Domain Controller (DC)

Introduction

As the name suggests, a Domain Controller exercises control over the domain it supervises. Its main purpose it to provide central management and control of access to domain resources by its users. In the Microsoft world, since Windows 2000, a Windows  Domain Controller operates in an environment called the Active Directory. 

Windows NT4 utilised the concept of Primary (PDC) and Backup (BDC) domain controllers. Though the BDC provided a level of redundancy for servicing log-on requests if the PDC was down; all changes to  the domain were done through the PDC. Although the BDC could be promoted to PDC if the PDC failed, the DCs were not equals - there was a master/slave relationship.

Windows 2000 introduced the concept of Active Directory which also utilises "controllers", but one AD DC is essentially the same as another, changes made to one DC are automatically replicated to other DCs in the domain. Since the introduction of Active Directory, the domain controllers now administer Active Directory Domain Services. There are a small number of roles that are not replicated between DCs in the same way as most - these are the FSMO roles - (see later).

The Domain Controller is critical to the operation of the Domain - without access to a working DC, logging on to the network to get access to shared resources is impossible (although individual users can log back into their computer using a cached profile). Providing directory services on a home network therefore brings significant overhead - as a minimum, you need two computers (or Virtual Machines) configured as Domain Controllers. Obviously, if using VMs, they should not be on the same physical computer.

to be continued . . . .