WORKGROUPS

Definition: A workgroup is defined as a peer-to-peer network of

computer systems. In a workgroup, computers can see and
communicate with each other, share files, etc. This is the simpler
network solution, which doesnt require a server.
In a workgroup:

All computers are peers; no computer has control over another

computer.

Each computer has a set of user accounts. To log on to any computer in

the workgroup, you must have an account on that computer.

There are typically no more than twenty computers.

A workgroup is not protected by a password.

All computers must be on the same local network or subnet.

Security:
The Group Policy can also be deployed in Workgroup security model but
there is no central tool available to configure all computers in one goes. For
example, you have 20 computers in your network. You need to configure the
same Group Policy settings on 20 computers. To do so you need to visit each
computer individually and then open Group Policy Editor and configure the
settings. As a manual process, this will take some considerable time. A
workaround to this is to copy the Group Policy settings. This is how you do it:
1.Log on to a workgroup computer using Local Administrator account.
2.Configure Group Policy settings using gpedit.msc snap-in.
3.Close the gpedit.msc snap-in.
4.Run the following commands to refresh the settings and before you
copy: If Windows 2000: Secedit.exe /refreshpolicy user_policy Secedit.exe
/refreshpolicy machine_policy If Windows XP or Windows 2003
Gpupdate.exe
5.Launch Windows Explorer Tools Folder Options View and then
select Show hidden files and folders, click Ok.
6.Create a shared folder named GPContents.
7.Go to %SystemRoot%\System32, locate the GroupPolicy folder, right
click and then select Copy and paste in GPContents shared folder.

8.Access each computer using UNC (\\computer\c$) and copy the

contents of GPContents\GroupPolicy to %SystemRoot
%\System32\GroupPolicy.
9.Restart all computers for the changes to take affect. Note: If you do not
want to restart your computer, you need to remotely execute the
Gpupdate or Secedit to refresh the Group Policy settings

Storage:
Storage model of the Active Directory, the common IEEE X.500 Directory
Services implementation is a standard. X.500 that provides a hierarchical
structure named the directory information tree (or DIT for short), which
contains a number of objects, each of which comprises one or more
attributes (the actual objects and applicable attributes are described in the
schema, which we'll discuss shortly). One important component of X.500 is
the organizational unit that can contain other objects and even other
organizational units; this is a crucial component for creating a directory
service that can mimic a business model.
Each object in the DIT has two names; one is an unambiguous name, the
distinguished name (DN), defining the name and exact location of the object.
The other is a relative distinguished name (RDN) which only contains the
name of the object relative to its position in the tree. An example of a
distinguished name would be: CN=John Savill, OU=IT, DC=savilltech,
DC=com. This shows an object by the name of John Savill in an
Organizational Unit called IT in a domain called savilltech.com. Its RDN would
be just "John Savill". The actual data for the domain is now stored in a file
called NTDS.DIT that is stored in the %systemroot%\NTDS folder by default.
This file is based on the Microsoft Extensible Storage Engine (ESE) as used by
Exchange.
Backup:
Computing workgroups face unique challenges when it comes to system
backups. These groups, of usually two to 50 people, use collaboration
software that allows them to update and pass along files. LANs designed
around workgroups provide electronic sharing of required data. These
workgroups can operate on their own or within an enterprise and are
typically outside the data center. Workgroup staffers often have little or no
administrative IT experience, yet they are usually responsible for these
backups. If there be a need for additional backup systems for Workgroups
configuration, all one need to do is install the backup software on the new

computers and setup their associated accounts. The backup process involves
licensing for that computer at the Backup Server end and setting up an
account for that computer at the Backup Server. Then, the information used
for installation and configuration of the Backup Client on the computer that
need to be backed up. Usually there is no need to open additional firewall
ports because all the traffic flows out from the Backup Client computer to the
off-site Network that has already been configured to accept Backup Clients.

DOMAINS
In a Windows network, a domain is a group of server computers that share a
common user account database. A user at a client computer can log in to a
domain to access shared resources for any server in the domain. Each
domain must have at least one server computer designated as the domain
controller, which is ultimately in charge of the domain.
Most domain networks share this work among at least two domain
controllers, so that if one of the controllers stops working, the network can
still function.
In a domain:

One or more computers are servers. Network administrators use

servers to control the security and permissions for all computers on the
domain. This makes it easy to make changes because the changes are
automatically made to all computers. Domain users must provide a
password or other credentials each time they access the domain.

If you have a user account on the domain, you can log on to any
computer on the domain without needing an account on that computer.

You probably can make only limited changes to a computer's settings

because network administrators often want to ensure consistency among
computers.

There can be thousands of computers in a domain.

The computers can be on different local networks.

Security:
Domain Networks can be created and managed by promoting any Workgroup
Server to the role of a Domain Controller or Primary Domain Controller (PDC).
Servers designated as Primary Domain Controllers contain a more thorough
and complex set of security and administrative properties which the
simplified Workgroup Server does not have.
Each Domain must have at least one designated PDC Server within its Forest
for centralized user account management through the AD. Domains share a
hierarchal directory of databases, security policies, and common security
relationships with other sub-Domains.
A PDC provides access to a centralized user account and workgroup account
policy as maintained by the Domain Administrator predominantly from the
AD Server itself. Because Domains use a hierarchy of parent-child
relationships within a Domain Forest, AD Domains are generally
recommended and most effectively used by larger organizations where
collaborative computing between numerous workgroups must span multiple
departmental servers with common sets of relational security policies in
place.

Storage:
Storage domains enable partition of storage, allowing hosts or host groups
access to specific volumes. Hosts access volumes on the array through the
physical host ports (or initiators) residing on host HBAs. Volume-to-LUN
mapping allows specification of the host or host group that can access a
specific volume on your storage array.
When configuring a storage array, we have to determine how to organize and
allocate the total storage capacity into volumes and share those volumes
among the data hosts. As we plan the storage configuration, it is important
that we consider these: 1) Performance requirements; 2) Access
requirements; 3) Combination of redundancy with performance.
Backup:
Recovery from the failure of a server instance requires access to the
domains configuration and security data. Several software tools can be
configured to perform certain domain backups automatically. The
administrator must also perform a manual backup of the domain
configuration artifacts and store those backups outside of the actual domain

directory. By default, the Administration Server stores a domains primary

configuration data in a file called domain_name/config/config.xml, where
domain_name is the root directory of the domain. The primary configuration
file may reference additional configuration files for specific WebLogic Server
services, such as JDBC and JMS. The configuration for specific services is
stored in additional XML files in subdirectories of the domain_name/config
directory, such as domain_name/config/jms and domain_name/config/jdbc.
The domain backup server stores a finite number of automated backups
locally in domain-name\config. For this reason, automated domain backups
are limited in their ability to guard against data corruption, such as a failed
hard disk. Automated backups also do not preserve certain configuration
data that are required for full domain restoration, such as LDAP repository
data and server start-up scripts. It is recommended to maintain multiple
backup copies of the configuration and security offline, in a source control
system, as described in Backing Up Domain Security Data.