?
Solved

PDC being used in Windows Server 2003 Enviroment

Posted on 2006-10-24
10
Medium Priority
?
241 Views
Last Modified: 2010-04-18
I have inherited a Windows 2003 server enviroment that is still using a PDC.  It is my understanding that in a 2003 enviroment that there is no need to have a PDC.  How can I move away from this so that all of the DC are created equally?  What are the advantages and dis advantages.
0
Comment
Question by:securitythreat
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +1
10 Comments
 
LVL 39

Expert Comment

by:redseatechnologies
ID: 17795377
Hi securitythreat,

In 200x it is that way already - what do you mean "is still using a PDC"?

-red
0
 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 17795922
Either you have an NT4 domain with NO 2003 domain controllers OR you have a 2003 domain with no NT4 PDC.  There is simply NO PDC in a 2003 (Active Directory) domain.  You don't "move away" from it.
0
 
LVL 26

Accepted Solution

by:
MidnightOne earned 1000 total points
ID: 17800042
securitythreat:

In a Windows NT domain, there is a PDC (the only read-write copy of the security database) and BDCs (read-only copies).

In Windows 2000 and later domains, there is no PDC - there is however a PDC Emulator FSMO that performs a lot of the same functions.

If you have a Windows NT PDC -and- a Windows 2003 domain controller on the same domain, there's --going-- to be problems.

With all THAT said, you can still have a Windows NT domain and Windows 2003 servers that aren't domain controllers and there won't be (many) problems.

HTH

MidnightOne
0
Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

 
LVL 1

Author Comment

by:securitythreat
ID: 17834810
Then what writes are transferred when the primary server crashed?
0
 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 17835175
How do you define primary server?

MidnightOne, in my opinion, incorrectly suggested (intentionally or not) the PDC Emulator is equal to the PDC.  IT is not.  There is NO PDC.  There are 5 FSMO roles that COULD be distributed over 5 servers.  If you did that which would you call the "PDC"?  EVERYTHING is a DC.  And 1-5 DCs hold the FSMO roles.  By default, the first DC to run 2000/2003 (Active Directory) is the system with all 5 FSMO roles.

You MUST have FSMO masters on your domain - so in that respect, you CANNOT have all DCs created equal... and you don't want, nor need, more than 2 DCs per site.
0
 
LVL 26

Expert Comment

by:MidnightOne
ID: 17838501
leew:

While the PDC Emulator FSMo isn't equal to a PDC under WinNT, and despites MS's claim to the contrary, I've yet to see a domain function even moderately well when the DC with the PDC Emulator role failed.

*shrugs*

MidnightOne
0
 
LVL 39

Assisted Solution

by:redseatechnologies
redseatechnologies earned 1000 total points
ID: 17838567
I agree with you MidnightOne,

>>MidnightOne, in my opinion, incorrectly suggested (intentionally or not) the PDC Emulator is equal to the PDC

Where did you suggest that?  I cannot see you say that at all!  What you said, was as follows;

>>In Windows 2000 and later domains, there is no PDC - there is ***however a PDC Emulator FSMO that performs a lot of the same functions***

Which is correct.

Petri agrees with us both...

http://www.petri.co.il/understanding_fsmo_roles_in_ad.htm

-red
0
 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 18107421
I never said the PDC emulator wasn't similar.  My feeling was that MidnightOne didn't clarify enough how different the PDC emulator in AD and the PDC in an NT4 domain differed in his original post.
0

Featured Post

Veeam Task Manager for Hyper-V

Task Manager for Hyper-V provides critical information that allows you to monitor Hyper-V performance by displaying real-time views of CPU and memory at the individual VM-level, so you can quickly identify which VMs are using host resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question