15.17. Enabling and Disabling the Global Catalog

Problem

You want to enable or disable the global catalog on a particular domain controller.

Solution

Using a graphical user interface

  1. Open the Active Directory Sites and Services snap-in.

  2. Browse to the nTDSDSA object (NTDS Settings) underneath the server object for the domain controller whose global catalog you want to enable or disable.

  3. Right-click on NTDS Settings and select Properties.

  4. Under the General tab, check (to enable) or uncheck (to disable) the box beside Global Catalog.

  5. Click OK.

Using a command-line interface

In the following command, <ServerObjectDN> should be the server object DN, not the DN of the nTDSDSA object:

> dsmod server "<ServerObjectDN>" -isgc yes|no

For example, the following command enables the global catalog on dc1 in the Raleigh site:

> dsmod server "cn=DC1,cn=servers,cn=Raleigh,cn=sites,cn=configuration,dc=rallencorp,dc=com"
-isgc yes

Using VBScript

' This code enables or disables the GC for the specified DC
' ------ SCRIPT CONFIGURATION ------
strDC = "<DomainControllerName>"   ' e.g., dc01.rallencorp.com
strGCEnable = 1                    ' 1 = enable, 0 = disable
' ------ END CONFIGURATION ---------
   
set objRootDSE = GetObject("LDAP://" & strDC & "/RootDSE")
objNTDS = GetObject("LDAP://" & strDC & "/" &  _
                    objRootDSE.Get("dSServiceName"))
objNTDS.Put "options", strGCEnable
objNTDS.SetInfo

Discussion

The first domain controller promoted into a forest is by default also made a global catalog server. If you want additional servers to contain ...

Get Windows Server Cookbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.