Information Technology Reference
In-Depth Information
registration authority
A server configured with the Web
Enrollment role service.
See also
CA Web proxy.
schema directory partition
A directory partition containing
the information needed to define Active Directory objects and
object attributes for all domains in the forest.
relative identifier (RID)
The part of the SID that's unique for
each Active Directory object.
See also
security identifier (SID).
secondary zone
A DNS zone containing a read-only copy of all
resource records for the zone. Changes can't be made directly on a
secondary DNS server, but because it contains an exact copy of the
primary zone, it's considered authoritative for the zone.
security groups
A group type that's the main Active Directory
object administrators use to manage network resource access and
grant rights to users.
resolver
A DNS client that sends a recursive query to a DNS
server.
resource partner
In a federation trust, it's the trusting company
whose resources are accessed by the trusted company (account part-
ner).
See also
account partner.
resource record
Data in a DNS database that contains informa-
tion about network resources, such as hostnames, other DNS
servers, and services, and is identified by a letter code.
security identifier (SID)
A numeric value assigned to each
object in a domain that uniquely identifies the object; composed of
a domain identifier, which is the same for all objects in a domain,
and the RID.
See also
relative identifier (RID).
restricted enrollment agent
An enrollment agent that's lim-
ited to enrolling only specific users or security groups. Restricted
enrollment agents are available only with an enterprise CA.
security principals
An Active Directory object that can be
assigned permissions or rights to Active Directory objects and net-
work resources.
security templates
Text files with an .inf extension that contain
information to define policy settings in the Computer
Configuration\Policies\Windows Settings\Security Settings node of a
local or domain GPO.
Resultant Set of Policy (RSoP)
A report showing which policy
settings apply to a user, computer, or both and where these policy
settings originated. RSoP reports can be created using the RSoP
snap-in, the Group Policy Results Wizard in GPMC, and the
Gpresult.exe command-line program.
selective authentication
A property of a forest trust that
enables administrators to specify users who can authenticate to
selected resources in the trusting forest.
reverse lookup zone (RLZ)
A DNS zone containing PTR records
that map IP addresses to names; it's named with the IP network
address (IPv4 or IPv6) of the computer whose records it contains.
Server Core
A new Windows Server 2008 installation option
that uses a limited version of the GUI to take up fewer resources.
server features
Components you can install that provide func-
tions to enhance or support an installed role or add a stand-alone
feature.
right
A setting that specifies what types of actions a user can per-
form on a computer or network.
roaming profile
A user profile that follows the user no matter
which computer he or she logs on to. It's stored on a network share
so that when a user logs on to any computer in the network, the
profile is copied from the network share to the profile folder on the
local computer.
server operating systems
OSs designed to emphasize network
access performance and run background processes as opposed to
desktop applications.
role services
Services that can be installed in Server Manager to
add functions to the main server role.
See also
server role.
server role
A major function or service that a server provides.
service pack
A collection of bug fixes and security updates or
patches that can be installed on an OS to bring it up to date.
root CA
The first CA installed in a network. Clients are config-
ured to trust the root CA's certificate, and then implicitly trust the
certificate of any CA that's subordinate to the root.
shadow copies
A feature on the Windows file system that
allows users to access previous versions of files in shared folders
and restore files that have been deleted or corrupted.
share permissions
Permissions applied to shared folders that
protect files accessed across the network. Share permissions are the
only method for protecting files on FAT volumes.
shortcut trust
A manually configured trust between domains in the
same forest for the purpose of bypassing the normal referral process.
root hints
A list of name servers preconfigured on Windows
DNS servers that point to Internet root servers, which are DNS
servers located on the Internet and managed by IANA.
root servers
DNS servers that keep a database of addresses of
other DNS servers managing top-level domain names.
round robin
A method of responding to DNS queries when more
than one IP address exists for the queried host. Each IP address is
placed first in the list of returned addresses an equal number of
times so that hosts are accessed alternately.
SID filtering
When enabled, this option causes the trusting
domain to ignore any SIDs that aren't from the trusted domain.
single sign-on (SSO)
An authentication feature that makes it
possible for users to access resources in their own organization as
well as partner organizations with just a single logon.
scavenging
A process whereby the DNS server checks the zone
file for stale records periodically and deletes those meeting the crite-
ria for a stale record.
schema
Information that defines the type, organization, and
structure of data stored in the Active Directory database.
site
A physical location in which domain controllers communicate
and replicate information regularly.
schema attributes
A category of schema information that
defines what type of information is stored in each object.
site link
A logical connection between two sites that determines
the replication schedule and frequency between the sites.
site link bridging
A default property of a site link that makes it
transitive. To control the transitive nature of site links, you can
create site link bridges manually.
schema classes
A category of schema information that defines
the types of objects that can be stored in Active Directory, such as
user or computer accounts.
Search WWH ::
Custom Search