Understand various "domain" contexts
Author: Ivan Voras IvanVoras FreeBSD
Reviewer: Sean Swayze firstname.lastname@example.org FreeBSD/OpenBSD
The term "domain(((domain)))" is used in Unix for several facilities. Understand the meaning of the term in the context of the Network Information System (NIS(((NIS)))), the Domain Name System (DNS(((DNS)))), Kerberos(((Kerberos))), and NTLM(((NTLM))) domains.
TODO: should this briefly mention the UNIX-domain protocol for local (on-machine) interprocess communication (because it is also called "domain")?
All "domains" that we're dealing with here are different ways of grouping certain types of information together. In particular:
- NIS, Kerberos and NTLM domains deal with system management and security - each of these allows managing system users and groups from a central location / repository that's located on dedicated servers. Machines belonging to one of these domains query the central server for security clearance and user information.
- DNS is is a system that assignes human readable names to IP addresses. DNS names form a hierarchy in which each system's fully qualified domain name (FQDN) (((FQDN))) is formed from the domain name part and a single system name part, and the domain names can be nested.
DNS name are hierarchical and nested; thus the name:
refers to a machine called "www" in the domain "servers.example.com" which is nested in "example.com" which is itself nested under ".com". The
nslookup(((nslookup))) tool can be used to inspect DNS names:
> nslookup www.google.com Server: dns.server.local Address: xxx.xxx.xxx.xxx Aliases: xxx.xxx.xxx.xxx.in-addr.arpa Non-authoritative answer: Name: www.l.google.com Addresses: 188.8.131.52, 184.108.40.206 Aliases: www.google.com
Note that high traffic sites have multiple computers answering to the same DNS name, in order to help performance (as demonstrated in the above example). DNS databases actually contain several types of records. The most common are "A" records which are widely used to access generic resources, but arguably equally popular are "MX" records that hold addresses of e-mail servers for specific domains:
> nslookup Default server: dns.server.local ... > set type=mx > gmail.com Non-authoritative answer: gmail.com preference = 50, mail exchanger = gsmtp183.google.com gmail.com preference = 5, mail exchanger = gmail-smtp-in.l.google.com gmail.com preference = 10, mail exchanger = alt1.gmail-smtp-in.l.google.com gmail.com preference = 10, mail exchanger = alt2.gmail-smtp-in.l.google.com gmail.com preference = 50, mail exchanger = gsmtp163.google.com Authoritative answers can be found from: gmail.com nameserver = ns2.google.com gmail.com nameserver = ns3.google.com gmail.com nameserver = ns4.google.com gmail.com nameserver = ns1.google.com
A Windows NT domain (NTLM) name is formed by two backlashes followed by a case-insensitive name containing no spaces, for example:
Computers and users on the NTLM (((NTLM))) domain can be referenced either by appending a backslash and the username to the domain name or by using the notation user@domain (with the meaning similar to standard unix and e-mail notation):
- Try several lookups of www.google.com with
nslookupand compare results
- See how many mail servers yahoo.com has
domainname(1), resolv.conf(5), krb5.conf(5), smb.conf(5)