A domain controller stores the Activity Directory database for the domain in which it is located. The domain controller responds to authentication requests as well as performing other Active Directory functions for the domain.
Domain controllers share information with domain controllers in other domains; this is referred to as replication. The directory partition is used to replicate domain information. Each domain in the forest has a separate partition in the directory partition. The following table describes partitions within the directory partition:
| Partition | Description |
| Domain partition | A domain partition stores the user, computer, group, and object data for a domain, as well as the domain’s schema and configuration data. The domain directory partition is replicated only to another domain controller in the same domain and to global catalog servers. |
| Schema partition | The Active Directory schema partition, referred to as the schema, contains a definition of each object class and the attributes of the object class that can exist in an Active Directory forest. Active Directory uses the definitions in the schema to store, retrieve, and replicate data. A schema partition for a domain is replicated to all domain controllers in the forest. |
| Configuration partition | The Active Directory configuration partition stores configuration objects for each domain in the forest. A schema partition for a domain is replicated to all domain controllers in the forest. |
| Application directory partition | An application directory partition contains application-specific data created by applications and services. An application directory partition:
|
When working with domains, be aware that:
- A domain controller can store one or more application directory partitions.
- Domain controllers can be global catalog servers and operations masters.
- If you own a second level domain and you use that as your web presence, Microsoft recommends that you name your Active Directory configuration using a third-level domain name that is reflective of your second level domain name, but different in some respect. For example, if your web presence is www.bikes.com, an appropriate third-level name might be corp.bikes.com.
The following table describes additional functions or roles that domain controllers can have.
| Function/Role | Description |
| Replica domain controller | Adding a domain controller in an existing domain creates a replica domain. A replica domain provides fault tolerance in the event that the domain controller fails.
|
| Global Catalog | The Global Catalog (GC) server is a domain controller that contains a partial replica of every object from every domain within a forest. A Global Catalog server:
Use Active Directory Users and Computers or Active Directory Sites and Services to designate a global catalog server. |
| Operations Master Roles | Operations master roles, also referred to as Flexible Single-Master Operation (FSMO) roles, are specialized domain controller tasks assigned to a domain controller in the domain or forest. Operations master roles are useful because certain domain and enterprise-wide operations are not well suited for the multi-master replication performed by Active Directory. A domain controller that performs an operations master role is known as an operations master or operations master role owner.The following roles are forest roles, meaning that one domain controller within the entire forest holds the role:
The following roles are domain roles, meaning that one domain controller in each domain holds the role:
As you install or remove domain controllers, you will need to be aware of which domain controllers hold these roles. |