The Domain Concept

The solution to all of these problems is the network domain. In a domain, you only have a single name and password, which gets you into every shared PC and printer on the network. Everyone's account information resides on a central computer called a domain controller-a computer so important, it's usually locked away in a closet or a data-center room.

A domain controller keeps track of who is allowed to log on, who is logged on, and what each person is allowed to do on the network. When you log onto the domain with your PC, the domain controller verifies your credentials and permits (or denies) you access.

Most domain networks have at least two domain controllers with identical information, so if one computer dies, the other one can take over. (Some networks have many more than two.) This redundancy is a critical safety net, because without a happy, healthy domain controller, the entire network is dead.

Without budging from their chairs, network administrators can use a domain controller to create new accounts, manage existing ones, and assign permissions. The domain takes the equipment-management and security concerns of the network out of the hands of individuals and puts them into the hands of trained professionals. You may sometimes hear this kind of networking called client/server networking.

Each workstation-that is, each mere mortal PC like yours-relies on a central server The Domain machine for its network access.

If you use Windows in a medium- to large-sized company, you probably use a domain every day. You may not even have been aware of it, but that's no big deal; knowing what's been going on right under your nose isn't especially important to your ability to get work done. After all, it's not your job-it's the network administrator's. But understanding the domain system can help you take better advantage of a domain's features.