JSI Tip 4629. How do I add an attribute to the Global Catalog?

NOTE: The text in the following Microsoft Knowledge Base article is provided so that the site search can find this page. Please click the Knowledge Base link to insure that you are reading the most current information.

Microsoft Knowledge Base article Q313992 contains:

IN THIS TASK

SUMMARY

This step-by-step article describes how to add an attribute to the global catalog. By using the Active Directory Schema, you can specify additional attributes to be kept in the global catalog. This helps to speed up search queries across a domain for an attribute that is not included by default in the global catalog.

IMPORTANT: Adding a new attribute to the global catalog causes a full synchronization of all object attributes that are stored in the global catalog (for all of the domains in the forest). Because of this, in a large, multidomain forest, the addition of global catalog attributes will cause this one-time synchronization, and this could result in significant network traffic.

The global catalog provides fast and efficient searches that extend across the entire Active Directory forest. Every domain controller (DC) holds a read/write full replica of all objects in the domain for which it is a member, and if it is also a global catalog, it also holds a read-only partial replica (all objects but only a partial attribute set) of its domain, and every other domain in the forest. Because of this, the global catalog makes directory structures in a forest transparent to end users, creating a search mechanism that makes finding objects in the directory uncomplicated and efficient.

By default, the partial set of attributes that are stored in the global catalog includes those attributes that are most frequently used in search operations. While most attributes are already included in the global catalog, and the majority of administrators will not need to make any changes, by adding additional attributes, you can speed up search queries across a domain for an attribute that is not included by default. For example, you can add a Fax number attribute for User objects, so that end users can easily search for other user's fax numbers in the directory. However, because editing the Schema affects all domains in the forest, making changes should only be considered by experienced administrators.

For additional information about what attributes are included in the global catalog by default, click the article number below to view the article in the Microsoft Knowledge Base:

back to the top

Add an Attribute to the Global Catalog

IMPORTANT: Adding a new attribute to the global catalog causes a full synchronization of all of the domain data from all of the domains in the forest. In a large, multi-domain forest, this synchronization can cause significant network traffic.

Modifying the Schema also requires that a person be a member of the Schema Administrators group.

To add an attribute to the global catalog:

NOTE: If the Active Directory Schema is not available, you must install the Windows 2000 Administration Tools from the Windows 2000 Server CD-ROM, and then add it to an Microsoft Management Console (MMC) console. To install the Windows 2000 Administrative tools, run Adminpak.msi from the %systemroot%System32 folder. Once the additional administrative tools are installed, you can add the Active Directory Schema snap-in to the MMC.For additional information about how to install the Windows 2000 Administration Tools, click the article number below to view the article in the Microsoft Knowledge Base:

For additional information about how to make the Schema Master available for viewing and editing, click the article numbers below to view the articles in the Microsoft Knowledge Base:

back to the top

Index an Attribute in Active Directory

To index an attribute in Active Directory:

NOTE: If the Active Directory Schema is not available, you must install the Windows 2000 Administration Tools from the Windows 2000 Server CD-ROM, and then add it to an Microsoft Management Console (MMC) console. To install the Windows 2000 Administrative tools, run Adminpak.msi from the %systemroot%System32 folder. Once the additional administrative tools are installed, you can add the Active Directory Schema snap-in to the MMC.For additional information about how to install the Windows 2000 Administration Tools, click the article number below to view the article in the Microsoft Knowledge Base:

back to the top

REFERENCES

For additional information about the global catalog, click the article numbers below to view the articles in the Microsoft Knowledge Base:

back to the top