Important Definitions

What does selecting the “Typical Network Settings” option do, while installing Windows Server 2003?

It causes the setup program to install the following components:

  • Client for Microsoft Networks.
  • Network Load Balancing (NLB) (This module is disabled by default).
  • File and Printer sharing for Microsoft Networks.
  • Internet Protocol (TCP/IP) components.

If you are connect to a LAN with no DHCP server, you must obtain an IP address and other TCP/IP configuration settings from your Network Administrator and select the “Custom Settings” option to apply them so that your computer can communicate with the LAN.

What is an Answer file?

An Answer file is a script that contains settings for all the options presented to the use during a Windows Server 2003 installation. If the Answer file is properly configured, the installation can go on unattended – because all the responses required by the setup will be provided by the Answer file.

During a mass deployment of the operating system, the Answer file may not be very useful because every computer must have some unique data such as Computer names and IP address etc.

What are Disk images?

When you are deploying Windows Server 2003 to a large number of identical computers, you can bypass much of the Operating System installation process by using a disk image – which is nothing but a bit by bit copy of the HDD in a computer which already has Windows Server 2003 installed. Transferring the image to another computer with the same hardware configuration enables the OS to run on that computer with no interactive installation.

Windows Server 2003 includes a tool called Remote Installation Services, which can be used by System Administrators to deploy such images to other computers in a network.

What is a Domain?

The Domain is the fundamental administrative unit of the Windows Server 2003 directory service. An organization might have more than one domain in it’s Active Directory. Multiple domain models create logical structures called Trees (when they share contiguous DNS names.).

Here is an example :, and share contiguous DNS namespaces and together, would be considered a tree. is the parent domain in which the child domains ( & are created. So, it is called the Root domain. (Refer to the image given below)

If domains in an Active Directory do not share a common Root domain, they exist as multiple trees. Multiple trees in an Active Directory make a Forest. A Forest is the largest structure in an Active Directory. It can contain multiple domains in multiple trees or just one single domain. When Active Directory consists of more than one domain, a component of Active Directory called the Global Catalogue enables computers in one domain find information in other domains.


Active Directory Domain and Sub-domains


ADS: (Active Directory Service). It is a centralized database which contains information about the Users, Computers, Shared Folders, Printers etc in the Network.

DC: (Domain Controller) It is the first computer to have Active Directory Service. This is also the first system to start a Domain Tree in a New Forest.

CDC: (Child Domain Controller) It is a sub-domain controller under the domain controller which shares the same domain name space.

NDEF: (New Domain in an Existing Forest) – It is a new Domain Tree under an existing Forest. It is a Domain Controller which shares a different Domain Name Space.

ADC: (Additional Domain Controller) – It is a backup server for the Domain Controller, Child Domain Controller and the New Domain in an Existing Forest.

TREE: It is the heirarchical structure of a Domain which follows the same Name Space.

FOREST: A combination of multiple domain trees is called a Forest.


What is a Group?

A group is a list of users that function as a Security principal. Group objects in Active Directory can contain User objects, Computers, Contacts and sometimes, even other groups. When you use a group as a security principal by adding it to an ACL (Access Control List), all members of the group receive the permissions assigned to the group. If new members are added to the group in the future, they also receive the same set of permissions. If the members are removed from the group, their permissions are also removed. (I will add a separate section on groups for better understanding)

Access Control List (ACL): Users must have appropriate permissions to access any resource in an Active Directory network. All resources in a network, (like shared folders, shared drives, printers etc.) have Access Control Lists. It is also referred to as ‘ACL’. An ACL is a list of all objects that have permission to access that particular resource along with the level of access that each object in the ACL is allowed. Objects in an ACL are called Security Principals. ACLs are displayed in the Security tab of any Properties dialogue box.

A user object can be used as a security principal to grant access to the user to all the resources required by the user (that is because a user object establishes the identity of a user on the network through the authentication process.)