BDC

In a large network with hundreds of connected systems, the Primary Domain Controller needs some help to handle all the security validations, so one or more BDCs can be installed on the network. A BDC stores a copy of the User-Database, which is identical to the User-Database on the PDC (and if a change is made on the PDC by adding/deleting/modifying a user-information, the copies on the BDC are updated automatically).
A BDC is entitled to handle security validations (checking Username and password for Logon and for accessing to Shared data), so the workload of security validations is distributed to multiple Domain Controllers.
In addition, the BDC is the Backup: in case the PDC goes down, a BDC can be promoted to become (either temporary or permanent) the PDC.

The BDC can have up to a 5-minute lapse in SAM database entries, since the PDC pushes the SAM at that frequency.

There can be up to 20 BDCs in one domain. There should be at least one BDC at every remote WAN site and link point in a network. Should the communications link go down, the people on the local network would still be able to log on and use their machines. A PDC must be running to allow you to join a new domain.