Yup, can't disagree with that, I would guess it's little
more than an implementation specific side effect of the way they determine what
responses a GC should give and those that it shouldn't.
After all, a GC's response should be (loosely) consistent regardless of which GC
the query was submitted to. Having said that though, and as you already
implied, there are indeed cases whereby a response from one GC differs from
another (unrelated to replication latency which is a given) generally due to the
domain in which the GC exists ... but that really shouldn't have any baring on
the forest wide NCs.
--
Dean Wells
MSEtechnology
( Tel: +1 (954)
501-4307
* Email: dwells@msetechnology.com
http://msetechnology.com
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Sunday, July 11, 2004 11:40 AM
To: [EMAIL PROTECTED]; 'Send - AD mailing list'
Subject: RE: [ActiveDir] Thought of the Day
Exactly... all of the info is on every GC already, why not
let people query it through the GC port which is most controlled by what is
set as PAS. Instead if you have a bind already to a GC port on a DC you
have to open another bind to the LDAP port to search for attributes in the
config.... Why?
Actually I don't think it should be a matter of what is
marked PAS for the schema and config NCs, they should be fully searchable
through the GC port, there are a bunch of other special cases so that would
simply fit in.
joe
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean Wells
Sent: Sunday, July 11, 2004 9:42 AM
To: Send - AD mailing list
Subject: RE: [ActiveDir] Thought of the Day
Never sat down and checked them ... I would guess some of
them are PAS enabled simply due to the fact that they're used on both common
domain NC objects and those in the config. (and possibly the
schema).
Maybe it took so much extra disk space to maintain the
PAS=1 they decided against it :-) or "since they're already everywhere,
why bother" may have crossed their minds.
Seriously, the primary reason has to be it serves no
purpose since the GC maintains only those PAS enabled attributes populated on
objects within the domain NC. Sure it's got a copy of the config. and
schema but not because of its GC'ness.
--
Dean Wells
MSEtechnology
( Tel: +1 (954)
501-4307
* Email: dwells@msetechnology.com
http://msetechnology.com
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Saturday, July 10, 2004 6:44 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Thought of the Day
How come all attributes of all objects that live entirely
in the configuration NC and Schema NC aren't PAS
enabled?
