30

OPERATING SYSTEM

CHAPTER 4: DOMAIN
A. Definition
A group of computer in a network and share a common directory database. A domain is administered as a unit with common rules and procedures. Each domain has a unique name. A workgroup is two or more computers networked together. A workgroup is often called a peer to peer network because the computers are all peers to one another. No one machine is in charge, and security and other settings have to be made on each individual computer. In a domain, on the other hand, the networked computers have a definite hierarchy in that computers are either servers or clients. Domains have a unified security policy set on the domain controllers (servers) and users on client machines are authenticated by a server when logging on. The usual rule of thumb is that workgroups are manageable up to about ten computers; after that a domain is recommended.

B. Structure of Domain Names

microsoft.com
Top-domain/domain extension

Sub-domain

Sub-domain + Top-domain/domain extension = domain name

C. Types of Domain Extension

1. The Big 3: .com, .net and .org Although there has recently been some discussion about possible moves to restrict the .org top domain to non-profits, as was originally intended, the current situation is that all 3 of these domain name extensions are accessible to anyone, without restrictions, and are widely recognized around the world. 2. Country-level top domains (identified as such) Most countries now have a matching top-level domain name, under which domains are sold (either directly, or with an intervening sub-domain such as .co. or .org.)

31

OPERATING SYSTEM
Prime examples include .fr (France), .jp (Japan - where .co.jp is also in widespread use) and .co.uk. These types of top-level domain name are generally under government control, adding a level of durability and permanence that a 3rd party might find hard to match (see next subsection)

3. Country-level top domains (masquerading as something else) Control over some country-level top domains has been ceded, either permanently or under contract, to various commercial organizations around the world. Many of these organizations don't exactly go out of their way to advertise the local origin of their domain names. A prime example of this practice is the .tv top domain. While a perfectly legitimate top domain, it was in fact originally the top level domain reserved for the small Pacific island nation of Tuvalu. This fact is detailed in a small sub-section of the Company Overview, but nowhere else on the site. NOTE: There's nothing wrong with these top-level domain names, but they are only international by "agreement" - the underlying system has them matched to a specific country. If the agreement with the country in question expires or is renegotiated - as happened, for instance, with the .tm domain of Turkmenistan, then users may be locked out of their domains or the top level domain put out of reach of new applicants. 4. Sub-domains (masquerading as something else) As you may have seen elsewhere on this site, it is possible with the right configuration to set up an essentially infinite number of subdomains for any given domain name. Thus, for example, you can make the subdomains:y news.mylonganddulldomainname.com y weather.mylonganddulldomainname.com y sport.mylonganddulldomainname.com y etc. using "mylonganddulldomainname.com" as the starting point. Now, you probably wouldn't expect to be charged for "news.mylonganddulldomainname.com" - in fact, in this case you probably wouldn't even use this domain if it was handed to you free on a plate! And yet, there are a lot of companies in the business of selling "alternative" domain names which in practice are nothing more than subdomains of a single higher-level domain name. Again, as in the case of country-level subdomains sold as something else, the companies selling these types of domains don't go out of their way to explain their origins. An example may clarify this further: Uk.co is selling domain names of the form something.uk.co. Looks OK at first glance, right? That's until you realize that ".co" is the top level domain name for the country of Colombia, and that all that is on sale is subdomains of "uk.co"

32

OPERATING SYSTEM

5. Alternative top-level domain names (approved by ICANN) ICANN is the international body that oversees and controls the allocation of top-level domains around the world. Recently, they allowed for the creation of seven new international (noncountry-specific) domain names. These 7 new top domains are as follows:.aero .biz .coop .info .museum .name .pro

D. Domain Hosting
Single Domain Hosting Is a website hosting where you can host one domain only. It is the best option for people who have a single website and want to host it with reliable and low cost hosting provider. Multiple Domain Hosting Is more advanced type of website hosting, where you have the ability to host more than one domain with separated control panel for each one. This option is best for web developers and designers or anybody who want to host multiple websites on a single hosting account and be able to create sub accounts for each domain. Forest Domain You might have several domain trees in your organization that you need to share resources. To solve this problem, you can join the trees to form a forest. A forest is a collection of trees that don t necessarily form a contiguous namespace (although each tree must be contiguous). This arrangement might be useful if your company has multiple root DNS addresses, as in the Figure.

33

OPERATING SYSTEM

As the Figure shows, two root domains connect through a transitive, two-way Kerberos trust (much like the trust between a child and parent). Forests always contain a domain s entire domain tree. You can t create a forest that contains only part of a domain tree. When you promote a server to a domain controller (DC), DCPROMO creates a forest. Forest creation can t occur at any other time, although this restriction will change in the OS that follows Windows 2000. You can add as many domain trees to a forest as you want. All the domains in a forest can grant object access to any user in the forest. Thus, the administrator doesn t need to manually manage the trust relationships. Creating a forest provides the following benefits. All the trees have a common Global Catalog (GC) that contains specific information about every object in the forest. All the trees contain a common schema. Microsoft hasn t confirmed what happens if two trees have different schemas before you join the trees, because you currently can t join two trees. However, this problem will arise in future versions of the OS. Performing a search in a forest initiates a deep search of the entire tree in the domain you initiate the request from and uses the GC entries for the rest of the forest. You might prefer not to join trees into a forest. Instead, you can create normal trusts between individual tree elements.

34

OPERATING SYSTEM

DICTIONARY
Active Directory (AD) Active Directory (AD) is a Microsoft service which maintains a directory of users, machines, and services in an organization. Items in the directory are placed into Organizational Units (or OUs), and can be managed by chosen staff in that group. These items can be assigned groups and attributes, which can be used in different applications. Domain Names System (DNS) Short for Domain Name System (or Service or Server), an Internet service that translates domain names into IP addresses. Because domain names are alphabetic, they're easier to remember. The Internet however, is really based on IP addresses. Every time you use a domain name, therefore, a DNS service must translate the name into the corresponding IP address. For example, the domain name www.example.com might translate to 198.105.232.4. The DNS system is, in fact, its own network. If one DNS server doesn't know how to translate a particular domain name, it asks another one, and so on, until the correct IP address is returned. Domain Names A name that identifies one or more IP addresses. For example, the domain name microsoft.com represents about a dozen IP addresses. Domain names are used in URLs to identify particular Web pages. For example, in the URL http://www.pcwebopedia.com/index.html, the domain name is pcwebopedia.com. Every domain name has a suffix that indicates which top level domain (TLD) it belongs to. There are only a limited number of such domains. For example: y y y y y y y y gov - Government agencies edu - Educational institutions org - Organizations (nonprofit) mil - Military com - commercial business net - Network organizations ca - Canada th - Thailand

Because the Internet is based on IP addresses, not domain names, every Web server requires a Domain Name System (DNS) server to translate domain names into IP addresses.

35

OPERATING SYSTEM

Windows XP Professional Joining a Domain

In the Control-Panel, select the System icon (or right-click "My Computer" on the desktop and select Properties). Select the tab: "Computer Name". First, make sure that your system is configured as a workgroup, using as name for the workgroup the EXACT same name as the domain, which you like to join later.

Check in "My Network Places" that you can see the shared resources on the Domain server (in the example: on the system P120SVR).

36

OPERATING SYSTEM

You can also select to "View workgroup computers", and since your workgroup name is the same as the domain-name, you should now see all systems in the domain. Note: If you need to connect to a Windows 2000 Active Directory Domain server, which is configured without NetBIOS over TCP/IP, nothing will be shown here, in such cases use in "My Network Places" the "Search" to locate the Domain server.

37

OPERATING SYSTEM

Once you have checked the connection to the server, you must logout and login, otherwise you will get an error message: "Multiple connections to a server or shared resource by the same user, using more than one user name, are not allowed. Disconnect all previous connections to the server or shared resource and try again"

Once you have communication to the Domain server, and made a new login, THEN go again to the Control-Panel, select the System icon (or right-click "My Computer" on the desktop and select Properties). Select the tab: Computer Name. Select now to "Change"

38

OPERATING SYSTEM

Select to be a "Member of ... Domain", enter the name of your Domain (NOT of the Domain Server). Click on OK. If your network administrator has already created the "Computer Account" on the Windows NT4 or Windows 2000 Domain server, then you are done.

If the "Computer Account" does not yet exist on the Domain server, then you will be prompted for a Username and password. This is NOT any username defined on your Windows XP system, but a username defined on the Domain server, which has the rights to add systems to a Domain (usually the Administrator).

39

OPERATING SYSTEM

You need to get this Welcome message : Window : "Computer Name Changes" - "Welcome to the ....... domain"

Since joining a domain is a major change in the security configuration of your system, you will be reminded that you have to restart your system.

You will be back in the "System Properties", where you are now listed as being part of a domain. You are again reminded to restart your system, which you should do now.