Solved

Domain Controllers in Windows 2003 Server

Posted on 2006-07-12
5
220 Views
Last Modified: 2010-04-18
This is something I should have gotten more clarity on some time ago.  In a Windows 2000 Server Active Directory there was always a Primary Domain Controller (PDC).  You could/should have Secondary/Tertiary/... Domain Controllers (DCs) to provide fail-over.  I remember hearing how Windows 2003 Server changed things so that there is no PDC, there are just DCs - none of which is considered or technically referred to as the PDC.

First, is my general notion about DCs and the lack of PDC's in Windows 2003 Server even remotely correct?  If not, I will appreciate any guidance.

Second, if it is true that there is no PDC in a Windows Server 2003 AD, any info, urls, articles that can explain the differences between Domain Controllers in Windows Server 2000 vs. 2003 ADs will be greatly appreciated.

Thank you.
0
Comment
Question by:Segulus
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 29

Accepted Solution

by:
mass2612 earned 84 total points
ID: 17089648
Hi,

Since Windows 2000 introduced us to AD their has been no true PDC, BDC roles. There is a PDC emulator FSMO role that runs on a single DC within a domain but this is only to provide backward compatibility to client OS that require access to a PDC.

All DC's are all considered equal in the domain however some hold the special FSMO forest and domain roles i.e.
Schema master
Domain naming master
Infrastructure master
RID master
PDC emulator

http://www.petri.co.il/understanding_fsmo_roles_in_ad.htm

http://support.microsoft.com/kb/324801

http://www.microsoft.com/windowsserver2003/technologies/directory/activedirectory/default.mspx

I hope this provides some help as a starting point.

0
 
LVL 9

Assisted Solution

by:dooleydog
dooleydog earned 83 total points
ID: 17089908
and, in server 2003, the concept remains the same.

The main purposes for a PDC emulator are:

1. For NT 4.0 BDCs
2. For urgent replication, like account locouts or password changes

additionally, othere FSMO roles are held on a singled DC, due to the nature of the role or service and how it would interact with Multi-Master replication.

Good Luck,
0
 
LVL 48

Assisted Solution

by:Jay_Jay70
Jay_Jay70 earned 83 total points
ID: 17095536
correct - no BDC's....your old concept of PDC is pretty much the machine that holds your Schema and Domain Naming Master roles and is usually the first DC in your domain, commonly known as a root DC....

2000 and 2003 AD are similar.....2003 has increased security and replication functionality, basic concepts are exactly the same
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
gpo failed on a couple of systems- URGENT- WINDOWS SERVER 2012 R2 11 66
shadow copies 7 95
Connecting two servers 30 93
MS Endpoint Protection 2 105
I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question