A domain controller (DC) is a server that handles all the security requests from other computers and servers within the Windows Server domain. Security requests include requests to log in to another server. They also include checking permissions for various functions that need to be performed (e.g., accessing a file folder on a server or modifying a file within a folder). The domain controller originated in Windows NT and managed the access to various resources granted to users and other servers through the use of a username and password.
In Windows NT, there was a primary domain controller and a backup domain controller. The primary DC focused on domain services only to avoid the possibility of a system slow down or crash due to overtasking from managing other functionality and security requests. In the event of a primary DC going down, a backup DC could be promoted and become the primary DC to keep the rest of the server systems functioning correctly. Since Windows 2000, the need for primary and backup DCs was nearly eliminated because of the introduction of Active Directory (AD) and multi-master replication.