Connecting to a Windows Domain

Workgroup connections, such as those configured for home and small office use, do not provide any centralized administration or security. To use the network, you have to authenticate on a local machine using a local account configured on that computer. Because workgroups can be difficult to manage and rather difficult to secure, medium to larger environments typically use a domain.

In a domain environment, the domain controllers hold the local security database and network administrators manage user and computer accounts through the Active Directory from a Windows 2000 or Windows.NET server. A network administrator determines your username and password, and configures an account for you in the Active Directory. When a Windows logon dialog box appears, you enter that username and password. The username and password is sent to the domain controller for authentication. If granted access, you log on to Windows, and your computer and user account are active on the network. So you do not configure user accounts on a local computer, and you can log on to any workstation using your username and password, unlike a workgroup environment where user accounts are managed locally.

Domains, of course, are much more expensive than workgroups, since you have to provide Windows servers and administrators to manage those servers. Since Windows XP cannot be a domain controller, we’ll focus on domain connectivity in this section, not the management of a domain from Windows 2000 or Windows.NET server. To join a Windows XP Professional computer to a Windows domain, you’ll need a few things set up and ready before you can actually join:

  • You must be using Windows XP Professional. Windows XP Home edition cannot join a Windows domain.

  • A network administrator must create a computer account for the computer in the Active Directory.

  • A network administrator must create a username and password for the user. You’ll need this information, along with the name of the domain, when you configure your computer to join a domain.

  • The computer’s TCP/IP settings should be set to “obtain an IP address automatically” so that a DHCP server can provide a valid IP address for your computer.

  • Your computer must be configured with a NIC and physically connected to the network.

  • You can join a domain with wizard help, or you can do so manually. If you do not have a lot of experience using the manual approach, I recommend the wizard to get you started. The following steps show you how to join a domain using the Network Identification Wizard.

Joining a Domain

  1. On Windows XP Professional, log on with an administrator account.

  2. Click Start | Control Panel | System.

  3. In the System Properties dialog box, click the Computer Name tab. As you can see here, the name tab gives you a computer description and Network ID and Change buttons.

    click to expand

  4. Click the Network ID button. This opens the Network Identification Wizard, which guides you through the rest of the process. Click Next on the Welcome page that appears.

  5. The next page asks you if the computer will be a part of a business network (domain) or a home/small office computer (workgroup), as shown here. Select the business network option and click Next.

  6. In the Connecting a Network page, select the My Company Uses a Network with a Domain option and click Next.

  7. The next page tells you about the username, password, domain name, and possibly computer name information that you will need. Click Next when you have read the page.

  8. On the User Account and Domain Information page, shown here, enter your username, password, and domain name. Keep in mind that the password is case sensitive. Click Next.

    click to expand

  9. You may also be asked to verify the computer and the domain. If so, enter the information in the provided page and click Next.

  10. In the User Account page, you can choose to add the domain user account to the local user accounts so the user can gain access to local system resources, as shown here. This feature enables you to limit what the user can do on the local machine or even make the user account a local administrator account.

    click to expand

    For example, I am logging on to a domain using my username, csimmons. However, I also want administrative control over my local computer. So I simply agree to add the new user account to the local computer. I can then log on locally with my administrative account and make this domain account a local administrator account. Now I have one login for the domain that allows me to completely manage my local computer as well. Make a selection and click Next.

  11. If you chose to add the user, choose the level of access that you want to assign, as shown here, and click Next.

    click to expand

  12. Click Finish. A prompt appears for you to restart your computer.

The Network Identification Wizard helps you walk through the steps of joining a domain, but you can do so more quickly simply by clicking the Change button on the Network Identification tab of System properties. This option basically distills the wizard pages to a single dialog box, shown in Figure 9-12, where you enter the computer name and (if necessary) click the option to log on to a Windows domain, and enter the domain name. Simply click OK to join the domain and enter the username and password for your domain account when prompted. You’ll need to restart your computer once you complete the joining process.


Figure 9-12: Computer Name Changes

Troubleshooting: Changes in Windows XP Professional After Joining a Domain

start example

Once you join a Windows XP Professional computer to a domain, there are some changes and restrictions that take place on the operating system. You may hear complaints about some of these, and it's a good idea to get familiar with them so you'll know what is really a problem and what is simply normal behavior. After you join Windows XP Professional to a domain, you'll find

  • Fast user switching will not work when you log onto a domain.

  • There is no automatic logon.

  • There are no password hints available, should you forget your password.

  • The Logoff and Shut Down screens appear differently (they do the same thing, but they look more like Windows 2000).

  • No username icon appears on the Start menu.

  • ctrl-alt-del gives you the Windows security dialog box instead of Task Manager.

  • There is no Internet Time tab found on Date and Time properties.

  • Simple File Sharing is disabled.

end example




A+ Technician's on the Job Guide to Windows XP
A+ Technician's on the Job Guide to Windows XP
ISBN: 72226900
EAN: N/A
Year: 2003
Pages: 164

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net