{"id":5135,"date":"2019-09-13T16:46:52","date_gmt":"2019-09-13T15:46:52","guid":{"rendered":"https:\/\/www.n-able.com\/?p=5135"},"modified":"2021-04-01T16:49:34","modified_gmt":"2021-04-01T15:49:34","slug":"domain-controllers-overview","status":"publish","type":"post","link":"https:\/\/www.n-able.com\/pt-br\/blog\/domain-controllers-overview","title":{"rendered":"Domain Controllers Overview"},"content":{"rendered":"<p><a href=\"https:\/\/www.n-able.com\/blog\/network-authentication-methods\" target=\"_blank\" rel=\"noopener\">Authentication<\/a>\u00a0is an essential function for a computer network, helping ensure that only authorized users have access to the system. As a managed services provider (MSP), authentication is a key element of helping ensure your customers\u2019 data is secure and only accessible to the correct users.<\/p>\n<p>For this reason, MSPs should invest time in understanding domain controllers, which play an important role in modern authentication. What are domain controllers? In this article, we\u2019ll explain their function and examine the various types of domain controllers, including Active Directory.<\/p>\n<h3><b>What is the difference between a domain and a domain controller?<\/b><\/h3>\n<p>Every computer workstation has its own user accounts, called local accounts, that are used to log in to that particular machine. However, these accounts are not designed to log in to a network for two reasons. First, network accounts need to be portable\u2014a user should be able to access the network from any workstation. Second, account configuration needs to be controlled from a central location. Otherwise, whenever account privileges change, system administrators would need to separately configure accounts on each local device.<\/p>\n<p>This is where a domain comes in. A network domain centralizes user accounts so they can be more easily administered and enables users to log in to the network from any given machine. Within a domain, a domain controller is used to regulate user account access to the network.<\/p>\n<h3><b>What is the main function of a domain controller?<\/b><\/h3>\n<p>Domain controllers are part of the Microsoft network environment. A Windows domain controller handles user authentication requests. When a user seeks to access the network, the domain controller responds to that request. The domain controller verifies that the user should be let in, runs the login process, and regulates permissions (controlling which parts of the network the user can see). This is a critical security function. Domain controllers ensure that only authorized users are permitted to access the network, helping to keep out hacker threats.<\/p>\n<p>Validation is usually performed with a username and password combination, though biometric techniques and\u00a0<a href=\"https:\/\/www.n-able.com\/blog\/two-factor-authentication-2fa-101-what-it-why-it-matters-cybersecurity\" target=\"_blank\" rel=\"noopener\">multifactor authentication (MFA)<\/a>\u00a0can be incorporated for greater security. Once a user is validated, the domain controller determines whether they are a normal user or a system administrator with extra privileges.<\/p>\n<p>Domain controllers were first introduced in Windows NT. They remain a key tool in contemporary networking, though these days they are sometimes being supplanted as organizations move to cloud networks.<\/p>\n<h3><b>What is the difference between a domain controller and Active Directory?<\/b><\/h3>\n<p>Active Directory is Microsoft\u2019s directory service for Windows domain networks. When it was introduced in Windows 2000 Server, Active Directory was solely used to handle centralized domain management. However, with the advent of Windows Server 2008, Active Directory was transformed into a suite of directory services, of which the domain controller is just one. Other Active Directory functions include Lightweight Directory Services, Certificate Services (for public-key encryption infrastructure), Federation Services (for single sign-on), and Rights Management Services (for information rights management, which controls access to particular data).<\/p>\n<p>In this schema, the server running Active Directory is known as the domain controller. An instance of Active Directory includes both a database and executable code (called the Directory System Agent) for running the database and servicing user requests. The database is structured using objects, which are organized into three levels\u2014forests, trees, and domains.<\/p>\n<p>Active Directory domain controllers use trusts to grant users in one domain access to others. Trusts exist in the database\u2019s forest, which is automatically created whenever a domain is created. The types of trust include a one-way trust (in which users of one domain have access to another domain, but not vice versa), a two-way trust (where two domains are permitted access to each other), a transitive trust (which can extend beyond two domains), an explicit trust (created by a system administrator), a forest trust (which applies to an entire forest), and an external trust (enabling connection to non-Active Directory domains).<\/p>\n<p>An Active Directory domain controller enables sysadmins to set policies to help ensure adequate\u00a0<a href=\"https:\/\/www.n-able.com\/blog\/active-directory-password-complexity\" target=\"_blank\" rel=\"noopener\">password complexity<\/a>. For security, an\u00a0<a class=\"ext\" href=\"https:\/\/www.passportalmsp.com\/use-cases\/active-directory-password-reset-tool\" target=\"_blank\" rel=\"noopener noreferrer\">Active Directory password<\/a>\u00a0cannot contain the username or the user\u2019s full name. Moreover, Microsoft allows you to require that a password include characters from certain categories such as uppercase letters, lowercase letters, numbers, symbols (e.g.,\u00a0!@#$%), and Unicode.<\/p>\n<p>Active Directory also lets you set a minimum password length\u2014the longer a password is, the harder it is to crack using brute-force techniques. By default, Windows 10 Active Directory requires a password to have characters from at least three of the previously mentioned categories and to be no less than eight characters long. These specifications yield 218,340,105,584,896 different total possibilities that hackers would need to try with brute-force methods. The more sensitive the information you\u2019re trying to protect, the more robust your password requirements should be.<\/p>\n<h3><b>How many domain controllers do you need?<\/b><\/h3>\n<p>In their original Windows implementation, domain controllers were divided into two categories: primary domain controller and backup domain controller (DC). A primary DC is the first-line domain controller that handles user-authentication requests. Only one primary DC can be designated. According to security and reliability best practices, the server housing the primary DC should be solely dedicated to domain services. Because of its central importance to the network, the primary DC server must not run file, application, or print services, which could slow it down or risk crashing it.<\/p>\n<p>A backup domain controller exists as a fail-safe in case the primary domain controller goes down. There can be multiple backup domain controllers for redundancy. Having a dedicated backup DC is a wise precaution. If the primary DC fails and there\u2019s no backup, users will not be able to gain access to the network. When a user attempts to log in, the software contacts the primary DC. If the primary DC is unavailable, it then contacts the backup DC. The backup can be promoted to the primary role in the event that the primary is permanently out of service. Note that domain updates (such as additional users, new passwords, or changes to user groups) can only be made to the primary DC. They are then propagated into the backup DC databases. This is a form of the master-slave replication structure, with the primary DC being the master and secondary DCs being the slaves.<\/p>\n<p>Nowadays, however, the primary and backup domain controller architecture has been deprecated. When Active Directory was introduced in Windows 2000, it was designed with a multimaster replication structure. This means that user account privileges are stored redundantly among a group of domain controllers, and each member of the group can update all the others. When a new user is added to one domain controller, for example, multimaster replication pushes the change out to the other controllers. In contrast to the master-slave architecture, multimaster replication yields greater reliability (the failure of a single master is not catastrophic), increased flexibility, and faster performance.<\/p>\n<p>In sum, whether in its original primary\/backup implementation or in today\u2019s Active Directory framework, the domain controller remains a critical part of a contemporary network. The higher the number of domain controllers you have, the easier it is to ensure uptime for users seeking access to the network.<\/p>\n<p><strong>For more information on domain controllers and Active Directory, read through our related\u00a0<a href=\"https:\/\/www.n-able.com\/blog\/search?keywords=Active%20directory\" target=\"_blank\" rel=\"noopener\">blog articles<\/a>.<\/strong><\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Understand the role that domain controllers play in responding to authentication requests and verifying users on computer networks.<\/p>\n","protected":false},"author":24,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"class_list":["post-5135","post","type-post","status-publish","format-standard","hentry","topic-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.2 (Yoast SEO v27.2) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>What Are Domain Controllers? Primary DC Overview - N-able<\/title>\n<meta name=\"description\" content=\"Understand the role that domain controllers play in responding to authentication requests and verifying users on computer networks.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.n-able.com\/pt-br\/blog\/domain-controllers-overview\" \/>\n<meta property=\"og:locale\" content=\"pt_BR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What Are Domain Controllers? Primary DC Overview - N-able\" \/>\n<meta property=\"og:description\" content=\"Understand the role that domain controllers play in responding to authentication requests and verifying users on computer networks.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.n-able.com\/pt-br\/blog\/domain-controllers-overview\" \/>\n<meta property=\"og:site_name\" content=\"N-able\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/NableMSP\" \/>\n<meta property=\"article:published_time\" content=\"2019-09-13T15:46:52+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-04-01T15:49:34+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/03\/share-image.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"N-able\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Nable\" \/>\n<meta name=\"twitter:site\" content=\"@Nable\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"N-able\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. tempo de leitura\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.n-able.com\/pt-br\/blog\/domain-controllers-overview#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br\/blog\/domain-controllers-overview\"},\"author\":{\"name\":\"N-able\",\"@id\":\"https:\/\/www.n-able.com\/pt-br#\/schema\/person\/f46a000e389b6d02bd4b3866e7828a7b\"},\"headline\":\"Domain Controllers Overview\",\"datePublished\":\"2019-09-13T16:46:52+01:00\",\"dateModified\":\"2021-04-01T15:49:34+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br\/blog\/domain-controllers-overview\"},\"wordCount\":1216,\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br#organization\"},\"articleSection\":[\"Security\"],\"inLanguage\":\"pt-BR\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.n-able.com\/pt-br\/blog\/domain-controllers-overview\",\"url\":\"https:\/\/www.n-able.com\/pt-br\/blog\/domain-controllers-overview\",\"name\":\"What Are Domain Controllers? Primary DC Overview - N-able\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br#website\"},\"datePublished\":\"2019-09-13T16:46:52+01:00\",\"dateModified\":\"2021-04-01T15:49:34+00:00\",\"description\":\"Understand the role that domain controllers play in responding to authentication requests and verifying users on computer networks.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br\/blog\/domain-controllers-overview#breadcrumb\"},\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.n-able.com\/pt-br\/blog\/domain-controllers-overview\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.n-able.com\/pt-br\/blog\/domain-controllers-overview#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Security\",\"item\":\"https:\/\/www.n-able.com\/pt-br\/blog\/category\/security\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Domain Controllers Overview\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.n-able.com\/pt-br#website\",\"url\":\"https:\/\/www.n-able.com\/pt-br\",\"name\":\"N-able\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.n-able.com\/pt-br?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"pt-BR\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.n-able.com\/pt-br#organization\",\"name\":\"N-able\",\"url\":\"https:\/\/www.n-able.com\/pt-br\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\/\/www.n-able.com\/pt-br#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"contentUrl\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"width\":\"1024\",\"height\":\"1024\",\"caption\":\"N-able\"},\"image\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/NableMSP\",\"https:\/\/x.com\/Nable\",\"https:\/\/www.linkedin.com\/company\/n-able\",\"https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.n-able.com\/pt-br#\/schema\/person\/f46a000e389b6d02bd4b3866e7828a7b\",\"name\":\"N-able\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/e9c468b7c98137ecdd5508befa660c205a7978133257080a37fb0b1362d53411?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/e9c468b7c98137ecdd5508befa660c205a7978133257080a37fb0b1362d53411?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/e9c468b7c98137ecdd5508befa660c205a7978133257080a37fb0b1362d53411?s=96&d=mm&r=g\",\"caption\":\"N-able\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"What Are Domain Controllers? Primary DC Overview - N-able","description":"Understand the role that domain controllers play in responding to authentication requests and verifying users on computer networks.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.n-able.com\/pt-br\/blog\/domain-controllers-overview","og_locale":"pt_BR","og_type":"article","og_title":"What Are Domain Controllers? Primary DC Overview - N-able","og_description":"Understand the role that domain controllers play in responding to authentication requests and verifying users on computer networks.","og_url":"https:\/\/www.n-able.com\/pt-br\/blog\/domain-controllers-overview","og_site_name":"N-able","article_publisher":"https:\/\/www.facebook.com\/NableMSP","article_published_time":"2019-09-13T15:46:52+00:00","article_modified_time":"2021-04-01T15:49:34+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/03\/share-image.jpg","type":"image\/jpeg"}],"author":"N-able","twitter_card":"summary_large_image","twitter_creator":"@Nable","twitter_site":"@Nable","twitter_misc":{"Escrito por":"N-able","Est. tempo de leitura":"6 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.n-able.com\/pt-br\/blog\/domain-controllers-overview#article","isPartOf":{"@id":"https:\/\/www.n-able.com\/pt-br\/blog\/domain-controllers-overview"},"author":{"name":"N-able","@id":"https:\/\/www.n-able.com\/pt-br#\/schema\/person\/f46a000e389b6d02bd4b3866e7828a7b"},"headline":"Domain Controllers Overview","datePublished":"2019-09-13T16:46:52+01:00","dateModified":"2021-04-01T15:49:34+00:00","mainEntityOfPage":{"@id":"https:\/\/www.n-able.com\/pt-br\/blog\/domain-controllers-overview"},"wordCount":1216,"publisher":{"@id":"https:\/\/www.n-able.com\/pt-br#organization"},"articleSection":["Security"],"inLanguage":"pt-BR"},{"@type":"WebPage","@id":"https:\/\/www.n-able.com\/pt-br\/blog\/domain-controllers-overview","url":"https:\/\/www.n-able.com\/pt-br\/blog\/domain-controllers-overview","name":"What Are Domain Controllers? Primary DC Overview - N-able","isPartOf":{"@id":"https:\/\/www.n-able.com\/pt-br#website"},"datePublished":"2019-09-13T16:46:52+01:00","dateModified":"2021-04-01T15:49:34+00:00","description":"Understand the role that domain controllers play in responding to authentication requests and verifying users on computer networks.","breadcrumb":{"@id":"https:\/\/www.n-able.com\/pt-br\/blog\/domain-controllers-overview#breadcrumb"},"inLanguage":"pt-BR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.n-able.com\/pt-br\/blog\/domain-controllers-overview"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.n-able.com\/pt-br\/blog\/domain-controllers-overview#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Security","item":"https:\/\/www.n-able.com\/pt-br\/blog\/category\/security"},{"@type":"ListItem","position":2,"name":"Domain Controllers Overview"}]},{"@type":"WebSite","@id":"https:\/\/www.n-able.com\/pt-br#website","url":"https:\/\/www.n-able.com\/pt-br","name":"N-able","description":"","publisher":{"@id":"https:\/\/www.n-able.com\/pt-br#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.n-able.com\/pt-br?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"pt-BR"},{"@type":"Organization","@id":"https:\/\/www.n-able.com\/pt-br#organization","name":"N-able","url":"https:\/\/www.n-able.com\/pt-br","logo":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/www.n-able.com\/pt-br#\/schema\/logo\/image\/","url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","contentUrl":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","width":"1024","height":"1024","caption":"N-able"},"image":{"@id":"https:\/\/www.n-able.com\/pt-br#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/NableMSP","https:\/\/x.com\/Nable","https:\/\/www.linkedin.com\/company\/n-able","https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw"]},{"@type":"Person","@id":"https:\/\/www.n-able.com\/pt-br#\/schema\/person\/f46a000e389b6d02bd4b3866e7828a7b","name":"N-able","image":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/secure.gravatar.com\/avatar\/e9c468b7c98137ecdd5508befa660c205a7978133257080a37fb0b1362d53411?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/e9c468b7c98137ecdd5508befa660c205a7978133257080a37fb0b1362d53411?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e9c468b7c98137ecdd5508befa660c205a7978133257080a37fb0b1362d53411?s=96&d=mm&r=g","caption":"N-able"}}]}},"_links":{"self":[{"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/posts\/5135","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/users\/24"}],"replies":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/comments?post=5135"}],"version-history":[{"count":0,"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/posts\/5135\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/media?parent=5135"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}