In a Microsoft Windows peer-to-peer network (also referred to as a workgroup) all computers on the network are equal. All computers (also referred to as nodes) simultaneously act as both clients and servers. This is an advantage for small networks that have 12 or fewer users.
New Features of Windows Peer-to-Peer Network
Windows Vista includes some of the following enhancements to the Windows peer-to-peer network:
People Near Me This new Windows Vista feature provides four important services:
- Discovery of users on the same subnet
- Ability to invite users to an application
- Publication of objects
- Contact management through the use of the Windows Address Book
Windows Peer-to-Peer Network Scenario
Imagine you are planning a network for a small real-estate office with five realtors. Should you set up a client/server-based network and spend money on a powerful machine, Windows 2008 Server, client access licenses (CALs), and a consultant who knows how to set up a Microsoft Active Directory domain? Or should you set up a Microsoft Windows peer-to-peer network? With a peer-to-peer network, all Windows Vista or XP Professional machines can be linked with each other through a small hub, and all users can share resources across the network (see Figure 1.14).
A Microsoft Windows peer-to-peer model has some disadvantages. All data is stored on individual workstations, and the local workstation’s owner controls the security. Each user needing to log onto a machine in a peer-to-peer network must have a local username and password.
Returning to our example, let’s suppose the real-estate office grows to employ 12 realtors.
Each realtor needs to be able to log onto any machine in the network:
12 users × 12 computers = 144 user accounts that need to be created
Windows Server 2008 Active Directory Network
IT departments for companies are responsible for maintaining the security of the company’s information. This involves planning for, implementing, and managing various network resources. Servers, workstations, and routers are common infrastructure devices that are used to connect users with the information they need to do their jobs. In all but the smallest environments, the effort required to manage each of these technological resources can be great.
That’s where Windows Server 2008 and Microsoft Active Directory come in. Active Directory is a data store that allows administrators to manage various types of information within a single distributed database. This is no small task, but many features of this directory services technology allow it to meet the needs of organizations that are small or large in size.
In its most basic definition, a directory is a repository that records information and makes it available to users. The overall design goal for Active Directory is to create a single centralized repository of information that administrators can work with to securely manage a company’s user accounts, security, applications, and more.
An Active Directory setup consists of one or more domains. A domain is a logical grouping of objects within your organization. Objects within a domain do not have to be physically located near each other.
Active Directory’s features include the following:
Hierarchical organization
Active Directory is based on a hierarchical layout. Through the use of various organizational components (or objects), a company can create a network management infrastructure and directory structure that mirrors the business organization. For example, if a company called Stellacon.com had several departments (such as sales and human resources), the directory services model could reflect this structure through the use of various objects within the directory (see Figure 1.15). Stellacon.com could then organize its users into the appropriate department containers.
The directory structure can efficiently accommodate the physical and logical aspects of information resources, such as access to other databases, user permissions, and computers.
Active Directory also integrates with the network naming service, the DNS. The DNS provides for the hierarchical naming and location of resources throughout the company and on
the public Internet.
Centralized data storage
All the information within Active Directory resides within a single, distributed, data repository. Users and systems administrators can easily access the information they need wherever they may be within the company. This is one of the most important design goals of the directory service—to provide a secure and centralized location for all your data. The benefits of centralized data storage include reduced administrative requirements, less duplication, higher availability, and increased visibility and organization of data.
Ease of administration
To accommodate various business models, Active Directory can be configured for centralized or decentralized administration. This gives network and systems administrators the ability to delegate authority and responsibilities throughout the organization while still maintaining security. They allow for making companywide changes with just a few mouse clicks.
Network security
Through the use of a single logon and various authentication and encryption mechanisms, Active Directory can facilitate security throughout an entire enterprise. Through the process of delegation, higher-level security authorities can grant permissions to other administrators. For ease of administration, objects in the Active Directory tree inherit permissions from their parent objects. Application developers can take advantage of many of these features to ensure that users are identified uniquely and securely. Network administrators can create and update permissions as needed from within a single repository, thereby reducing the chances of an inaccurate or outdated configuration.
No comments:
Post a Comment