Domain Controller
   HOME

TheInfoList



Click Here for Items Related To - Domain Controller
OR:
Domain Controller on:   [Wikipedia]   [Google]   [Amazon]

A domain controller (DC) is a
server computer In computing, a server is a piece of computer hardware or software ( computer program) that provides functionality for other programs or devices, called " clients". This architecture is called the client–server model. Servers can provide var ...
that responds to security authentication requests within a computer network domain. It is a
network Network, networking and networked may refer to: Science and technology * Network theory, the study of graphs as a representation of relations between discrete objects * Network science, an academic field that studies complex networks Mathematics ...
server that is responsible for allowing
host A host is a person responsible for guests at an event or for providing hospitality during it. Host may also refer to: Places * Host, Pennsylvania, a village in Berks County People *Jim Host (born 1937), American businessman * Michel Host ...
access to domain resources. It authenticates users, stores user account information and enforces
security policy Security policy is a definition of what it means to ''be secure'' for a system, organization or other entity. For an organization, it addresses the constraints on behavior of its members as well as constraints imposed on adversaries by mechanisms ...
for a domain. It is most commonly implemented in
Microsoft Windows Windows is a group of several proprietary graphical operating system families developed and marketed by Microsoft. Each family caters to a certain sector of the computing industry. For example, Windows NT for consumers, Windows Server for serv ...
environments (see
Domain controller (Windows) On Microsoft Servers, a domain controller (DC) is a server computer that responds to security authentication requests (logging in, etc.) within a Windows domain. A ''domain'' is a concept introduced in Windows NT whereby a user may be granted access ...
), where it is the centerpiece of the Windows
Active Directory Active Directory (AD) is a directory service developed by Microsoft for Windows domain networks. It is included in most Windows Server operating systems as a set of processes and services. Initially, Active Directory was used only for centralize ...
service. However, non-Windows domain controllers can be established via identity management software such as
Samba Samba (), also known as samba urbano carioca (''urban Carioca samba'') or simply samba carioca (''Carioca samba''), is a Brazilian music genre that originated in the Afro-Brazilian communities of Rio de Janeiro in the early 20th century. Havin ...
and
Red Hat Red Hat, Inc. is an American software company that provides open source software products to enterprises. Founded in 1993, Red Hat has its corporate headquarters in Raleigh, North Carolina, with other offices worldwide. Red Hat has become ass ...
FreeIPA FreeIPA is a free and open source identity management system. FreeIPA is the upstream open-source project foRed Hat Identity Management Overview FreeIPA aims to provide a centrally managed Identity, Policy, and Audit (IPA) system. It uses ...
.


Software

The software and operating system used to run a domain controller usually consists of several key components shared across platforms. This includes the operating system (usually
Windows Server Windows Server (formerly Windows NT Server) is a group of operating systems (OS) for servers that Microsoft has been developing since July 27, 1993. The first OS that was released for this platform was Windows NT 3.1 Advanced Server. With the r ...
or
Linux Linux ( or ) is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged as a Linux distribution, which ...
), an
LDAP The Lightweight Directory Access Protocol (LDAP ) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. Directory servi ...
service ( Red Hat Directory Server, etc.), a network time service (
ntpd The Network Time Protocol daemon (ntpd) is an operating system program that maintains the system time in synchronization with time servers using the Network Time Protocol (NTP). Description The ntpd program is an operating-system daemon that s ...
,
chrony chrony is an implementation of the Network Time Protocol (NTP). It's an alternative to ntpd, which is a reference implementation of NTP. It runs on Unix-like operating systems (including Linux and macOS) and is released under the GNU GPL v2. It' ...
, etc.), and a computer network authentication protocol (usually Kerberos). Other components, such as a
public key infrastructure A public key infrastructure (PKI) is a set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption. The purpose of a PKI is to facilit ...
(Active Directory Certificate Services, DogTag,
OpenSSL OpenSSL is a software library for applications that provide secure communications over computer networks against eavesdropping or need to identify the party at the other end. It is widely used by Internet servers, including the majority of HTT ...
) service and
Domain Name System The Domain Name System (DNS) is a hierarchical and distributed naming system for computers, services, and other resources in the Internet or other Internet Protocol (IP) networks. It associates various information with domain names assigned to ...
(Windows DNS or
BIND BIND () is a suite of software for interacting with the Domain Name System (DNS). Its most prominent component, named (pronounced ''name-dee'': , short for ''name daemon''), performs both of the main DNS server roles, acting as an authoritative ...
) may also be included on the same server or on another domain-joined server.


Implementation

Domain controllers are typically deployed as a
cluster may refer to: Science and technology Astronomy * Cluster (spacecraft), constellation of four European Space Agency spacecraft * Asteroid cluster, a small asteroid family * Cluster II (spacecraft), a European Space Agency mission to study t ...
to ensure high-availability and maximize reliability. In a Windows environment, one domain controller serves as the Primary Domain Controller (PDC) and all other servers promoted to domain controller status in the domain server as a Backup Domain Controller (BDC). In Unix-based environments, one machine serves as the master domain controller and others serve as replica domain controllers, periodically replicating database information from the main domain controller and storing it in a read-only format.


See also

*
Apple Open Directory Apple Open Directory is the LDAP directory service model implementation from Apple Inc. A directory service is software which stores and organizes information about a computer network's users and network resources and which allows network administ ...
*
Domain controller (Windows) On Microsoft Servers, a domain controller (DC) is a server computer that responds to security authentication requests (logging in, etc.) within a Windows domain. A ''domain'' is a concept introduced in Windows NT whereby a user may be granted access ...
* Microsoft Windows Active Directory * Red Hat Identity Manager/ Red Hat FreeIPA *
Samba Samba (), also known as samba urbano carioca (''urban Carioca samba'') or simply samba carioca (''Carioca samba''), is a Brazilian music genre that originated in the Afro-Brazilian communities of Rio de Janeiro in the early 20th century. Havin ...
*
Univention Corporate Server Univention Corporate Server (UCS) is a server operating system derived from Debian with an integrated management system for the central and cross-platform administration of servers, services, clients, desktops and users as well as virtualized com ...
*
List of LDAP software The following is a list of software programs that can communicate with and/or host directory services via the Lightweight Directory Access Protocol (LDAP). Client software Cross-platform * Admin4 - an open source LDAP browser and directory cl ...


References

Servers (computing) {{Improve categories, date=January 2020 Domain Name System Active Directory Authentication protocols Network architecture Red Hat software