Global catalog server best practices for Exchange Server

A global catalog server is a Windows domain controller that has been assigned the global catalog server role. It contains a full read/write copy of the domains schema and application partitions, just like any other Windows domain controller.

A global catalog server also contains a partial replica of all other domain partitions in the Active Directory (AD) forest. These partial replicas are read-only, and contain the most-queried attributes for each object in the AD forest. For example, replicas of user objects would contain commonly searched attributes like first name, last name, and email address.

At the Active Directory level, a global catalog server's biggest task is to facilitate the logon process. When a user initiates the logon process, the global catalog server provides the domain controller with the necessary universal group membership information. It also resolves User Principal Names (UPNs) when the domain controller involved in the authentication process has no knowledge of the account.

If a network's global catalog server fails, the only user who will be able to log on is the administrator. The exception to the rule: On extremely small networks, the Universal Group Membership Caching feature can be used in place of a global catalog server.

A global catalog server also performs a number of critical tasks at the Exchange Server level. For example, in order to send and receive email, both the Exchange server and Microsoft Outlook client must be able to query a global catalog server.

Exchange server must also query a global catalog server to resolve recipient email addresses. Microsoft Outlook clients can't even open the Global Address List (GAL) unless they can connect to a global catalog server (either directly or via DSProxy).

Global ...

To read more you must become a member of SearchExchange.com

As an existing member of the TechTarget network please activate your SearchExchange.com account 

By joining SearchExchange.com you agree to receive email updates from the TechTarget network of sites, including updates on new content, magazine or event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile or unsubscribing via email.

TechTarget cares about your privacy. Read our Privacy Policy

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Exchange Server Administration Tips Remove Exchange 2003 objects from AD to install Exchange 2010 Don'ts for optimal Exchange 2007 mailbox server efficiency Is your Exchange 2007 hub transport server healthy? Avoid Outlook 2007 performance issues during repairs Developing an Exchange 2007 server role DR plan How DSAccess service improves Exchange Server 2007 reliability An introduction to the Exchange Remote Connectivity Analyzer tool Monitor Exchange 2007 with disk- and RPC-related counters DPM 2007 replica inconsistencies in Exchange databases Track Exchange 2007 mailbox server health using database counters Microsoft Exchange Server Administration Creating and configuring Exchange Server 2007 mailboxes How to configure Exchange Server 2007 mailboxes How to create and configure Exchange Server 2007 distribution groups Managing Exchange Server 2007 address lists Setting up Exchange Server 2007 contacts Creating and managing recipients in Exchange Server 2007 Creating mail users in Exchange Server 2007 Deleting and reconnecting Exchange Server 2007 mailboxes 'Exchange is in recovery mode' errors A roundup of DST resources for Exchange Server administrators Microsoft Exchange Server Administration Research Microsoft Exchange Server and Active Directory Remove Exchange 2003 objects from AD to install Exchange 2010 How DSAccess service improves Exchange Server 2007 reliability Restoring user accounts and mailbox links in Active Directory Changing email address formats in Exchange Server 2003 Restore contacts from an Exchange public folder An introduction to the DSAccess service in Exchange Server 2007 Exchange users receiving email addressed to legacy users Mailbox viewing problems after migrating to Exchange 2007 Installing Exchange Server 2003 and a domain controller on the same hardware Top 10 Microsoft Exchange Server tips of 2008 Microsoft Exchange Server and Active Directory Research

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary service pack  (SearchExchange.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

catalog server best practices for Exchange Server

By default, there is only one global catalog server in an organization. The first domain controller brought online as a part of a new Active Directory forest is automatically designated as the global catalog server.

Given the importance of global catalog servers, it might be tempting to designate all of your Windows 2000 or Windows 2003 domain controllers to act as global catalog servers. Doing so is usually a bad idea though, because of the volume of network traffic produced by Active Directory replication.

As a general rule of thumb, you should have a global catalog server in any AD site containing an application that requires extensive use of port number 3268 (the global catalog lookup port). Since Exchange Server is such an application, you want a global catalog server in any site that it resides.

You must also take into account the load that is being placed on your network and existing global catalog servers. Microsoft offers some guidelines you can use when deciding on global catalog placement in Knowledge Base article 875427, Global catalog server placement and ratios in an Exchange 2000 Server organization or Exchange Server 2003 organization.

If your AD forest consists of a single domain, all domain controllers should be configured to act as global catalog servers. Since the domain controllers have full knowledge of the domain anyway, designating them to act as global catalog servers does not require a significant amount of additional server resources.

But if your Exchange Server organization contains multiple mailbox servers, you should plan on having one global catalog server for ever four mailbox servers.

A site does not require a global catalog server if it does not contain an Exchange server, contains fewer than 100 users, and is connected to another network segment that has its own global catalog server via a reliable network link.

Organizations using Windows 2003 domain controllers with fewer than 100 users are often discouraged from deploying global catalog servers. Microsoft recommends enabling Universal Group Membership Caching as an alternative. But if you're using Exchange Server, that is not an option -- you must use a true global catalog server.

About the author: Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Exchange Server, and has previously received Microsoft's MVP award for Windows Server and Internet Information Server (IIS). Brien has served as CIO for a nationwide chain of hospitals and was once responsible for the Department of Information Management at Fort Knox. As a freelance technical writer, Brien has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies. You can visit Brien's personal Web site at http://www.brienposey.com.

Do you have comments on this tip? Let us know.

Related information from SearchExchange.com: