Windows Domain

 in Windows  tagged network / domain by

Wikipedia begins to describe a Windows domain the following way: “A Windows domain is a form of a computer network in which all user accounts, computers, printers and other security principals, are registered with a central database located on one or more clusters of central computers known as domain controllers. Authentication takes place on domain controllers.”

If a company has a local area network with a Windows domain, workstation users will log on to the network to gain access to network resources by logging on to one of the available domain controllers. Here, the term domain has nothing to do with Internet domains or Internet domain names. The two meanings of domain are different.

Principal (computer security)

What is a principal? A principal, in computer security, as Wikipedia says: “is an entity that can be authenticated by a computer system or network. It is referred to as a security principal in Java and Microsoft literature. Principals can be individual people, computers, services, computational entities such as processes and threads, or any group of such things. They need to be identified and authenticated before they can be assigned rights and privileges over resources in the network. A principal typically has an associated identifier (such as a security identifier) that allows it to be referenced for identification or assignment of properties and permissions.”

Let’s back up a bit.

Network Operating System

A Windows domain is part of the client-server model of the network operating system. Peer-to-peer is the other model. What is a network operating system? As Wikipedia puts it: “The term network operating system is used to refer to two rather different concepts:”

  • A specialized operating system for a network device such as a router, switch or firewall.
  • An operating system oriented to computer networking, to allow shared file and printer access among multiple computers in a network, to enable the sharing of data, users, groups, security, applications, and other networking functions. Typically over a local area network (LAN), or private network. This sense is now largely historical, as common operating systems generally now have such features included.