We are planning to turn identity awareness blade in our environment and we would like to get some numbers related to the performance impact on the domain controllers when we use identity collector. we have around 14k users and around 25 Domain Controllers. I know Identity collector will use windows APIs but that is not explained very well compared to WMI service. according to SK 108235 Identity collector still uses DCOM protocol, which makes extensive use of DCE/RPC.
Does the IA collector connect to DCs and reads the security events every 1 second or the DC will forward the events to The IDC every 1 second.
Did anyone perform a stress test and got approximate numbers about how much load will be added to the domain controllers .
In addition to that we have 61K running R75SP50 and the sk122157 says the 61K will act as PEPD. Does that mean pdpd not running and we need to turn sharing for 61k pepd to receive identities and access roles information form a PDPD gateway?