Evolution of Windows Domain Controller

IT administrators have been working with and around Active Directory since the introduction of the technology in Windows 2000 Server. Windows 2000 Server was released on February 17, 2000 but many administrators began working with Active Directory in late 1999 when it was released to manufacturing (RTM) on December 15, 1999.

In this part of our tutorial we’ll speak about domain controller.

What is Domain Controller?

The domain controller is the backbone of Active Directory. Without a domain controller, you can’t have a directory!

You can use up to 1,200 domain controllers in a single domain. But, don’t judge another administrator’s environment by the size or scale of it! Let’s look at the evolution of the domain controller:

  • Windows NT 3.1 introduced the original Microsoft domain

Windows NT 3.1 (subsequently 3.5 and then 3.51) should not be confused with Windows 3.1 which was a 16-bit client operating system. The domain functionality included with Windows NT was not a multi-master model like AD DS. Thus, there was a primary domain controller (PDC) and backup domain controllers (BDCs). All changes were handled by the PDC. A BDC could be promoted to a PDC in a disaster recovery situation. Today, we have the PDC Emulator FSMO role which is directly related to the original PDC.

  • Windows 2000 Server introduced Active Directory

With the release of Windows 2000 Server, Microsoft revamped a large amount of the traditional domain and marketed the service as Active Directory. A key feature of Active Directory was the multi-master model which allowed most of the Active Directory functionality, including changes, to take place on any DC in the domain.

  • Windows Server 2003 introduced new features

With Windows Server 2003, Active Directory was updated with some administrative enhancements (such as multi-selecting objects in ADUC), added the ability to create forest trusts, and added the universal group membership caching feature. Other features were added or expanded too, especially around command-line administration.

  • Windows Server 2003 R2 introduced AD FS and Active Directory Application Mode (ADAM)

AD FS and ADAM were big enhancements, especially looking at them today in 2015. Back then, they weren’t used much though. ADAM later became AD LDS while AD FS was updated along the way for cloud integration.

  • Windows Server 2008 introduced read-only domain controllers (RODCs) and fine-grained password policies

With Windows Server 2008, RODCs became an option which allowed administrators to deploy DCs in insecure computer closets at branch offices, among other uses. In addition, fine-grained password policies were introduced, albeit with some administrative challenges such as not having a graphical user interface to manage the policies. Windows Server 2008 R2 introduced the recycle bin and the PowerShell module. Windows Server 2008 R2 continued refining some of the features introduced in Windows Server 2008 and offered the Recycle Bin and a PowerShell module which was paramount for administrators to be able to effectively manage AD DS from PowerShell.

  • Windows Server 2012 introduced simplified management and enhanced virtualization support

The long awaited graphical user interface tools to manage the Recycle Bin and fine-grained password policies were introduced. Additionally, virtualization was enhanced and support for virtualizing DCs became mainstream. See https://technet.microsoft.com/en-us/library/hh831477.aspx for a complete guide on the changes.

  • Windows Server 2012 R2 focused on security enhancements

New features included multi-factor authentication, single sign-on from connected devices, and multi-factor access control. See https://technet.microsoft.com/en-us/library/dn268294.aspx for a complete guide on the changes.

More information about Active Directory basisc you will find in our AD tutorial for beginners.