Learn AD in 15 Minutes a Week: Windows 2000 Network Environment Overview Page 2

By ServerWatch Staff (Send Email)
Posted Apr 2, 2003


Windows Workgroups

Windows workgroups are a grouping of networked computers that share out their resources. Workgroups are often referred to as peer-to-peer networks because all computers in the workgroup share resources as equals without the presence of a dedicated server or a centralized database of user accounts. Each computer in the workgroup maintains a local security database. These systems may be Windows 2000 Professional, Windows XP Professional or from the Windows 2000 Server family. Each would have a local security database with a list of user accounts and their respective security information for the computer or server on which it resides. The administration of user accounts and resource security in a workgroup is said to be decentralized for this reason.

[NOTES FROM THE FIELD] - On peer-to-peer networks, servers running any level of Windows Server operating system that are not a member of a Windows 2000 domain are called stand-alone servers.

Windows 2000 Professional, Windows XP Professional and the Windows 2000 Server family can participate in a workgroup or as domain members. Windows NT4 Workstation, Windows NT4 Server, Windows NT4 Server Enterprise Edition as well as Windows NT4 Terminal Server can be included in these as well. For the purposes of concentrating on Active Directory discussion I will not refer to them often, but it's good to know that these down-level operating systems could be included as well.

When setting up, using and administering a peer-to-peer network, there are a number of advantages and disadvantages. Some disadvantages are:

Users need to have a user account on each system where they will need access to the local resources on that system. If the account is not set up the same on each machine (e.g. username and password) users would then need to remember what name and password combinations are required on which systems.

Changes made to user accounts must be made on each computer in the workgroup. A user that needs to update their password for access to files on workstation A and the printer on workstation B and the database on server DB would need to update the password at each resource. (Or the local admin of each resource would need to do it for the user.)

A workgroup becomes difficult to administer in environments with more than 10 local security databases.

[NOTES FROM THE FIELD] - On peer-to-peer networks, workstation level operating systems are limited to 10 concurrent connections by design, meaning, that once all ten connections are made, via logons, drive mappings, browsing the network, or printing to a printer, all additional connections will be refused, regardless of the user. Even a local administrator would not be allowed to make a network connection in this case.

Workstation level operating systems include Windows NT4 Workstation, Windows 2000 Professional and Windows XP Professional.

If a Windows Server level operating system is in use in a peer-to-peer environment, it will not limit the number of connections, as it does not have this connection limit design.

Windows peer-to-peer networks do have a couple of advantages as well.

Peer-to-peer networks do not require having the more expensive Windows Server family of operating system installed to hold centralized security information. If there are just a few users who need access to three or four systems, installing the more expensive operating system doesn't make sense.

A peer-to-peer workgroup is simple to design and implement and does not require the extensive planning and administration that goes into a domain. Also, each local system owner (hence, administrator) is in charge of their own resource. If there are just a few users who need access to three or four systems, making each local system owner responsible for their own resource and local accounts as opposed to one higher level administrator is usually more convenient in this scenario.

A peer-to-peer workgroup is only convenient for a limited number of systems.

Page 2 of 3


Comment and Contribute

Your name/nickname

Your email

(Maximum characters: 1200). You have characters left.