Solved

Global Catalog Server Question

Posted on 2007-03-24
2
237 Views
Last Modified: 2010-04-20
With the global catalog server. In a Single Domain environment with one dc , when people are logging into the network , their account must contact the gc in order to logon?unless it's already cached, correct?

also In a one domain environment, if i have the the first dc with the gc and  im adding asecondary dc . if i did not want to enable gc on the new server when people are authenticating towards that server it should forward the gc requests to the main server?

i've been try to read around and i was just hoping for some clarity. hopefully i have made sense.

H
0
Comment
Question by:Helder_Hipolito
  • 2
2 Comments
 
LVL 70

Expert Comment

by:KCTS
ID: 18786539
When a user logs onto a domain a global catalog server must normally be contacted to determin universal group membership. (This can be disabled on Win2003 servers but IS NOT recommended). If the DC has no Global catlog of its own it must forward the request to the global catalog.

It is good practice to have at least one DC with Global catalog on one site, Enabling Global Calalog on two DCs provides some fault tollerance and should seriously be considered.. If the DC with global catalog fails, then the other DC will not be able to authenticat logins without the Global Catalog.

I suggest you enable Global Catalog on both machines, its just a check bo, and there is very little overhead,
0
 
LVL 70

Accepted Solution

by:
KCTS earned 50 total points
ID: 18786702
Sorry, Its getting late, I made a few typo's in that last comment so here it is again without the errors I hope:-

When a user logs onto a domain, a global catalog server must normally be contacted to determine universal group membership. (This can be disabled on Win2003 servers but IS NOT recommended, see http://support.microsoft.com/kb/241789). If the DC has no Global catlog of its own it must forward the request to the global catalog.

It is good practice to have at least one DC with Global catalog on each site to prevent intersite logon traffic, Enabling Global Calalog on two DCs provides some fault tollerance and should seriously be considered.. If the DC with global catalog fails, then the other DC will not be able to authenticat logins without the Global Catalog.

I suggest you enable Global Catalog on both machines, its just a checkbox, and there is very little overhead involved see http://support.microsoft.com/kb/313994
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

On a regular basis I get questions about slow RDP performance, RDP connection problems, strange errors and even BSOD, remote computers freezing or restarting after initiation of a remote session. In a lot of this cases the quick solutions made b…
Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip Migration Tip #1 – Source Server Health can be found listed in my profile here: http:…
This video discusses moving either the default database or any database to a new volume.
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now