Datasheet
8
Chapter 1
N
Preparing for the Exchange Installation
Physical Components
The physical side of Active Directory is primarily represented by domain controllers and sites.
These enable organizations to optimize replication traffic across their networks and to assist
client workstations in finding the closest domain controller to validate logon credentials.
Domain Controllers
Every domain must have at least one domain controller, a computer running Windows
Server that validates user network access and manages Active Directory. During the process
of configuring Active Directory, you have the option of creating a new domain or joining
an existing domain. If you create a new domain, you also have the option of creating or
joining an existing domain tree or forest. A domain controller stores a complete copy of
all Active Directory information for that domain, manages changes to that information,
and replicates those changes to other domain controllers in the same domain. Schema and
infrastructure configuration information are replicated between all domain controllers in a
forest.
In Windows Server NT 4.0, a distinction was drawn between primary and
backup domain controllers. This distinctions meant that the primary domain
controller was the only server that changes to objects in the directory.
Since Windows 2000 Server was released, all domain controllers are
considered peers, and each holds a writable copy of Active Directory. As
you talk to people in the IT industry, you may hear them improperly refer
to additional Active Directory domain controllers as backup domain con-
trollers (BDCs). Usually when they say this they mean that an additional
domain controller is required. Introduced with Windows Server 2008 was
a new option similar to BDCs called read-only domain controllers (RODC).
Global Catalog
In a single-domain environment, users can rely on Active Directory to provide all of the
necessary information about the resources on the network. In a multiple-domain envi-
ronment, however, users often need to access resources outside their domain—resources
that might be more difficult to find. For this, a global catalog holds information about all
objects in a forest. The global catalog enables users and applications to find objects in an
Active Directory domain tree if the user or application knows one or more attributes of the
target object.
Through the replication process, Active Directory automatically generates the contents
of the global catalog from the domain controllers in the directory. The global catalog holds
a partial replica of Active Directory. Even though every object is listed in the global cata-
log, only a limited set of attributes for those objects is replicated in it. The attributes listed
for each object in the global catalog are defined in the schema. A base set of attributes is
replicated to the global catalog, but you can specify additional attributes to meet the needs
of your organization.