Section 25.3. Four Ways Life Is Different on a Domain: Business Enterprise Ultimate

Previous page
Table of content
Next page

25.3. Four Ways Life Is Different on a Domain: Business ¢ Enterprise ¢ Ultimate

The domain and workgroup personalities of Windows Vista are quite different. Here are some of the most important differences.

25.3.1. Logging On

What you see when you log onto your PC is very different when you're part of a domain. Instead of the standard Welcome screen (which shows a list of people with accounts on your PC), you generally encounter a two-step sign-in process:

  • First, you see a startup screen that instructs you to press Ctrl+Alt+Delete to log on. (As noted on page 685, this step is a security precaution.)

  • When you select Switch User from the Logon screen, you'll have the opportunity to click "Other User " and then log into the domain you joined (see Figure 25-2).

    Figure 25-2. Joining a domain lets you keep using the Windows Vista Welcome screen, but you can click Switch User and choose Other User to have the opportunity to log in as a domain user .


    Tip: You can turn off the requirement to press Ctrl+Alt+Delete at each log on, if you like. Choose Start Control Panel; then click User Accounts User Accounts. Next, click Manage User Accounts. (You may be prompted for a local administrators password.) Now select the Advanced tab and turn off the "Require users to press Ctrl-Alt-Delete" checkbox.
UP TO SPEED
Knowing What You're Logging Onto

You may remember from Chapter 23 that there are two kinds of accounts: domain accounts, maintained by a highly paid professional in your company, and local accountsaccounts that exist only on the PC itself. It's actually possible to find domain accounts and local accounts that have the same namea perennial source of confusion for beginners (and occasionally experts).

For example, you know that every Vista computer has an Administrator account, which the Vista installer creates automatically. The trouble is, so does the domain controller.

In other words, typing Administrator into the User Name text box might log you onto either the local machine or the domain, depending on what password you supply. (With luck, the two accounts won't have the same password, but you never know.)

To avoid this kind of confusion, Windows Vista lets you specify which domain to log onto. Just prefix the account name with the domain name, like this: 2K3DOMAIN\Administrator .

And if you forget this secret code, you can always click the link marked "How do I log onto another domain?" at the logon screen, as shown in Figure 25-2.


As you see in Figure 25-2, the Log onto Windows dialog box provides a place for you to type your user name and password. To save you time, Windows fills in the User Name box with whatever name was used the last time somebody logged in.

25.3.2. Browsing the Domain

When your PC is part of the domain, all of its resourcesprinters, shared files, and so onmagically appear in your desktop windows, the Start Network window, and so on (Figure 25-3).

Figure 25-3. When you choose Start Network, you see an icon for each computer on the network. You can browse through the computers in a domain and access their shared folders (if you have the appropriate permissions) just as you would those of a workgroup. On a large network, youll just see a lot more computers .


Tip: If you open the Network window (Start Network), a message might appear that says, "Network discovery and file sharing are turned off," which means youre cut off from the network. To rejoin the game, click this message (or click Network and Sharing Center in the toolbar) to turn on Network Discovery.

25.3.3. Searching the Domain

You can read all about the Vista Search command in Chapter 3. But when you're on a domain, this tool becomes far more powerfuland more interesting.

When you choose Start Network, the toolbar changes to include an option to Search Active Directory. Click it to open the dialog box shown at top left in Figure 25-4.

Figure 25-4. Top left: Searching for people in your network's Active Directory is like using a phone book. You supply the information you know about the person .
Lower right: When you find that person (technically, her user object ), you can view the information stored in the user object's attributes. Of course, the usefulness of this feature depends on how much information your network administrators enter when creating the user objects .


The name of this dialog box depends on what you're looking for. Your choices are:

  • Users, Contacts, and Groups . Use this option to search the network for a particular person or network group (Figure 25-4). If your search is successful, you can, for example, find out someone's telephone number, email address, or mailing address, or see what users belong to a particular group .

  • Computers . This option helps you find a certain PC in the domain. It's of interest primarily to network administrators, because it lets them open a Computer Management window for the computer they find. It also lets them manage many of the PC's functions by remote control.

  • Printers . In a large office, it's entirely possible that you might not know where you can find a printer with certain featurestabloid- size paper, for example, or double-sided printing. That's where this option comes in handy (see Figure 25-5).

    Figure 25-5. Searching for a printer in Active Directory lets you find the printing features you need. Network administrators may also record the physical locations of the network printers. This way, when your search uncovers a printer that can handle executive paper and also print double-sided, you can simply look at its attributes to find out that it's located on the second floor of the building .


  • Shared Folders . In theory, this option lets you search for shared folders on the domain's computersbut you'll quickly discover that searches for a certain shared folder generally come up empty-handed.

    That's because just sharing a folder on your computer doesn't "publish" it to Active Directory, which would make it available to this kind of search. Only network administrators can publish a shared folder in Active Directory.

  • Organizational Units . You may not have heard of organizational units, but your network administrator lives and breathes them. (They're the building blocks of an Active Directory hierarchy.) You, the mere mortal, can safely ignore this search option.

25.3.3.1. Custom Searches

In addition to these predefined searches, you can also create a custom search of your own by looking for information in specific fields (that is, attributes) of Active Directory, as shown in Figure 25-6.

Figure 25-6. To perform a custom search, use the drop-down menus to select an object type and then a particular field in that object. You then specify a condition (such as whether you want to search for an exact value or just the beginning or end of the value) and the value you want to look for. When you click Find Now, a list of the objects matching your criteria appears .


When used creatively, these custom searches can be powerful indeed, in ways you might not expect. For example, suppose your car won't start, and you need a ride home from the office. You can open this dialog box, click the Field button, and choose User Home Phone. Change the Condition drop-down menu to Starts With, then type your own area code and telephone exchange into the Value text box. When you click the Find Now button, youll get a list of co-workers who live in your neighborhood (as indicated by the first three digits of their phone numbers ).

25.3.4. Assigning Permissions to Domain Members

Chapter 26 describes the process of assigning permissions to certain files and folders, so that only designated people and groups can open them from across the network. When you're a member of a domain, the process is the same, except that you can select people and groups from the domain as well.

When you open the Properties dialog box for a file or folder, click the Security tab, then click Edit and then Add, you don't get the same dialog box that you'd see on a workgroup network. On a domain, it's called the Select Users, Computers, or Groups dialog box (Figure 25-7). You'll also see this dialog box if you right-click on a folder, click Share, and then select Find from the drop-down menu to the left of the Add button.

Figure 25-7. Note that the standard location for the objects is your current domain. You can still click the Locations button and select your computer's name (to specify local user and group accounts), or even choose another domain on the network, if others are available .




Previous page
Table of content
Next page
Windows Vista. The Missing Manual
Windows Vista: The Missing Manual
ISBN: 0596528272
EAN: 2147483647
Year: 2006
Pages: 284
Authors: David Pogue
BUY ON AMAZON
Introducing Microsoft Office InfoPath 2003 (Bpg-Other)
C & Data Structures (Charles River Media Computer Engineering)
Programming Microsoft ASP.NET 3.5
Special Edition Using Crystal Reports 10
Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance
Java Concurrency in Practice
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy