Windows Server 2003 Glossary - D

Applies To: Windows Server 2000, Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

For more Windows Server terms, see the Windows Server 2008 Glossary.

Glossary - D

#  A  B  C  D  E  F  G  H  I  J  K  L  M  N  O  P  Q  R  S  T  U  V  W  X  Y  Z


See other term: discretionary access control list (DACL)  

daily backup

A backup that copies all selected files that have been modified the day the daily backup is performed. The backed-up files are not marked as having been backed up (in other words, the archive attribute is not cleared).

See also: copy backup   differential backup   incremental backup   normal backup   

Data Communications Equipment (DCE)

One of two types of hardware that are connected by an RS-232-C serial connection, the other being a Data Terminal Equipment (DTE) device. A DCE is an intermediary device that often transforms input from a DTE before sending it to a recipient. A modem, for example, is a DCE that modulates data from a microcomputer (DTE) and sends it along a telephone connection.

See also: Data Terminal Equipment (DTE)   RS-232-C standard   

Data Encryption Standard (DES)

An encryption algorithm that uses a 56-bit key and maps a 64-bit input block to a 64-bit output block. The key appears to be a 64-bit key, but one bit in each of the eight bytes is used for odd parity, resulting in 56 bits of usable key.

See also: key   

data fork

One of two forks (resource fork and data fork) that make up each Macintosh file. The data fork holds most of the file's information and is shared between Macintosh and personal computer clients.

See also: resource fork   

data integrity

A property of secure communications that allows a computer to verify that data has not been modified in transit from its source. For example, Internet Protocol security (IPSec)-protected data contains a cryptographic checksum that incorporates a secret key that is known only to the IPSec peers that are communicating. An intermediate node can modify the data, but without knowledge of the secret key, the node cannot recompute a correct cryptographic checksum.

See also: cryptographic checksum   Internet Protocol security (IPsec)   

An address that uniquely identifies a node on a network. Every network adapter has a DLC address or DLC identifier (DLCI). Some network protocols, such as Ethernet and Token Ring, use DLC addresses exclusively. Other protocols, such as TCP/IP, use a logical address at the OSI Network layer to identify nodes. However, all network addresses must eventually be translated to DLC addresses. In TCP/IP networks, this translation is performed by the Address Resolution Protocol (ARP).

See also: Address Resolution Protocol (ARP)   node   Open Systems Interconnection (OSI) reference model   

data origin authentication

A property of secure communications that allows a computer to verify that data originated from a valid source. For example, IPSec-protected data contains a cryptographic checksum that incorporates a secret key that is known only to the IPSec peers that are communicating. An invalid source can send data, but without knowledge of the secret key, the source cannot compute a correct cryptographic checksum.

See also: cryptographic checksum   cryptography   encryption   Internet Protocol security (IPsec)   key   

Data Terminal Equipment (DTE)

In the RS-232-C hardware standard, any device, such as a remote access server or client, that has the ability to transmit information in digital form over a cable or a communications line.

See also: Data Communications Equipment (DCE)   remote access server   RS-232-C standard   


One packet, or unit, of information that includes relevant delivery information, such as the destination address, that is sent through a packet-switching network.

See also: packet   

data-overrun error

A state in which the sending computer is transmitting characters faster than the receiving computer can accommodate them. If this problem persists, reduce the bits-per-second (bps) rate.

See also: bits per second (bps)   


A Windows Support Tool that analyzes the state of domain controllers in a forest or enterprise and provides detailed information about how to identify abnormal behavior in a system. Domain controllers are identified and tested according to directives entered by the user at the command line. Also known as Domain Controller Diagnostic Tool.

See also: Command Prompt window   domain controller   


See other term: Data Communications Equipment (DCE)  


A separate channel of an Integrated Services Digital Network (ISDN) line that is used for ISDN signaling. For ISDN Basic Rate Interface (BRI), the D-channel is 16 kilobits per second (Kbps). For ISDN Primary Rate Interface (PRI), the D-channel is 64 Kbps. Also called data channel.

See also: Integrated Services Digital Network (ISDN)   switch type   


See other term: Distributed Component Object Model (DCOM)  


See other term: dynamic data exchange (DDE)  

dead-letter queue

For Message Queuing, a queue that stores nontransactional messages that are undeliverable or expired. These queues store failed messages on the computer on which the message expired. Messages in these queues are written to disk and are therefore recoverable.

See also: Message Queuing   queue   transactional dead-letter queue   transactional message   


A program designed to aid in detecting, locating, and correcting errors in another program by allowing the programmer to step through the program, examine the data, and monitor conditions such as the values of variables.

See also: variable   

dedicated adapter

The network adapter that, when using multiple network adapters in each host of a Network Load Balancing cluster, handles network traffic not related to cluster operations (the traffic for individual hosts on the network). This adapter is programmed with the host`s dedicated IP address.

See also: cluster adapter   IP address   Network Load Balancing   

dedicated connection

A communications channel that connects two or more geographic locations. Dedicated connections are private or leased lines, rather than public lines.

See also: channel   

dedicated IP address

The IP address of a Network Load Balancing host used for network traffic that is not associated with the Network Load Balancing cluster (for example, Telnet access to a specific host within the cluster). This IP address is used to individually address each host in the cluster and therefore should be unique for each host.

See also: host   IP address   Network Load Balancing   Network Load Balancing cluster   

default button

In some dialog boxes, the command button that is selected or highlighted when the dialog box is initially displayed. The default button has a bold border, indicating that it will be chosen automatically if you press ENTER. You can override a default button by clicking Cancel or another command button.

default host

The host with the highest host priority for which a drainstop command is not in progress. After convergence, the default host handles all of the network traffic for Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports that are not otherwise covered by port rules.

See also: convergence   drainstop   host   host priority   port rule   User Datagram Protocol (UDP)   

default network

In the Macintosh environment, the physical network on which the processes of a server reside as nodes and on which the server appears to users. The default network of the server must be one to which that server is attached. Only servers on AppleTalk Phase 2 internets have default networks.

See also: AppleTalk Phase 2   Internet   node   

default printer

The printer to which a computer sends documents if you select the Print command without first specifying which printer you want to use with a program. You can have only one default printer; it should be the printer you use most often.

See also: printer   

default security level

For software restriction policies, the default setting that defines whether software in a Group Policy object (GPO) is allowed to run. Exceptions can be made to the default security level by means of software restriction policies rules.

See also: Group Policy object (GPO)   software restriction policies   software restriction policies rule   

default tree and context

The position of a User object in the file system of a Novell Directory Services (NDS) tree on a Novell NetWare network. The default tree and context is the default logon location in an NDS tree for a Microsoft Windows computer that is running Client Service for NetWare.

See also: Client Service for NetWare   Novell Directory Services (NDS)   object   

default user

The profile that serves as a basis for all user profiles. Every user profile begins as a copy of the default user profile.

See also: user profile   

default zone

The zone to which all Macintosh clients on the network are assigned by default.

See also: zone   


The process of rewriting parts of a file to contiguous sectors on a hard disk to increase the speed of access and retrieval. In Active Directory, defragmentation rearranges how the data is written in the directory database file to compact it.

See also: Active Directory   fragmentation   

delegated authentication

A method of authentication by which a trusted server (or service) is enabled to act as the client when it connects to third-tier application resources.

See also: authentication   client   server   service   


An assignment of administrative responsibility to a user, computer, group, or organization. For Active Directory, an assignment of responsibility that allows users without administrative credentials to complete specific administrative tasks or to manage specific directory objects. Responsibility is assigned through membership in a security group, the Delegation of Control Wizard, or Group Policy settings. For DNS, an assignment of responsibility for a DNS zone. Delegation occurs when a name server (NS) resource record in a parent zone lists the DNS server that is authoritative for a child zone.

See also: Active Directory   administrative credentials   DNS server   Domain Name System (DNS)   Group Policy   security group   zone   

delta CRL

A document that lists certificates that have been revoked after the last full certificate revocation list (CRL) has been published. Delta CRLs are maintained and published by a certification authority (CA), and they are normally much smaller than a full CRL.

See also: certificate revocation list (CRL)   certification authority (CA)   

demand-dial connection

A connection, typically using a circuit-switched wide area network link, that is initiated when data needs to be forwarded. The demand-dial connection is typically terminated when there is no traffic.

See also: wide area network (WAN)   

demand-dial routing

Routing that makes dial-up connections to connect networks based on need. For example, a branch office with a modem that dials and establishes a connection only when there is network traffic from one office to another.

See also: dial-up connection   modem (modulator/demodulator)   

demilitarized zone (DMZ)

See other term: perimeter network  

denial-of-service attack

A situation in which a person exploits a weakness or a design limitation of a network service to overload or halt the service, so that the service is not available for use. This type of attack is typically started to prevent other users from using a network service such as a web server or a file server.

See also: service   Web server   


A relationship of reliance between two resources that makes it necessary for them to run in the same group on the same node. For example, an application is dependent on the disks that contain its data resources.

See also: node   resource   

dependency tree

A diagram for visualizing the dependency relationships between resources.

See also: dependency   resource   

dependent client

For Message Queuing, a computer that requires synchronous access to a Message Queuing server to perform all standard message queuing operations, such as sending and receiving messages and creating queues.

See also: independent client   Message Queuing server   


See other term: Data Encryption Standard (DES)  

descendent key

All the subkeys that appear when a key in the registry is expanded. A descendent key is the same as a subkey.

See also: key   subkey   


The on-screen work area on which windows, icons, menus, and dialog boxes appear.

desktop pattern

A design that appears across your desktop. You can create your own pattern or select a pattern provided by Windows.

See also: desktop   

destination document

The document into which a package or a linked or embedded object is being inserted. For an embedded object, this is sometimes also called the container document.

See also: embedded object   

details pane

The right pane in Microsoft Management Console (MMC) that displays details for the selected item in the console tree. The details can be a list of items or they can be administrative properties, services, and events that are acted on by a snap-in.

See also: console tree   Microsoft Management Console (MMC)   service   snap-in   


Any piece of equipment that can be attached to a network or computer, for example, a computer, printer, joystick, adapter, or modem card, or any other peripheral equipment. Devices normally require a device driver to function with Windows. For Windows licensing, devices can be electronic equipment such as computers, workstations, terminals, and handheld computers that can access or use the services of Windows operating systems, including file sharing, print sharing, remote access, and authentication.

See also: device driver   

device conflict

A conflict that occurs when the same system resources have been allocated to two or more devices. System resources include interrupt request (IRQ) lines, direct memory access (DMA) channels, input/output (I/O) ports, and memory addresses.

See also: direct memory access (DMA)   input/output (I/O) port   interrupt request (IRQ) lines   memory address   resource   

device driver

Software that allows Windows to communicate with a specific hardware device. Before Windows can use any new hardware, a device driver must be installed.

See also: device   signed driver   unsigned driver   Windows Catalog   

device fonts

See other term: printer fonts  

Device Manager

An administrative tool that you can use to manage the devices on your computer. Using Device Manager, you can view and change device properties, update device drivers, configure device settings, and uninstall devices.

See also: device   uninstall   


See other term: Distributed File System (DFS)  

An element in the Distributed File System (DFS) namespace that lies below the root and maps to one or more targets, each of which corresponds to a shared folder or another DFS root.

See also: DFS root   Distributed File System (DFS)   domain DFS   

DFS namespace

A namespace consisting of a root and many links and targets. The namespace starts with a root that maps to one or more root targets. Below the root are links that map to their own targets. The Distributed File System (DFS) namespace provides the user with a logical view of distributed network shares.

See also: Distributed File System (DFS)   root   

DFS path

The combination of a Distributed File System (DFS) root and a DFS link. An example of a DFS path is \\server\dfs\a\b\c\link, where \\server\dfs is the DFS root, and \a\b\c\ is the DFS link.

See also: DFS link   DFS root   Distributed File System (DFS)   

DFS root

The starting point of the Distributed File System (DFS) namespace. The root is often used to refer to the namespace as a whole. A root maps to one or more root targets, each of which corresponds to a shared folder on a server.

See also: DFS link   DFS namespace   Distributed File System (DFS)   

DFS topology

The overall logical hierarchy of the Distributed File System (DFS), including elements such as roots, links, shared folders, and replica sets, as depicted in the DFS administrative console. This is not to be confused with the DFS namespace, which is the logical view of shared resources seen by users.

See also: DFS link   DFS namespace   DFS root   Distributed File System (DFS)   domain DFS   


See other term: Dynamic Host Configuration Protocol (DHCP)  

DHCP acknowledgment message (DHCPACK)

A message sent by the DHCP server to a client to acknowledge and complete a client`s request for leased configuration. This message will contain a committed IP address for the client to use for a stated period of time along with other optional client parameters. The DHCP acknowledgment message name is DHCPACK.

See also: DHCP server   Dynamic Host Configuration Protocol (DHCP)   

DHCP class identifier

A special reserved option type used by DHCP clients to optionally identify membership in a specific DHCP option class, either a vendor or user class. For vendor class identification, hardware vendors can choose to predefine specific identifier values; for example, to identify a client`s hardware configuration. For user class identification, values can be defined administratively to identify a logical group of DHCP clients, such as all clients in a particular building and floor location.

See also: DHCP client   DHCP option   Dynamic Host Configuration Protocol (DHCP)   

DHCP client

Any network-enabled device that supports the ability to communicate with a DHCP server for the purpose of obtaining dynamic leased IP configuration and related optional parameters information.

See also: DHCP server   Dynamic Host Configuration Protocol (DHCP)   lease   

DHCP client alternate configuration

An alternate static configuration option for TCP/IP network connections that provides simplified computer migration between networks.

See also: Transmission Control Protocol/Internet Protocol (TCP/IP)   

DHCP decline message (DHCPDECLINE)

A message sent by a DHCP client to the DHCP server to decline the offer of an IP address on the network. This message is used when the client detects a potential conflict because the IP address is found to be already in use on the network. The DHCP decline message name is DHCPDECLINE.

See also: DHCP client   DHCP server   Dynamic Host Configuration Protocol (DHCP)   

DHCP information message (DHCPINFORM)

A reserved DHCP message type used by computers on the network to request and obtain information from a DHCP server for use in their local configuration. When this message type is used, the sender is already externally configured for its IP address on the network, which may or may not have been obtained using DHCP. The DHCP information message name is DHCPINFORM.

See also: DHCP server   Dynamic Host Configuration Protocol (DHCP)   

DHCP negative acknowledgment message (DHCPNAK)

A message sent by a DHCP server to a client to indicate that the IP address that the client requested is not correct for the local IP network served by the DHCP server. This message is most often used when the client computer was moved to a new location, but it could also indicate that the client`s lease with the server has expired. The DHCP negative acknowledgment message name is DHCPNAK.

See also: DHCP server   Dynamic Host Configuration Protocol (DHCP)   lease   

DHCP offer message (DHCPOFFER)

A message used by DHCP servers to offer the lease of an IP address to a DHCP client when it starts on the network. When this message is used, a client can receive more than one offer if multiple DHCP servers are contacted during the DHCP discovery phase, but the client will typically select the first address it is offered. The DHCP offer message name is DHCPOFFER.

See also: DHCP client   DHCP server   Dynamic Host Configuration Protocol (DHCP)   

DHCP option

Address configuration parameters that a DHCP service assigns to clients. Most DHCP options are predefined, based on optional parameters defined in Request for Comments (RFC) 1542, although extended options can be added by vendors or users.

See also: DHCP service   Dynamic Host Configuration Protocol (DHCP)   

DHCP release message (DHCPRELEASE)

A message sent by clients to the DHCP server to indicate release of its leased IP address. The client uses this message to cancel its currently active lease. You can perform address release manually using the ipconfig /release command at a command prompt. The DHCP release message name is DHCPRELEASE.

See also: DHCP server   Dynamic Host Configuration Protocol (DHCP)   lease   

DHCP request message (DHCPREQUEST)

A message sent by clients to the DHCP server to request or renew lease of its IP address. The client uses this message to select and request a lease from a specific DHCP server, to confirm a previously leased IP address after the client system is restarted, or to extend the current IP address lease for the client. The DHCP request message name is DHCPREQUEST.

See also: DHCP server   Dynamic Host Configuration Protocol (DHCP)   lease   

DHCP server

A computer running the Microsoft DHCP service that offers dynamic configuration of IP addresses and related information to DHCP-enabled clients.

See also: DHCP service   Dynamic Host Configuration Protocol (DHCP)   IP address   

DHCP service

A service that enables a computer to function as a DHCP server and configure DHCP-enabled clients on a network. DHCP runs on a server, enabling the automatic, centralized management of IP addresses and other TCP/IP configuration settings for network clients.

See also: Dynamic Host Configuration Protocol (DHCP)   IP address   service   

DHCP service resource

A resource type that provides DHCP services from a cluster.

See also: cluster   Dynamic Host Configuration Protocol (DHCP)   

DHCP/BOOTP Relay Agent

The agent program or component responsible for relaying Dynamic Host Configuration Protocol (DHCP) and bootstrap protocol (BOOTP) broadcast messages between a DHCP server and a client across an Internet Protocol (IP) router. A DHCP relay agent supports DHCP/BOOTP message relay as defined in RFCs 1541 and 2131. The DHCP Relay Agent routing protocol component is managed using the Routing and Remote Access snap-in.

See also: bootstrap protocol (BOOTP)   DHCP server   Dynamic Host Configuration Protocol (DHCP)   Request for Comments (RFC)   


See other term: DHCP acknowledgment message (DHCPACK)  


See other term: DHCP decline message (DHCPDECLINE)  


See other term: DHCP information message (DHCPINFORM)  


See other term: DHCP negative acknowledgment message (DHCPNAK)  


See other term: DHCP offer message (DHCPOFFER)  


See other term: DHCP release message (DHCPRELEASE)  


See other term: DHCP request message (DHCPREQUEST)  

dial location

The country code, area code, and specific dialing requirements for the place you are dialing from. Once you have created a dial location, you can select it to apply the dialing requirements to all your calls. To change dialing locations, select or create a different one.

dial-in constraints

Settings in a remote access policy that permit or deny access to remote access clients.

See also: remote access policy   

dial-up connection

The connection to your network if you use a device that uses the telephone network. This includes modems with a standard telephone line, ISDN cards with high-speed ISDN lines, or X.25 networks. If you are a typical user, you might have one or two dial-up connections, for example, to the Internet and to your corporate network. In a more complex server situation, multiple network modem connections might be used to implement advanced routing.

See also: Integrated Services Digital Network (ISDN)   modem (modulator/demodulator)   

dial-up line

A standard dial-up connection, such as telephone and Integrated Services Digital Network (ISDN) lines. Also called switched circuit.

See also: Integrated Services Digital Network (ISDN)   

differential backup

A backup that copies files created or changed since the last normal or incremental backup. It does not mark files as having been backed up (in other words, the archive attribute is not cleared). If you are performing a combination of normal and differential backups, restoring files and folders requires that you have the last normal as well as the last differential backup.

See also: copy backup   daily backup   incremental backup   normal backup   

differential data

Saved copies of changed data that can be applied to an original volume to generate a volume shadow copy.

See also: volume   volume shadow copy   

Diffie-Hellman key agreement protocol

A cryptographic mechanism that allows two parties to establish a shared secret key without having any preestablished secrets between them. Diffie-Hellman is frequently used to establish the shared secret keys that are used by common applications of cryptography, such as Internet Protocol security (IPSec). It is not normally used for data protection.

See also: cryptography   Internet Protocol security (IPsec)   key   


See other term: Digest authentication  

Digest Access protocol

A lightweight authentication protocol for parties involved in communications that are based on Hypertext Transfer Protocol (HTTP) or Simple Authentication and Security Layer (SASL).

Digest authentication

An authentication mechanism that hashes user name, password, and other data before transmitting it over the network.

See also: authentication   Basic authentication   encryption   hash   password   user name   

digital signature

Data that binds a sender's identity to the information being sent. A digital signature may be bundled with any message, file, or other digitally encoded information, or transmitted separately. Digital signatures are used in public key environments and provide authentication and integrity services.

Digital Signature Standard (DSS)

A standard that uses the Digital Signature Algorithm (DSA) for its signature algorithm and Secure Hash Algorithm (SHA-1) as its message hash algorithm. DSA is a public-key cipher that is used only to generate digital signatures and cannot be used for data encryption.

See also: Secure Hash Algorithm (SHA-1)   

digital subscriber line (DSL)

A special communication line that uses modulation technology to maximize the amount of data that can be sent over a local-loop, copper-wire connection to a central phone office. DSL is used for connections from telephone switching stations to a subscriber rather than between switching stations.

digital video disc (DVD)

A type of optical disc storage technology. A digital video disc (DVD) looks like a CD-ROM disc, but it can store greater amounts of data. DVDs are often used to store full-length movies and other multimedia content that requires large amounts of storage space.

See also: DVD decoder   DVD drive   

direct cable connection

A link between the input/output (I/O) ports of two computers created with a single cable rather than a modem or other interfacing devices. In most cases, a direct cable connection is made with a null modem cable.

See also: input/output (I/O) port   null modem cable   

direct hosting

For Microsoft networking, the sending of file and print sharing traffic using the Server Message Block (SMB) protocol (also known as the Common Internet File System (CIFS) protocol) without the use of network basic input/output system (NetBIOS). Direct hosting for the Microsoft redirector (the Workstation service) and file server (the Server service) is supported over both TCP/IP and Internetwork Packet Exchange (IPX). Although direct hosting may be more efficient, a direct hosting client can connect only to a direct hosting server.

See also: Internetwork Packet Exchange (IPX)   network basic input/output system (NetBIOS)   NWLink IPX/SPX/NetBIOS Compatible Transport Protocol (NWLink)   Server Message Block (SMB)   Transmission Control Protocol/Internet Protocol (TCP/IP)   

direct memory access (DMA)

Memory access that does not involve the microprocessor. DMA is frequently used for data transfer directly between memory and a peripheral device such as a disk drive.

See also: hardware configuration   


An information source that contains information about users, computer files, or other objects. In a file system, a directory stores information about files. In a distributed computing environment (such as a Windows domain), the directory stores information about objects such as printers, fax servers, applications, databases, and other users.

See also: domain   object   

directory database

The physical storage for each replica of Active Directory. Also called the store.

See also: Active Directory   replica   

directory partition

A contiguous subtree of Active Directory that is replicated as a unit to other domain controllers in the forest that contain a replica of the same subtree. In Active Directory, a single domain controller always holds at least three directory partitions: schema (class and attribute definitions for the directory), configuration (replication topology and related metadata), and domain (subtree that contains the per-domain objects for one domain). Domain controllers running Windows Server 2003 can also store one or more application directory partitions.

See also: Active Directory   application directory partition   attribute   domain   global catalog   replica   replication   schema   

directory service

Both the directory information source and the service that makes the information available and usable. A directory service enables the user to find an object when given any one of its attributes.

See also: Active Directory   attribute   directory   object   

Directory Services Markup Language (DSML)

An open, extensible, standards-based format for publishing directory service schemas and exchanging directory contents.

directory store

The physical storage for Active Directory directory partition replicas on a specific domain controller. The store is implemented using the Extensible Storage Engine.

See also: Active Directory   directory partition   domain controller   replica   


An extension of the Microsoft Windows operating system. DirectX technology helps games and other programs use the advanced multimedia capabilites of your hardware.

dirty bit

A bit that is used to mark modified data in a cache so that the modifications may be carried over to primary memory. For Windows file systems, a bit that is used to indicate that the file system is in an inconsistent and possibly corrupted state. When it is set, the file system`s dirty bit triggers the chkdsk command to run when the computer is restarted.

See also: bit (binary digit)   file system   


To make a device nonfunctional. For example, if you disable a device in a hardware configuration, you cannot use the device when your computer uses that hardware configuration. Disabling a device frees the resources that were allocated to the device.

See also: device   enable   hardware configuration   

discretionary access control list (DACL)

The part of an object`s security descriptor that grants or denies specific users and groups permission to access the object. Only the owner of an object can change permissions granted or denied in a DACL; thus, access to the object is at the owner`s discretion.

See also: access control entry (ACE)   distribution group   object   security descriptor   security group   system access control list (SACL)   


A storage device that is attached to a computer.

See also: basic disk   dynamic disk   

disk configuration information

Information in the Windows registry on assigned drive letters, simple volumes, striped volumes, mirrored volumes, spanned volumes, and RAID-5 volumes. You can change the disk configuration by using Disk Management.

See also: mirrored volume   RAID-5 volume   registry   simple volume   spanned volume   striped volume   volume   

disk mirroring

A set of software processes that maintains a backup copy of a volume at all times. Each mirror of a volume resides on a different disk; ideally, each disk has its own controller. If one mirror becomes unavailable (due to a disk failure, for example), you can use the other mirror to gain access to the volume`s data.

See also: mirror   volume   


To remove a removable tape or disc from a drive.

See also: library   mount   

display adapter

See other term: video adapter  

display password

A password that allows the user to open only previously saved capture (.cap) files.

See also: capture password   password   

distinguished name

A name that uniquely identifies an object by using the relative distinguished name for the object, plus the names of container objects and domains that contain the object. The distinguished name identifies the object as well as its location in a tree. Every object in Active Directory has a distinguished name. A typical distinguished name might be CN=MyName,CN=Users,DC=Microsoft,DC=Com. This identifies the MyName user object in the domain.

See also: Active Directory   container object   domain   object   relative distinguished name   

Distinguished Name Tag (DNT)

An integer column that is maintained by the Extensible Storage Engine (ESE). Domain controllers use DNTs when they create objects, either locally or through replication. Each domain controller creates and maintains its own unique DNTs when it creates objects. DNTs are not shared or replicated between domain controllers. A domain controller can create a maximum of approximately 2 billion DNTs over its lifespan. Domain controllers that are installed with the Install from Media (IFM) option inherit the DNT values from the domain controller that was used to create the IFM backup. Therefore, using IFM installations can reduce the total number of DNTs that the newly installed domain controller can create over its lifespan, depending on the number of objects that are created by the domain controller from which the IFM backup was created.

Distributed Component Object Model (DCOM)

The Microsoft Component Object Model (COM) specification that defines how components communicate over Windows-based networks. Use the DCOM Configuration tool to integrate client/server applications across multiple computers. DCOM can also be used to integrate robust Web browser applications.

See also: Component Object Model (COM)   

Distributed File System (DFS)

A service that allows system administrators to organize distributed network shares into a logical namespace, enabling users to access files without specifying their physical location and providing load sharing across network shares.

See also: service   

distribution group

A group that is used solely for e-mail distribution and that is not security-enabled. Distribution groups cannot be listed in discretionary access control lists (DACLs) used to define permissions on resources and objects. Distribution groups can be used only with e-mail applications (such as Microsoft Exchange) to send e-mail to collections of users. If you do not need a group for security purposes, create a distribution group instead of a security group.

See also: discretionary access control list (DACL)   security group   


See other term: Data Link Control (DLC)  


See other term: dynamic-link library (DLL)  


See other term: direct memory access (DMA)  


See other term: perimeter network  


See other term: Domain Name System (DNS)  

DNS client

A client computer that queries DNS servers in an attempt to resolve DNS domain names. DNS clients maintain a temporary cache of resolved DNS domain names.

See also: client   DNS server   Domain Name System (DNS)   

DNS dynamic update protocol

See other term: dynamic update  

DNS Security Extensions (DNSSEC)

DNS extensions that use digital signatures to provide data authentication and integrity to compliant DNS resolvers and applications.

See also: authentication   Domain Name System (DNS)   resolver   resource record (RR)   secure zone   

DNS server

A server that maintains information about a portion of the DNS database and that responds to and resolves DNS queries.

See also: DNS client   Domain Name System (DNS)   server   

DNS suffix

For DNS, a character string that represents a domain name. The DNS suffix shows where a host is located relative to the DNS root, specifying a host's location in the DNS hierarchy. Usually, the DNS suffix describes the latter portion of a DNS name, following one or more of the first labels of a DNS name.

See also: domain name   Domain Name System (DNS)   

DNS zone

In a DNS database, a contiguous portion of the DNS tree that is administered as a single, separate entity by a DNS server. The zone contains resource records for all the names within the zone.

See also: DNS server   Domain Name System (DNS)   resource record (RR)   


See other term: DNS Security Extensions (DNSSEC)  

docking station

A unit for housing a portable computer that contains a power connection, expansion slots, and connections to peripherals, such as a monitor, printer, full-sized keyboard, and mouse. The docking station turns the portable computer into a desktop computer.


Any self-contained piece of work created with an application program and, if saved on disk, given a unique file name by which it can be retrieved.

See also: filter   property cache   


In Active Directory, a collection of computer, user, and group objects defined by the administrator. These objects share a common directory database, security policies, and security relationships with other domains. In DNS, any tree or subtree within the DNS namespace. Although the names for DNS domains often correspond to Active Directory domains, DNS domains should not be confused with Active Directory domains.

See also: Active Directory   directory database   Domain Name System (DNS)   object   

domain administrator

A person who is a member of the Domain Admins group. Domain administrators can create, delete, and manage all objects that reside within the domain in which they are administrators. They can also assign and reset passwords and delegate administrative authority for network resources to other trusted users.

See also: domain   object   resource   

domain controller

In an Active Directory forest, a server that contains a writable copy of the Active Directory database, participates in Active Directory replication, and controls access to network resources. Administrators can manage user accounts, network access, shared resources, site topology, and other directory objects from any domain controller in the forest.

See also: Active Directory   authentication   directory   forest   shared resource   

domain controller locator (Locator)

An algorithm running in the context of the Net Logon service that enables a client to locate a domain controller. Locator can find domain controllers by using DNS or network basic input/output system (NetBIOS) names. The DNS service (SRV) resource records registered by Locator on behalf of domain controllers are also known as domain controller locator (Locator) resource records.

See also: domain controller   Domain Name System (DNS)   network basic input/output system (NetBIOS)   service (SRV) resource record   

domain DFS

An implementation of Distributed File System (DFS) in which DFS topological information is stored in Active Directory. Because this information is made available on multiple domain controllers in the domain, domain DFS provides fault tolerance for any distributed file system in the domain.

See also: Active Directory   DFS topology   Distributed File System (DFS)   fault tolerance   

domain functionality

The functional level of an Active Directory domain that has one or more domain controllers running Windows Server 2003. The functional level of a domain can be raised to enable new Active Directory features that will apply to that domain only. There are four domain functional levels: Windows 2000 mixed, Windows 2000 native, Windows Server 2003 interim, and Windows Server 2003. The default domain functional level is Windows 2000 mixed. When the domain functional level is raised to Windows 2000 native, Windows Server 2003 interim, or Windows Server 2003, advanced domain-wide Active Directory features are available.

See also: Active Directory   domain   domain controller   

domain hierarchy

The parent/child tree structure of domains.

See also: domain   

domain local group

A security or distribution group that can contain universal groups, global groups, other domain local groups from its own domain, and accounts from any domain in the forest. Domain local security groups can be granted rights and permissions on resources that reside only in the same domain where the domain local group is located.

See also: distribution group   domain tree   forest   global group   security group   universal group   

domain name

The name given by an administrator to a collection of networked computers that share a common directory. Part of the DNS naming structure, domain names consist of a sequence of name labels separated by periods.

See also: domain   Domain Name System (DNS)   label   

Domain Name System (DNS)

A hierarchical, distributed database that contains mappings of DNS domain names to various types of data, such as IP addresses. DNS enables the location of computers and services by user-friendly names, and it also enables the discovery of other information stored in the database.

See also: domain name   IP address   ping   service   Transmission Control Protocol/Internet Protocol (TCP/IP)   

domain namespace

The database structure used by DNS.

See also: Domain Name System (DNS)   

domain naming master

A domain controller that holds the domain naming operations master role in Active Directory. The domain naming master controls the addition or removal of domains in the forest. At any time, the domain naming master role can be assigned to only one domain controller in the forest.

See also: Active Directory   domain controller   operations master   

domain of origin

The parent DNS domain name that is used to root either a zone or a resource record within a zone. This name is joined to the end of unqualified or relative domain names to form a fully qualified domain name (FQDN) within the zone. In DNS Manager, the domain of origin will correspond to the zone name as it appears in the Add Zone Wizard or the name that appears in the Parent domain name field for any resource records created within the zone.

See also: domain   domain name   Domain Name System (DNS)   fully qualified domain name (FQDN)   relative name   resource record (RR)   zone   

domain root

A DFS namespace, for which the configuration information is stored in Active Directory. The path to access the root or a link starts with the host domain name. A domain root can have multiple root targets, which offer fault tolerance and load sharing at the root level.

See also: Active Directory   DFS namespace   root target   

domain suffix

For DNS, an optional parent domain name that can be appended to the end of a relative domain name used in a name query or host lookup. The domain suffix can be used to complete an alternate fully qualified DNS domain name to be searched when the first attempt to query a name fails.

See also: Domain Name System (DNS)   fully qualified domain name (FQDN)   parent domain   

domain tree

In DNS, the inverted hierarchical tree structure that is used to index domain names. Domain trees are similar in purpose and concept to the directory trees used by computer filing systems for disk storage. For example, when numerous files are stored on disk, directories can be used to organize the files into logical collections. When a domain tree has one or more branches, each branch can organize domain names used in the namespace into logical collections. In Active Directory, a hierarchical structure of one or more domains, connected by transitive, bidirectional trusts, that forms a contiguous namespace. Multiple domain trees can belong to the same forest.

See also: Active Directory   domain   domain name   Domain Name System (DNS)   forest   transitive trust   two-way trust   

dots per inch (DPI)

The standard used to measure screen and printer resolution, expressed as the number of dots that a device can display or print per linear inch. The greater the number of dots per inch, the better the resolution.


The case-insensitive handling of DNS domain names. Windows DNS servers use downcasing to convert any uppercase letters used in domain names to equivalent lowercase letters. For example, the name would be downcased to

See also: DNS server   domain name   Domain Name System (DNS)   upcasing   

downloadable fonts

A set of characters stored on disk and sent (downloaded) to a printer`s memory when needed for printing a document. Downloadable fonts are most commonly used with laser printers and other page printers, although many dot-matrix printers can accept some of them. Also called soft fonts.

See also: font   font cartridge   PostScript fonts   


See other term: dots per inch (DPI)  


To move an item on the screen by selecting the item and then pressing and holding down the mouse button while moving the mouse. For example, you can move a window to another location on the screen by dragging its title bar.


For Network Load Balancing, a command that disables new traffic handling for the rule whose port range contains the specified port. All ports specified by the port rule are affected.

See also: cluster   drainstop   Network Load Balancing   port   port rule   


For Network Load Balancing, a command that disables all new traffic handling on the specified hosts. The hosts then enter draining mode to complete existing connections. While draining, hosts remain in the cluster and stop their cluster operations when there are no more active connections. To terminate draining mode, explicitly stop cluster mode with the stop command, or restart new traffic handling with the start command. To drain connections from a specific port, use the drain command.

See also: drain   host   Network Load Balancing   


An area of storage that is formatted with a file system and has a drive letter. The storage can be a floppy disk, a CD or DVD, a hard disk, or another type of disk.

See also: drive letter   file system   volume   

drive letter

The naming convention Windows uses to identify disk drives or partitions on a computer. Drives are named by letter, beginning with A, followed by a colon.

See also: drive   

drop folder

In the Macintosh environment, a folder for which you have the Make Changes permission but not the See Files or See Folders permission. You can copy files into a drop folder, but you cannot see what files and subfolders the drop folder contains.

See also: Make Changes   


See other term: digital subscriber line (DSL)  


See other term: Directory Services Markup Language (DSML)


See other term: Digital Signature Standard (DSS)  


See other term: Data Terminal Equipment (DTE)  

dual boot

A computer configuration that can start two different operating systems.

See also: boot   multiple boot   startup environment   


A system capable of transmitting information in both directions over a communications channel.

See also: full-duplex   half-duplex   


See other term: digital video disc (DVD)  

DVD decoder

A hardware or software component that allows a digital video disc (DVD) drive to display movies on your computer screen.

See also: digital video disc (DVD)   DVD drive   hardware decoder   software decoder   

DVD drive

A disk storage device that uses digital video disc (DVD) technology. A DVD drive reads both CD-ROM and DVDs; however, you must have a DVD decoder to display DVD movies on your computer screen.

See also: digital video disc (DVD)   DVD decoder   


A data type that is composed of hexadecimal data with a maximum allotted space of 4 bytes.

dynamic data exchange (DDE)

A form of interprocess communication (IPC) implemented in the Microsoft Windows family of operating systems. Two or more programs that support dynamic data exchange (DDE) can exchange information and commands.

See also: Network DDE service   

dynamic disk

A physical disk that provides features that basic disks do not, such as support for volumes that span multiple disks. Dynamic disks use a hidden database to track information about dynamic volumes on the disk and other dynamic disks in the computer. You convert basic disks to dynamic by using the Disk Management snap-in or the DiskPart command-line tool. When you convert a basic disk to dynamic, all existing basic volumes become dynamic volumes.

See also: active volume   basic disk   basic volume   dynamic volume   partition   volume   

Dynamic Host Configuration Protocol (DHCP)

A TCP/IP service protocol that offers dynamic leased configuration of host IP addresses and distributes other configuration parameters to eligible network clients. DHCP provides safe, reliable, and simple TCP/IP network configuration, prevents address conflicts, and helps conserve the use of client IP addresses on the network. DHCP uses a client/server model where the DHCP server maintains centralized management of IP addresses that are used on the network. DHCP-supporting clients can then request and obtain lease of an IP address from a DHCP server as part of their network boot process.

See also: DHCP client   DHCP server   IP address   lease   service   Transmission Control Protocol/Internet Protocol (TCP/IP)   

dynamic routing

The use of routing protocols to update routing tables. Dynamic routing responds to changes in the internetwork topology.

See also: protocol   routing   

dynamic storage

A storage method in Windows that allows disk and volume management without requiring operating system restart.

See also: basic storage   

dynamic update

An update to the Domain Name System (DNS) standard that permits DNS clients to dynamically register and update their resource records in zones.

See also: DNS client   DNS server   Domain Name System (DNS)   resource record (RR)   zone   

dynamic volume

A volume that resides on a dynamic disk. Windows supports five types of dynamic volumes: simple, spanned, striped, mirrored, and RAID-5. A dynamic volume is formatted by using a file system, such as file allocation table (FAT) or NTFS, and has a drive letter assigned to it.

See also: basic disk   basic volume   dynamic disk   mirrored volume   RAID-5 volume   simple volume   spanned volume   striped volume   volume   

An operating system feature that allows executable routines (generally serving a specific function or set of functions) to be stored separately as files with .dll extensions. These routines are loaded only when needed by the program that calls them.

See also: Resource DLL