The Domain Model in Windows NT

The Windows NT four platform met many of the challenges of the networked earth. However, like any technical solution, information technology had its limitations.

First and foremost, questions regarding the scalability of its rudimentary directory services prevented some potential inroads into corporate information centers. Windows NT used the concept of a domain to organize users and secure resources. A Windows NT iv domain is essentially a centralized database of security data that allows for the direction of network resources. A Windows-based domain is a logical grouping of computers that shares common security and user account data for the purpose of centralized security and administration. A domain is a logical entity practical to assistance secure and administer resources on your network. A domain is stored on a Domain Controller (DC), and when stored on NT 4 arrangement, it is called either a PDC (Primary Domain Controller) or a BDC (Backup Domain Controller) fifty-fifty though they are no longer used except in NT-4 based configurations. With advancements in Windows 2000 and across, all servers that participate in sharing domain information are just chosen DCs.

A single domain constitutes a unmarried administrative unit of measurement, and you lot can take multiple domains located within your organization although you lot will have a more complex authoritative scenario. The domain database in Windows 2000 (and Windows Server 2003) is now stored in Active Directory. The domain controllers are now peers in a Windows 2000 configuration. They all replicate to each other and so every bit to build reliability and loftier availability into the design.

As simply mentioned, domains are implemented through the use of Windows NT 4 Server computers that function as either Principal Domain Controllers (PDCs) or Backup Domain Controllers (BDCs). Every domain has exactly one PDC and may accept one or more BDCs depending on your needs. All network security accounts are stored within a fundamental database on the PDC. To better performance and reliability in distributed environments, this database is replicated to BDCs. Although BDCs tin help distribute the load of network logon requests and updates, there tin can exist just ane master copy of the accounts database. This master copy resides on the PDC, and all user and security account changes must be recorded by this machine and transmitted to all other domain controllers. Effigy i.one provides an example of such a topology.

In society to run into some of these design bug, several different Windows NT domain models have been used. Figure 1.2 provides an example of a multiple-master domain topology. In this scenario, user accounts are stored on one or more than master domains. The servers in these domains are responsible primarily for managing network accounts. BDCs for these user domains are stored in diverse locations throughout the organization. Network files, printers, databases, and other resource are placed in resource domains with their ain PDC and BDCs. The organization itself tin create and manage these domains equally needed, and it ofttimes administers them separately. In order for resources to be made available to users, each of the resources domains must have a trust relationship with the master domain(s). The overall process places all users from the master domains into global groups. These global groups are then granted admission to network resources in the resources domains.

Effigy 1.1 A Windows NT 4 domain topology using PDCs and BDCs

FIGURE 1.1 A Windows NT iv domain topology using PDCs and BDCs

The Windows NT domain model works well for small- to medium and even large-sized organizations. It is able to accommodate thousands of users fairly well, and a single domain can handle a reasonable number of resources. These are just guidelines, however, and the network traffic created to keep domain controllers synchronized and the number of trust relationships to manage can present a challenge to network and systems administrators—especially on networks that are currently low on bandwidth. Every bit the numbers of users grow, it can get much more than difficult for the domains to adapt large numbers of changes and network logon requests.

Keep reading here: The Limitations of Windows NT

Was this article helpful?