A domain controller is a computer running Windows 2000 Server that has been configured using the Active Directory Installation wizard. The Active Directory Installation wizard installs and configures components that provide Active Directory directory service to network users and computers. Domain controllers store directory data and manage user-domain interactions, including user logon processes, authentication, and directory searches.
A domain can have one or more domain controllers. A small organization using a single local area network (LAN) may need only one domain with two domain controllers for high availability and fault tolerance. A large company with many network locations will need one or more domain controllers in each location to provide high availability and fault tolerance.
Active Directory supports multimaster replication of directory data between all domain controllers in the domain. Some changes are impractical to perform in multimaster fashion, however, so only one domain controller, called the operations master, accepts requests for such changes. In any Active Directory forest, there are at least five different operations master roles that are assigned to one or more domain controllers. For more information about operations masters, see Single master operations
Windows 2000 Server domain controllers provide an extension of the capabilities and features provided by Windows NT Server 4.0 domain controllers. Windows 2000 Server multimaster replication synchronizes directory data on each domain controller, ensuring consistency of information over time. Multimaster replication is an evolution of the primary and backup domain controller model used in Windows NT Server 4.0, in which only one server, the primary domain controller, had a read and write copy of the directory.