Backup Domain Controller

In Windows NT 4 server domains., the Backup Domain Controller (BDC) is a computer that has a copy of the user accounts database. Unlike the accounts database on the Primary Domain Controller (PDC), the BDC database is a read only copy. When changes are made to the master accounts database on the PDC, the PDC pushes the updates down to the BDCs.

Most domains will have at least one BDC, often there are several BDCs in a domain. These additional domain controllers exist to provide fault tolerance. If the PDC fails, then it can be replaced by a BDC. In such circumstances, an administrator promotes a BDC to be the new PDC. BDCs can also authenticate user logon requests - and take some of the authentication load from the PDC.

When Windows 2000 was released, the NT domain as found in NT 4 and prior versions was replaced by Active Directory. In Active Directory domains running in native mode the concept of the primary and backup domain controllers do not exist. In these domains, all domain controllers are considered to be equal. A side effect of this change is the loss of ability to create a "read-only" domain controller. Windows Server 2008 reintroduces this capability.

See also