Global catalog
Global catalog definition
A global catalog (GC) is a distributed data repository in Microsoft’s Active Directory (AD) systems. It contains a searchable, partial representation of every object in every domain within a multi-domain AD forest.
See also: IAM authentication, access control entry
How a global catalog works
The GC doesn’t store the full set of attributes for every object. Instead, it contains a subset of the most searched attributes, like a user’s first and last name, login name, and some other critical attributes. That allows the GC to respond quickly to queries without referring to the domain controller responsible for the full object.
The global catalog is replicated across global catalog servers (GCS). The process is managed by Active Directory’s multi-master replication mechanism, making sure that the data is consistent and up-to-date.
GC servers use the Directory Replication Service (DRS) to advertise their availability to domain controllers. This means that when a device or system needs to query the GC, it knows where to find an available server.
Global catalog uses
- Directory lookups. The global catalog facilitates quick directory lookups across the entire AD forest, not just within a single domain. This makes it essential in multi-domain environments.
- Login authentication. In a Windows environment, when users log on, the system checks their universal group memberships. This check is done against the global catalog, making it essential for the login process.
- Address book queries. In setups like Microsoft Exchange, the GC aids in resolving email addresses across the entire forest.