|
(last updated 2005/2/4)
I do not expect to directly pursue this work further.
See Replacing/Preserving NT4 Server for rationale. CHS
NT4 PDC/BDC/Standalone
Servers
As a historian, my knowledge of Microsoft's networking products
is less than complete, to understate things. In the 80s I mostly paid
attention to Unix and Unix-related networking, especially Apollo's
Domain, Sun's NFS, the "Distributed Services" that we
built at IBM, LOCUS, the Andrew File System from CMU, and the
OSF DCE.
In the early 90s I mostly paid attention to Novell Netware.
I have no hands-on experience with any of the 3Com or Microsoft (or other?)
versions of LAN Manager. I remember that when I visited Redmond in the
early 90s I would always hear about the virtues of what became Windows
for Workgroups 3.11 (code-named "Winball"?). Yawn.
I'm not sure when Microsoft's notion of "Domains" appeared
in NT. Maybe it was there in the beginning, with NT 3.1, but I
didn't give it a try until 96(97?) and NT 4.0. Though far from perfect
and often aggravating, this was a vast improvment over my prior
Microsoft networking experiences.
The main notion is of "Domain Controller(s)" which provide
directory service regarding computers, file systems, printers,
users, "and all those things".
For each domain, one server is designated as a Primary Domain
Controller (PDC) when this server is installed.
When other servers are installed, they can be designated as Backup
Domain Controllers (BDC) for the same domain, or "Stand Alone"
servers. (Stand Alone servers are mostly like NT and Win 9x client machines
as far as the domain controllers are concerned.)
In my experience, this architecture has been a vast improvement over
the Microsoft alternative ("workgroups").
Commercially, NT has been strong enough to greatly displace Netware,
the previously dominant Windows networking solution.
However,
- There is no provision for hierarchy in the domain name space.
For example, here I have NT4NATIVE and NT4SAMBA3 domains,
but these bear no explicit relationship to each other (vs. the
obvious alternative of making them NT4NATIVE.technologists.com and
NT4SAMBA3.technologists.com). There are ad hoc mechanisms
for trying to make domains inter-relate, but they are inherently
limited by the "flat" name space.
- Binding the domain controller decisions at server installation time
is very limiting and frustrating. I say this with very recent
knowledge, having done more NT4 Server installations in the last
week than I wish to remember. It is relatively feasible to promote
a Backup Domain Controller to be Primary if the PDC permanently
disappears. Otherwise, in my experience it is not possible to
change a server's role, e.g., convert a Stand Alone server
to a BDC.
- Rightly or wrongly, the real identifier of a domain (and most
objects within a domain) is a 128-bit GUID (globally unique ID) and
not a name. So, for example, when I had to re-install the
PDC for domain "NT4NATIVE" I was really establishing a
brand-new domain. The BDCs that previously worked with NT4NATIVE
effectively became Stand Alone servers, and those had to be
re-installed from scratch to re-establish them as BDCs in the new
domain.
I'm sure there is much more I should say, but for now I'll
emphasize the flat name space as the biggest problem with this domain
controller architecture, and IMNSHO was the main requirement that led
to the development of Active Directory.
|
|
|
