The Role of the Active Directory Global Catalog in Windows Server 2008



The global catalog in Active Directory holds an index of all objects in an Active Directory forest. Not all domain controllers in the Windows Server 2008 Active Directory are global catalog servers by default. That being said, when installing a new Windows Server 2008 forest, the first Windows Server 2008 domain controller in the forest must be a global catalog server and it cannot be a Read-Only Domain Controller (RODC). Domain controllers that are not global catalog servers can be established as such through the following procedure:

1. Open Active Directory Sites and Services. To open, click on Start and then Control Panel and then Administrative Tools and then select Active Directory Sites and Services.

2. In the console tree, click the server to which you want to add the global catalog. Do this by navigating to Sites\<SiteName>\Servers\<ServerName>.

3. In the Details pane, right-click NTDS Settings of the selected server, and then select Properties.

4. Select the Global Catalog option on the General tab.

5. Click OK to finish.

NOTE: To complete this process, the administrator must be a member of the Enterprise Admins group in the forest or a member of the Domain Admins group in the domain of the selected domain controller or equivalent permissions. Security best practices dictate that this process be performed with the lowest-level user account and using the Run As Administrator option to manage Active Directory Domain Services.