT_GOVERNOR 100
#define MAX_GOVERNOR 100
#define MIN_GOVERNOR 0
//
// ChangeLogSize (in bytes)
//
// This is the size of the Change Log file. Each change to the SAM/LSA database
// is represented by an entry in the change log. The changelog is maintained
// as a circular buffer with the oldest entry being overwritten by the newest
// entry. If a BDC does a partial sync and requests an entry that has been
// overwritten, the BDC is forced to do a full sync.
//
// The minimum (and typical) size of an entry is 32 bytes. Some entries are
// larger. (e.g., a 64K changelog holds about 2000 changes)
//
// This parameter need only be set larger if:
//
// a) full syncs are prohibitively expensive, AND
// b) one or more BDCs are expected to not request a partial sync within 2000
// changes.
//
// For instance, if a BDC dials in nightly to do a partial sync and on some
// days 4000 changes are made to the SAM/LSA database, this parameter should
// be set to 128K.
//
// This parameter need only be set on the PDC. If a different PDC is promoted,
// it should be set on that PDC also.
//
#define DEFAULT_CHANGELOGSIZE (64*1024)
#define MAX_CHANGELOGSIZE (4*1024*1024)
#define MIN_CHANGELOGSIZE (64*1024)
//
// MaximumMailslotMessages (in number of messages)
//
// This parameter determines the maximum number of mailslot messages that will
// be queued to the netlogon service. Even though the Netlogon service is
// designed to process incoming mailslot messages immediately, the netlogon
// service can get backed up processing requests.
//
// Each mailslot message consumes about 1500 bytes of non-paged pool until it
// is process. By setting this parameter low, you can govern the maximum
// amount of non-paged pool that can be consumed.
//
// If you set this parameter too low, netlogon may miss important incoming
// mailslot messages.
//
#define DEFAULT_MAXIMUMMAILSLOTMESSAGES 500
#define MAX_MAXIMUMMAILSLOTMESSAGES 0xFFFFFFFF
#define MIN_MAXIMUMMAILSLOTMESSAGES 1
//
// MailslotMessageTimeout (in seconds)
//
// This parameter specifies the maximum acceptable age of an incoming
// mailslot message. If netlogon receives a mailslot messages that arrived
// longer ago than this, it will ignore the message. This allows netlogon
// to process messages that are more recent. The theory is that the client
// that originally sent the older mailslot message is no longer waiting for
// the response so we shouldn't bother sending a response.
//
// If you set this parameter too low, netlogon will ignore important incoming
// mailslot messages.
//
// Ideally, netlogon processes each mailslot message in a fraction of a second.
// This parameter is only significant if the NTAS server is overloaded.
//
#define DEFAULT_MAILSLOTMESSAGETIMEOUT 10
#define MAX_MAILSLOTMESSAGETIMEOUT 0xFFFFFFFF
#define MIN_MAILSLOTMESSAGETIMEOUT 5
//
// MailslotDuplicateTimeout (in seconds)
//
// This parameter specifies the interval over which duplicate incoming
// mailslot messages will be ignored. Netlogon compares each mailslot
// message received with the previous mailslot message received. If the
// previous message was received within this many seconds and the messages
// are identical, this message will be ignored. The theory is that the
// duplicate messages are caused by clients sending on multiple transports and
// that netlogon needs to only reply on one of those transports saving network
// bandwidth.
//
// Set this parameter to zero to disable this feature. You should disable this
// feature if your network is configured such that this machine can see
// certain incoming mailslot messages but can't respond to them. For instance,
// a PDC may be separated from an NT workstation by a bridge/router.
// The bridge/router might filter outgoing NBF broadcasts, but allow incoming
// one. As such, netlogon might respond to an NBF mailslot message (only to
// be filtered out by the bridge/router) and not respond to a subsequent NBT
// mailslot message. Disabling this feature (or preferably reconfiguring the
// bridge/router) solves this problem.
//
// If you set this parameter too high, netlogon will ignore retry attempts
// from a client.
//
#define DEFAULT_MAILSLOTDUPLICATETIMEOUT 2
#define MAX_MAILSLOTDUPLICATETIMEOUT 5
#define MIN_MAILSLOTDUPLICATETIMEOUT 0
//
// ExpectedDialupDelay (in seconds)
//
// This parameter specifies the time it takes for a dialup router to dial when
// sending a message from this client machine to a domain trusted by this client
// machine. Typically, netlogon assumes a domain controller is reachable in a
// short (e.g., 15 seconds) time period. Setting ExpectedDialupDelay informs
// Netlogon to expect an ADDITIONAL delay of the time specified.
//
// Currently, netlogon adjusts the following two times based on the
// ExpectedDialupDelay:
//
// 1) When discovering a DC in a trusted domain, Netlogon sends a 3 mailslot
// messages to the trusted domain at ( 5 + ExpectedDialupDelay/3 ) second
// intervals Synchronous discoveries will not be timed out for 3 times that
// interval.
// 2) An API call over a secure channel to a discovered DC will timeout only
// after (45 + ExpectedDialupDelay) seconds.
//
// This parameter should remain zero unless a dialup router exists between this
// machine and its trusted domain.
//
// If this parameter is set too high, legitimate cases where no DC is available in
// a trusted domain will take an extraordinary amount of time to detect.
//
#define DEFAULT_EXPECTEDDIALUPDELAY 0
#define MAX_EXPECTEDDIALUPDELAY (10*60) // 10 minutes
#define MIN_EXPECTEDDIALUPDELAY 0
//
// ScavengeInterval (in seconds)
//
// This parameter adjusts the interval at which netlogon performs the following
// scavenging operations:
//
// * Checks to see if a password on a secure channel needs to be changed.
//
// * Checks to see if a secure channel has been idle for a long time.
//
// * On DCs, sends a mailslot message to each trusted domain for a DC hasn't been
// discovered.
//
// * On PDC, attempts to add the <DomainName>[1B] netbios name if it hasn't
// already been successfully added.
//
// None of these operations are critical. 15 minutes is optimal in all but extreme
// cases. For instance, if a DC is separated from a trusted domain by an
// expensive (e.g., ISDN) line, this parameter might be adjusted upward to avoid
// frequent automatic discovery of DCs in a trusted domain.
//
#define DEFAULT_SCAVENGEINTERVAL (15*60) // 15 minutes
#define MAX_SCAVENGEINTERVAL (48*60*60) // 2 days
#define MIN_SCAVENGEINTERVAL 60 // 1 minute
//
// How frequently we scavenge the LogonTable.
//
#define LOGON_INTERROGATE_PERIOD (15*60*1000) // make it 15 mins
#define DEFAULT_SYNCHRONIZE FALSE
#define DEFAULT_DISABLE_PASSWORD_CHANGE 0
#define DEFAULT_REFUSE_PASSWORD_CHANGE 0
#define DEFAULT_SCRIPTS TEXT("REPL\\IMPORT\\SCRIPTS")
#endif // _INIPARM_