Not that I have anyone actually reading this, but hey, why not!
I’ve decided that at least once a week, I will be talking about an aspect of my job, and little tips and tricks for my fellow IT people, especially those who aren’t yet at the professional level.
This week, I’m going to talk about some basics about domains, namely what a domain is, and how it works in your office.
” A Windows domain is a form of a computer network in which all user accounts, computers, printers and other security principals, are registered with a central database (called a directory service) located on one or cluster of central computers known as domain controllers. Authentication takes place on domain controllers. Each person who uses computers within a domain receives a unique user account that can then be assigned access to resources within the domain. Starting with Windows 2000, Active Directory is the Windows component in charge of maintaining that central database. The concept of Windows domain is in contrast with that of a workgroup in which each computer maintains its own database of security principals.”
Let’s break this down into two parts:
What these terms mean and why you care
First – I’m assuming you know what computers, accounts, and a network are. (If not, this may not be for you)
So, what’s a domain? Basically it is a special type of network that operates with two parts; clients and servers. The clients are the computers you use (also called workstations) don’t have the master list of users and passwords, but instead rely on the server to manage everything from basic security settings, what IP address it gets (depending on settings), keeping track of DNS (Domain Name) entries (Which translate into IP addresses | Again depending on settings) and security credentials (AKA usernames, passwords, etc.)
WHY YOU CARE
Long story short – You don’t logon to the computer you’re at, not directly. What does that mean for IT People? It means that all workstations must either a) Be connected (directly or via VPN (Covered next time) to a Domain Controller (DCs)(One of the “Boss” computers in the network) or have logged onto the specific account last. In domains, if you log into a computer with your username and password, the computer temporarily stores that information locally, so if you can’t talk to a DC you can still log in.
That is why network settings and security are so important within a business, because without your network your employees are often unable to access their files on the server (which is where most companies have you keep your files) and sometimes even run programs.
I think I’m going to stop here, so it’s time for….
PROTIP OF THE DAY! (AKA Something I didn’t know when I started):
When connecting a computer to a domain, it’s essential that the active network adapter’s DNS be set to a DC’s IP, or else Windows won’t be able to find a DC within the DNS Forest of the domain. It’s weird, but don’t forget that! If you see messages about “Can’t find Domain Controller”, chances are you forgot the DNS settings.
If you have any questions about what I’ve written, feel free to leave a comment, I’ll try to keep an eye out for any comments or questions you leave. If it’s something you need to know right now, just Google it. Don’t Bing it, “Because It’s Not Google”