Guest Steven Posted August 27, 2008 Posted August 27, 2008 We have roughly 500 offices in a single forest, single domain with no trusts. Win2003R2 Native mode. Many of our security groups are mail enabled and we also have many distribution groups. I know in Exchange 2007 these DL's must be universal but I'm wondering if these groups should be universal or glocal given our environment with Exchange 2003. And lastly can membership slow logon depending on the type of group? -- Curious Quote
Guest S. Pidgorny Posted August 28, 2008 Posted August 28, 2008 Comments inline: Steven wrote:<span style="color:blue"> > We have roughly 500 offices in a single forest, single domain with no trusts. > Win2003R2 Native mode. Many of our security groups are mail enabled and we > also have many distribution groups. > > I know in Exchange 2007 these DL's must be universal but I'm wondering if > these groups should be universal or glocal given our environment with > Exchange 2003.</span> I believe in the versions of Exchange prior to E2K7, any group can be mail-enabled. Also, you don't need to convert all mail-enabled groups to Universal if you migrate to E2K7. <span style="color:blue"> > And lastly can membership slow logon depending on the type of group?</span> Not really, no. Universal group membership is checked against GC, which you can disable - but not without consequences. The time difference logging on will be negligible. -- Svyatoslav Pidgorny, MS MVP - Security, MCSE -= F1 is the key =- http://sl.mvps.org http://msmvps.com/blogs/sp Quote
Guest Steven Posted August 28, 2008 Posted August 28, 2008 So far the change does seem negligible, I was just going off the MS article seen below: The following list summarizes potential benefits for caching universal group memberships in branch office locations: Faster logon times since authenticating domain controllers no longer need to access a global catalog to obtain universal group membership information. No need to upgrade hardware of existing domain controllers to handle the extra system requirements necessary for hosting a global catalog. Minimized network bandwidth usage since a domain controller will not have to handle replication for all of the objects located in the forest. -- Steve MCSA, MCSE "S. Pidgorny <MVP>" wrote: <span style="color:blue"> > Comments inline: > > Steven wrote:<span style="color:green"> > > We have roughly 500 offices in a single forest, single domain with no trusts. > > Win2003R2 Native mode. Many of our security groups are mail enabled and we > > also have many distribution groups. > > > > I know in Exchange 2007 these DL's must be universal but I'm wondering if > > these groups should be universal or glocal given our environment with > > Exchange 2003.</span> > > I believe in the versions of Exchange prior to E2K7, any group can be > mail-enabled. Also, you don't need to convert all mail-enabled groups to > Universal if you migrate to E2K7. > <span style="color:green"> > > And lastly can membership slow logon depending on the type of group?</span> > > Not really, no. Universal group membership is checked against GC, which > you can disable - but not without consequences. The time difference > logging on will be negligible. > > > -- > Svyatoslav Pidgorny, MS MVP - Security, MCSE > -= F1 is the key =- > > http://sl.mvps.org http://msmvps.com/blogs/sp > </span> Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.