account domain

A domain that holds user account data. Also known as a master user domain.

See also: resource domain

built-in accounts

Default security groups that have common sets of rights and permissions. You can use built-in accounts to grant permissions to any accounts or groups that you designate as members of these groups. Built-in account security identifiers (SIDs) are identical in every domain. Therefore, built-in accounts cannot be migration objects.

cross-domain move proxy

When an object is moved from one domain to another within the same forest, the object is permanently deleted and a marker is left in place of the object and the old domain, indicating that the object used to be there. This marker is called a proxy.

domain consolidation

A restructuring process that involves eliminating Active Directory domains by merging their contents with the contents of other domains.

domain restructure

A migration process that involves changing the domain structure of a forest. A domain restructure can involve either consolidating or adding domains. It can take place between forests or within a forest.

domain upgrade

The process of installing a newer version of an operating system on all domain controllers in a domain.

There are no glossary terms that begin with this letter.

forest

One or more Active Directory domains that share the same class and attribute definitions (schema), site and replication information (configuration), and forest-wide search capabilities (global catalog). Domains in the same forest are linked with two-way, transitive trust relationships.

functional level

The functional level of a domain or forest defines the set of advanced Active Directory features that are available in that domain or forest. The functional level of a domain or forest also defines the set of Windows operating systems that can run on the domain controllers in that domain or forest.

There are no glossary terms that begin with this letter.

There are no glossary terms that begin with this letter.

There are no glossary terms that begin with this letter.

There are no glossary terms that begin with this letter.

There are no glossary terms that begin with this letter.

There are no glossary terms that begin with this letter.

migration

The process of moving or copying an object from a source domain to a target domain, while preserving or modifying characteristics of the object to make it accessible in the new domain.

migration objects

Domain objects that are moved from the source domain to the target domain during the migration process. Migration objects can be user accounts, service accounts, groups, or computers.

There are no glossary terms that begin with this letter.

There are no glossary terms that begin with this letter.

Password Export Server service

The service used to securely copy account passwords from the source domain to the target domain. When you are migrating accounts and passwords between domains, one source domain controller must have the Password Export Server (PES) installed and configured.

There are no glossary terms that begin with this letter.

resource domain

A domain that is used for hosting file, print, and other application services.

security descriptor

A data structure that contains security information that is associated with a protected object. Security descriptors include information about who owns the object, who can access it and in what way, and what types of access are audited.

security identifier (SID)

A data structure of variable length that identifies user, group, and computer accounts. Every account on a network is issued a unique SID when the account is first created. Internal processes in Windows refer to an account's SID rather than the account's user or group name.

security principal

An account holder that is automatically assigned a SID to control access to resources. A security principal can be a user, group, service, or computer.

See also: security ID (SID)

source domain

The domain from which objects are moved during a migration. When you restructure Active Directory domains between forests, the source domain is an Active Directory domain in a different forest from the target domain.

target domain

The domain to which objects are moved during a migration.

There are no glossary terms that begin with this letter.

There are no glossary terms that begin with this letter.

There are no glossary terms that begin with this letter.

There are no glossary terms that begin with this letter.

There are no glossary terms that begin with this letter.

There are no glossary terms that begin with this letter.