moonpavan
asked on
What is Global Catalog in the Active Directory?
What is Global Catalog in the Active Directory? Just explain me in simple english what is Global Catalog and its function and why we require Global Catalog...
Please dont share any links
Please dont share any links
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Key thing about a GC is that its only relevant if you hve more than one domain. If you have only one domain just mark all DCs as GCs and forget abut it until some one asks you to have two domains.
If some one does ask you to create a second domain, either shoot them, or ask again on here why its a bad idea to have more than one domain.
If you do have more than one domain then you need GCs because they contain enough info about the other domains for things like group membership.
The other key aspect of GCs is that Exchange uses them, so if you have multiple domains and exchange make sure you have enough GCs.
If some one does ask you to create a second domain, either shoot them, or ask again on here why its a bad idea to have more than one domain.
If you do have more than one domain then you need GCs because they contain enough info about the other domains for things like group membership.
The other key aspect of GCs is that Exchange uses them, so if you have multiple domains and exchange make sure you have enough GCs.
As Mike wrote, GC contains only partial information of objects in whole forest (for other domains) and full for its own domain. It doesn't contain details for each account/group in the forest, it knows where particular object exists (in which domain). If someone queries a GC it gives back an information which domain should be contacted (in general description). A database which stores details is called Directory Information Tree (ntds.dit file) where all details are available.
Am I right Mike (more or less) ? ;)
Am I right Mike (more or less) ? ;)
Seems a little like less to me. When you ask AD about an object you need to specify which domain to search in. If you ask a DC for that domain that owns the object you get all details, if you ask a GC from another domain you get a subset of the deails. You choose how to ask by which TCP port you contact.
There is as far as I know only one ntds.dit file and that holds all the AD information that a particular server has. So Config partition, Schema Partition and Domain partitions. For its own domain all info, for other domains all objects, but a subset of the fields.
There is as far as I know only one ntds.dit file and that holds all the AD information that a particular server has. So Config partition, Schema Partition and Domain partitions. For its own domain all info, for other domains all objects, but a subset of the fields.
Functions of a GC:
- Provide "universial group membership" information to a DC when a logon process is initiated
- holds a partial reference to every object in the forest so a DC in domain A can find objects in domain B.
- "universial group membership" are stored only in the GC. (Unlike "Global groups" which is stored in AD in each domain).
- Provide "universial group membership" information to a DC when a logon process is initiated
- holds a partial reference to every object in the forest so a DC in domain A can find objects in domain B.
- "universial group membership" are stored only in the GC. (Unlike "Global groups" which is stored in AD in each domain).
@g4ugm: you're right about ntds.dit It contains all partitions inside. I wanted short cut my minds too much in foreign language, so it sounds without any sense. Thanks for highlighting :)
Thats fine. Its hard enough to understand some of the Microsoft stuff when English is you Native Language...
jSiek yup you have it down for the most part, it does contain some details of the objects....and that can be modified in the schema
http://support.microsoft.com/kb/248717
Also right about the partitions....my friends at CB5 have a great blog entry on GC partitions (must read) http://cbfive.com/blog/post/Global-Catalog-Partitions.aspx
Thanks
Mike
http://support.microsoft.com/kb/248717
Also right about the partitions....my friends at CB5 have a great blog entry on GC partitions (must read) http://cbfive.com/blog/post/Global-Catalog-Partitions.aspx
Thanks
Mike
It contains a full copy of the domain partition of the domain its in...doesn't contain a full attribute set of every domain in the forest.
yes it contains all the objects but not the same attributes from domain to domain.
Thanks
Mike