[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 439
  • Last Modified:

Difference between backup domain controller and 2 gcs

Hi,

For the record is there a difference between installing a "backup domain controller" and just installing AD DS on a additional server?  Same difference right?

So for example if you have 5 dc that are all gc, you would have 4 backup dc and one main right?  thanks!
0
communitypc
Asked:
communitypc
  • 3
1 Solution
 
Radhakrishnan RITCommented:
Instead of add BDC you can add ADC (Additional Domain controller) since ADC has writable copy of AD database where as BDC only readable copy of AD database. If you configure as GC then it will be having list of AD objects on it's own domain and partial information of other domains. Please note that, do not configure GC and Infrastucture role on same server.
0
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
No.  Because if you understand how AD works, you know there is no such thing as a backup domain controller.

In NT4 days, PDCs (Primary Domain Controllers) had the ONLY writable Database of users and computers.  If the PDC was done, you couldn't add a machine to the domain or add a user to the domain.  The BDCs were read-only copies that just helped authenticate users and were literally "backups" that could be promoted to the PDC.

In AD, ALL DCs have writable copies of AD.  It's called "Multiple Master" for a reason since they can all create new users and allow computers to join the domain.  They then replicate the information with each other.  The FSMO holders have "management" functionality for the domain.  For example, the RID master allocates IDs for objects (users, computers, etc) in bunches to each DC, ensuring AD doesn't give out two of the same.  There are 5 FSMO roles and they can allocated to one or more DCs in the domain.  Further, "child" domains wouldn't necessarily have the same 5 FSMO roles as some roles are FOREST wide.

As per http://technet.microsoft.com/en-us/library/cc728188(WS.10).aspx
The global catalog is a distributed data repository that contains a searchable, partial representation of every object in every domain in a multidomain Active Directory Domain Services (AD DS) forest. The global catalog is stored on domain controllers that have been designated as global catalog servers and is distributed through multimaster replication. Searches that are directed to the global catalog are faster because they do not involve referrals to different domain controllers.
0
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
"ADC" is not an official recognized term.  
0
 
coolfigerCommented:
the thing is once they're replicating they can be considered a backup ... if they are not then well .. its not a backup ...

when they say backup they jsut mean another server that has the roles on it. Some people chose to have multiple servers with diffrent roles some just choose to have one backup server with all the roles...
0
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
Proper use of terminology is important - failing to do so can result in erroneous advice - I've seen it happen SPECIFICALLY in relation to PDC/BDC and Active Directory.  If a person is asking this question, then CORRECT information should be presented, but "whatever" information that can be considered correct if you think of it like xyz.
0

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now