Re: Is Global Catalog Server Required for login to Single Domain Trees ?

From: Roger Abell [MVP] (mvpNoSpam_at_asu.edu)
Date: 06/28/03 

Date: Sat, 28 Jun 2003 12:50:42 -0700

A GC is necessary since there are functionalities that will use
ldap directed to the GC port, in addition to the DC port.
So, for full (error free) functionality you must have a GC in a
single domain forest. However, making every (or any) DC in
such a domain does not create overhead, as there are no
partial domain contexts to replicate.

"e-head" <ehead@nobodies.biz> wrote in message
news:55a3c7648956799e2f924746fa099532@free.teranews.com...
> "Steven L Umbach" <sumbach@ameritech.net> wrote in message
> news:2OHKa.2863$BM.1764878@newssrv26.news.prodigy.com...
> > The global catalog server is needed for native mode domains to
> check
> > membership in universal groups before logon. See KB article for
> > xplanation. --- Steve
> >
> > http://support.microsoft.com/default.aspx?scid=kb;en-us;Q216970
>
> Hey thanks, that is a good article.
>
> quoting:
> "In the event that there is only one domain in the forest, all domain
> controllers contain the same data, so there is no need to locate a GC
(even
> though any given server might be designated a GC)"
> so it would seem in a single domain forest a GC isnt needed.
>
> Here is another good article on authentication I stumbled on while looking
> into this (in case anyone else is watching this thread) :
> http://www.windowsitlibrary.com/Content/617/06/1.html
>
>
> >
> > "e-head" <ehead@nobodies.biz> wrote in message
> > news:94c9f4d5be49d8d47db9a571371af331@free.teranews.com...
> > > "Doug Fox" <dfox168@hotmail.com> wrote in message
> > > news:eha1a$APDHA.1720@TK2MSFTNGP11.phx.gbl...
> > > > Isn't it a global catalog server for each domain? In case a domain
> has
> > > more
> > > > than one sites, isn't it each site should have a global catalog
server
> > to
> > > > enhance logon performance?
> > >
> > > yeah, if that's the case then it must be that you do indeed need a
> global
> > > catalog server.
> > > i know i read that somewhere a long time ago, but i was always
wondering
> > why
> > > it would be *absolutely* necessary in a single
> > > domain forest.
> > >
> > > or even if a forest has a couple of domains, it seems like maybe you
> could
> > > *try* and login to just any ole DC, and if you were from a
> > > different domain maybe it could just tell you, "sorry, you will have
to
> > try
> > > the global catalog server". But i guess they just didnt design it
> > > that way.
> > >
> > > >
> > > >
> > > > "e-head" <ehead@nobodies.biz> wrote in message
> > > > news:649825f8e951ac0d0c0c72f8d7f36d48@free.teranews.com...
> > > > > Just curious ...
> > > > >
> > > > > Obviously, there is no real reason why any DC cant log you onto a
> > Single
> > > > > domain tree, but i'm just curious if a GCS is still required ?
> > > > >
> > > > > thanks,
> > > > > e
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >
> >
> >
>
>