Server Domain controller

[clark33]

Hi.

If I were to setup a Domain, for say 3 or 4 computers - are the clients protected at the server (domain controller), in terms of anti-virus, anti-spyware, firewall, maintenance - temp files etc.. or does that still have to be applied on each individual PC within the domain?

Guess what im trying to ask is how a server functions, if a user logs into their workstation - there not actually logging into the machine but the server machine (the domain controller?) and the server machine is being accessed by the clients at the same time.

im a little confused

 

[Hefemeister]

You need to have virus protection on the client computers as well as the server.

 

[oldskool]

Hi.

If I were to setup a Domain, for say 3 or 4 computers - are the clients protected at the server (domain controller), in terms of anti-virus, anti-spyware, firewall, maintenance - temp files etc.. or does that still have to be applied on each individual PC within the domain?

Guess what im trying to ask is how a server functions, if a user logs into their workstation - there not actually logging into the machine but the server machine (the domain controller?) and the server machine is being accessed by the clients at the same time.

im a little confused

As Hef said, you still need AV on all machines, both client and server sides.

In addition, to answer your question further, when you log in you are logging onto the local machine - you might be the administrator of the local machine or someone with appropriate permissions - then you "authenticate" with the server. That means you are logging into the server, but again, only if you have permissions granted already by the admin of that server.

In other words, it's possible you could log on to the local (client) machine, and not have appropriate permissions to the server, but say your partner could because he/she does have the permissions to that server.

A Domain Controller is a server in an Active Directory domain which means it updates Active Directory information through "replication", which differes from "member servers" which do not replicate AD information. That is one main
difference between servers in a domain.

Clients not part of a domain are usually part of a "workgroup".

A client machine that connects to a server is using, say, it's printing services, so the OS on the server authenticates the request by the client to use its (the server's) print services and with appropriate permissions granted being assumed here, the server will print the request. And yes, you can many multiple clients logged into a single server, but usually servers are dedicated to particular things, like print servers, mail servers, etc. Mail servers are usually part of a system called M$ Exchange but there are other OSes for that.

You could Google this subject and find tons of stuff on the internet. Any further questions I can try to help if you have any.

 

[clark33]

- So, would that mean when I log onto the local machine, using a username and password - i am logging into the server, which creates a user profile (say the very first time logging on) on the local machine. This user profile would then have to be setup with anti-virus, anti-spam ware etc. I thought this element was controlled from the server. Furthermore, a domain controller server is only used for AD then?

- I think i may be viewing this completly wrong - as in, i think im seeing a server that hosts all the software needed and then the clients hook onto this server and somehow work in that way. This is wrong i take it?

 

[bob442]

- So, would that mean when I log onto the local machine, using a username and password - i am logging into the server, which creates a user profile (say the very first time logging on) on the local machine. This user profile would then have to be setup with anti-virus, anti-spam ware etc. I thought this element was controlled from the server. Furthermore, a domain controller server is only used for AD then?

- I think i may be viewing this completly wrong - as in, i think im seeing a server that hosts all the software needed and then the clients hook onto this server and somehow work in that way. This is wrong i take it?

think of it this way.

the server host's the domain and controls its rescources.

the client computers witch join the domain, would login to the domain.

with a domain, secrity and cerdentails will carry from rescource to rescource, ie from a share on one pce to a share on a another.

when a pc is joined to a domain, most time unless the secuity policys are changed, the pc's will have an option to logon to the domain account or the local computer account witch can confuse things.

 

[office politics]

I think i may be viewing this completly wrong - as in, i think im seeing a server that hosts all the software needed and then the clients hook onto this server and somehow work in that way. This is wrong i take it?

when you promote a server to a domain controller, you add active directory to the network. this is Microsoft's version of directory services

Active Directory - Wikipedia, the free encyclopedia



Directory service - Wikipedia, the free encyclopedia

 

[oldskool]

- So, would that mean when I log onto the local machine, using a username and password - i am logging into the server, which creates a user profile (say the very first time logging on) on the local machine. This user profile would then have to be setup with anti-virus, anti-spam ware etc. I thought this element was controlled from the server. Furthermore, a domain controller server is only used for AD then?

- I think i may be viewing this completly wrong - as in, i think im seeing a server that hosts all the software needed and then the clients hook onto this server and somehow work in that way. This is wrong i take it?

Response to first highlighted part:
No, I was trying to point out that logging onto the local machine (the one you are at) and logging onto the server are different. That's what I meant by "permissions". The permissions are given to you by the administrator (all done behind the scenes by the admin) of the network when you access the server, and these permissions are controlled by that administrator or administrators.

The server OS, say Windows Server 2003, or 2008, for example, has it's own applications for everyone that is allowed access to that server to use. You have your own OS, say XP or Vista, but you need to access the server so you log on to the AD domain.

You need to understand that domain controllers are not the only computers on an AD domain. They often share real estate with member servers, other DC's, etc., A "domain controller" is a computer that has Active Directory installed, and when configured, can do its work on the network. Changes made to a domain controller are "replicated" (info about AD status, etc), which means copied over to all the other domain controllers on the network. Member servers, on the other hand, are part of a domain, but do not have Active Directory installed. You, on the client(local) machine would log on to the server, and with the appropriate software on your machine you can interface with the software on the server.

An example is a database program. You log on to the server, use your client software to check the database for some records. Most of the processor work on the server is allowing different people access to different programs, and most of the processor work on the client is processing the information coming from the server. So both computers are doing there own things, so to speak, but working together. The server is like a poker dealer at a casino; he is dealing to different people but has his or her eyes on everyone ! lol

Depending on the permissions assigned to you as a user, you may be able to print the database records, have access to only certain databases, etc.

Response to second highlighted part:

I think if you follow some of the links given above it may become a little more clear. It is a little tough to get your mind around it at first, but you will get it