Sign in with
Sign up | Sign in
Your question

Global Catalog

Tags:
  • Domain
  • Partition
  • Microsoft
  • Windows
Last response: in Windows 2000/NT
Share
Anonymous
May 30, 2005 5:43:55 AM

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Hi,

Microsoft describes a mechanism "Polling for Changes Using USNChanged"
for AD.
http://msdn.microsoft.com/library/default.asp?url=/libr...

I am wondering if this mechanism holds true for a Global Catalog
scenario. I am new to the Global Catalog concept. From what I
understand, GCs host a copy of every partition in the forest (a full
copy of their own domain's domain partition, a full copy of the schema
partition, a full copy of the configuration partition, and a read-only
copy of every other domain's domain partition with only a subset of
attributes for each object), then an object addition/modification to
any domain will cause replication to all DCs in that domain, as well as
to all GCs, whether or not they are DCs for that domain. Attributes
uSNChanged and uSNCreated are available in GC as read-only attributes.
(http://msdn.microsoft.com/library/default.asp?url=/libr...).
Definition of 'uSNChanged' says - USN value assigned by the *local
directory* for the latest change, including creation. So at local AD
level 'uSNChanged' value is unique for each change. I am wondering how
this is taken care at GC level as it is maintainaing 'uSNChanged' from
various *local* ADs? i.e. How changes are tracked at Global Catalog
level? Any ideas?

~Harsh

More about : global catalog

Anonymous
May 30, 2005 4:31:32 PM

Archived from groups: microsoft.public.win2000.active_directory (More info?)

<harsh_bapat@persistent.co.in> wrote in message
news:1117442635.716186.292550@f14g2000cwb.googlegroups.com...
> Hi,
>
> Microsoft describes a mechanism "Polling for Changes Using USNChanged"
> for AD.
>
http://msdn.microsoft.com/library/default.asp?url=/libr...
>
> I am wondering if this mechanism holds true for a Global Catalog
> scenario. I am new to the Global Catalog concept. From what I
> understand, GCs host a copy of every partition in the forest

Not exactly.

> (a full
> copy of their own domain's domain partition, a full copy of the schema
> partition, a full copy of the configuration partition,

The above is just a DC and as a DC the GC starts with these
in any case.

> and a read-only
> copy of every other domain's domain partition with only a subset of
> attributes for each object),

The key distinction here is that it is a subset or PARTIAL
copy of the other Domain partitions -- only a limited amount
of info is copied for every object in the forest.

> then an object addition/modification to
> any domain will cause replication to all DCs in that domain, as well as
> to all GCs, whether or not they are DCs for that domain.

Sort of -- an addition will cause replication to the GCs, but a
modification may or may not depending on whether the property
modified is among the subset held on each GC.

GCs setup a similar (parallel) replication topology, just as
regular DCs do -- they will replicate those additional partial
domain partitions across the domain boundaries (forest wide.)

GCs use the same mechanisms to do this as do ordinary DCs
for domain replication.

Of course the GC cannot write to the domain partition from
domains other than its own -- this is precisely analogous to
every DC having a read only copy of the schema but replicating
it.

> Attributes
> uSNChanged and uSNCreated are available in GC as read-only attributes.
>
(http://msdn.microsoft.com/library/default.asp?url=/libr...
dschema/a_usnchanged.asp).
> Definition of 'uSNChanged' says - USN value assigned by the *local
> directory* for the latest change, including creation. So at local AD
> level 'uSNChanged' value is unique for each change. I am wondering how
> this is taken care at GC level as it is maintainaing 'uSNChanged' from
> various *local* ADs? i.e. How changes are tracked at Global Catalog
> level? Any ideas?

Just like ordinary partitions, but it isn't a very important concern
unless you have a specific (likely a 'bug') problem....


--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
Anonymous
May 31, 2005 3:44:16 AM

Archived from groups: microsoft.public.win2000.active_directory (More info?)

What I am interested in is a polling mechanism for change detection at
GC level.

I can write a change detection mechanism for a single domain using
mechanism described in

http://msdn.microsoft.com/library/default.asp?url=/libr...

I am wondering if I can use exactly same mechanism at GC level (by
connecting to 3268) to poll for changes happening within the forest
which may span across multiple domains.

As far as I understand, uSNChanged attribute is unique within each
domain. Within domain, each change can be identified by a unique
uSNChanged value. Does this hold true at GC level, where we are talking
about multiple domains.

~Harsh
Related resources
Anonymous
May 31, 2005 7:21:53 AM

Archived from groups: microsoft.public.win2000.active_directory (More info?)

<harsh_bapat@persistent.co.in> wrote in message
news:1117521856.225154.194950@g47g2000cwa.googlegroups.com...
> What I am interested in is a polling mechanism for change detection at
> GC level.
>
> I can write a change detection mechanism for a single domain using
> mechanism described in
>
>
http://msdn.microsoft.com/library/default.asp?url=/libr...
>
> I am wondering if I can use exactly same mechanism at GC level (by
> connecting to 3268) to poll for changes happening within the forest
> which may span across multiple domains.

I don't know the code -- I only know how they "work" blackbox
fashion but they are said to do it in the same and parallel manner
to the domain DCs.

There is a very good chance that is literally true since that is the
behavior -- but of course, it is possible you will hit some weird
snag.

> As far as I understand, uSNChanged attribute is unique within each
> domain. Within domain, each change can be identified by a unique
> uSNChanged value. Does this hold true at GC level, where we are talking
> about multiple domains.

I have no idea but if you already have the code it is worth the try
(on the assumption that it will work.)


--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]

>
> ~Harsh
>
Anonymous
July 4, 2011 8:09:52 AM

I think that polling for uSNChanged values from a global catalog server doesn't work. In my case at least, I can not read the invocationId from the service object. This means I cannot detect whether the domain controller has been restored from backup which means that I cannot know whether to run a full sync or incremental sync.
!