Solved

Global Catalog Server Question

Posted on 2007-03-24
2
238 Views
Last Modified: 2010-04-20
With the global catalog server. In a Single Domain environment with one dc , when people are logging into the network , their account must contact the gc in order to logon?unless it's already cached, correct?

also In a one domain environment, if i have the the first dc with the gc and  im adding asecondary dc . if i did not want to enable gc on the new server when people are authenticating towards that server it should forward the gc requests to the main server?

i've been try to read around and i was just hoping for some clarity. hopefully i have made sense.

H
0
Comment
Question by:Helder_Hipolito
  • 2
2 Comments
 
LVL 70

Expert Comment

by:KCTS
ID: 18786539
When a user logs onto a domain a global catalog server must normally be contacted to determin universal group membership. (This can be disabled on Win2003 servers but IS NOT recommended). If the DC has no Global catlog of its own it must forward the request to the global catalog.

It is good practice to have at least one DC with Global catalog on one site, Enabling Global Calalog on two DCs provides some fault tollerance and should seriously be considered.. If the DC with global catalog fails, then the other DC will not be able to authenticat logins without the Global Catalog.

I suggest you enable Global Catalog on both machines, its just a check bo, and there is very little overhead,
0
 
LVL 70

Accepted Solution

by:
KCTS earned 50 total points
ID: 18786702
Sorry, Its getting late, I made a few typo's in that last comment so here it is again without the errors I hope:-

When a user logs onto a domain, a global catalog server must normally be contacted to determine universal group membership. (This can be disabled on Win2003 servers but IS NOT recommended, see http://support.microsoft.com/kb/241789). If the DC has no Global catlog of its own it must forward the request to the global catalog.

It is good practice to have at least one DC with Global catalog on each site to prevent intersite logon traffic, Enabling Global Calalog on two DCs provides some fault tollerance and should seriously be considered.. If the DC with global catalog fails, then the other DC will not be able to authenticat logins without the Global Catalog.

I suggest you enable Global Catalog on both machines, its just a checkbox, and there is very little overhead involved see http://support.microsoft.com/kb/313994
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Every system administrator encounters once in while in a problem where the solution seems to be a needle in haystack.  My needle was an anti-virus version causing problems with my Exchange server. I have an HP DL350 with Windows Server 2008 Stand…
My previous article  (http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2008/A_4466-A-beginners-guide-to-installing-SCCM2007-on-Windows-2008-R2-Server.html)detailed one possible method to get SCCM 2007 installed an…
I designed this idea while studying technology in the classroom.  This is a semester long project.  Students are asked to take photographs on a specific topic which they find meaningful, it can be a place or situation such as travel or homelessness.…
A company’s greatest vulnerability is their email. CEO fraud, ransomware and spear phishing attacks are the no1 threat to a company’s security. Cybercrime is responsible for the largest loss of money to companies today with losses projected to r…

937 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

4 Experts available now in Live!

Get 1:1 Help Now