Active directory: Workgroup vs Domain networks

Definition

Active Directory is a directory service developed by Microsoft for Windows domain networks. It comes as a range of processes and functions for most Windows Server operating systems (Windows Server 2022, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012)

A directory is a hierarchical entity that retains information about items on a network. The techniques for storing directory data and making it available to network users and administrators are provided by a directory service, such as Active Directory Domain Services (AD DS). For example, AD DS maintains user account information including names, passwords, phone numbers, and so on, and allows authorized users on the network to access it.  

AD stores the data of many items are known as AD objects and they are typically the shared resources like servers, computer accounts, network users, volumes, and printers.

Security 

The security in AD is handled using logon authentication and access control to objects in the directory.

Administrators may manage directory data and organization across their network with a single network logon, and authorized network users can access resources from anywhere on the network. Even the most complex network can be managed more easily with policy-based administration.

Workgroup vs Domain accounts

What are domain accounts? 

Domain accounts are designed for the purpose of managing networks and resources on workplace networks. This type of account is the most tightly controlled of all Windows accounts and is managed by a network administrator.

Domain accounts are controlled by servers, also known as domain controllers (DC). Network admins use DCs to manage security and permissions for all computers in the domain.

To be a domain account, an Active Directory account must be created for the domain account. Active Directory is hosted on a local server, or on Microsoft Azure. With Azure Active Directory, credentials are managed in the cloud instead of a local server. There are six common characteristics of a domain account: 

  • Domain accounts need an account to log into a computer joined to the domain 
  • Domain controllers manage computers on the domain 
  • There can be potentially thousands of computers joined to a domain 
  • Computers on a domain can be on different local networks (different LANs)
  • Domain accounts can log into any of the other computers on the domain by using their domain login credentials 
  • Only limited changes can be made by the domain account user, the administrator has the full access

What are workgroup accounts?

A workgroup is a grouping of interconnected computers on a LAN that hold common resources and duties in computer networking. A workgroup is Microsoft's term for a peer-to-peer local area network.

Workgroup accounts are the default account for Windows computers and belong to the most basic of network infrastructures. This means that unless you join a domain (or a homegroup), your account will remain in a workgroup. Unlike domains, workgroups are not managed by a domain controller server. Rather, no computers in the workgroup have control over the others. This type of account is suitable for homes, small businesses, and clusters of computers that reside on the same local area network (LAN). The biggest benefit for the user with workgroup accounts is that users can make changes with a local group policy that would be impossible in a domain without administrator credentials.

  • No computer in the workgroup has control over any other computer; instead, they are peer computers, in other words, there's no hierarchy 
  • Each computer in the workgroup has multiple accounts associated with it. 
  • Each workgroup account can only log into the workgroup computer it belongs to 
  • Workgroup accounts are not password-protected 
  • Computers in a workgroup must all be on the same LAN or subnet 
  • The number of computers in a workgroup is far smaller than in a domain. This breaks down to an average of 20 computers for a workgroup

resources.infosecinstitute.com



Comments

Post a Comment

Popular posts from this blog

OpenVas: Vulnerability Scanning | Installation Guide

Image
  Introduction: OpenVAS is a vulnerability scanner that analyzes endpoints and web apps to uncover and detect flaws. Corporations frequently employ it as part of their mitigation strategies to initially identify any weaknesses in their operational or testing servers and apps. This isn't an ultimate solution, but it can assist in the elimination of any common weaknesses that may have sneaked through the gaps. Installation: There are three methods to install GreenBone openVas: 1- Install from Kali/OpenVas repositories:  This way varies in difficulty because of the needed configurations, you can simply install it with apt. sudo apt-get update -y &&  sudo apt-get upgrade -y &&  sudo apt-get dist-upgrade -y sudo apt-get install openvas sudo gvm-setup sudo gvm-check-setup 2- Install from source (Manually): This way is not the best for beginners due to prerequisite installations and error handling can be challenging. github.com/greenbone/openvas-scanner 3- Run from docker:
Read more

Fortinet NSE3 Certification | Course Notes

Image
The product lessons and use cases in this course are organized into the following Fortinet Security Fabric pillars: Security-Driven Networking Zero Trust Access Adaptive Cloud Security Security Operations To complete the course, you must successfully complete the Security Fabric Overview lesson, all lessons, and quizzes in the Security-Driven Networking module, plus at least one additional module of your choice. Module 1: Security Fabric Overview  Module Objectives Be conversant on the products that comprise the Fortinet Security Fabric, and understand the problems they solve  Recommend appropriate products to solve organizational network security problems Why is this course important This course will help you solve network security problems by understanding the characteristics of the Security Fabric, the capabilities of the products that comprise it, and how they interlock to provide a superior defense against today's most sophisticated cyberattacks. Organizational Problems and Pa
Read more

Wireshark for Security Analysis | Filter for unusual DNS packets

Image
                                                              This is a quick exercise to practice the previous information mentioned in the Wireshark customization article Download the pcap file from here and try to answer the following questions Questions How many UDP/TCP conversations do you see in this pcap? How many DNS conversations do you see in this pcap, and How many of them are malformed? How many DNS responses do you see? Do any of the responses have more than 100 answers? Can you set and save a filter for this activity? What is the packet with the most Answer RRs? How many UDP/TCP conversations do you see in this pcap? Answers How many UDP/TCP conversations do you see in this pcap? Statistics > Conversations How many DNS conversations do you see in this pcap, and How many of them are malformed? Statistics > Protocol Hierarchy How many DNS responses do you see? Filter for DNS > choose any packet > Right-click on the Response flag > Apply as a Filte
Read more