Primary Domain Controller (PDC)


Definition of Primary Domain Controller (PDC) in The Network Encyclopedia.

What is Primary Domain Controller (PDC)?

Primary Domain Controller is a Microsoft Windows NT domain controller that contains the master copy of the Security Account Manager (SAM) database. A Windows NT domain has only one PDC, which periodically undergoes directory synchronization to copy its directory database to back up domain controllers in the domain. The primary domain controller (PDC) must be the first computer installed in a domain and defines the domain.

Primary Domain Controller
Primary Domain Controller




Domain – a concept introduced in Windows NT

With Windows NT 4 Server, one domain controller per domain was configured as the primary domain controller (PDC); all other domain controllers were backup domain controllers (BDC).



Because of the critical nature of the PDC, best practices dictated that the Primary Domain Controller should be dedicated solely to domain services, and not used for file, print or application services that could slow down or crash the system. Some network administrators took the additional step of having a dedicated BDC online for the express purpose of being available for promotion if the Primary Domain Controller failed.

A BDC (backup domain controller) could authenticate the users in a domain, but all updates to the domain (new users, changed passwords, group membership, etc.) could only be made via the PDC, which would then propagate these changes to all BDCs in the domain. If the PDC was unavailable (or unable to communicate with the user requesting the change), the update would fail. If the PDC was permanently unavailable (e.g. if the machine failed), an existing BDC could be promoted to be a PDC.

PDC off for maintenance

If a PDC needs to be taken offline for maintenance or repair or if it unexpectedly goes down, a backup domain controller (BDC) can be promoted to the role of PDC. This is necessary because BDCs contain read-only copies of the domain directory database, so user accounts cannot be modified and passwords cannot be changed unless there is a PDC on the network.




See also:

Editor

Articles posted after being checked by editors.

Recent Content

link to Public Key Infrastructure (PKI)

Public Key Infrastructure (PKI)

Public Key Infrastructure, also known as PKI, is a set of services that support the use of public-key cryptography in a corporate or public setting. A public key infrastructure (PKI) enables key pairs to be generated, securely stored, and securely transmitted to users so that users can send encrypted transmissions and digital signatures over distrusted public networks such as the Internet.
link to Digital Signature

Digital Signature

Digital Signature is an electronic signature that you can use to sign a document being transmitted by electronic means such as e-mail. Digital signatures validate the identity of the sender and ensure that the document they are attached to has not been altered by unauthorized parties during the transmission.