Enable or disable a Global Catalog role on a DC

January 19, 2018 Dimitris Tonias Windows Server 2016

When we promote a Windows Server 2016 to a Domain Controller, it will also set to have the role of the Global Catalog (GC) server as a default. Unless of course, you uncheck the corresponding option in the Configuration Wizard. Which of your Domain Controllers are GCs? It’s very easy to check it out.

In the following steps, we’ll see how to enable and disable a Global Catalog server using both the graphical user interface and PowerShell. In addition, if we enable a GC, we’ll see how to check if it’s ready to use in the Active Directory infrastructure.

Using the GUI

After you connect to DC, open the Active Directory Sites and Services console. Expand the Sites container until you find the DC you want to check. Right-click NTDS Settings and then click Properties.

Enable or disable a Global Catalog role on a DC

Here, on the General tab, click Global Catalog to activate the role or uncheck it to disable it.

Enable or disable a Global Catalog role on a DC

Using PowerShell

To enable the Global Catalog on a DC, use the following command and change values according ​​to your infrastructure.

Set-ADObject "CN=NTDS Settings,CN=Fabrikam-DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Fabrikam,DC=COM" -Replace@{options='1'}

Alternatively, with one variation you can simply type the name of the DC as shown below.

Set-ADObject -Identity (Get-ADDomainController DC02).ntdssettingsobjectdn -Replace @{options='1'}

For both cases, the option options = ‘1‘ refers to the activation of the Global Catalog and the option options = ‘0‘ to disable it.

Global Catalog readiness check

As a typical next step, once you have activated the Global Catalog, it is good to check its readiness. A GC is “advertised” on the network and assumes the role of GC only when replication is completed.

To do this using the graphical user interface, type LDP in the search bar and open the corresponding tool. Click on the Connection menu and then Connect. Here, make sure the port is set to 389 and click OK.

Enable or disable a Global Catalog role on a DC

In the text that appears, find the isGlobalCatalogReady value and if it has the TRUE value then your GC is ready.

Enable or disable a Global Catalog role on a DC

Alternatively, you can check the GC readiness through the command line. Type the following command by changing the values ​​with your own.

nltest /server:<servername> /dsgetdc:<domainname>

Enable or disable a Global Catalog role on a DC

If the GC record is displayed in the Flags it means again that your GC is ready.

Related posts:

  1. Determine if a DC is a Global Catalog (GC) server
  2. Determine which DCs hold the FSMO roles
  3. Transfer FSMO roles to another Domain Controller
  4. Seize FSMO roles on a Domain Controller
About Dimitris Tonias 144 Articles
My name is Dimitris Tonias, IT Pro, G(r)eek, focused on Server, Virtualization, and Cloud technologies.

Related Articles

Be the first to comment

Leave a Reply

Your email address will not be published.


*


Copyright © 2017 | Powered by WordPress and Fusioned Enterprise Hosting