- Windows Server domain
A Windows Server domain is a logical group of computers running versions of the
Microsoft Windows operating system that share a central directory database. This central database (known asActive Directory starting withWindows 2000 Northrup, Tony. [http://www.microsoft.com/technet/prodtechnol/windows2000serv/plan/int2ksrv/intro11.mspx "Introducing Microsoft Windows 2000 Server"] , Microsoft Press, 1999. ISBN 1-57231-875-9] , also referred to as NT Directory Services on Windows NT Server operating systems, or NTDS) contains the user accounts and security information for the resources in that domain. Each person who uses computers within a domain receives his or her own unique account, oruser name . This account can then be assigned access to resources within the domain.In a domain, the directory resides on computers that are configured as "
domain controller s." A domain controller is a server that manages all security-related aspects between user and domain interactions, centralizing security and administration. A Windows Server domain is normally more suitable for moderately larger businesses and/or organizations.Windows Workgroups, by contrast, is the other model for grouping computers running Windows in a networking environment which ships with Windows. Workgroup computers are considered to be 'standalone' - i.e. there is no formal membership or authentication process formed by the workgroup. A workgroup does not have servers and clients, and as such, it represents the
Peer-to-Peer (or Client-to-Client) networking paradigm, rather than the centralised architecture constituted by Server-Client. Workgroups are considered difficult to manage beyond a dozen clients, and lack single sign on, scalability, resilience/disaster recovery functionality, and many security features. Windows Workgroups are more suitable for small or home-office networks.A domain does not refer to a single location or specific type of network configuration. The computers in a domain can share physical proximity on a small LAN or they can be located in different parts of the world. As long as they can communicate, their physical position is irrelevant.
The benefits of a domain are
# Centralized Administration - Management of the entire domain can be done with access to one database.
# Single Logon Process - Access to network resources can be granted through a single logon.
# Scalability - Very large networks can be created.The Downsides of a domain are
# Viruses - A virus could spread quickly across machines.dubious
# Document Security - Easier to access anyone's documents if the password is cracked.dubiousComputer s inside an Active Directory domain can be assigned into organizational units according to location, organizational structure, or other factors. In the original Windows Server Domain system (shipped withWindows NT 3.x/4) machines could only be viewed in two states from the administration tools, 1) computers detected (on the network), and 2) computers that actually belonged to the domain. Active Directory makes it easier for administrators to manage and deploy network changes and policies (seeGroup Policy ) to all of the machines connected to the domain.Computers can connect to a domain easily via
LAN , or via WAN using aVPN connection. Users of a domain are able to use enhanced security for their VPN connection due to the support for acertification authority which is gained when a domain is added to a network, and as a resultsmart cards anddigital certificates can be used to confirm identities and protect stored information.ee also
*
Active Directory
*Security Accounts Manager , or SAMExternal links
* [http://www.microsoft.com/windowsserversystem/default.mspx Microsoft official website]
* [http://faq.midrange.com/data/cache/298.html A description at an IBM iSeries (AS/400) user's website]Notes
Wikimedia Foundation. 2010.