Windows domain


Windows domain

A Windows domain is a collection of security principals that share a central directory database. This central database (known as Active Directory starting with Windows 2000,[1] Active Directory Domain Services in Windows Server 2008 and Server 2008 R2, also referred to as NT Directory Services on Windows NT operating systems, or NTDS) contains the user accounts and security information for the resources in that domain. Each person who uses computers within a domain receives his or her own unique account, or user name. This account can then be assigned access to resources within the domain.

In a domain, the directory resides on computers that are configured as "domain controllers." A domain controller is a server that manages all security-related aspects between user and domain interactions, centralizing security and administration. A Windows Server domain is generally suited for businesses and/or organizations when more than 10 PCs are in use.

Windows Workgroups, by contrast, is the other model for grouping computers running Windows in a networking environment which ships with Windows. Workgroup computers are considered to be 'standalone' - i.e. there is no formal membership or authentication process formed by the workgroup. A workgroup does not have servers and clients, and as such, it represents the Peer-to-Peer (or Client-to-Client) networking paradigm, rather than the centralized architecture constituted by Server-Client. Workgroups are considered difficult to manage beyond a dozen clients, and lack single sign on, scalability, resilience/disaster recovery functionality, and many security features. Windows Workgroups are more suitable for small or home-office networks.

A domain does not refer to a single location or specific type of network configuration. The computers in a domain can share physical proximity on a small LAN or they can be located in different parts of the world. As long as they can communicate, their physical position is irrelevant.

Computers inside an Active Directory domain can be assigned into organizational units according to location, organizational structure, or other factors. In the original Windows Server Domain system (shipped with Windows NT 3.x/4) machines could only be viewed in two states from the administration tools, 1) computers detected (on the network), and 2) computers that actually belonged to the domain. Active Directory makes it easier for administrators to manage and deploy network changes and policies (see Group Policy) to all of the machines connected to the domain.

Computers can connect to a domain easily via LAN, or via WAN using a VPN connection. Users of a domain are able to use enhanced security for their VPN connection due to the support for a certification authority which is gained when a domain is added to a network, and as a result smart cards and digital certificates can be used to confirm identities and protect stored information.

See also

Notes

  1. ^ Northrup, Tony. Introducing Microsoft Windows 2000 Server, Microsoft Press, 1999. ISBN 1-57231-875-9

Wikimedia Foundation. 2010.

Look at other dictionaries:

  • Domain — may refer to: General Territory (administrative division), a non sovereign geographic area which has come under the authority of another government Public domain, a body of works and knowledge without proprietary interest Eminent domain, the… …   Wikipedia

  • Domain Master Browser — As part of the Microsoft Windows Server Operating Systems, the browser service is used to host information of other Windows computers within the same Windows domain or TCP/IP network. Browsing in these terms is specific to viewing network… …   Wikipedia

  • Windows NT startup process — The Windows NT startup process is the process by which Windows NT 4.0, Windows 2000, Windows XP and Windows Server 2003 operating systems initialize. In Windows Vista and later, this process has changed slightly; see Windows Vista startup process …   Wikipedia

  • Windows 2000 — Part of the Microsoft Windows family Screenshot of Windows 2000 Professional …   Wikipedia

  • Windows Server 2008 — Part of the Microsoft Windows family …   Wikipedia

  • Windows Small Business Server — Developer(s) Microsoft Stable release 2011 / December 13, 2010 Type Application server License Microsoft EULA …   Wikipedia

  • Windows Server 2003 — Part of the Microsoft Windows family …   Wikipedia

  • Domain-Name-System — (DNS) Familie: Internetprotokollfamilie Einsatzgebiet: Namensauflösung Ports: 53/UDP, 53/TCP DNS im TCP/IP‑Protokollstapel: Anwendung DNS Transport UD …   Deutsch Wikipedia

  • Domain Name Server — Domain Name System (DNS) Familie: Internetprotokollfamilie Einsatzgebiet: Namensauflösung Ports: 53/UDP, 53/TCP DNS im TCP/IP‑Protokollstapel: Anwendung DNS Transport UD …   Deutsch Wikipedia

  • Domain Name Service — Domain Name System (DNS) Familie: Internetprotokollfamilie Einsatzgebiet: Namensauflösung Ports: 53/UDP, 53/TCP DNS im TCP/IP‑Protokollstapel: Anwendung DNS Transport UD …   Deutsch Wikipedia


Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”

We are using cookies for the best presentation of our site. Continuing to use this site, you agree with this.