desktop security software  
security desktop order software software library technical support

security desktop

Home

Desktop Security

Internet Security

PC Time Limit

Protect Files

Security FAQ

Windows Tips

Internet FAQ

 

limit, kids, pc, time, security, desktop, child, online, limits, password, control, user, restrict, access, protect, privacy, internet, children

 

 

 

Version for print

What is a domain tree?

In Windows 2000, a domain can be a child of another domain (e.g., child.domain.com is a child of domain.com). A child domain name always includes the complete parent domain name. A child domain and its parent share a two-way transitive trust.

A domain tree exists when one domain is the child of another domain. A domain tree must have a contiguous namespace, as in the leftmost diagram in the Figure.

In the rightmost diagram in the Figure, the lack of contiguous names means that the domains canít be part of the same tree.

The treeís name is the root domain name. In my example, the tree is root.com. Because domains are DNS names and because domains inherit the parent part of the name, if you rename part of a tree, all of the parentís children are also implicitly renamed. For example, if you renamed the parent domain ntfaq.com to backoffice.com, the child domain sales.ntfaq.com would change to sales.backoffice.com. Although you canít currently rename part of a tree, this problem will arise in future versions of the OS.

You can currently create domain trees only when DCPROMO promotes a server to a domain controller (DC). This restriction might change in the OS that follows Win2K.

Placing domains in a tree yields several advantages. The most useful benefit is that all members of a tree have Kerberos transitive trusts with the domainís parent and all the domainís children. Transitive trusts also let any user or group in a domain tree obtain access to any object in the tree. In addition, you can use one network logon at any workstation in the domain tree.

Security FAQ

Windows Privacy Tools - http//www.privacywindows.com

 

l Security Officer l Internet Explorer Security l Protect Files l User Time Control l Security Desktop l Site Map

Copyrights 2006 Eugene Mihailov. All rights reserved