AvoidPDCOnWan and PDC Emulator

by [Published on 19 March 2009 / Last Updated on 28 Nov. 2008]

This article explains how you can control a domain controller contacting a PDC which is out of the site.

The AvoidPDCOnWan registry entry is used to control the traffic to a PDC Emulator on another site. When a user changes his password, the password must be replicated to all the Domain Controllers of that domain. First the password is updated at the PDC Emulator and then replicated to all other domain controllers in that domain via the normal replication methods.

How does it work when a user has changed its password and try to log on to the domain?

  • 1. User logs on to the domain.
  • 2. The Local domain controller finds that the user recently updated its password but the Domain Controller doesn't have password information.
  • 3. Before Domain Controller rejects the authentication request, it checks at the PDC Emulator to determine if it has the password.
  • 4. If PDC Emulator has the user's password, then the Domain Controller will replicate the user's object with password.
  • 5. User is authenticated by the Domain Controller in the local site.

The registry entry, AvoidPDCOnWan, plays an important role. This registry entry is used to enable the immediate replication for the password changes. It tells whether you should replicate the user's password immediately or not. This registry entry can be set on the Domain Controller where the password has been changed and can be set at the following registry location:

  • Key: HKLM\System\CurrentControlSet\Services\Netlogon\Parameters
  • Value: AvoidPdcOnWan
  • Type: REG_DWORD
  • Data: 0 (disable) 1 (enable)



See Also

The Author — Nirmal Sharma

Nirmal Sharma avatar

Nirmal Sharma is a MCSEx3, MCITP and was awarded the Microsoft MVP award in Directory Services and Windows Networking. He specializes in Microsoft Azure, Office 365, Directory Services, Failover Clusters, Hyper-V, PowerShell Scripting and System Center products. Nirmal has been involved with Microsoft Technologies since 1994. In his spare time, he likes to help others and share some of his knowledge by writing tips and articles on various sites and contributing to PowerShell-based Dynamic Packs for www.ITDynamicPacks.Net solutions.

Featured Links