MCITP 70-640: Global Catalog Server
Check out http://YouTube.com/ITFreeTraining or http://itfreetraining.com for more of our always free training videos.
Global Catalog Servers contain a partial replica for every object in Active Directory. A Global Catalog Server is used to find objects in any domain in the forest. Any Domain Controller can be made into a Global Catalog Server. This video looks at how to remove or make a Domain Controller into a Global Catalog Server and also the reasons why and where you should put Global Catalog Servers.
Global Catalog Servers are used to find objects in any domain in the forest but it should be remembered that this does not give the user access to that object. Unless the user has the correct permissions they will not be able to access resources in other domains.
Global Catalog Servers also contain information about groups that span across domains and services that work at the forest level.
How to change a Domain Controller to a Global Catalog Server 04:18
Using the admin tool Active Directory Users and Computers to navigate to the computer account for your Domain Controller. By default this will be located in the Domain Controllers OU.
Open the properties for the Domain Controller and select the button NTDS settings.
Deselect or select the tickbox Global Catalog. Windows will do the rest.
Reasons to deploy Global Catalog Servers
Reason 1
Domain Controllers generate a security token for a user when they first login. If the user is in a group that spans multi--domains, that Domain Controller will need to contact a Global Catalog to get information about that group.
Reason 2
If a user logs in using a Universal Principal Name (UPN), that is, they log in using a user name in the form of username@domainname, a Domain Controller will need to access a Global Catalog Server before the log in is completed.
Reason 3
Global Catalog Servers work as an index to the forest. If you perform any searches on the forest you will need to contact a Global Catalog Server.
Reason 4
Microsoft recommends that any network that is separated by a Wide Area Network have a Global Catalog Server deployed at that location. This will ensure that users can log on if the Wide Area Network is down. In order for a computer to contact a Global Catalog Server, ports 389 (LDAP) and 3267 (Global Catalog) need to be opened. If these ports are not open then the user will not be able to use the remote Global Catalog Server.
Reason 5
Some software requires a Global Catalog Server in order to run. Exchange is a big user of the Global Catalog Server. If you have a decent amount of Exchange users on your network, you should consider deploying a Global Catalog Server close to these users.
Reasons not to deploy a Global Catalog Server
Global Catalog Servers put more load on the server in the form of searches and lookups from the client.
Global Catalogs need to keep their index up to date. This requires more network bandwidth.
In order to store the Global Catalog Server, you are required to have additional hard disk space on your server.
Видео MCITP 70-640: Global Catalog Server канала itfreetraining
Global Catalog Servers contain a partial replica for every object in Active Directory. A Global Catalog Server is used to find objects in any domain in the forest. Any Domain Controller can be made into a Global Catalog Server. This video looks at how to remove or make a Domain Controller into a Global Catalog Server and also the reasons why and where you should put Global Catalog Servers.
Global Catalog Servers are used to find objects in any domain in the forest but it should be remembered that this does not give the user access to that object. Unless the user has the correct permissions they will not be able to access resources in other domains.
Global Catalog Servers also contain information about groups that span across domains and services that work at the forest level.
How to change a Domain Controller to a Global Catalog Server 04:18
Using the admin tool Active Directory Users and Computers to navigate to the computer account for your Domain Controller. By default this will be located in the Domain Controllers OU.
Open the properties for the Domain Controller and select the button NTDS settings.
Deselect or select the tickbox Global Catalog. Windows will do the rest.
Reasons to deploy Global Catalog Servers
Reason 1
Domain Controllers generate a security token for a user when they first login. If the user is in a group that spans multi--domains, that Domain Controller will need to contact a Global Catalog to get information about that group.
Reason 2
If a user logs in using a Universal Principal Name (UPN), that is, they log in using a user name in the form of username@domainname, a Domain Controller will need to access a Global Catalog Server before the log in is completed.
Reason 3
Global Catalog Servers work as an index to the forest. If you perform any searches on the forest you will need to contact a Global Catalog Server.
Reason 4
Microsoft recommends that any network that is separated by a Wide Area Network have a Global Catalog Server deployed at that location. This will ensure that users can log on if the Wide Area Network is down. In order for a computer to contact a Global Catalog Server, ports 389 (LDAP) and 3267 (Global Catalog) need to be opened. If these ports are not open then the user will not be able to use the remote Global Catalog Server.
Reason 5
Some software requires a Global Catalog Server in order to run. Exchange is a big user of the Global Catalog Server. If you have a decent amount of Exchange users on your network, you should consider deploying a Global Catalog Server close to these users.
Reasons not to deploy a Global Catalog Server
Global Catalog Servers put more load on the server in the form of searches and lookups from the client.
Global Catalogs need to keep their index up to date. This requires more network bandwidth.
In order to store the Global Catalog Server, you are required to have additional hard disk space on your server.
Видео MCITP 70-640: Global Catalog Server канала itfreetraining
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
![MCITP 70-640: Operation Master Roles](https://i.ytimg.com/vi/pKmo73YC0PQ/default.jpg)
![DNS Records](https://i.ytimg.com/vi/6uEwzkfViSM/default.jpg)
![](https://i.ytimg.com/vi/5u7dm2IOupE/default.jpg)
![Introduction to Active Directory Directory Services Structure in Windows Server 2012](https://i.ytimg.com/vi/lFwek_OuYZ8/default.jpg)
![MCITP 70-640: Operators Master Role Placement Global catalog](https://i.ytimg.com/vi/eHBPMHRWcG8/default.jpg)
![Adding Additional Domain Controller to an Existing Domain | Windows Server 2019](https://i.ytimg.com/vi/sqHa2gN1HsY/default.jpg)
![Active Directory Training For Entry Level Help Desk](https://i.ytimg.com/vi/zrCNGzwLjcU/default.jpg)
![DNS Zones](https://i.ytimg.com/vi/833Qnc-7-ug/default.jpg)
![MCITP 70-640: Troubleshooting Group Policy](https://i.ytimg.com/vi/cM2TjEsPy5o/default.jpg)
![MCITP 70-640: Active Directory different group types available](https://i.ytimg.com/vi/aPh8_RB8XEU/default.jpg)
![Active directory in a nutshell | How windows AD works in networking (2021)](https://i.ytimg.com/vi/LOG-ewxwCOU/default.jpg)
![What is Global Catalog Server? Explained & Learn How To Configure Global Catalog Service in Server](https://i.ytimg.com/vi/ilGG9h9xyQE/default.jpg)
![MCITP 70-640: Sites and Subnets](https://i.ytimg.com/vi/aR3b7mCTWRo/default.jpg)
![MCITP 70-640: AppLocker](https://i.ytimg.com/vi/ab5IGQr70-g/default.jpg)
![21. How to Install Additional Domain Controller and Managing Replication in Windows Server 2012 R2](https://i.ytimg.com/vi/-R7Ryy7-4e0/default.jpg)
![MCITP 70-640: Group Policy Processing Order](https://i.ytimg.com/vi/iS_DV_zH5aU/default.jpg)
![What is FSMO Role | Flexible Single Master Operation](https://i.ytimg.com/vi/YLlDOelu2gg/default.jpg)
![MCITP 70-640: Active Directory Replication](https://i.ytimg.com/vi/N7yFQx0Jv54/default.jpg)
![Top 20 Active Directory Interview Questions and Answers](https://i.ytimg.com/vi/Qy8Eg6_yP-A/default.jpg)
![Latest top 39 Windows Active Directory Interview Questions and Answers....Only AD](https://i.ytimg.com/vi/D6vblVaALVc/default.jpg)