Friday, 24 August 2012

What Are Domains?


The Domain is the core unit of logical structure in Active Directory. Grouping objects into one or more domains allows a company’s organization to be reflected in its network.
All network objects exist within a domain, and each domain stores information only about the objects it contains (objects that belong to that domain).
A domain boundary contains objects to which access is restricted by the use of Access Control Lists (ACLs), populated by Access Control Entries (ACEs).  All security polices and settings, such as administrative rights, security policies, and Access Control Lists (ACLs), do not cross from one domain to another, thus a domain administrator has absolute rights to set policies only within domain they belong to.
Domains provide the following three functions:
        An administrative boundary for objects
        A means of managing security for shared resources
        A unit of replication for objects

No comments:

Post a Comment