Previous Topic: DISK ClassNext Topic: FILE Class


DOMAIN Class

Each record in the DOMAIN class defines a collection of computers that share a common database and security policy (domain). A domain provides access to the centralized user accounts and group accounts maintained by the domain administrator. Each domain has a unique name.

Note: You cannot create new objects in the DOMAIN class using CA ControlMinder.

The key to the DOMAIN record is the domain name.

The following definitions describe the properties contained in this class record. Most properties are modifiable and can be manipulated using selang or the administration interfaces. Non-modifiable properties are marked informational.

BDC

(Informational). The name of the computer that receives a copy of the domain's directory database and contains all account and security policy information for the domain. The copy is synchronized periodically and automatically with the master copy on the primary domain controller (PDC). Backup domain controllers (BDCs) also authenticate user logins and can be promoted to function as PDCs as needed. Multiple BDCs can exist on a domain.

COMPUTERS

Lists computers that are the members of the specified domain.

Use computer or computer- parameter with the chres and editres commands to modify this property.

DOMAIN_NAME

Defines the domain name.

DOMAIN_USERS

(Informational). Lists user and group accounts that are members of the specified domain.

PDC

(Informational). The name of the first computer created in the domain; this computer contains the primary storehouse for domain data. It authenticates domain logins and maintains the directory database for a domain. The primary domain controller (PDC) tracks changes made to accounts of all computers on a domain. It is the only computer to receive these changes directly. A domain has only one PDC.

TRUSTED

Lists trusted and trusting domains.

A trust relationship is a link between domains that allows pass-through authentication, in which a trusting domain honors the login authentications of a trusted domain. With trust relationships, a user with only one user account in one domain can potentially access the entire network. You can give user accounts and global groups defined in a trusted domain rights and resource permissions in a trusting domain, even though those accounts do not exist in the trusting domain's directory database.

Use the trusted or trusting- parameter with the chres and editres commands to modify this property. You should specify a password for this command.

TRUSTING

The Trusting domain are domains which trust the target domain.