Networking (domain) principles

I'm lacking basic knowledge of domain controlled networks, so I'll ask few simple questions.
1) what exactly is a domain ? what are main diffrences between workgroup and a domain
2) what do I gain with a a server that controlles a domain and all computer connect to that domain
do I some how control client computers, if yes in what way
3) do I need to own an internet domain (expample: to use it locally

Some good howtos or tutorials in this direction would be greatly appriciated.
Who is Participating?
1. A domain is a microsoft term and essentially means that there is a server in the network that acts as a domain controller. In windows 2000/2003 a domain means that you are running an Active Directory. The HUGE difference from a workgroup and a domain is that a domain allows for central authentication and management. For example, in a domain, you add all your users in a directory on your domain controller (the server(s) that manage the domain) and when a user logs into their machine that is connected to the domain then their login is authenticated by the domain controller instead of locally on their local computer.

2.  You gain A LOT OF CONTROL over your network with a domain. The above reason is a big one...central authentication and management.  You no longer have to worry about setting up accounts on each individual computers. Imagine if you had 500 computers and you had to go around to each one of them to change a setting or setup an account? A domain (especially 2000/2003) allows for great control over client computers.

In 2000/2003, you have something called group policies. Say for instance I have 3 comptuers that I want to lock down a bit tighter so that users can't get to the control panel, change the screesaver or wallpaper, etc....then I can set a group policy only for those 3 computers that would do that. That is just one policy is VERY POWERFUL and you can do a lot with it.
3) do I need to own an internet domain (expample: to use it locally

No, you don't have to own an internet domain.
Actually, i take that last part back....

Quote from:

As a general rule, Microsoft recommends that you register DNS domain names for internal and external namespaces with Internet authorities. This includes the DNS names of Active Directory domains, unless such names are sub-domains of names that are registered by your organization name, for example, "" is a sub-domain of "".
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.