Sunday, August 2, 2015

Domain controller



Domain controller is a server of Microsoft server that works for security authentication of requests within the Windows server domain like logging in, checking permissions etc. A domain is a concept introduced in Windows NT whereby a user may be granted access to a number of computer resources with the use of single username and password combination.

In Windows NT server we used domain controller pre domain which was configured as the primary domain controller (PDC) and all other domain controllers were used only backup domain controllers (BDC).
PDC and BDC domain controller works in together to stores user account information, authenticates users and enforces security policy for a windows domain. But main jobs of BDC is authenticate the users in a domain and all updates to the domain like new users, changed passwords, group membership etc only be made via the PDC. That would then propagate these changes to all BDCS in the domain.

When we face any interrupt in domain controller it’s mean PDC is unable to communicate with the user requesting the change or permanently unavailable (e.g. if machine failed), then the existing BDC could be promoted to be a PDC. Because critical nature of the PDC. The best practices dictated that the PDC should be dedicated only to domain services and not used for file/print/application services that could slow down or crash the system. Some arbiters took the additional step of having a dedicated BDC online for the express purpose of being available for promotion if the PDC failed.
In a Windows NT network not all servers need to be a PDC or BDC. A server can be designated as a

1 comment: