Managing Domain Controllers

In addition to creating and moving domains, you might have to perform additional domain administration tasks, such as the following:

 

	Creating a BDC
	Promoting a BDC to a PDC
	Demoting a PDC to a BDC
	Synchronizing domains

Creating a Backup Domain Controller. A BDC receives a copy of the user account database from the PDC and handles requests for authentication when the PDC is unavailable. For example, if you must take down the PDC for maintenance, the BDC can handle logon authentication for the domain. Therefore, it's important that your network contain at least one BDC.

You can only create a BDC when you install Windows NT Server. Therefore, to promote a server to BDC status, you must reinstall Windows NT Server on it.

Promoting a BDC to a PDC. Occasionally, you might need to promote a BDC to PDC. For example, if you're going to shut down the PDC for maintenance, you should promote a BDC on the network to PDC. Doing so with the PDC online automatically causes the PDC to be demoted to a BDC.

 

NOTE: If at all possible, promote the BDC when the existing PDC is online. Promoting the BDC while the PDC is online causes the PDC to be automatically demoted to a BDC. This also forces recent changes to the user database might not be incorporated in the BDC's database.

To promote a BDC to PDC, follow these steps:

1. Start Server Manager.

2. Verify that no users are logged on to the system, or broadcast a message to all users that the system        will be shut down temporarily.

3. When all users have logged off, choose View, Servers to view only servers on the network.

4. In the list of servers, select the BDC you want to promote to a PDC.

5. Choose Computer, Promote to Primary Domain Controller, and when Server Manager warns you that     promoting the BDC will close all client connections to the BDC and current PDC, confirm that's what     you want to do.

Demoting a PDC to a BDC. If you're unable to demote a PDC automatically by promoting a BDC to PDC, you can do so manually. For example, your PDC might suffer a hardware failure that takes it offline. You then can promote a BDC on the network to serve as PDC.

When you restart the original PDC, however, Windows NT Server displays a message that at least one service or driver failed during system startup. A little exploring in the Event Viewer turns up a message that a PDC is already running in the domain. After you start the original PDC, follow these steps to demote it to a BDC:

1. Start Server Manager.

2. Choose View, Servers to restrict the view to servers.

3. Select the server you want to demote.

4. Choose Computer, Demote to Backup Domain Controller.

Synchronizing Domains. In most cases, your network's BDCs remain synchronized with the PDC. It is possible, however, for a BDC to become desynchronized from the PDC. To synchronize a BDC with a PDC, start Server Manager, select the server you want to synchronize with the PDC, and choose Computer, Synchronize with Primary Domain Controller.

 

TIP: If you want to synchronize all domain controllers in the domain, choose Synchronize Entire Domain rather than Synchronize with Primary Domain Controller.