A network domain is an administratively delimited network area that can be used to logically map the organizational structures of a company. Security policies, user rights, and user roles are managed centrally via a domain controller. A user logs on to a domain via the domain controller. Domains have unique names and are structured hierarchically.
What is a network domain?
Network domains, often just called domains, are used in enterprise networks. With the help of a domain, the organizational structure of a company can be logically mapped on the network. Security policies, user rights, and user roles are managed centrally via a domain controller (DC).
Domains are administratively delimited network areas in which users or resources and objects such as printers or file folders are assigned specific security policies and access rights. The domains have unique names and are organized hierarchically. To log on to a domain, the domain controller must be contacted.
In Windows networks, domains are implemented together with Active Directories and Active Directory Domain Services (ADDS). On Linux-based systems, the Samba software allows a server to take on the role of a domain controller.
Network domains should not be confused with broadcast domains or collision domains. Broadcast domains and collision domains are structures of the lower OSI layers of a network, which are important for routers, switches, bridges, and repeaters.
Structure and naming conventions of domains
Each domain requires a unique name that is assigned by the administrator. Naming is based on the conventions of the Domain Name System (DNS). Starting from a root domain, subordinate domains can be formed whose name contains the name part of the root domain. A domain tree is created.
The hierarchical structure of network domains can be implemented completely independently of the architecture and physical structure of a network and of the locations of the network objects. For example, several domains can be formed at one location or several locations can be combined in one network domain. The domains often represent organizational structures of a company such as departments or work groups.
The tasks of the domain controller in a network domain
The domain controller (DC) takes a central role in a network domain. It is a server that an administrator has designated as the domain controller. To log on to a domain, authenticate, or browse for objects and resources, the domain controller must be contacted.
In Windows networks, the Active Directory directory service is made available through the domain controller. In order to maintain the availability of network services and the use of important functions such as authenticating a user in the event of a domain controller failure, at least two domain controllers are usually provided per domain.
They provide automatic replication of important information among themselves, such as complete copies of the Active Directory database of a Windows network.
The advantages of a network domain
The use of the domain concept results in numerous advantages in a network, such as:
- Central administration of users, user rights, user roles, objects, and resources
- Mapping of the most diverse logical organizational structures
- Flexible extensibility of the domain tree and its domains
- High reliability and availability of domain functions through redundant domain controllers and automatic replication of important information
- Central enforcement of policies and access rights
- High information security