Understand various "domain" contexts

Author: Ivan Voras IvanVoras FreeBSD

Reviewer: Sean Swayze swayze@pcsage.biz FreeBSD/OpenBSD

Reviewer: name contact BSD flavour


Concept

The term "domain(((domain)))" is used in Unix for several facilities. Understand the meaning of the term in the context of the Network Information System (NIS(((NIS)))), the Domain Name System (DNS(((DNS)))), Kerberos(((Kerberos))), and NTLM(((NTLM))) domains.

TODO: should this briefly mention the UNIX-domain protocol for local (on-machine) interprocess communication (because it is also called "domain")?

Introduction

All "domains" that we're dealing with here are different ways of grouping certain types of information together. In particular:

  • NIS, Kerberos and NTLM domains deal with system management and security - each of these allows managing system users and groups from a central location / repository that's located on dedicated servers. Machines belonging to one of these domains query the central server for security clearance and user information.
  • DNS is is a system that assignes human readable names to IP addresses. DNS names form a hierarchy in which each system's fully qualified domain name (FQDN) (((FQDN))) is formed from the domain name part and a single system name part, and the domain names can be nested.

Examples

DNS name are hierarchical and nested; thus the name:

www.servers.example.com

refers to a machine called "www" in the domain "servers.example.com" which is nested in "example.com" which is itself nested under ".com". The nslookup(((nslookup))) tool can be used to inspect DNS names:

> nslookup www.google.com
Server:  dns.server.local
Address:  xxx.xxx.xxx.xxx
Aliases:  xxx.xxx.xxx.xxx.in-addr.arpa

Non-authoritative answer:
Name:    www.l.google.com
Addresses:  216.239.37.104, 216.239.37.99
Aliases:  www.google.com

Note that high traffic sites have multiple computers answering to the same DNS name, in order to help performance (as demonstrated in the above example). DNS databases actually contain several types of records. The most common are "A" records which are widely used to access generic resources, but arguably equally popular are "MX" records that hold addresses of e-mail servers for specific domains:

> nslookup
Default server: dns.server.local
...

> set type=mx
> gmail.com
Non-authoritative answer:
gmail.com   preference = 50, mail exchanger = gsmtp183.google.com
gmail.com   preference = 5, mail exchanger = gmail-smtp-in.l.google.com
gmail.com   preference = 10, mail exchanger = alt1.gmail-smtp-in.l.google.com
gmail.com   preference = 10, mail exchanger = alt2.gmail-smtp-in.l.google.com
gmail.com   preference = 50, mail exchanger = gsmtp163.google.com

Authoritative answers can be found from:
gmail.com   nameserver = ns2.google.com
gmail.com   nameserver = ns3.google.com
gmail.com   nameserver = ns4.google.com
gmail.com   nameserver = ns1.google.com

A Windows NT domain (NTLM) name is formed by two backlashes followed by a case-insensitive name containing no spaces, for example:

\\MYCORP

Computers and users on the NTLM (((NTLM))) domain can be referenced either by appending a backslash and the username to the domain name or by using the notation user@domain (with the meaning similar to standard unix and e-mail notation):

\\MYCORP\joe
joe@mycorp

Practice Exercises

  1. Try several lookups of www.google.com with nslookup and compare results
  2. See how many mail servers yahoo.com has

More information

domainname(1), resolv.conf(5), krb5.conf(5), smb.conf(5)