a) Domain:A domain is an administrative unit within which certain capabilities and characteristics are shared. A domain defines the boundaries of administrative policies such as password complexity and account lockout policies. Such policies configured in one domain affect all accounts in the domain and do not affect accounts in other domains.
The domain is the most secure and manageable type of network, but it requires at least one centralized authentication server, called a domain controller (DC). The DC must run Windows Server and not a Windows client OS.
The following characteristics define a domain:
Ø Domains require access to an administrative account to join to and participate in the network.
Ø Domains require a dedicated server for account management and authentication processes.
Ø Only those with a user account in the domain can log onto domain.
Ø Domains can support thousands of computers.
Ø Domains allow computers to be on different LAN subnets.
Ø Domains provide centralized management and configuration options for the domain clients through
The domain is the most secure and manageable type of network, but it requires at least one centralized authentication server, called a domain controller (DC). The DC must run Windows Server and not a Windows client OS.
The following characteristics define a domain:
Ø Domains require access to an administrative account to join to and participate in the network.
Ø Domains require a dedicated server for account management and authentication processes.
Ø Only those with a user account in the domain can log onto domain.
Ø Domains can support thousands of computers.
Ø Domains allow computers to be on different LAN subnets.
Ø Domains provide centralized management and configuration options for the domain clients through
the use of Group Policy.
b) Forest:-- A forest is a collection of one or more Active Directory domains. The first domain installed in a
b) Forest:-- A forest is a collection of one or more Active Directory domains. The first domain installed in a
forest is called the forest root domain. A forest contains single definition of network configuration.
-- No data is replicated by Active Directory outside the boundaries of the forest. Therefore, the forest
-- No data is replicated by Active Directory outside the boundaries of the forest. Therefore, the forest
defines a security boundary.
-- A forest is a collection of trees managed collectively. At the top of each directory tree is the root
-- A forest is a collection of trees managed collectively. At the top of each directory tree is the root
entry, which contains other entries. These other entries can be containers or leaves.
c) Trees:--The DNS namespace of domains in a forest creates trees within the forest. If a domain is a
c) Trees:--The DNS namespace of domains in a forest creates trees within the forest. If a domain is a
subdomain of another domain, the two domains are considered a tree.
For example, if the STBS.ORG forest contains two domains, STBS.ORG and
For example, if the STBS.ORG forest contains two domains, STBS.ORG and
COMPUTER.STBS.ORG, those domains constitute a contiguous portion of the DNS namespace,
so they are a single tree.
--If, conversely, the two domains are STBS.ORG and SSASIT.COM, which are not contiguous in the
--If, conversely, the two domains are STBS.ORG and SSASIT.COM, which are not contiguous in the
DNS namespace, the domain is considered to have two trees. Trees are the direct result of the DNS
names chosen for domains in the forest.
d) Leaves:A leaf object represents an actual resource on the network, such as a workstation, printer, shared
directory, file, or user account. Leaf objects cannot contain other objects.
d) Leaves:A leaf object represents an actual resource on the network, such as a workstation, printer, shared
directory, file, or user account. Leaf objects cannot contain other objects.
Sign up here with your email
1 comments:
Write commentsgood
ReplyConversionConversion EmoticonEmoticon