# Domain controller

> Mediated Wiki article. Canonical URL: https://mediated.wiki/source/Domain_controller
> Markdown URL: https://mediated.wiki/source/Domain_controller.md
> Source: https://en.wikipedia.org/wiki/Domain_controller
> Source revision: 1292099328
> License: Creative Commons Attribution-ShareAlike 4.0 International (https://creativecommons.org/licenses/by-sa/4.0/)

{{Short description|Type of computer server}}
A '''domain controller''' ('''DC''') is a [server](/source/Server_(computing))<ref name="DomainControllerRoles">{{cite web |title = Domain Controller Roles |work = Microsoft TechNet |url = https://technet.microsoft.com/en-us/library/cc786438(WS.10).aspx |access-date = Dec 4, 2009 }}</ref><ref>{{cite web |title = Domain Controller Roles |work = Windows Server 2003 Technical Reference |publisher = Microsoft TechNet |url = https://technet.microsoft.com/en-us/library/cc786438(WS.10).aspx |access-date = 2012-11-21 |date = 2010-06-03}}</ref> that responds to security authentication requests within a computer [network domain](/source/network_domain). It is a [network](/source/Network_(computing)) server that is responsible for allowing [host](/source/Host_(network)) access to domain resources. It authenticates users, stores user account information and enforces [security policy](/source/security_policy) for a domain.<ref>{{Cite web|url=https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/4/html/Reference_Guide/s2-samba-domain-controller.html|title=14.3.3. Domain Controller|website=access.redhat.com}}</ref> It is most commonly implemented in [Microsoft Windows](/source/Microsoft_Windows) environments (see [Domain controller (Windows)](/source/Domain_controller_(Windows))), where it is the centerpiece of the Windows [Active Directory](/source/Active_Directory) service. However, non-Windows domain controllers can be established via [identity management](/source/identity_management) software such as [Samba](/source/Samba_(software)) and [Red Hat](/source/Red_Hat) [FreeIPA](/source/FreeIPA).

==Software==
The software and operating system used to run a domain controller usually consists of several key components shared across [platforms](/source/computing_platform). This includes the operating system (usually [Windows Server](/source/Windows_Server) or [Linux](/source/Linux)), an [LDAP](/source/Lightweight_Directory_Access_Protocol) service ([Red Hat Directory Server](/source/389_Directory_Server), etc.), a network time service ([ntpd](/source/ntpd), [chrony](/source/chrony), etc.), and a computer network authentication protocol (usually [Kerberos](/source/Kerberos_(protocol))).<ref>{{Cite web|url=https://docs.fedoraproject.org/en-US/Fedora/18/html/FreeIPA_Guide/introduction.html|title=Chapter 1. Introduction to FreeIPA|website=docs.fedoraproject.org|access-date=2020-01-02|archive-date=2022-04-07|archive-url=https://web.archive.org/web/20220407054234/https://docs.fedoraproject.org/en-US/Fedora/18/html/FreeIPA_Guide/introduction.html|url-status=dead}}</ref> Other components, such as a [public key infrastructure](/source/public_key_infrastructure) (Active Directory Certificate Services, DogTag, [OpenSSL](/source/OpenSSL)) service and [Domain Name System](/source/Domain_Name_System) (Windows DNS or [BIND](/source/BIND)) may also be included on the same server or on another domain-joined server.<ref>{{Cite web |date=2023-02-06 |title=How to Find Expired Domains |url=https://domainhuntergatherer.com/guides/how-to-find-expired-domains/ |access-date=2023-04-15 |website=Domain Hunting Guides |language=en-US}}</ref>

==Implementation==
Domain controllers are typically deployed as a [cluster](/source/Computer_cluster) to ensure high-availability and maximize reliability. In a Windows environment, one domain controller serves as the Primary Domain Controller (PDC) and all other servers promoted to domain controller status in the domain serve as a Backup Domain Controller (BDC).<ref>{{Cite web|url=https://technet.microsoft.com/en-us/library/cc786438%28WS.10%29.aspx|title=Domain Controller Roles|publisher=Microsoft Tech net 3 June 2010|access-date=13 February 2011}}</ref> In Unix-based environments, one machine serves as the master domain controller and others serve as replica domain controllers, periodically replicating database information from the main domain controller and storing it in a read-only format.<ref>{{Cite web|url=https://www.freeipa.org/page/V4/Replica_Setup|title=V4/Replica Setup - FreeIPA|website=www.freeipa.org}}</ref>

==See also==
* [Apple Open Directory](/source/Apple_Open_Directory)
* [Domain controller (Windows)](/source/Domain_controller_(Windows))
* [Microsoft Windows Active Directory](/source/Active_Directory)
* [Red Hat Identity Manager](/source/FreeIPA)/[Red Hat FreeIPA](/source/FreeIPA)

==References==
{{Reflist}}

Category:Servers (computing)
Category:Active Directory
Category:Authentication protocols
Category:Network architecture
Category:Red Hat software

---
Adapted from the Wikipedia article [Domain controller](https://en.wikipedia.org/wiki/Domain_controller) by Wikipedia contributors ([contributor history](https://en.wikipedia.org/wiki/Domain_controller?action=history)). Available under [Creative Commons Attribution-ShareAlike 4.0 International](https://creativecommons.org/licenses/by-sa/4.0/). Changes may have been made.
