[techbooks] REVIEW: "Windows NT Domain Architecture", Gregg Branham
- BKWNTDMA.RVW 990411
"Windows NT Domain Architecture", Gregg Branham, 1999, 1-57870-112-0,
%A Gregg Branham www.altusnet.com info@...
%C 201 W. 103rd Street, Indianapolis, IN 46290
%I Macmillan Computer Publishing (MCP)
%O U$39.95/C$57.95 800-858-7674 http://www.mcp.com info@...
%P 298 p.
%T "Windows NT Domain Architecture"
Most NT books will show you the dialogue boxes that are used to set up
domains. Some may even tell you, in simplistic terms, what a domain
is, and these generally also mention trust relationships. A domain
architecture, however, is a complicated beast, and worthy of
substantially more discussion. Which Branham intends to provide.
Chapter one outlines the workgroup and domain models for Microsoft
networking, with particular emphasis on the security complications of
workgroups. Domain controllers and some of the mechanisms for
authentication are reviewed in chapter two. The SAM (Security
Accounts Manager) is covered in chapter three, in some detail.
Chapter four describes basic trust relationships, but could benefit
from some discussion of more complicated examples. Various domain
models are presented in chapter five, but, again, the deliberation
could be extended, particularly where more complex security relations
are involved. Good, solid information about domain structures and
realities helps with domain planning in chapter six. Domain
reconfiguration, in chapter seven, points out some of the possible
traps to avoid. Chapter eight not only provides reliable information
about domain security, but also takes care to expose some of the more
prevalent security myths surrounding NT. User and groups relations
with domains and trust relationships is dealt with quite thoroughly in
chapter nine. Scripts, policies, and profiles are handled well enough
in chapter ten that NT administrators might find it worth investing in
the book even without needing to design domains. Chapter eleven's
coverage of resource permissions is good, but perhaps should
concentrate more on the effect of trust relationships in the complex
mix of permissions and rights. The function and operation of the
NETBIOS server resource browser is discussed in chapter twelve. DHCP
(Dynamic Host Configuration Protocol), WINS (Windows Internet Naming
Service), and DNS (Domain Name Service) operation is covered well in
chapter thirteen, but usage and setup could stand some additional
material. Appendices cover issues that can have an impact on domain
design, such as performance of individual machines for load balancing
to eliminate bottlenecks.
The material is very well supported with frequent citation to the
relevant Microsoft Knowledge Base articles. In addition, while
Branham does not go to great pains to point out design problems with
NT, he does not gloss over them, either. There are numerous points
raised about the differences between NT and the coming 2000 version.
In large measure, Branham succeeds in presenting information that is
covered poorly, if at all, in most NT texts. There is a great deal of
technical detail that will be useful both in tuning a network and in
diagnosing trouble. Some work should still be enhanced in the realm
between the broad concepts and the internals level specifics.
copyright Robert M. Slade, 1999 BKWNTDMA.RVW 990411
====================== (quote inserted randomly by Pegasus Mailer)
rslade@... rslade@... slade@... p1@...
Just because you are into control doesn't mean you are in control
- Larry Wall
http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade
eGroups.com home: http://www.egroups.com/group/techbooks
http://www.egroups.com - Simplifying group communications