12.3. The Domain Structure

In a Windows 2000 environment, a domain consists of workstations, servers, individual users, groups, and other AD objects that are logically organized within a single security boundary. Each object within that boundary is subject to the domain level Group Policy, set by an administrator with the appropriate permissions, dictating a set of rules and policies that affect these objects. Policies can range from the length of a user's password to the forced installation of a virus protection software package on each computer.

Windows 2000 also incorporates the use of Organizational Units, or OUs, within a domain. Organizational Units allow administrators to further segregate objects within AD for the purpose of implementing ...

Get Mastering™ Network Security, Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.