HOME

TheInfoList



Click Here for Items Related To - Domain Controller
OR:
Domain Controller on:   [Wikipedia]   [Google]   [Amazon]

A domain controller (DC) is a server that responds to security authentication requests within a computer network domain. It is a network server that is responsible for allowing host access to domain resources. It authenticates users, stores user account information and enforces security policy for a domain. It is most commonly implemented in
Microsoft Windows Windows is a Product lining, product line of Proprietary software, proprietary graphical user interface, graphical operating systems developed and marketed by Microsoft. It is grouped into families and subfamilies that cater to particular sec ...
environments (see Domain controller (Windows)), where it is the centerpiece of the Windows
Active Directory Active Directory (AD) is a directory service developed by Microsoft for Windows domain networks. Windows Server operating systems include it as a set of processes and services. Originally, only centralized domain management used Active Direct ...
service. However, non-Windows domain controllers can be established via identity management software such as
Samba Samba () is a broad term for many of the rhythms that compose the better known Brazilian music genres that originated in the Afro-Brazilians, Afro Brazilian communities of Bahia in the late 19th century and early 20th century, It is a name or ...
and
Red Hat Red Hat, Inc. (formerly Red Hat Software, Inc.) is an American software company that provides open source software products to enterprises and is a subsidiary of IBM. Founded in 1993, Red Hat has its corporate headquarters in Raleigh, North ...
FreeIPA.


Software

The software and operating system used to run a domain controller usually consists of several key components shared across platforms. This includes the operating system (usually
Windows Server Windows Server (formerly Windows NT Server) is a brand name for Server (computing), server-oriented releases of the Windows NT operating system (OS) that have been developed by Microsoft since 1993. The first release under this brand name i ...
or
Linux Linux ( ) is a family of open source Unix-like operating systems based on the Linux kernel, an kernel (operating system), operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically package manager, pac ...
), an
LDAP The Lightweight Directory Access Protocol (LDAP ) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed Directory service, directory information services over an Internet Protocol (IP) networ ...
service ( Red Hat Directory Server, etc.), a network time service ( ntpd,
chrony chrony is an implementation of the Network Time Protocol (NTP). It is an alternative to ntpd, a reference implementation of NTP. It runs on Unix-like operating systems (including Linux and macOS) and is released under the GNU General Public Licen ...
, etc.), and a computer network authentication protocol (usually Kerberos). Other components, such as a
public key infrastructure A public key infrastructure (PKI) is a set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption. The purpose of a PKI is to fac ...
(Active Directory Certificate Services, DogTag,
OpenSSL OpenSSL is a software library for applications that provide secure communications over computer networks against eavesdropping, and identify the party at the other end. It is widely used by Internet servers, including the majority of HTTPS web ...
) service and
Domain Name System The Domain Name System (DNS) is a hierarchical and distributed name service that provides a naming system for computers, services, and other resources on the Internet or other Internet Protocol (IP) networks. It associates various information ...
(Windows DNS or
BIND BIND () is a suite of software for interacting with the Domain Name System (DNS). Its most prominent component, named (pronounced ''name-dee'': , short for ''name Daemon (computing), daemon''), performs both of the main DNS server roles, acting ...
) may also be included on the same server or on another domain-joined server.


Implementation

Domain controllers are typically deployed as a cluster to ensure high-availability and maximize reliability. In a Windows environment, one domain controller serves as the Primary Domain Controller (PDC) and all other servers promoted to domain controller status in the domain serve as a Backup Domain Controller (BDC). In Unix-based environments, one machine serves as the master domain controller and others serve as replica domain controllers, periodically replicating database information from the main domain controller and storing it in a read-only format.


See also

* Apple Open Directory * Domain controller (Windows) * Microsoft Windows Active Directory * Red Hat Identity Manager/ Red Hat FreeIPA


References

{{Reflist Servers (computing) Active Directory Authentication protocols Network architecture Red Hat software