Please Read: Significant Update Planned, Migrating Forum Software This Month

See more
See less

PDC Emulator and authentication

  • Filter
  • Time
  • Show
Clear All
new posts

  • PDC Emulator and authentication

    I was told that if the PDC Emulator is down for more the 90 min that authentication across the domain will stop even if you have other DCs and GCs in the environment. Is this true and is there a KB article on this somewhere? Is there anything supporting this? How long can the PDC Emulator be down before causing issues.

    All windows 2000\2003, XP and exchange 2003. Does anyone have any information on this??


    [email protected]

  • #2
    Re: PDC Emulator and authentication


    The primary role of PDC emulator is to act as a Windows NT primary domain controller in the AD envirament. It processes password changes from down level clients and replicates updates to the BDCs.
    It is also plays some roles in time synchronization.
    Since you have only Windows 2000, 2003 and XP operation systems the offline PDC emulator will not cause authentication issues.

    I have never heard about what you said.
    Regarding to 90 minutes, Windows Server 2003, Windows 2000, and Windows XP clients refresh their policies every 90 minutes with an additional, randomized offset of 30 minutes.

    More about the operation master roles is presented here:
    Last edited by netxt; 8th May 2006, 21:50.
    Csaba Papp
    MCSA+messaging, MCSE, CCNA
    Remember to give credit where credit is due and leave reputation points where appropriate


    • #3
      Re: PDC Emulator and authentication

      In theory, you can take PDCE down for tombstone lifetime period and get away with warnings, but without breaking anything.

      By default the DCs will look for PDCE as authoritative time source and you will have issues related to editing GPOs, but as long as you do not have legacy clients, you can take the PDCE down for up to 60 days pre-W2K3 SP1 environment (DCs) and for 180 days if all the DCs are W2K3 SP1.

      Another issue would have to do with password chaining - if PDCE is down, you might get temporary authentication failures after changing user passwords.
      (see for details on how password chaining works)
      Guy Teverovsky
      "Smith & Wesson - the original point and click interface"


      • #4
        Re: PDC Emulator and authentication

        Thanks for the information guys. I appreciate it.