A Microsoft Windows NT domain controller that contains the master copy of the Security Account Manager (SAM) database. A Windows NT domain has only one PDC, which periodically undergoes directory synchronization to copy its directory database to back up domain controllers in the domain. The primary domain controller (PDC) must be the first computer installed in a domain and defines the domain.
If a PDC needs to be taken offline for maintenance or repair or if it unexpectedly goes down, a backup domain controller (BDC) can be promoted to the role of PDC. This is necessary because BDCs contain read-only copies of the domain directory database, so user accounts cannot be modified and passwords cannot be changed unless there is a PDC on the network.