Domain Controller And Windows Active Directory

  • domain controller (DC) is a server that responds to security authentication requests within a Windows Server domain. It is responsible for allowing host access to Windows domain resources/network resources (applications, printers, and so forth).
  • The user needs only to log in to the domain to gain access to the resources, which may be located on a number of different servers in the network.
  • Most organizations have Primary domain controller (PDC) and backup domain controller (BDC).
  • The primary domain controller, manages the master user database for the domain. One or more other servers are designated as backup domain controllers. The PDC periodically sends copies of the database to the BDCs. A backup domain controller can step in as primary domain controller if the PDC server fails and can also help balance the workload if the network is busy enough.
  • A domain controller is the centerpiece of the Windows Active Directory (AD) service. It authenticates users, stores user account information and enforces security policy for a Windows domain.
  • The domain controller authenticates the user identity, typically by validating a username and password, then authorizes requests for access accordingly.
  • Active Directory is what is called a directory service, it stores objects like users and computers (Hierarchy database). A domain controller is what the server running Active Directory is called.
  • User and group information is stored in the Security Accounts Manager (SAM). For larger networks we have Microsoft’s Active Directory or OpenLDAP as well as others to store user and group information.
  • The SAM file is located on each Windows host in the windowssystem32config folder·
  • With Active Directory, Domain Controller store account information, including LANMAN and NT hashes in %systemroot%ntdsntsd.dit···
error: Content is protected !!