Backup Domain Controller
In older versions of Windows, specifically in the Windows NT era (prior to Windows 2000), the concept of a Backup Domain Controller (BDC) was an integral part of the domain model for network security and user management.
The BDC was used to replicate user and computer account information from the Primary Domain Controller (PDC). This replication ensured that the BDC had an up-to-date copy of the domain's security and user data. BDCs were used to handle authentication requests from clients within the network. This was particularly important for load balancing and redundancy; if the PDC was unavailable, a BDC could step in to authenticate users.
BDCs were used to handle authentication requests from clients within the network. This was particularly important for load balancing and redundancy; if the PDC was unavailable, a BDC could step in to authenticate users. In the Windows NT domain model, the BDC held a read-only copy of the domain's database. While it could authenticate users and computers, it couldn't make changes to the domain database. All changes had to be made on the PDC, which would then replicate to the BDCs.
Microsoft shifted from the Windows NT domain model to Active Directory (AD). In AD:
- Multi-Master Model: Unlike the PDC/BDC model, Active Directory uses a multi-master model, where each domain controller holds a writable copy of the domain database.
- Flexible Single Master Operations (FSMO) Roles: Certain specialized tasks are still handled by individual domain controllers designated for specific FSMO roles, but these roles do not represent the same PDC/BDC division of labor.
- Improved Replication and Fault Tolerance: Active Directory provides improved mechanisms for data replication, fault tolerance, and load balancing across domain controllers.