A Windows Domain is a logical grouping of computers that share common security and user account information. The Domain is used to manage access to a set of network resources for a group of users (applications, printers, etc.). This information is stored in a master directory database which resides on a single Windows server on a network. This Windows server is designated as a Domain Controller. Users then log in to the Domain to gain access to the network resources, which may be physically located on different servers on the network other than the Domain Controller.
There are two kinds of controllers in a Windows Domain:
- A Single Primary Domain Controller (PDC)
This is the single Windows server designated to store the master directory database which contains the Domain's resources and security information.
- One or more Backup Domain Controllers (BDC) (optional)
A BDC can be promoted to the PDC in the vent that the PDC server fails, and can also help balance the workload if the network is busy. The PDC automatically replicates its master directory database to each of the BDC's periodically.
The word Domain does not refer to any particular computer, or network configuration. It is an administrative concept. A single domain constitutes a single administrative unit.