Windows 2003 Active Diretory (iii)--Establish a domain (1)

Source: Internet
Author: User

First, in the planning of 03 network environment, there are "workgroup" and "domain" two choices. Let's look at the following two features:

1. The fragmented network structure-Working group: The general working Group applies to small networks. A workgroup refers to a group of networked computers that share each other's resources, some of which are called Peer-to-peer networks. As you can see, under such a network structure, each computer cannot represent other computers, and can only manage its own resources. The disadvantages are as follows: 1, account management is more troublesome: for example, the network has 5 servers and 30 users, a total of 150 account data will be set up to enable all users to access the resources of each server, in addition, if any one of the changes, you have to modify 5 times to do. 2, to set the security of the computer separately: for example, to limit the user's logon period, you need to set up in front of each server.

2, the centralized network structure-domain: it can be understood that "domain" is to select a computer in the network as a "security control" server-domain controllers, domain controller accounts and security data, all included in the ad database.

Computer roles in the domain

1, domain controller. In fact, the 03 system is installed, and when the ad service is enabled, it becomes a DC, typically the first one. DC main work has: 1, the provision of ad services. 2, storage and replication of the ad database. 3, admin domain activities, including "User Login", "Authentication", and "directory Query" and so on

2, member server. When you install the 03 system, there are no computers installed with AD and domain membership. is a member server, such as file server, Application server AH. Here's the local account for the member server. The local account database is still available on the member server, and users can also log on to the server by using them. However, for domain security management, there are administrative vulnerabilities, so try not to use the local accounts of member servers and only allow domain accounts to log on.

3, workstation. Many people do not understand this, do not know how to understand. This is the workstation where any system is installed and the domain is joined. Users can take advantage of these workstations, access resources in the domain, execute applications, and so on. Also, the workstation is the database that retains the local account, and if the user logs on to the workstation with a local account, it is able to access the native resource, but cannot access resources on the domain.

Third, the establishment of the first domain

If there is no domain at the beginning of the network, the domain that is established is the "root domain"-the first domain of the entire network. Install the ad steps as follows: (actual combat came, hehe)

Open the Configuration Wizard

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.