Chapter 11. Creating domain controllers
Domain controllers (DCs) are the essential part of your Active Directory. This chapter shows you how to create them. There are a number of reasons for creating a new domain controller; one of the most common in a stable environment is if an existing domain controller has to be replaced due to hardware failure.
A domain controller is a server within the domain that has AD Domain Services installed. It hosts a copy of the AD database (ntds.dit) and the SYSVOL share (containing logon scripts and Group Policy data files). Domain controllers respond to authentication attempts by users and computers. They also store the data that controls access to resources like email systems and file stores.
Note
It’s strongly recommended that your domain controllers don’t have any services installed on them beyond those necessary to control Active Directory. They shouldn’t be used as a web server or file server, for instance.