Tuesday, May 13, 2014

GLOBAL CATALOG

Each domain has a separate database.The domain does not have any  information about the other domain inside the forest. So the global catalog server is used to find any object in a domain in a forest. ''Global Catalog is like a index, It holds the partial replica of every object in the forest''.

How to make or Remove a server as a Global Catalog Server:

Active directory users & computers -> Domains --> Computer
                                                                                       
                                                                                     Edit

                                                                           Propoties--> Ntds setting --> Global Catalog

Global Catalog Facts:-

  •  Any Domain Controller can be a Global Catalog(GC).
  •   Must have one GC per forest.(In windows server 2008 all the Domain Controllers are by defaultly Global Catalog servers.)
  •  Microsoft recomends there should be more than one per forest for reducdancy.
  • It requires more disk space.
  • It requires more bandwidth
  • This stores in NTDS.dit file.
 
 
Reasons for Deploy a Global Catalog:-
 
  1.  It is used when the user 1st login to the Domain Controller.
  2. If a user logs in using a Universal Principal Name (UPN), that is, they log in using a user name in the form of username@domainname, a Domain Controller will need to access a Global Catalog Server before the log in is completed.
  3. It allows forest wide searching and services.
  4. Microsoft recommends that any network that is separated by a Wide Area Network have a Global Catalog Server deployed at that location. This will ensure that users can log on if the Wide Area Network is down. In order for a computer to contact a Global Catalog Server, ports 389 (LDAP) and 3267 (Global Catalog) need to be opened. If these ports are not open then the user will not be able to use the remote Global Catalog Server.
  5. Some applications needed Global catalog server, Exchange server needs Global Catalog Heavily.
Reasons Not to deploy Global Catalog Server:-

  1. More load on domain cotrollers.
  2. Additional Network Traffic.
  3. Additional Harddisk space.
  4. Global Catalogs need to keep their index up to date 
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Test Script

############################################################################## #####################################################...

  • Delegation Of Control
    Delegation of Control allow a user to administrating a number of users in a OU Level in Active Directory. Although there is n number of opt...
  • Windows Groups and Role Based Access control
    Each group that is created in Active Directory has a Security identifier or SID associated with it. This is called as Security Group. We ca...
  • (no title)
    User Log on Standards :  Active directory has come up with two log on standards for accesing the domain .The back to windows NT and is in...