Alcuni miei appunti su AD, li condivido, si sa mai che tornino utili a qualcuno :-)

Active Directory Infrastructure

·        When a user logs on the network, the global catalog provides universal group membership information for the account to the domain controller processing the user logon information. If a global catalog is not available when a user initiates a network logon process, the user is able to log on only to the local computer unless the site has been specifically configured to cache universal group membership lookups when processing user logon attempts.

·        Global catalog service is added or removed in the NTDS Settings Properties.

·        Universal Group Membership Caching is useg for logon purposes.

·        For redundancy purposes the main site must have more than one global catalog.

·        The Global Catalog is the central repository of information about AD objects in a tree or forest.

·        The DC that holds a copy of the global is called Global Catalog Server. Only DCs can function as Global Catalog servers.

·        Universal group membership caching allows the DC to cache universal group membership information for users. This eliminates the need for a GCS at every site in a domain, which minimizes network bandwidth usage. It also reduces logon times.

·        A PDC emulator is required for authentication purposes for Windows NT 4.0 clients

·        Enabling Universal group membership caching at site level will ensure that all the DCs in a site will be able to cache informations.

·        Like all DCs, a GCS stores full, writable replicas of the schema and configuration directory partitions and a full, writable replica of the domain directory partition for the domain that it is hosting.