Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Native vs Mixe mode 1

Status
Not open for further replies.
peterve

peterve

IS-IT--Management
Mar 19, 2000
1,348
0
0
NL
Hi,

I know that the mixed mode uses a Global Catalog server to provide log on to the network
When there is no GC server available, a regular user will only be able to log on locally to the computer he is using.
(unless he is a member of the Domain Admins groups)

What about native mode ?
Is it still using Global Catalog to provide log-on ? Peter Van Eeckhoutte
peter.ve@pandora.be

 
Sort by date Sort by votes
Judging from your many excellent replys to questions posed by others I didn't think there was an area of 2k that you didn't have down cold.

One of our customers runs a small network with 2k server in native mode with 98, ME, and 2000 pro clients. With the proper permissions (domain user) users can log in at any workstation.

Does this answer your question?
 
Upvote 0 Downvote
Hi ShaneHeasley,

Thank you for your very kind reply ! But believe me... there is still a lot I have to learn ;-)

Win2K supports both NTLM and Kerberos to provide logon service to all sorts of clients.
That's why Win9x, ME, Win2K clients can log on to the domain.
Changing a domain from mixed mode to native mode only changes the domain architecture, not the logon services. So there is still support for NTLM in native mode.

A global catalog has 2 roles :
1. it allows you to find information throughout all the domains in your AD
(the global catalog contains all the objects of the local domain + a subset of all objects of all other domains)
2. it allows logon to the network by providing universal information about group membership to a domain controller when a netlogon process is started... (native mode only)

So, in native mode, when a user logs on, the domain controller validates it's name & password
AND the Global Catalog server has to provide the domain controller with the appropriate information to allow access to the network.

What I was wondering is :
Suppose you have a domain, 1 global catalog server
2 domain controllers. All servers are working in mixed mode (DC01 is PDC emulator)
Let's assume that DC01 is also the GC server, and is in site 1
DC02 is the second Domain Controller, is in Site 2, and site 2 is connected with a leased line to site 1
Suppose the link goes down, will a client in site 2 be able to log on to the domain ?
Well... I believe he will, because mixed mode does not require a global catalog query

In native mode, the domain controller needs more information (obtained from a query in the Global Catalog)
A user will always need a Global Catalog to find a domain controller...
If there is no Global catalog server, only a Domain Admin will be able to log on to the network.

My conclusion would be : install a global catalog server in every remote site... (but be aware of the consequences -> replication traffic !!)


Can somebody confirm this ?

Peter Van Eeckhoutte
peter.ve@pandora.be

 
Upvote 0 Downvote
I checked it and... my explanation is correct
This means that my first statement (my initial question) is completely wrong !

Native mode : needs GC
Mixed mode : does not need GC Peter Van Eeckhoutte
peter.ve@pandora.be

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

tviman
  • Locked
  • Question
Remote Apps vs Remote Desktop Connection
Replies
0
Views
43
tviman
tviman
AlfonsoSF
  • Locked
  • Question
Esplorer (not the internet browser) hangs in a user RDP session ins a W2016 vsphere virtual machine.
Replies
1
Views
51
hairlessupportmonkey
hairlessupportmonkey
Leozack
  • Locked
  • Question
LOGON SPEED : GPO settings vs script reg import etc
Replies
3
Views
62
Leozack
Leozack
cindylee
  • Locked
  • Question
Forefront UAG vs Citrix
Replies
3
Views
55
itsp1965
itsp1965
ceil32
  • Locked
  • Question
VSS not working - Cannot create a stable subkey under a volatile parent key
Replies
0
Views
52
ceil32
ceil32

Part and Inventory Search

Sponsor

Back
Top