Chapter 36. Windows NT Domains

Previous page
Table of content
Next page

SOME OF THE MAIN TOPICS IN THIS CHAPTER ARE

Workgroups and Domains 665

Windows NT User Groups 672

Managing User Accounts 675

Passwords and Policies 681

Strategies to Minimize Logon Problems 683

The Windows NT domain is a collection of users and resources. It is the primary unit of user and resource administration. Administrators in any particular domain can control the addition or modification of user accounts in their domain and can control which resources any user can access, along with the type of access. To begin to understand the logon process under Windows NT, you should first become cognizant of how users and security information is organized into user groups and domains and how these interact. Understanding how domains operate in the Windows NT environment makes it easier for you to plan an integration with, or upgrade to, Windows 2000 Server or Windows Server 2003. When you upgrade your network to include only Windows 2000 and 2003 computers, you'll find that instead of primary and backup domain controllers, you'll have only domain controllers (that are neither primary nor backup), which are essentially peers on the network. It is important to understand how primary and backup domain controllers work if you plan to keep Windows NT, Windows 2000, and 2003 computers all in the same network.

In this chapter we examine the tools an administrator can use to manage users of a Windows NT 4.0 server. In the next chapter we look at managing users of Windows 2000/Windows 2003 servers using the Microsoft Management Console (MMC) utility. As a prerequisite to the next chapter, you might want to first read Chapter 30, "Using the Active Directory."

Note

Windows Server 2003 and Windows XP Professional have both been available as a replacement for Windows NT 4.0 as well as Windows 2000. However, the basic concepts of the Windows domain are important to understand, whether or not your network contains Windows NT servers. These domains were incorporated into the Windows 2003 Active Directory as container objects. The trust relationships that you have to establish manually, as described in this chapter, are now transitive and automatic in the Active Directory. Yet, for those still using Windows NT 4.0, as well as those who have upgraded to Windows 2000 or Windows Server 2003, the concepts covered in this chapter can be useful. If you are still using Windows NT 4.0 domains, consider this chapter to be a guide to managing those domains. If you have already upgraded to the Active Directory, you should read this chapter to understand how domains have changed in the Active Directory, as well as to understand how to manage Windows NT 4.0 domains in your directory if you have a mixed-mode network that contains both Windows NT 4.0 domains and Windows 2000/Windows Server 2003 domain container objects.


Windows NT 4.0 has had several years to settle down. Although Windows NT 4.0 is a stable platform that has provided reliable operation over the years, the lack of ongoing support from Microsoft means that, as time passes, NT 4.0-based networks can become increasingly vulnerable to security threats. As of January 1, 2007, Microsoft will no longer provide any online support for Windows NT 4.0. Given the constant barrage of threats against networks of all sizes, it's time to move to Windows Server 2003 or to a well-supported Linux distribution to assure ongoing support for new technologies and security threats.

Tip

If you are not yet considering a move away from Windows NT 4.0 Server domains, you might want to review the availability and support schedule published at www.microsoft.com/ntserver/ProductInfo/Availability/Retiring.asp.


Upgrading to Windows 2000/2003 can be expensive from both a hardware and a software point of view. Planning the namespace for the Active Directory, used in Windows 2000 and Windows Server 2003, can be a complex task as well. A carefully managed Windows NT 4.0 network can continue to serve you for a few more years, but availability and support are dwindling. It would be a good idea to start planning your migration strategy early, because an adequate Active Directory model is much harder to design and implement than an adequate Windows NT 4.0 domain.

This chapter will walk you through the Windows NT 4.0 domain management utilities. The next chapter, Chapter 37, "Windows 2000 and Windows Server 2003 User and Computer Management Utilities," will introduce you to the new Microsoft Management Console (MMC), which is a consistent interface used to manage many aspects of Windows 2000/2003 (as well as the client operating system Windows XP Professional). You will also learn in that chapter how to manage users and user groups under Windows 2000.

Before you read that chapter, however, explore the concepts in this chapter so that you will better understand what a domain is. In Chapter 37, you will then find it easier to understand how these domains are incorporated into the Active Directory.



Previous page
Table of content
Next page
Upgrading and Repairing Networks
Upgrading and Repairing Networks (5th Edition)
ISBN: 078973530X
EAN: 2147483647
Year: 2006
Pages: 411
Authors: Scott Mueller, Terry William Ogletree, Mark Edward Soper
BUY ON AMAZON
The .NET Developers Guide to Directory Services Programming
Java for RPG Programmers, 2nd Edition
AutoCAD 2005 and AutoCAD LT 2005. No Experience Required
802.11 Wireless Networks: The Definitive Guide, Second Edition
Comparing, Designing, and Deploying VPNs
Python Standard Library (Nutshell Handbooks) with
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy