Beat spammers with anti-spam software for Exchange
Server – GFI MailEssentials. Download FREE
trial
Introduction to Exchange Server 2003 - Global Catalog Server
There are many reasons for investigating Windows Server 2003's Global Catalog Server. For example, the Exchange 2003 GAL relies absolutely on the Global Catalog Service. In addition, correctly placing Global Catalog Servers improves Outlook's performance. The purpose of this page is to explain why Exchange 2003 needs Global Catalog Servers. I will show you where to configure the settings and
advise you on how many Windows Server 2003 Domain Controllers to
double-up as Global Catalog Servers.
The specific reason why Microsoft Exchange clients place such a heavy load on
the Global Catalog Servers is that they need to make LDAP queries to resolve email addresses. For example, a user opens Microsoft's Outlook and types the name of a recipient. To find the corresponding SMTP
address, the GAL issues an LDAP query to the Global Catalog Server.
Before we get deep into Global Catalogs, here are four concepts to help us get started.
1) Only the first Domain Controller
in any Domain is a Global Catalog Server by default. Good news, all subsequent Domain Controllers have the Global Catalog capability.
2) Global Catalog Server is a property, a tick in a box, on a Domain
Controller. You cannot configure a member server or even an Exchange Member server as a Global Catalog Server.
3) Ordinary non-outlook users need a Global Catalog Server to
find network resources such as Universal Group Membership. Therefore, all the configuration you make with Catalog Servers for the sake of Exchange's GAL, will also benefit everyone.
4) It's essential to configure extra Global Catalog Servers in
multi-domain, multi-site organizations. I admit, a one domain, one site, 50 user outfit, needs very little extra Global Catalog configuration.
Exchange Server 2007 is a complex topic, do you need practical hands on training? As an MCT trainer, I can thoroughly recommend
TrainSignal. In particular, I like the way
that TrainSignal cover all learning methods, instructor lead, video and of course text
material. You can either take one module, for example Exchange 2007 or go for a combination of modules.
Learn more about Microsoft Exchange Server 2007 here
The problem of contacting a Global Catalog Server
arises when a Windows 2003 Domain Controller, which are not, repeat, not, also a Global Catalog Servers, receives a logon request. Without a reply from the Global Catalog server it cannot deduce
Universal Group membership from other domains. For security, that logon server must be able to enumerate Universal Group Membership. Specifically, the Domain Controller must be sure that
people in Universal Groups have not been denied access. A problem only arises if there is no Global Catalog on the subnet, or site and the links to other sites are flaky.
You could solve all
Global Catalog problems with Guy's rule of thumb approach - deploy two Global Catalog Servers at each Active Directory Site. Alternatively you could take the thinking man's approach and have one Global Catalog Server for every four Exchange 2003 Servers.
People who deploy this approach say go for a 1:4 ratio of processors rather than servers. If you are a rich company then you could even get testing software, feed in zillions of relevant info and
bingo - out comes the number and placement of your Global Catalog Servers.
Each Domain Controller knows all about the all the object and all their properties - but only for its own domain. Crucially, only Domain Controllers that are also Global Catalog servers know about objects
in other domains. You could take the ruthless solution and make every domain controller a Global Catalog Server. However, that may be counter-productive owing to increased replication traffic, and
placing an undue overhead on those servers. Tell the truth, only testing would show if this traffic and processor load would be as big a problem as it sounds.
Configuring a Domain Controller as a Global Catalogs is a knack. Once you have drilled down, and checked the Global Catalog box you always remember
that tortuous path. (It goes without saying that this is a job for Windows Server 2003 and not Exchange 2003.)
Let us begin at the Active Directory Sites and Services snap-in (Not the ADUC). Expand Sites, Default-First-Site-Name, Servers. Select your server and seek the NTDS Settings, right
click and choose Properties. All that remains is to tick the Global Catalog box. (See Diagrams Opposite)
With a Windows Server 2000 Server you have to reboot, eccentrically the interface does not tell you to reboot. Microsoft cured all this nonsense in Windows Server 2003, you do not have to reboot when
you enable or disable Global Catalog.
One variation of these instructions would be if your servers are in a different site and not in the strangely named, Default-First-Site-Name.
If you have firewall restrictions, LDAP uses port 389 for read and write
operations and port 3268 for global catalog search operations.
Exchange 2003 makes heavy use of Global Catalog Servers. In particular the GAL makes LDAP queries to resolve email addresses. Windows 2003 Domain
Controllers, which are not also Global Catalog Servers, cannot deduce Universal Groups in other domains. For security, until they contact a Global Catalog server Domain Controller cannot proceed with the logon
request. As a result of this knowledge
you can plan extra Global Catalog servers. The suggested ratio is 1 Global Catalog for every 4 Exchange 2003 servers. However, if you only have one domain, there is no need for any more Global Catalog servers.
Learn how to find settings in the Exchange System Manager. Advice configuring your Exchange Server. Tips on how to get the most from your Exchange 2003 server.
Over 50 printer friendly pages Word and PDF format
