Compaq Advanced Server for OpenVMS
Concepts and Planning Guide


Previous Contents Index

file name: The unique name that identifies a file. See also file extension.

file server: A system that enables a server to allow access to its local resources.

frame: A packet of information transmitted as a single unit. Every frame has the same basic organization and contains control information, such as synchronizing characters, station address, and an error-checking value, as well as a variable amount of data.

full name: A user's complete name, usually consisting of the last name, first name, and middle initial. Under the Advanced Server, the full name can be maintained as part of the information that identifies and defines a user account. See also user account.

full synchronization: Domain synchronization in which the primary domain controller replicates its domain databases (security databases) in their entirety to the backup domain controllers. See also domain synchronization and partial synchronization.

global account: A normal user account in a user's home domain. Most user accounts are global accounts. See also local account and user account.

global group: A user group that can be employed to define permissions and rights for accessing resources in its own domain and in trusting domains. A global group can contain user accounts only from its own domain. Global groups can become members of local groups. Global groups are a mechanism for creating sets of users that are available for use both in the domain where they are created and in other domains. See also group and local group.

group: A collection of user accounts that are called members. The permissions and rights granted to a group are also granted to its members, making groups a convenient way to grant common capabilities to collections of user accounts. See also global group and local group.

group memberships: The groups to which a user account belongs. Permissions and rights granted to a group are also granted to its members. In most cases, the actions a user can perform are determined by the group memberships of the user account through which the user logs on.

group name: A unique name identifying a local or global group to the Advanced Server. A group's name cannot be identical to any other group name or user name of its own domain or workstation. See also group.

guest account: An account on a server that a user without an individual user account can use to access the server's resources.

hidden server: A server that is part of a domain, but that does not appear in the list of servers.

hidden share: A share that is hidden from most network users. Hidden shares include ADMIN$, IPC$, and disk administrative shares. See also shared directory.

home directory: A directory that is accessible to a user and that contains files and programs for the user. A home directory can be assigned to an individual user or can be shared by many users.

Host mapping: The mapping (association) of an OpenVMS user account with an Advanced Server user account. When using external authentication to log on to an OpenVMS account, the host mapping determines the OpenVMS user name. See external authentication.

host system: A computer, such as an OpenVMS system, that runs the server services.

import computers: In directory replication, the servers or workstations that receive copies of the master set of directories from an export server. See also directory replication.

import path: In directory replication, the path to which imported subdirectories, and the files in those subdirectories, are stored on an import computer. See also directory replication.

inherited permissions: Implicit permissions based on permissions assigned to a parent directory. See also permissions.

Internet address: A 32-bit number identifying a host connection on the Internet. An Internet address consists of a network number and host number.

interprocess communications (IPC): Communication among the component processes of a program, between different computers running parts of a single program, or between two programs working together.

IPC$: An administrative resource that controls how interprocess communications operate on servers. A server's IPC$ is automatically shared and cannot be deleted. See also ADMIN$ and C$.

ISO Latin-1: A character set, also called ISO-8859-1. See also extended character sets.

keyword: On PATHWORKS V6 for OpenVMS (Advanced Server) only, a parameter name in the LANMAN.INI file that, with an associated value, establishes some aspect of server configuration.

LAN: Local area network. A self-contained network that offers a high-speed, reliable communications channel. LANs span a limited distance, such as a building or cluster of buildings, but can be connected to WANs with bridge devices. Contrast with WAN.

LAN Manager: A Network Operating System (NOS) from Microsoft that manages network tasks and coordinates communications between clients and servers.

LANMAN.INI file: On PATHWORKS V6 for OpenVMS (Advanced Server) only, an initialization file on each server and client. The values of the keywords in this file determine the option settings for computers on the network.

License Manager: The interface used to manage the Advanced Server License Server. The License Manager provides the ability to manage license groups, set alert levels, set logging levels for licensing events, enable or disable the License Server, and revoke assigned licenses.

License Manager Facility (LMF): The OpenVMS facility that manages the product license database through a callable interface.

License Registrar: A component of the Advanced Server licensing subsystem that runs on the same node as the file server and validates whether a client is licensed to connect to the file server.

License Server: An Advanced Server software program that performs license-related services, such as assigning and verifying licenses.

License Server state file: The database on the system running the License Server. Includes client names, information about the types and quantities of licenses available, and license group information.

list box: In a dialog box, a box that lists available choices such as all the files in a directory. If the available choices do not fit in the viewable portion of the list box, a scroll bar allows users to move up and down the list.

LMHOSTS: LMHOSTS name resolution allows the server to resolve NetBIOS names by looking them up in a local database (the LMHOSTS file) that maps NetBIOS names to TCP/IP addresses. Contrast with WINS and DNS.

local account: A user account provided in a domain for a user whose global account is in a non-trusted domain. Not required where trust relationships exist between domains. See also global account and user account.

local area network: See LAN.

local boot: A process in which a client operating system is loaded and started locally from disk. Contrast with remote boot.

local computer: The workstation or server at which the user or administrator is currently working. Contrast with remote computer.

local group: For a backup domain controller, a user group that can be used to grant permissions and rights only for the servers of its own domain. A local group can contain user account names and global group names both from its own domain and from trusted domains. Local groups are a device for creating sets of users from both inside and outside the domain, to be used only at servers of the domain.

For a member server, a local group is one that can be granted permissions and rights only for the member server. However, it can contain user accounts from its own computer, and user accounts and global groups both from its own domain and from trusted domains. Local groups are a device for creating sets of users from both inside and outside the member server, to be used only at the member server.

See also global group and group.

local printer: A printer that is directly connected to one of the ports on a computer.

local user: The user or administrator working at the local computer.

lockout: A security feature that disables a user account if failed logon attempts exceed a specified limit.

log file: A history file. Advanced Server maintains a system log and optionally enabled security and application logs.

log on: To provide a user name and password to gain access to the network.

logical drive: On a PC, anything given a drive designation (for example, G:) that is not physically located on the system.

logon domain: The domain specified when a user logs on to the local area network.

logon hours: The days and times during which a user can access a server's resources.

logon restrictions: The logon hours during which a user can access a server's resources, and the workstations from which the user can access those resources.

logon script: A batch program containing Advanced Server and operating system commands used to configure workstations. Logon scripts can be written for one or more users. When the user logs on, the logon script is run.

logon script path: The path or location where the logon script is stored, if a logon script is assigned to the user's account.

logon security: A means of verifying the identity of users when they log on to the local area network or wide area network. See also NetLogon service.

logon server: For a domain, the primary domain controller and backup domain controllers. For a user, the server that processes the user's logon request --- typically the server with the lightest load. See also NetLogon service.

logon validation: A process of verifying the identities of users when they log on to the network. See also Netlogon service.

logon workstations: The workstations from which a user is allowed to log on.

Master Browser: The system that maintains an authoritative browse list (the set of information required for the Browser service.) The Master Browser polls for domains, and builds and updates a master browse list of its domain. One or more backup Browsers send requests to the Master Browser to update their own lists.

maximum password age: The period of time a password can be used before the system requires the user to change it. Set in the account policy.

member server: A server in a domain that does not store a copy of the domain's security accounts database and does not validate logon requests. Member servers rely on domain controllers to validate credentials of users requesting access to member server shares. See also backup domain controller and primary domain controller.

message forwarding: The method used to reroute messages from one client or server to another.

minimum password age: The period of time a password must be used before the user can change it. Set in the account policy.

Mixed-mode domain: A Windows 2000 domain that contains both Windows 2000 domain controllers and Windows NT or Compaq Advanced Server domain controllers. Contrast with Native-mode domain.

mount: To make a disk available as a shared disk to users on a network.

multi-master domain controller model: The model of domain security management implemented by pure Windows 2000 environments. Changes to the security accounts database can be made on any domain controller. Any domain controller can be the replicator, sending copies of the updated security accounts database to the other domain controllers. This model contrasts with the primary/backup domain controller model used by the Advanced Server and Windows NT Servers, in which changes must be made on the primary domain controller first, which replicates the changes to the backups.

named pipe: An interprocess communication mechanism that allows one process to communicate with another local or remote process.

Native-mode domain: A Windows 2000 domain whose domain controllers are Windows 2000 systems exclusively. Contrast with Mixed-mode domain.

NetLogon service: Performs authentication of domain logons, and keeps the domain's database synchronized between the primary domain controller and the backup domain controllers in the domain. See also security accounts database.

NetBEUI: A network transport on the Advanced Server. The term NetBEUI is derived from NetBIOS Extended User Interface.

NetBIOS: Network Basic I/O System interface device driver and transport interface developed by Microsoft and IBM, that allows applications on different computers to communicate within a local area network. In a wide area network, the Advanced Server can use NetBIOS with TCP/IP (in conjunction with LMHOSTS, WINS, or DNS for name resolution) to enable applications to communicate over the network.

network: A group of servers, clients, and devices connected to each other by communications lines in order to share information and resources.

network adapter (or network controller or network interface card): A combination of hardware, firmware, and software that controls the transmission and reception of data between a workstation or server and the network.

network controller: See network adapter.

network directory: See shared directory.

network path: The computer name of a server followed by the share name of a shared resource and, optionally, a relative path. See also Universal Naming Convention.

node: An individual computer, such as a server or client, that can communicate with other computers in a network.

NOS: Network Operating System. See Advanced Server.

NT File System (NTFS): Windows NT file system. A file system designed for use specifically within the Windows NT operating system.

object type: An entity shared by the server, such as a file, directory, or printer.

ODS-2: The traditional OpenVMS file system (On-Disk Structure), which is based on the Files-11 disk structure.

ODS-5: The optional extended file system supported on OpenVMS systems (beginning with Version 7.2) which provides Extended File Specifications and deep directories.

On-Disk Structure (ODS): The structure of applications and files maintained by the Advanced Server.

OpenVMS Registry: A system-wide hierarchical database of configuration information about hardware and software (both the operating system and applications). The Advanced Server for OpenVMS software relies on the OpenVMS Registry to store and reference server configuration parameters. In previous versions of the server software --- for example, PATHWORKS for OpenVMS servers --- the LANMAN.INI file is used to store server parameters. The OpenVMS Registry is similar to the Windows NT Registry. See also server configuration parameters.

operator privilege: The privilege granted to a user that allows the user to perform certain administrative tasks.

partial synchronization: Domain synchronization in which the primary domain controller replicates to a backup domain controller only those elements in their domain databases (security databases) that have been changed since the last time a domain synchronization occurred. See also domain synchronization and full synchronization.

partition: A virtual division of a physical disk that functions as though it were a physically separate unit.

pass-through authentication: In a trust relationship, a user with an account in one domain can access resources provided by another domain that trusts the user's domain. See also external authentication.

path: Specifies the location of a file within the directory structure. For example, to specify the path of a file in the WINDOWS directory on drive C, a user types C:\WINDOWS\.

path name: A path that ends in a file name. A path specifies a directory; a path name specifies a file. For example, to specify the path name of a file named README.WRI located in the WINDOWS directory on drive C, a user types C:\WINDOWS\README.WRI.

pause: To suspend a service. When a service is paused, current requests are not stopped, but new requests are not allowed.

PC: Personal computer. See client.

permissions: Settings that define the type of access a user has, and the actions a user can take, with regard to specific objects. Permissions apply to these types of objects: shares, printers, directories and the files in them. Special access combines permissions for directory and file access.

personal share: A share typically used for sharing a user's OpenVMS login directory, pointing to the root directory of the user's OpenVMS account. Personal shares are unique in that they are hidden shares (they will not appear in the list of shares users can display, such as in Network Neighborhood), but their names do not end with a dollar sign ($). Thus, when a user wishes to map a drive to their OpenVMS login directory, they specify their personal share name (typically the same as their username) without having to include a dollar sign in the share name. See also shared directory.

personal computer: See client.

pipe: See named pipe.

port: A connection or socket used to connect a device, such as a printer, monitor, or modem, to a computer.

primary domain controller (PDC): The server that maintains the master copy of the domain's security accounts database. The primary domain controller also validates logon requests. Contrast with backup domain controller, member server.

printer driver: A program that controls how a computer and printer interact. See also device driver.

printer fonts: Fonts that are built into a printer. These fonts are usually located in the printer's read-only memory (ROM).

print queue: A list of print jobs waiting to be sent to a printer or pool of printers. The Advanced Server print queue can be either a printer queue or routing queue. See also printer queue, routing queue.

printer queue: A print queue that points directly to a physical printer. It is equivalent to an OpenVMS execution queue. See also print queue. Contrast with routing queue.

print share: See shared printer.

priority level: An attribute assigned to each print queue that determines which job is processed first when several queues are trying to access the same printer at the same time.

privilege: See user privilege.

privilege level: A characteristic of a user group that defines the range of actions that members can perform on the network. See also permissions.

Product Authorization Key (PAK): The vehicle for delivering Compaq product licenses. A PAK authorizes the use of the licensed software, identifies the license type, and represents either one or multiple licenses.

profile: See user profile.

program file: A file that starts an application or program.

program group: A collection of applications on a PC. Grouping applications makes them easier to find when a user wants to start them.

program-item icon: An application, accessory, or document represented as an icon in a group window on a PC.

protocol: A set of rules that governs the format and timing of messages sent and received over a communications link. For example, DECnet and TCP/IP are network protocols. See also transport.

radio button: In a dialog box, an indicator that the user can select or clear, where only one selection is allowed. Contrast with check box.

record management services (RMS): An OpenVMS file management system that offers more sophisticated features than the default system. RMS supports three forms of file organization and three forms of file access. See also On-Disk Structure.

refresh: To update displayed information with current data.

Registry server: The OpenVMS Registry server controls all OpenVMS Registry operations, such as creating and backing up the OpenVMS Registry database, and creating, displaying, modifying, or deleting keys and values. See also OpenVMS Registry.

remote administration: Administration of one computer by an administrator logged on at another computer that is connected to the first computer across the network.

remote boot: The process by which a client's operating system is loaded and started remotely from a server's disk. Contrast with local boot.

Remote Boot service: A LAN Manager service that provides software support for starting workstations over the local area network.

remote computer: A server or workstation that is available over the network. Contrast with local computer.

remote procedure call (RPC): A call from a distributed application for services available on various computers in a network. An RPC is used during remote administration of computers.

replication: See directory replication.

resource: Any disk drive or directory, printer, modem, image scanner, or other object that a server can share over a network. See also shared resource.

revision level: A revision identifier that is built into many Advanced Server structures, such as security descriptors and access control lists (ACLs). This identifier enables a structure to be passed between systems or stored on disk even though it is expected to change in the future.

rights: Authorization of a user to perform certain actions on the system. Rights apply to users and groups on a system-wide basis and are different from permissions, which apply to specific objects. Contrast with permissions.

routing queue: An Advanced Server print queue that points to several printer queues to distribute printer workload among several like printers. Equivalent to an OpenVMS generic queue. A print job is routed to the first available printer through that printer's queue. See print queue. Contrast with printer queue.

SAM: Security account manager. An Advanced Server protected subsystem that maintains the server security accounts database. Includes security information (such as user account names and passwords) and the settings of the security policies.

SAM database: See security accounts database.

scroll: To move through text or graphics (up, down, left, or right) to see parts of the file that cannot fit on the screen.

scroll bar: A bar that appears at the right or bottom edge of a window or list box that enables users to view contents that are not completely visible. See also scroll.

security: A method of controlling access to network resources.

security accounts database: The file that contains security information such as user accounts and passwords, and groups, and the settings of the security policies. This domain-wide database is stored on all domain controllers and used for logon validation. The master domain-wide security accounts database is stored on the primary domain controller; backup domain controllers store a copy of the master database. The backup domain controller copies are synchronized with the master copy on the primary domain controller. On the Advanced Server, the security accounts database is managed with the ADMINISTER command interface.

Also referred to as the SAM database, security database, or domain database. See also logon validation, Netlogon service.

security database: See security accounts database.

security ID (SID): A unique value that identifies a user to the security system. Security IDs (SIDs) can identify one user or a group of users. Server SIDs identify servers within the network, enabling the network to recognize the primary domain controller.

security log: A file that records security events. See also event.

security policies: A selection of security models. For an Advanced Server domain, the security policies consist of the Account, User Rights, Audit, and Trust Relationships policies.

security token: See access token.

separator page: One or more cover sheets generated before a print job; also called a banner page.

server: A computer on the network that provides access to resources such as files, printers, and communications devices. Contrast with client.

server configuration parameters: Parameter names used by the Advanced Server to define certain aspects of the server configuration. The Advanced Server for OpenVMS server configuration parameters are stored in the OpenVMS Registry. Previous versions of the server software --- for example, PATHWORKS for OpenVMS servers --- use the LANMAN.INI file to store server parameters.

Server service: The Advanced Server software component that enables a computer to share resources on the network and that provides administrators with tools for controlling and monitoring resource use.

server-based license: A license assigned on a first-come, first-served basis that allows a client to access the resident file server only. Often referred to as a "concurrent use" license. Contrast with client-based license.


Previous Next Contents Index