As I mentioned earlier, all domain
controllers are nearly equal in Active Directory—that is, any
one of them can be updated and can replicate changes to the others.
This decentralization is in direct contrast to Windows NT 4.0-style
domains, which had only one PDC that accepted directory object
modifications and any number of BDCs that held read-only copies of
the accounts database. BDCs could authenticate users, but any changes
to any attributes of domain accounts had to take place in direct
communication with the PDC. Because the PDC pushed out copies of the
accounts database, known as the SAM database, to the BDCs for a
domain, this sort of replication was known as
replication because one master computer communicated
changes to slaved, less-capable computers.
Enter Active Directory onto the scene, where there are effectively no
distinctions between domain controllers in most operations. Unless
your domain is functioning at the NT interim functional level (more
on that in the migration section later in this chapter), all domain
controllers for a domain can accept changes for data in their domain,
and domain controllers have peers to which they replicate changes to
those objects. This sort of setup typically is called
multimaster replication because each domain
controller acts as a master, passing changes to other domain
controllers until those changes are replicated
Replication is covered in detail in the next ...