3.17. Enabling and Disabling the Global Catalog

Problem

You want to enable or disable the global catalog on a particular server.

Solution

Using a graphical user interface

  1. Open the Active Directory Sites and Services snap-in.

  2. Browse to the nTDSDSA object (NTDS Settings) underneath the server object for the domain controller you want to enable or disable the global catalog for.

  3. Right-click on NTDS Settings and select Properties.

  4. Under the General tab, check (to enable) or uncheck (to disable) the box beside Global Catalog.

  5. Click OK.

Using a command-line interface

In the following command, <ServerObjectDN> should be the server object DN, not the DN of the nTDSDSA object.

> dsmod server "<ServerObjectDN>" -isgc yes|no

For example, the following command will enable the global catalog on dc1 in the Raleigh site:

> dsmod server[RETURN] 
"cn=DC1,cn=servers,cn=Raleigh,cn=sites,cn=configuration,dc=rallencorp,dc=com" -isgc[RETURN]
yes

Using VBScript

' This code enables or disables the GC for the specified DC
' ------ SCRIPT CONFIGURATION ------
strDC = "<DomainControllerName>"   ' e.g. dc01.rallencorp.com
strGCEnable = 1                    ' 1 = enable, 0 = disable
' ------ END CONFIGURATION ---------

set objRootDSE = GetObject("LDAP://" & strDC & "/RootDSE")
objNTDS = GetObject("LDAP://" & strDC & "/" &  _
                    objRootDSE.Get("dSServiceName"))
objNTDS.Put "options", strGCEnable
objNTDS.SetInfo

Discussion

The first domain controller promoted into a forest is by default also made a global catalog server. If you want additional servers ...

Get Active Directory Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial