kluu_ironport Mon, 08/18/2008 - 16:00
User Badges:

If you have a global catalog (windows 2000 server and later), then you should use the 3268 port as it's faster.

Here is a good reference on global catalog:


Hi gurus,

Whats the best port to use if you have multiple domains in a forest..

Im using 389..would 3268 is ok?

please advise..

thank you
jlwaller_ironport Tue, 08/19/2008 - 23:01
User Badges:

Also searching using GC will look across all domains - if you are having trouble finding users use the GC port.

More information is found in the KB

"NOTE: If your Active Directory implementation contains subdomains, you will not be able to query for users in a sub domain using the base DN of the root domain. However, when using Active Directory, you may also query LDAP against the Global Catalog (GC) Server on TCP port 3268. The GC contains partial information for *all* objects in the Active Directory forest and provides referrals to the subdomain in question when further information is required. If you cannot "find" users in your subdomains, leave the base DN at the root and change to the GC port." - from the KB


This Discussion