A domain controller
on a Windows based system is a server that stores an Active Directory partition or copy of the directory.
A domain controller has several important functions:
- It manages the changes to directory information.
- It copies directory changes to other domain controllers in the same domain.
- It stores directory data.
- It manages user logon processes, authentication, and directory searches.
A domain may have one or more domain controllers. As system administrator, you will need to address the issue of how many domain controllers you should you have in your domain. This will of course depend on the needs of your network.
A small organization that uses a single local area network (LAN) may need only one domain with two domain controllers to provide adequate availability and fault tolerance, whereas a large company with many geographical locations will need one or more domain controllers in each location to provide adequate availability and fault tolerance.
Whether you have one domain with a few domain controllers or a number of locations each with its own domain controller, availability and fault tolerance are ensured through multi-master replication.
Active Directory uses multi-master replication, in which no single domain controller is the master domain controller.
Although all the domain controllers running Windows 2000 Server within a domain contain a writeable copy of the directory, domain controllers might hold different information for short periods of time until all the domain controllers have synchronized their changes to Active Directory. In the next lesson, we will define the different types of domain controllers and their role in Active Directory.