Microsoft Windows XP - Symbols Glossary

.inf The file name extension for files that contain device information or scripts to control hardware operations. 100baseT The Ethernet standard for local area networks using twisted-pair cable carrying data at 100 megabits per second (Mbps). 10base2 The Ethernet and IEEE 802.3 standard for baseband local area networks using a thin coaxial cable up to 200 meters long and carrying data at 10 megabits per second (Mbps). Cables connect to network adapters by a BNC connector. 10baseT The Ethernet standard for local area networks using twisted-pair cable carrying data at 10 megabits per second (Mbps).

A
A (address) resource record A resource record used to map a DNS domain name to a host IP address on the network. See also: domain name; Domain Name System (DNS); resource record (RR) access control A security mechanism that determines which operations a user, group, service, or computer is authorized to perform on a computer or on a particular object, such as a file, printer, registry key, or directory service object. See also: permission; group; object; registry; service access control entry (ACE) An entry in an object's discretionary access control list (DACL) that grants permissions to a user or group. An ACE is also an entry in an object's system access control list (SACL) that specifies the security events to be audited for a user or group. See also: access control; permission; discretionary access control list (DACL); object; system access control list (SACL) account lockout A Windows security feature that locks a user account if a number of failed logon attempts occur within a specified amount of time, based on security policy lockout settings. Locked accounts cannot log on. acknowledgment message For Message Queuing, a message class that indicates that a message arrived or was retrieved by the target application (a positive acknowledgment), or that an error occurred before the original message could be retrieved (a negative acknowledgment). These messages are sent to administration queues on the source computer. See also: administration queue; Message Queuing active Describes the window or icon that you are currently using or that is currently selected. The operating system always applies the next keystroke or command you choose to the active window. Windows or icons on the desktop that are not selected are inactive. See also: channel active content Dynamic content, such as a stock ticker, a weather map, or news, that is usually updated from the World Wide Web or a channel. Active Directory

The directory service that stores information about objects on a network and makes this information available to users and network administrators. Active Directory gives network users access to permitted resources anywhere on the network using a single logon process. It provides network administrators with an intuitive, hierarchical view of the network and a single point of administration for all network objects. See also: directory partition; service Active Directory data model A model derived from the LDAP data model. The directory holds objects that represent entities of various sorts, described by attributes. The objects and classes of objects that can be stored in the directory are defined in the schema. For each class of objects, the schema defines the attributes an instance of the class must have, the additional attributes it can have, and the class that can be its parent. See also: Active Directory; attribute; Lightweight Directory Access Protocol (LDAP); schema Active Directory Users and Computers An administrative tool designed to perform day-to-day Active Directory administration tasks. These tasks include creating, deleting, modifying, moving, and setting permissions on objects stored in the directory. These objects include organizational units, users, contacts, groups, computers, printers, and shared file objects. See also: permission; Active Directory; object active partition A partition from which an x86-based computer starts up. The active partition must be a primary partition on a basic disk. If you use Windows exclusively, the active partition can be the same as the system volume. See also: basic disk; primary partition; system partition; system volume; x86 active volume The volume from which the computer starts up. The active volume must be a simple volume on a dynamic disk. You cannot mark an existing dynamic volume as the active volume, but you can upgrade a basic disk containing the active partition to a dynamic disk. Once the disk is upgraded to dynamic, the partition becomes a simple volume that is active. See also: active partition; basic disk; dynamic disk; dynamic volume; simple volume ActiveX A set of technologies that allows software components to interact with one another in a networked environment, regardless of the language in which the components were created. address (A) resource record A resource record used to map a DNS domain name to a host IP address on the network. See also: domain name; Domain Name System (DNS); resource record (RR) address classes Predefined groupings of Internet addresses with each class defining networks of a certain size. The range of numbers that can be assigned for the first octet in the IP address is based on the address class. Class A networks (values 1 to 126) are the largest, with more than 16 million hosts per network. Class B networks (128 to 191) have up to 65,534 hosts per network, and Class C networks (192 to 223) can have up to 254 hosts per network. See also: Class A IP address; Class B IP address; Class C IP address Address Resolution Protocol (ARP) In TCP/IP, a protocol that uses broadcast traffic on the local network to resolve a logically assigned IP address to its physical hardware or media access control layer address. In ATM, ARP is used two different ways. For classical IP over ATM, ARP is used to resolve addresses to ATM hardware addresses. For ATM LAN emulation, ARP is used to resolve Ethernet/802.3 or Token Ring addresses to ATM hardware addresses. See also: Internet Protocol (IP); Message Authentication Code (MAC); packet; Transmission Control Protocol/Internet Protocol (TCP/IP) administration queue

For Message Queuing, a queue that stores acknowledgment messages. See also: acknowledgment message; Message Queuing administrative alerts Alerts that relate to server and resource use. They notify users about problems in areas such as security and access, user sessions, server shutdown due to power loss (when an uninterruptible power supply is available), directory replication, and printing. When a computer generates an administrative alert, a message is sent to a predefined list of users and computers. See also: Alerter service administrator For Windows XP Professional, a person responsible for setting up and managing domain controllers or local computers and their user and group accounts, assigning passwords and permissions, and helping users with networking problems. Administrators are members of the Administrators group and have full control over the domain or computer. For Windows XP Home Edition, a person who can make system-wide changes to the computer, install software, and who has access to all files on the computer. A person with a computer administrator account has full access to other user accounts on the computer. Advanced Configuration and Power Interface (ACPI) An open industry specification that defines power management on a wide range of mobile, desktop, and server computers and peripherals. ACPI is the foundation for the OnNow industry initiative that allows system manufacturers to deliver computers that will start at the touch of a keyboard. ACPI design is essential to take full advantage of power management and Plug and Play. See also: Plug and Play affinity For Network Load Balancing, the method used to associate client requests to cluster hosts. When no affinity is specified, all network requests are load balanced across the cluster without respect to their source. Affinity is implemented by directing all client requests from the same IP address to the same cluster host. See also: IP address; client request agent An application that runs on a Simple Network Management Protocol (SNMP) managed device. The agent application is the object of management activities. A computer running SNMP agent software is also sometimes referred to as an agent. See also: service; Simple Network Management Protocol (SNMP) Alerter service A service used by the server and other services to notify selected users and computers of administrative alerts that occur on a computer. The Alerter service requires the Messenger service. See also: administrative alerts; Messenger service; service allocation unit The smallest amount of disk space that can be allocated to hold a file. All file systems used by Windows organize hard disks based on allocation units. The smaller the allocation unit size, the more efficiently a disk stores information. If you do not specify an allocation unit size when formatting the disk, Windows picks default sizes based on the size of the volume. These default sizes are selected to reduce the amount of space that is lost and the amount of fragmentation on the volume. An allocation unit is also called a cluster. See also: file system; volume American Standard Code for Information Interchange (ASCII) A standard single-byte character encoding scheme used for text-based data. ASCII uses designated 7-bit or 8bit number combinations to represent either 128 or 256 possible characters. Standard ASCII uses 7 bits to represent all uppercase and lowercase letters, the numbers 0 through 9, punctuation marks, and special control characters used in U.S. English. Most current x86-based systems support the use of extended (or

"high") ASCII. Extended ASCII allows the eighth bit of each character to identify an additional 128 special symbol characters, foreign-language letters, and graphic symbols. See also: Unicode AppleTalk The Apple Computer network architecture and network protocols. A network that has Macintosh clients and a computer running Windows 2000 Server or Windows NT Server with Services for Macintosh functions as an AppleTalk network. AppleTalk Phase 2 The extended AppleTalk Internet model designed by Apple Computer that supports multiple zones within a network and extended addressing capacity. application programming interface (API) A set of routines that an application uses to request and carry out lower-level services performed by a computer's operating system. These routines usually carry out maintenance tasks such as managing files and displaying information. ASCII (American Standard Code for Information Interchange) See definition for: American Standard Code for Information Interchange (ASCII) Assistive Technology Program A service that provides recommendations for technology that can help people with disabilities. Asymmetric Digital Subscriber Line (ADSL) A high-bandwidth digital transmission technology that uses existing phone lines and also allows voice transmissions over the same lines. Most of the traffic is transmitted downstream to the user, generally at rates of 512 Kbps to about 6 Mbps. asynchronous communication A form of data transmission in which information is sent and received at irregular intervals, one character at a time. Because data is received at irregular intervals, the receiving modem must be signaled to let it know when the data bits of a character begin and end. This is done by means of start and stop bits. See also: modem (modulator/demodulator) Asynchronous Transfer Mode (ATM) A high-speed connection-oriented protocol used to transport many different types of network traffic. ATM packages data in a 53-byte, fixed-length cell that can be switched quickly between logical connections on a network. See also: protocol ATM adaptation layer (AAL) The layer of the ATM protocol stack that parses data into the payload portion of the ATM cell for transport across an ATM network. See also: Asynchronous Transfer Mode (ATM) attribute For files, information that indicates whether a file is read-only, hidden, ready for archiving (backing up), compressed, or encrypted, and whether the file contents should be indexed for fast file searching. In Active Directory, characteristics of an object and the type of information an object can hold. For each object class, the schema defines what attributes an instance of the class must have and what additional attributes it might have. audio input device An audio input device records music and voice input into your computer. Examples of audio input devices are CD-ROM players and microphones. audit policy A policy that determines the security events to be reported to the network administrator. auditing

The process that tracks the activities of users by recording selected types of events in the security log of a server or a workstation. authentication The process for verifying that an entity or object is who or what it claims to be. Examples include confirming the source and integrity of information, such as verifying a digital signature or verifying the identity of a user or computer. See also: smart card; trust relationship authoritative For DNS, describes a DNS server hosting a zone, or a zone containing a name or record. When a DNS server is configured to host a zone, it is said to be authoritative for names that do exist or could exist within that zone. A DNS server is allowed to respond authoritatively to queries for domain names for which it is authoritative. A zone is said to be authoritative for a name if the name exists or could exist within a zone, and it is said to be authoritiative for a record if the owner name of the record exists or could exist within a zone. See also: DNS Server; domain name; Domain Name System (DNS); name server (NS) resource record; startof-authority (SOA) resource record; zone authoritative restore In Backup, a type of restore operation performed on an Active Directory domain controller in which the objects in the restored directory are treated as authoritative, replacing (through replication) all existing copies of those objects. Authoritative restore is applicable only to replicated system state data such as Active Directory data and File Replication service data. Use the Ntdsutil.exe utility to perform an authoritative restore. See also: Active Directory; nonauthoritative restore authorization The process that determines what a user is permitted to do on a computer system or network. Automatic Private IP Addressing (APIPA) A feature of Windows XP TCP/IP that automatically configures a unique IP address from the range 169.254.0.1 through 169.254.255.254 and a subnet mask of 255.255.0.0 when the TCP/IP protocol is configured for dynamic addressing and a Dynamic Host Configuration Protocol (DHCP) is not available. See also: DHCP server; Transmission Control Protocol/Internet Protocol (TCP/IP); IP address availability A measure of the fault tolerance of a computer and its programs. A highly available computer runs 24 hours a day, 7 days a week. See also: fault tolerance

B
B-channel A single channel of an ISDN line that is used to carry either voice or data information. ISDN Basic Rate Interface (BRI) has 2 B-channels. ISDN Primary Rate Interface (PRI) in North America has 23 B-channels. ISDN Primary Rate Interface (PRI) in Europe has 30 B-channels. B-channel is also called bearer channel. See also: Integrated Services Digital Network (ISDN) background The screen background image used on a graphical user interface such as Windows. Any pattern or picture that can be stored as a bitmap (.bmp) file can be set as a screen background. background program A program that runs while the user is working on another task. The computer's microprocessor assigns fewer resources to background programs than foreground programs. See also: foreground program backup domain controller (BDC)

In Windows NT Server 4.0 or earlier, a computer running Windows NT Server that receives a copy of the domain's directory database (which contains all account and security policy information for the domain). The copy is synchronized periodically and automatically with the master copy on the primary domain controller (PDC). BDCs also authenticate user logon information and can be promoted to function as PDCs as needed. Multiple BDCs can exist in a domain. Windows NT 3.51 and 4.0 BDCs can participate in a Windows 2000 domain when the domain is configured in mixed mode. See also: primary domain controller (PDC) backup media pool A logical collection of data-storage media that has been reserved for use by Microsoft Windows Backup. Backup uses Removable Storage to control access to specific media within a library. See also: library; media pool; Removable Storage backup operator A type of local or global group that contains the user rights you need to back up and restore files and folders. Members of the Backup Operators group can back up and restore files and folders regardless of ownership, permissions, encryption, or auditing settings. See also: auditing; global group; local group; user rights backup set A collection of files, folders, and other data that has been backed up and stored in a file or on one or more tapes. See also: backup set catalog; on-disk catalog; on-media catalog backup set catalog A summary of the files and folders that have been saved in a backup set. See also: backup set backup types A type that determines which data is backed up and how it is backed up. There are five backup types: copy, daily, differential, incremental, and normal. See also: copy backup; daily backup; differential backup; incremental backup; normal backup bandwidth In analog communications, the difference between the highest and lowest frequencies in a given range. For example, an analog telephone line accommodates a bandwidth of 3,000 hertz (Hz), the difference between the lowest (300 Hz) and highest (3,300 Hz) frequencies it can carry. In digital communications, bandwidth is expressed in bits per second (bps). See also: bits per second (bps) Bandwidth Allocation Protocol (BAP) A PPP control protocol that is used on a multiprocessing connection to dynamically add and remove links. See also: Point-to-Point Protocol (PPP) base priority A precedence ranking that determines the order in which the threads of a process are scheduled for the processor. Use Task Manager to view and change base priorities. For Message Queuing, a property that specifies the queue's priority in a public queue. You can set the base priority from -32,768 to 32,767; the default priority is 0. Private queues do not support base priority. Message Queuing routes and delivers messages first by base priority, then by message priority. See also: Message Queuing; private queue; public queue basic disk A physical disk that can be accessed by MS-DOS and all Windows-based operating systems. Basic disks can contain up to four primary partitions, or three primary partitions and an extended partition with multiple logical drives. If you want to create partitions that span multiple disks, you must first convert the basic disk to a dynamic disk using Disk Management or the Diskpart.exe command-line utility.

See also: dynamic disk; extended partition; logical drive; MS-DOS (Microsoft Disk Operating System); primary partition basic input/output system (BIOS) On x86-based computers, the set of essential software routines that test hardware at startup, start the operating system, and support the transfer of data among hardware devices. The BIOS is stored in read-only memory (ROM) so that it can be executed when you turn on the computer. Although critical to performance, the BIOS is usually invisible to computer users. See also: Extensible Firmware Interface (EFI); read-only memory (ROM); x86 basic storage A storage method in MS-DOS, Windows, Windows NT, and Windows 2000 for primary partitions, extended partitions, and logical drives. See also: dynamic storage; extended partition; logical drive basic volume A primary partition or logical drive that resides on a basic disk. See also: basic disk; logical drive; primary partition batch program An ASCII (unformatted text) file that contains one or more operating system commands. A batch program's file name has a .cmd or .bat extension. When you type the file name at the command prompt, or when the batch program is run from another program, its commands are processed sequentially. Batch programs are also called batch files. See also: American Standard Code for Information Interchange (ASCII); logon script baud rate The speed at which a modem communicates. Baud rate refers to the number of times the condition of the line changes. This is equal to bits per second only if each signal corresponds to one bit of transmitted data. Modems must operate at the same baud rate in order to communicate with each other. If the baud rate of one modem is set higher than that of the other, the faster modem usually alters its baud rate to match that of the slower modem. See also: bits per second (bps); modem (modulator/demodulator) Berkeley Internet Name Domain (BIND) An implementation of DNS written and ported to most available versions of the UNIX operating system. The Internet Software Consortium maintains the BIND software. See also: DNS; BIND boot file binary A base-2 number system in which values are expressed as combinations of two digits, 0 and 1. BIND boot file Configuration file used by Domain Name System (DNS) servers running under versions of the Berkeley Internet Name Domain (BIND) software implementation. The BIND boot file is a text file, Named.boot, where individual lines in the file list boot directives used to start a service when the DNS server is started. By default, Microsoft DNS servers use DNS service parameters stored in the registry, but they allow the use of a BIND boot file as an alternative for reading boot configuration settings. See also: Berkeley Internet Name Domain (BIND); registry boot bindery A database in Novell NetWare 3.x that contains organizational and security information about users and groups. BIOS See definition for: basic input/output system (BIOS) bit (binary digit)

The smallest unit of information handled by a computer. One bit expresses a 1 or a 0 in a binary numeral, or a true or false logical condition. A group of 8 bits makes up a byte, which can represent many types of information, such as a letter of the alphabet, a decimal digit, or other character. Bit is also called binary digit. See also: binary bits per second (bps) The number of bits transmitted every second, used as a measure of the speed at which a device, such as a modem, can transfer data. See also: modem (modulator/demodulator) boot The process of starting or resetting a computer. When first turned on (cold boot) or reset (warm boot), the computer runs the software that loads and starts the computer's operating system, which prepares it for use. boot files The system files needed to start Windows. The boot files include Ntldr and Ntdetect.com. See also: partition boot sector Boot Logging A process in which a computer that is starting (booting) creates a log file that records the loading of each device and service. The log file is called Ntbtlog.txt, and it is saved in the system root directory. See also: systemroot boot partition The partition that contains the Windows operating system and its support files. The boot partition can be, but does not have to be, the same as the system partition. See also: partition; Primary disk; system partition boot volume The volume that contains the Windows operating system and its support files. The boot volume can be, but does not have to be, the same as the system volume. See also: system volume; volume BOOTP extensions A set of optional information types defined originally in RFC 1497 for use with BOOTP service and later supported by DHCP. In DHCP, these extensions form the legacy core set of client parameters available and supported by most standard DHCP and BOOTP servers. See also: bootstrap protocol (BOOTP) bootstrap protocol (BOOTP) A protocol used primarily on TCP/IP networks to configure diskless workstations. RFCs 951 and 1542 define this protocol. DHCP is a later boot configuration protocol that uses this protocol. The Microsoft DHCP service provides limited support for BOOTP service. See also: Transmission Control Protocol/Internet Protocol (TCP/IP); Dynamic Host Configuration Protocol (DHCP); Request for Comments (RFC) broadband Of or relating to communications systems in which the medium of transmission (such as a wire or fiber-optic cable) carries multiple messages at a time, each message modulated on its own carrier frequency by a modem. broadband connection A high-speed connection. Broadband connections are typically 256 kilobytes per second (KBps) or faster. Broadband includes DSL and cable modem service. broadband integrated services digital network (B-ISDN) An ITU-T communication standard for high-speed networking that provides new services, including voice, video, and data on the same network. See also: International Telecommunication Union - Telecommunication [Standardization Sector] (ITU-T) broadcast

An address that is destined for all hosts on a particular network segment. browser Software that interprets the markup of files in HTML, formats them into Web pages, and displays them to the end user. Some browsers also permit end users to send and receive e-mail, read newsgroups, and play sound or video files embedded in Web documents. See also: World Wide Web buffer A region of RAM reserved for use with data that is temporarily held while waiting to be transferred between two locations, such as between an application's data area and an input/output device. See also: random access memory (RAM) built-in groups The default security groups installed with the operating system. Built-in groups have been granted useful collections of rights and built-in abilities. In most cases, built-in groups provide all the capabilities needed by a particular user. For example, if a domain user account belongs to the built-in Administrators group, logging on with that account gives a user administrative capabilities over the domain and the domain servers. To provide a needed set of capabilities to a user account, assign it to the appropriate built-in group. See also: group bus A communication line used for data transfer among the components of a computer system. A bus essentially allows different parts of the system to share data. For example, a bus connects the disk-drive controller, memory, and input/output ports to the microprocessor. See also: expansion slot; universal serial bus (USB) bytes A unit of data that typically holds a single character, such as a letter, a digit, or a punctuation mark. Some single characters can take up more than one byte. See also: bit (binary digit)

C
cable modem A device that enables a broadband connection to the Internet by using cable television infrastructure. Access speeds vary greatly, with a maximum throughput of 10 megabits per second (Mbps). cache For DNS and WINS, a local information store of resource records for recently resolved names of remote hosts. Typically, the cache is built dynamically as the computer queries and resolves names. It also helps optimize the time required to resolve queried names. See also: cache file; resource record (RR) cache file A file used by the Domain Name System (DNS) server to preload its names cache when service is started. Also known as the root hints file because DNS uses resource records stored in this file to help locate root servers that provide referral to authoritative servers for remote names. For Windows DNS servers, the cache file is named Cache.dns and is located in the %SystemRoot%\System32\Dns folder. See also: authoritative; cache; systemroot caching The process of temporarily storing recently used data values in a special pool in memory for quicker subsequent access. For DNS, typically the ability of the DNS server to store information learned about the DNS namespace during the resolution of DNS queries. (For example, the DNS server can cache DNS records received from other DNS servers.) Caching is also available through the DNS Client service as a way for DNS clients to keep a cache of information learned during recent queries.

See also: caching resolver; DNS Server; Domain Name System (DNS) caching resolver A client-side DNS name resolution service that performs caching of recently learned DNS domain name information. The caching resolver service provides system-wide access to DNS-aware programs for resource records obtained from DNS servers during processing of name queries. Cached data is used for a limited period of time and aged according to the active Time-to-Live (TTL) value. You can set the TTL individually for each resource record (RR). Otherwise, it defaults to the minimum TTL set in the SOA RR for the zone. See also: caching; expire interval; minimum TTL; resolver; resource record (RR); Time to Live (TTL) callback number The number that a remote access server uses to call back a user. This number can be preset by the administrator or specified by the user at the time of each call, depending on how the administrator configures the user's callback options. The callback number should be the number of the phone line to which the user's modem is connected. See also: preset-to callback; remote access server; set-by-caller callback callback security A form of network security in which a remote access server calls a user back at a preset number after the user has made an initial connection and has been authenticated. See also: preset-to callback; remote access server called subscriber ID (CSID) string A string that specifies the called subscriber ID transmitted by the receiving fax machine when receiving an inbound fax. This string is usually a combination of the fax or telephone number and the name of the business. It is often the same as the transmitter subscriber ID. See also: string; transmitting station ID (TSID) string canonical (CNAME) resource record A resource record used to map an alternate alias name to a primary canonical DNS domain name used in the zone. See also: resource record (RR) canonical name An object's distinguished name presented with the root first and without the LDAP attribute tags (such as: CN=, DC=). The segments of the name are delimited with forward slashes (/). For example, CN=MyDocuments,OU=MyOU,DC=Microsoft,DC=Com is presented as microsoft.com/MyOU/MyDocuments in canonical form. See also: distinguished name; Lightweight Directory Access Protocol (LDAP) cartridge font A font contained in a plug-in cartridge and used to add fonts to laser, ink-jet, or high-end dot-matrix printers. Cartridge fonts are distinguished both from internal fonts, which are contained in ROM in the printer and are always available, and from downloadable (soft) fonts, which reside on disk and which can be sent to the printer as needed. See also: downloadable fonts; font; font cartridge; read-only memory (ROM) cascading hubs A network configuration in which hubs are connected to other hubs. See also: hub catalog For Indexing Service, a collection of all index information and stored properties for a particular group of file system directories. By default, Indexing Service indexes the System and Web catalogs on your hard drive. See also: property CD-R

Recordable compact disc. Data can be copied to the CD on more than one occasion; however, data cannot be erased from the CD. CD-RW Rewritable compact disc. Data can be copied to the CD on more than one occasion and can be erased. certificate A digital document that is commonly used for authentication and secure exchange of information on open networks, such as the Internet, extranets, and intranets. A certificate securely binds a public key to the entity that holds the corresponding private key. Certificates are digitally signed by the issuing certification authority and can be issued for a user, a computer, or a service. The most widely accepted format for certificates is defined by the ITU-T X.509 version 3 international standard. See also: International Telecommunication Union - Telecommunication [Standardization Sector] (ITU-T); certification authority (CA); private key; public key; service certificate revocation list (CRL) A document maintained and published by a certification authority that lists certificates that have been revoked. See also: certificate; certification authority (CA) certificate store Typically, a permanent storage where certificates, certificate revocation lists, and certificate trust lists are stored. See also: certificate; certificate revocation list (CRL); certificate trust list (CTL) certificate template A Windows construct that profiles certificates (that is, it prespecifies the format and content) based on their intended usage. When requesting a certificate from a Windows enterprise certification authority (CA), certificate requestors are, depending on their access rights, able to select from a variety of certificate types that are based on certificate templates, such as User and Code Signing. See also: certificate; certification authority (CA) certificate trust list (CTL) A signed list of root certification authority certificates that an administrator considers reputable for designated purposes, such as client authentication or secure e-mail. See also: certificate; certification authority (CA); root certificate certification authority (CA) An entity responsible for establishing and vouching for the authenticity of public keys belonging to users (end entities) or other certification authorities. Activities of a certification authority can include binding public keys to distinguished names through signed certificates, managing certificate serial numbers, and certificate revocation. See also: certificate; public key; root authority certification hierarchy A model of trust for certificates in which certification paths are created by means of the establishment of parent-child relationships between certification authorities. See also: certification authority (CA); certification path certification path An unbroken chain of trust, consisting of certificates from trusted certificate authorities, from a specific certificate to the root certification authority in a certification hierarchy. See also: public key Challenge Handshake Authentication Protocol (CHAP) A challenge-response authentication protocol for PPP connections documented in RFC 1994 that uses the industry-standard Message Digest 5 (MD5) one-way encryption scheme to hash the response to a challenge issued by the remote access server. channel

A path or link through which noncontrol information passes between two devices. A single Basic Rate Interface (BRI) connection, for example, has one physical connection but two channels for exchanging information between devices. This is often called a bearer channel, implying a channel that carries information. On the Internet, a Web site designed to deliver content from the Internet to your computer, similar to subscribing to a favorite Web site. See also: active content; B-channel; D-channel CHAP (Challenge Handshake Authentication Protocol) An authentication protocol used by Microsoft remote access and Network Connections. Using CHAP, a remote access client can send its authentication credentials to a remote access server in a secure form. Microsoft has created a Windows-specific variant of CHAP called MS-CHAP. See also: remote access server; remote access character mode A display mode in which the monitor can display letters, numbers, and other text characters, but no graphical images or character formatting (italics, superscript, and so on). checkpoints See definition for: Restore Point child object An object that resides in another object. A child object implies relation. For example, a file is a child object that resides in a folder, which is the parent object. See also: object; parent object Class A IP address A unicast IP address that ranges from 1.0.0.1 through 126.255.255.254. The first octet indicates the network, and the last three octets indicate the host on the network. See also: Class B IP address; Class C IP address; IP address Class B IP address A unicast IP address that ranges from 128.0.0.1 through 191.255.255.254. The first two octets indicate the network, and the last two octets indicate the host on the network. See also: Class A IP address; Class C IP address; IP address Class C IP address A unicast IP address that ranges from 192.0.0.1 to 223.255.255.254. The first three octets indicate the network, and the last octet indicates the host on the network. Network Load Balancing provides optional session support for Class C IP addresses (in addition to support for single IP addresses) to accommodate clients that make use of multiple proxy servers at the client site. See also: Class A IP address; Class B IP address; IP address classical IP over ATM (CLIP) A proposed Internet standard, described in RFC 2225, that allows IP communication directly on the ATM layer, bypassing an additional protocol (such as Ethernet or Token Ring) in the protocol stack. See also: Asynchronous Transfer Mode (ATM); Internet Protocol (IP) clear To turn off an option by removing the X or check mark from a check box. You clear a check box by clicking it, or by selecting it and then pressing the SPACEBAR. client Any computer or program connecting to, or requesting the services of, another computer or program. Client can also refer to the software that enables the computer or program to establish the connection. For a local area network (LAN) or the Internet, a computer that uses shared network resources provided by another computer (called a server). See also: server client application

A Windows-based application that can display and store linked or embedded objects. For distributed applications, the application that imitates a request to a server application. client request A service request from a client computer to a server computer or, for Network Load Balancing, a cluster of computers. Network Load Balancing forwards each client request to a specific host within the cluster according to the system administrator's load-balancing policy. See also: client; cluster; host; load balancing; server ClipBook Server A system service that supports ClipBook Viewer, which allows pages to be seen by remote ClipBooks. cluster In data storage, the smallest amount of disk space that can be allocated to hold a file. All file systems used by Windows organize hard disks based on clusters, which consist of one or more contiguous sectors. The smaller the cluster size, the more efficiently a disk stores information. If no cluster size is specified during formatting, Windows picks defaults based on the size of the volume. These defaults are selected to reduce the amount of space that is lost and the amount of fragmentation on the volume. A cluster is also called an allocation unit. In computer networking, a group of independent computers that work together to provide a common set of services and present a single-system image to clients. The use of a cluster enhances the availability of the services and the scalability and manageability of the operating system that provides the services. See also: availability; client; file system; scalability; volume cluster adapter The adapter that, when using multiple network adapters in each host of a Network Load Balancing cluster, handles the network traffic for cluster operations (the traffic for all hosts in the cluster). This adapter is programmed with the host's cluster IP address. See also: cluster; dedicated adapter; IP address Cluster Administrator An application that is used to configure a cluster and its nodes, groups, and resources. Cluster Administrator can run on any member of the trusted domain regardless of whether the computer is a cluster node. See also: cluster; Cluster.exe; server cluster Cluster Administrator extension A software component that implements the Cluster Administrator extension application programming interface (API) for allowing Cluster Administrator to configure a new resource type. See also: application programming interface (API); cluster; Cluster Administrator Cluster API A collection of functions that are implemented by the cluster software and used by a cluster-aware client or server application, a cluster management application, or a Resource DLL. The Cluster API is used to manage the cluster, cluster objects, and the cluster database. See also: cluster; Resource DLL; server cluster cluster disk A disk on a shared bus connected to the cluster nodes, which all the cluster nodes can access (though not at the same time). Cluster service The essential software component that controls all aspects of server cluster operation and manages the cluster database. Each node in a server cluster runs one instance of the Cluster service. See also: cluster; server cluster cluster-aware application An application that can run on a cluster node and that can be managed as a cluster resource. Cluster-aware applications use the Cluster API to receive status and notification information from the server cluster. See also: server cluster; Cluster API; cluster-unaware application; cluster cluster-unaware application

An application that can run on a cluster node and be managed as a cluster resource but that does not support the Cluster API. See also: cluster-aware application; cluster; Cluster API Cluster.exe An alternative to using Cluster Administrator to administer clusters from the command prompt. You can also call Cluster.exe from command scripts to automate many cluster administration tasks. See also: Cluster Administrator; cluster Cmd Show Override, with When checked, opens the DDE server application as specified by the integer in value. Possible values are 1 (normal), 2 (minimized), 3 (maximized), and 10 (application default). When cleared, the DDE server application opens. CMYK color space Multidimensional color space consisting of the cyan, magenta, yellow, and black intensities that make up a given color. Commercial color printing devices generally use this system of four-color process inks. See also: color management; color space code page A means of providing support for character sets and keyboard layouts for different countries or regions. A code page is a table that relates the binary character codes used by a program to keys on the keyboard or to characters on the display. codec Hardware that can convert audio or video signals between analog and digital forms (coder/decoder); hardware or software that can compress and uncompress audio or video data (compression/decompression); or the combination of coder/decoder and compression/decompression. Generally, a codec compresses uncompressed digital data so that the data uses less memory. color depth The number of colors per pixel your monitor and graphics adapter support. color gamut The particular range of colors that a device is able to produce. A device such as a scanner, monitor, or printer can produce a unique range of colors, which is determined by the characteristics of the device itself. See also: color profile; rendering intent color management Process of producing accurate, consistent color among a variety of input and output devices. A color management system (CMS) maps colors between devices such as scanners, monitors, and printers; transforms colors from one color space to another (for example, RGB to CMYK); and provides accurate on-screen or print previews. See also: CMYK color space; RGB color space color profile A profile that contains the data needed for translating the values of a color gamut. This data includes information about color, hue, saturation, and brightness. See also: color gamut; hue; saturation color space A set of three values that defines how a color can be represented on computer devices such as monitors, scanners, and printers. For example, in the LAB color space, the terms luminance or whiteness (L), rednessgreenness (A), and yellowness-blueness (B) are used; in the HVC system, the terms are hue (H), value (V), and chroma (C). Color space refers to the three-dimensional space that is defined by the respective values, such as L, A, and B. See also: CMYK color space; color space; RGB color space command prompt window

A window displayed on the desktop used to interface with the MS-DOS operating system. MS-DOS commands are typed at an entry point identified by a blinking cursor. See also: MS-DOS (Microsoft Disk Operating System) common groups Groups that appear in the program list on the Start menu for all users who log on to the computer. Only administrators can create or change common groups. See also: group communication port A port on a computer that allows asynchronous communication of one byte at a time. A communication port is also called a serial port. See also: asynchronous communication; serial port communication settings Operating parameters, such as bits per second (bps) and modem type, that apply to serial ports on a computer. See also: bits per second (bps); modem (modulator/demodulator); serial port community name A name used to group SNMP hosts. This name is placed in SNMP messages sent between SNMP-managed devices such as Windows 2000-based server computers and SNMP management stations. Typically, all hosts belong to Public, which is the standard name for a common community of all SNMP hosts. See also: Simple Network Management Protocol (SNMP); trap compatibility mode A feature of a computer or operating system that allows it to run programs written for a different system. Programs often run slower in compatibility mode. Complementary Metal Oxide Semiconductor (CMOS) A specific type of semiconductor technology that requires very little power. The term has been popularized to mean a small storage area where your system keeps track of certain hardware parameters, such as the size of your hard disk, the number of serial ports your computer has, etc. CMOS is also called Setup RAM. Compression Control Protocol (CCP) A protocol used in the negotiation process in a PPP connection. Compression Control Protocol is one type of Network Control Protocol (NCP). NCPs are used to establish and configure different network protocol parameters for IP, IPX, and NetBEUI. See also: Internet Protocol (IP); Internetwork Packet Exchange (IPX); Point-to-Point Protocol (PPP) computer account An account that is created by a domain administrator and uniquely identifies the computer on the domain. The Windows computer account matches the name of the computer joining the domain. See also: domain computer administrator A user who manages a computer. The computer administrator makes system-wide changes to the computer, including installing programs and accessing all files on the computer, and can create, change and delete the accounts of other users. Computer Browser service A service that maintains an up-to-date list of computers and provides the list to applications when requested. The Computer Browser service provides the computer lists displayed in the My Network Places, Select Computer, and Select Domain dialog boxes and (for Windows 2000 Server only) in the Server Manager window. See also: service Computer Management

A component you can use to view and control many aspects of the computer configuration. Computer Management combines several administration utilities into a single console tree, providing easy access to a local or remote computers administrative properties and tools. computer quota For Message Queuing, the storage size limit for messages on a computer, based on the total size of the messages. When a computer quota is reached, Message Queuing can no longer send messages to that computer until one or more messages are removed from queues. Message Queuing enforces the computer quota before it enforces the queue quota on a computer. See also: Message Queuing; queue quota connect To assign a drive letter, port, or computer name to a shared resource so that you can use it. See also: shared resource connected, authenticating user A user's status when a telephone connection has been established but authentication has not yet taken place. The user may be trying to prove security clearance, or the system may be idle. If this condition occurs, followed by the Waiting for Call phase, then the user was unable to provide a correct user name or password. If this phase is repeated, followed by the Waiting for Call phase, an unauthorized attempt to access the network may be under way. See also: authentication; Waiting for Call connected, user authenticated A user's status when a telephone connection has been established and the user has entered a correct user name and password. If the user has callback permission and has requested callback, the connection is followed by the calling-back phase. If the calling-back phase is followed by a waiting-for-call phase, then the server was unable to reach the user at the specified number. The user may have supplied an inaccurate callback number (in the case of set-by-caller callback), or an unauthorized attempt to access the network may be under way (in the case of preset-to callback). See also: preset-to callback; set-by-caller callback connector application For Message Queuing, an application that enables Message Queuing computers to communicate with computers that use other messaging systems. See also: connector queue; foreign computer; Message Queuing connector queue For Message Queuing, a queue created on servers running a connector application. You can use the connector application to exchange messages with computers that are running other message-queuing products. See also: connector application; foreign computer; Message Queuing console tree The left pane in a Microsoft Management Console (MMC) that displays the items contained in the console. By default it is the left pane of a console window, but it can be hidden. The items in the console tree and their hierarchical organization determine the capabilities of a console. See also: Microsoft Management Console (MMC) constant bit rate (CBR) An ATM service type that supports constant bandwidth allocation. This service type is used for voice and video transmissions that require little or no cell loss and rigorous timing controls during transmission. See also: Asynchronous Transfer Mode (ATM) container object An object that can logically contain other objects. For example, a folder is a container object. See also: noncontainer object; object convergence

The process of stabilizing a system after changes occur in the network. For routing, if a route becomes unavailable, routers send update messages throughout the internetwork, reestablishing information about preferred routes. For Network Load Balancing, a process by which hosts exchange messages to determine a new, consistent state of the cluster and to elect the host with the highest host priority, known as the default host. During convergence, a new load distribution is determined for hosts that share the handling of network traffic for specific TCP or UDP ports. See also: cluster; default host; host; User Datagram Protocol (UDP) copy backup A backup that copies all selected files but does not mark each file as having been backed up (in other words, the archive attribute is not cleared). Copying is useful if you want to back up files between normal and incremental backups because copying does not affect these other backup operations. See also: daily backup; differential backup; incremental backup; normal backup count limit For Process Control, the maximum number of active processes in a process group. You can configure this in the Process Control snap-in. CPU Time In Task Manager, the total processor time, in seconds, used by a process since it started. See also: Task Manager CPU Usage In Task Manager, the percentage of time that a process used the CPU since the last update. On the Task Manager Process tab, the column heading is CPU. See also: Task Manager crash consistency A feature of shadow copy backups that ensures all files are backed up, regardless of their state. See also: volume shadow copy CRC errors Errors caused by the failure of a cyclic redundancy check. A CRC error indicates that one or more characters in the data packet received were found garbled on arrival. credentials A set of information that includes identification and proof of identification that is used to gain access to local and network resources. Examples of credentials are user names and passwords, smart cards, and certificates. CRL distribution point An optional extension in an X.509v3 certificate that identifies how information is obtained. Also, a directory entry or other distribution source for certificate revocation lists. See also: certificate; certificate revocation list (CRL); X.509v3 certificate cross-reference object Objects in which Active Directory stores information about directory partitions and external directory services. An example of an external directory service is another LDAP-compliant directory. See also: Active Directory; directory partition; Lightweight Directory Access Protocol (LDAP) CryptoAPI An application programming interface (API) that is provided as part of Microsoft Windows. CryptoAPI provides a set of functions that allow applications to encrypt or digitally sign data in a flexible manner while providing protection for the user's sensitive private key data. Actual cryptographic operations are performed by independent modules known as cryptographic service providers (CSPs). See also: application programming interface (API); cryptographic service provider (CSP); private key cryptographic service provider (CSP) The code that performs authentication, encoding, and encryption services that Windows-based applications access through the CryptoAPI. A CSP is responsible for creating keys, destroying them, and using them to

perform a variety of cryptographic operations. Each CSP provides a different implementation of the CryptoAPI. Some provide stronger cryptographic algorithms, while others contain hardware components, such as smart cards. See also: smart card; CryptoAPI; service cryptography The processes, art, and science of keeping messages and data secure. Cryptography is used to enable and ensure confidentiality, data integrity, authentication (entity and data origin), and nonrepudiation. custom file type Typically, files with extensions that have been created for special kinds of files. Custom file types are not tracked by the system registry. See also: registry

D
D-channel A separate channel of an ISDN line that is used for ISDN signaling. For ISDN Basic Rate Interface (BRI), the Dchannel is 16 kilobits per second (Kbps). For ISDN Primary Rate Interface (PRI), the D-channel is 64 Kbps. Dchannel is also called data channel. See also: Integrated Services Digital Network (ISDN); switch type daily backup A backup that copies all selected files that have been modified the day the daily backup is performed. The backed-up files are not marked as having been backed up (in other words, the archive attribute is not cleared). See also: copy backup; differential backup; incremental backup; normal backup Data Communications Equipment (DCE) One of two types of hardware connected by an RS-232-C serial connection, the other being a Data Terminal Equipment (DTE) device. A DCE is an intermediary device that often transforms input from a DTE before sending it to a recipient. A modem, for example, is a DCE that modulates data from a microcomputer (DTE) and sends it along a telephone connection. See also: Data Terminal Equipment (DTE); RS-232-C standard Data Link Control (DLC) An address that uniquely identifies a node on a network. Every network adapter has a DLC address or DLC identifier (DLCI). Some network protocols, such as Ethernet and Token Ring, use DLC addresses exclusively. Other protocols, such as TCP/IP, use a logical address at the OSI Network layer to identify nodes. However, all network addresses must eventually be translated to DLC addresses. In TCP/IP networks, this translation is performed by the Address Resolution Protocol (ARP). See also: Address Resolution Protocol (ARP); Open Systems Interconnection (OSI) reference model data packet A unit of information transmitted as a whole from one device to another on a network. Data Terminal Equipment (DTE) In the RS-232-C hardware standard, any device, such as a remote access server or client, that has the ability to transmit information in digital form over a cable or a communications line. See also: Data Communications Equipment (DCE); remote access server; RS-232-C standard data-overrun error A state in which the sending computer is transmitting characters faster than the receiving computer can accommodate them. If this problem persists, reduce the bits-per-second (bps) rate. See also: bits per second (bps) datagram One packet, or unit, of information that includes relevant delivery information, such as the destination address, that is sent through a packet-switching network. See also: packet

dead-letter queue For Message Queuing, a queue that stores nontransactional messages that are undeliverable or expired. These queues store failed messages on the computer on which the message expired. Messages in these queues are written to disk and are therefore recoverable. See also: transaction dead-letter queue; transactional message debugger A program designed to aid in detecting, locating, and correcting errors in another program by allowing the programmer to step through the program, examine the data, and monitor conditions such as the values of variables. dedicated adapter The network adapter that, when using multiple network adapters in each host of a Network Load Balancing cluster, handles network traffic not related to cluster operations (the traffic for individual hosts on the network). This adapter is programmed with the host's dedicated IP address. See also: cluster adapter; IP address default button In some dialog boxes, the command button that is selected or highlighted when the dialog box is initially displayed. The default button has a bold border, indicating that it will be chosen automatically if you press ENTER. You can override a default button by clicking Cancel or another command button. default gateway A configuration item for the TCP/IP protocol that is the IP address of a directly reachable IP router. Configuring a default gateway creates a default route in the IP routing table. default host The host with the highest host priority for which a drainstop command is not in progress. After convergence, the default host handles all of the network traffic for TCP and UDP ports that are not otherwise covered by port rules. See also: convergence; drainstop; host priority; port rule; User Datagram Protocol (UDP) default network In the Macintosh environment, the physical network on which the processes of a server reside as nodes and on which the server appears to users. The default network of the server must be one to which that server is attached. Only servers on AppleTalk Phase 2 internets have default networks. See also: internet default printer The printer to which a computer sends documents if you select the Print command without first specifying which printer you want to use with a program. You can have only one default printer; it should be the printer you use most often. See also: printer default user The profile that serves as a basis for all user profiles. Every user profile begins as a copy of the default user profile. default zone The zone to which all Macintosh clients on the network are assigned by default. See also: zone defragmentation The process of rewriting parts of a file to contiguous sectors on a hard disk to increase the speed of access and retrieval. When files are updated, the computer tends to save these updates on the largest continuous space on the hard disk, which is often on a different sector than the other parts of the file. When files are thus fragmented, the computer must search the hard disk each time the file is opened to find all of the file's parts, which slows down response time. See also: fragmentation

delegation The ability to assign responsibility for management and administration of a portion of the namespace to another user, group, or organization. For DNS, a name service record in the parent zone that lists the name server authoritative for the delegated zone. See also: Domain Name System (DNS) denial-of-service attack An attack in which an attacker exploits a weakness or a design limitation of a network service to overload or halt the service, so that the service is not available for use. This type of attack is typically launched to prevent other users from using a network service such as a Web server or a file server. dependency A relationship of reliance between two resources that makes it necessary for them to run in the same group on the same node. For example, an application is dependent on the disks that contain its data resources. See also: resource dependency tree A diagram for visualizing the dependency relationships between resources. See also: dependency; resource dependent client For Message Queuing, a computer that requires synchronous access to a Message Queuing server to perform all standard message queuing operations, such as sending and receiving messages and creating queues. See also: independent client; Message Queuing server descendent key All the subkeys that appear when a key in the registry is expanded. A descendent key is the same as a subkey. See also: key; subkey desired zone The zone in which AppleTalk network integration appears on the network. See also: default zone; zone desktop The on-screen work area on which windows, icons, menus, and dialog boxes appear. desktop pattern A design that appears across your desktop. You can create your own pattern or select a pattern provided by Windows. See also: desktop destination document The document into which a package or a linked or embedded object is being inserted. For an embedded object, this is sometimes also called the container document. See also: embedded object details pane The pane in the Microsoft Management Console (MMC) that displays the details for the selected item in the console tree. The details can be a list of items or they can be administrative properties, services, and events that are acted on by a snap-in. See also: Microsoft Management Console (MMC); service; snap-in device Any piece of equipment that can be attached to a network or computer; for example, a computer, printer, joystick, adapter, or modem card, or any other peripheral equipment. Devices normally require a device driver to function with Windows. See also: device driver; peripheral device conflict

A conflict that occurs when the same system resources have been allocated to two or more devices. System resources include interrupt request (IRQ) lines, direct memory access (DMA) channels, input/output (I/O) ports, and memory addresses. See also: direct memory access (DMA); input/output (I/O) port; interrupt request (IRQ) lines; memory address; resource device driver A program that allows a specific device, such as a modem, network adapter, or printer, to communicate with the operating system. Although a device might be installed on your system, Windows cannot use the device until you have installed and configured the appropriate driver. If a device is listed in the Hardware Compatibility List (HCL), a driver is usually included with Windows. Device drivers load automatically (for all enabled devices) when a computer is started, and thereafter run invisibly. device fonts Fonts that reside in your printer. They can be built into the printer itself or provided by a font cartridge or font card. See also: font; font cartridge; printer fonts Device Manager An administrative tool that you can use to manage the devices on your computer. Using Device Manager, you can view and change device properties, update device drivers, configure device settings, and uninstall devices. See also: device; uninstall DFS link An element in the Distributed File System (DFS) namespace that lies below the root and maps to one or more targets, each of which corresponds to a shared folder or another DFS root. See also: DFS root; domain DFS DFS root The starting point of the Distributed File System (DFS) namespace. The root is often used to refer to the namespace as a whole. A root maps to one or more root targets, each of which corresponds to a shared folder on a server. See also: DFS link DFS topology The overall logical hierarchy of the Distributed File System (DFS), including elements such as roots, links, shared folders, and replica sets, as depicted in the DFS administrative console. This is not to be confused with the DFS namespace, which is the logical view of shared resources seen by users. See also: DFS link; DFS root; domain DFS DHCP client Any network-enabled device that supports the ability to communicate with a DHCP server for the purpose of obtaining dynamic leased IP configuration and related optional parameters information. See also: Dynamic Host Configuration Protocol (DHCP); DHCP server; lease DHCP option Address configuration parameters that a DHCP service assigns to clients. Most DHCP options are predefined, based on optional parameters defined in Request for Comments (RFC) 1542, although extended options can be added by vendors or users. See also: Dynamic Host Configuration Protocol (DHCP); service DHCP server A computer running the Microsoft DHCP service that offers dynamic configuration of IP addresses and related information to DHCP-enabled clients. See also: Dynamic Host Configuration Protocol (DHCP); service; IP address DHCP service resource A resource type that provides DHCP services from a cluster. See also: cluster; Dynamic Host Configuration Protocol (DHCP)

DHCP/BOOTP Relay Agent The agent program or component responsible for relaying DHCP and BOOTP broadcast messages between a DHCP server and a client across an IP router. A DHCP relay agent supports DHCP/BOOTP message relay as defined in RFCs 1541 and 2131. The DHCP Relay Agent service is managed using the Routing and Remote Access service. See also: DHCP server; bootstrap protocol (BOOTP); Dynamic Host Configuration Protocol (DHCP) dial location The country code, area code, and specific dialing requirements for the place you are dialing from. Once you have created a dial location, you can select it to apply the dialing requirements to all your calls. To change dialing locations, select or create a different one. dial-up connection The connection to your network if you are using a device that uses the telephone network. This includes modems with a standard phone line, ISDN cards with high-speed ISDN lines, or X.25 networks. If you are a typical user, you may have one or two dial-up connections, for example, to the Internet and to your corporate network. In a more complex server situation, multiple network modem connections might be used to implement advanced routing. See also: Integrated Services Digital Network (ISDN); modem (modulator/demodulator) dialog box A secondary window that contains buttons and various kinds of options through which you can carry out a particular command or task. dictionary attack A method of guessing a user's password or PIN by trying every word in the dictionary until successful. differential backup A backup that copies files created or changed since the last normal or incremental backup. It does not mark files as having been backed up (in other words, the archive attribute is not cleared). If you are performing a combination of normal and differential backups, restoring files and folders requires that you have the last normal as well as the last differential backup. See also: copy backup; daily backup; incremental backup; normal backup differential data Saved copies of changed data that can be applied to an original volume to generate a volume shadow copy. See also: volume; volume shadow copy digital signature A means for originators of a message, file, or other digitally encoded information to bind their identity to the information. The process of digitally signing information entails transforming the information, as well as some secret information held by the sender, into a tag called a signature. Digital signatures are used in public key environments, and they provide nonrepudiation and integrity services. See also: Digital Signature Standard (DSS); service; time stamp Digital Signature Standard (DSS) A standard that uses the Digital Signature Algorithm (DSA) for its signature algorithm and SHA-1 as its message hash algorithm. DSA is a public-key cipher that is used only to generate digital signatures and cannot be used for data encryption. See also: digital signature; Secure Hash Algorithm (SHA-1) Digital Subscriber Line (DSL) A type of high-speed Internet connection using standard telephone wires. This is also referred to as a broadband connection. digital video disc (DVD) A type of optical disc storage technology. A digital video disc (DVD) looks like a CD-ROM disc, but it can store greater amounts of data. DVDs are often used to store full-length movies and other multimedia content that requires large amounts of storage space.

See also: DVD decoder; DVD drive direct cable connection A link between the I/O ports of two computers created with a single cable rather than a modem or other interfacing devices. In most cases, a direct cable connection is made with a null modem cable. See also: input/output (I/O) port; null modem cable direct memory access (DMA) Memory access that does not involve the microprocessor. DMA is frequently used for data transfer directly between memory and a peripheral device such as a disk drive. See also: hardware configuration directory partition A contiguous subtree of the directory that forms a unit of replication. A given replica is always a replica of some directory partition. The directory always has at least three directory partitions: The schema, which defines the object classes and attributes contained in Active Directory. The configuration, which identifies the domain controllers, replication topology and other related information about the domain controllers within a specific implementation of Active Directory. One or more domains that contain the actual directory object data. A domain controller always stores the partitions for the schema, configuration, and its own (and no other) domain. The schema and configuration are replicated to every domain controller in the domain tree or forest. The domain is replicated only to domain controllers for that domain. A subset of the attributes for all domain objects is replicated to the global catalog. See also: Active Directory; attribute; domain; replica; replication directory service Both the directory information source and the service that make the information available and usable. A directory service enables the user to find an object given any one of its attributes. DirectX An extension of the Microsoft Windows operating system. DirectX technology helps games and other programs use the advanced multimedia capabilites of your hardware. disable To make a device nonfunctional. For example, if you disable a device in a hardware configuration, you cannot use the device when your computer uses that hardware configuration. Disabling a device frees the resources that were allocated to the device. See also: enable; hardware configuration discretionary access control list (DACL) The part of an object's security descriptor that grants or denies specific users and groups permission to access the object. Only the owner of an object can change permissions granted or denied in a DACL; thus, access to the object is at the owner's discretion. See also: distribution group; object; security descriptor; security group disk A storage device that is attached to a computer. See also: basic disk; dynamic disk disk configuration information Information in the Windows registry on assigned drive letters, simple volumes, striped volumes, mirrored volumes, spanned volumes, and RAID-5 volumes. You can change the disk configuration by using Disk Management. See also: mirrored volume; RAID-5 volume; registry; simple volume; spanned volume; volume dismount To remove a removable tape or disc from a drive. See also: library; mount

display adapter See definition for: video adapter distinguished name A name that uniquely identifies an object by using the relative distinguished name for the object, plus the names of container objects and domains that contain the object. The distinguished name identifies the object as well as its location in a tree. Every object in Active Directory has a distinguished name. A typical distinguished name might be CN=MyName,CN=Users,DC=Microsoft,DC=Com This identifies the MyName user object in the microsoft.com domain. See also: Active Directory; domain; object distribution group A group that is used solely for e-mail distribution and that is not security-enabled. Distribution groups cannot be listed in discretionary access control lists (DACLs) used to define permissions on resources and objects. Distribution groups can be used only with e-mail applications (such as Microsoft Exchange) to send e-mail to collections of users. If you do not need a group for security purposes, create a distribution group instead of a security group. See also: discretionary access control list (DACL); security group DLL See definition for: dynamic-link library (DLL) DNS See definition for: Domain Name System (DNS) DNS Server A service that maintains information about a portion of the Domain Name System (DNS) database and responds to and resolves DNS queries. A computer running this service is also known as a DNS server. See also: Domain Name System (DNS) DNS suffix For DNS, a character string that represents a domain name. The DNS suffix shows where a host is located relative to the DNS root, specifying a hosts location in the DNS hierarchy. Usually, DNS suffix describes the latter portion of a DNS name, following one or more of the first labels of a DNS name. dock To connect a laptop or notebook computer to a docking station. See also: docking station; hot docking; undock docking station A unit for housing a portable computer that contains a power connection, expansion slots, and connections to peripherals, such as a monitor, printer, full-sized keyboard, and mouse. The docking station turns the portable computer into a desktop computer. See also: dock; hot docking; undock document Any self-contained piece of work created with an application program and, if saved on disk, given a unique file name by which it can be retrieved. See also: filter; property cache domain A group of computers that are part of a network and share a common directory database. A domain is administered as a unit with common rules and procedures. Each domain has a unique name. An Active Directory domain is a collection of computers defined by the administrator of a Windows network. These computers share a common directory database, security policies, and security relationships with other domains. An Active Directory domain provides access to the centralized user accounts and group accounts

maintained by the domain administrator. An Active Directory forest is made up of one or more domains, each of which can span more than one physical location. A DNS domain is any tree or subtree within the DNS namespace. Although the names for DNS domains often correspond to Active Directory domains, DNS domains should not be confused with Active Directory domains. See also: Active Directory; Domain Name System (DNS) domain controller In a Windows domain environment, a computer running Active Directory that manages user access to a network, which includes logging on, authentication, and access to the directory and shared resources. See also: Active Directory; authentication; shared resource domain controller locator (Locator) An algorithm that runs in the context of the Net Logon service and that finds domain controllers on a Windows 2000 network. Locator can find domain controllers by using DNS names (for IP/DNS-compatible computers) or by using NetBIOS names (for computers that are running Windows 3.x, Windows for Workgroups, Windows NT 3.5 or later, Windows 95, or Windows 98, or it can be used on a network where IP transport is not available). domain DFS An implementation of DFS in which DFS topological information is stored in Active Directory. Because this information is made available on multiple domain controllers in the domain, domain DFS provides faulttolerance for any distributed file system in the domain. See also: DFS topology; fault tolerance domain local group A security or distribution group that can contain universal groups, global groups, and accounts from any domain in the domain tree or forest. A domain local group can also contain other domain local groups from its own domain. Rights and permissions can be assigned only at the domain containing the group. See also: distribution group; domain tree; forest; global group; security group; universal group domain name The name given by an administrator to a collection of networked computers that share a common directory. Part of the Domain Name System (DNS) naming structure, domain names consist of a sequence of name labels separated by periods. See also: domain; Domain Name System (DNS); label; namespace Domain Name System (DNS) A hierarchical, distributed database that contains mappings of DNS domain names to various types of data, such as IP addresses. DNS enables the location of computers and services by user-friendly names, and it also enables the discovery of other information stored in the database. See also: domain; service; Transmission Control Protocol/Internet Protocol (TCP/IP); IP address domain namespace The database structure used by the Domain Name System (DNS). See also: Domain Name System (DNS) domain naming master The domain controller assigned to control the addition or removal of domains in the forest. At any time, there can be only one domain naming master in the forest. See also: domain controller; forest; multimaster replication; operations master; replication domain of origin The parent DNS domain name that is used to root either a zone or a resource record within a zone. This name is joined to the end of unqualified or relative domain names to form a fully qualified domain name (FQDN) within the zone. In DNS Manager, the domain of origin will correspond to Zone name as it appears in the Add Zone Wizard or the name that appears in the Parent domain name field for any resource records created within the zone.

See also: domain; domain name; Domain Name System (DNS); fully qualified domain name (FQDN); relative name; resource record (RR) domain tree In DNS, the inverted hierarchical tree structure that is used to index domain names. Domain trees are similar in purpose and concept to the directory trees used by computer filing systems for disk storage. For example, when numerous files are stored on disk, directories can be used to organize the files into logical collections. When a domain tree has one or more branches, each branch can organize domain names used in the namespace into logical collections. In Active Directory, a hierarchical structure of one or more domains, connected by transitive, bidirectional trusts, that forms a contiguous namespace. Multiple domain trees may belong to the same forest. See also: Active Directory; domain; transitive trust; two-way trust; domain name; Domain Name System (DNS); forest; namespace dots per inch (DPI) The standard used to measure screen and printer resolution, expressed as the number of dots that a device can display or print per linear inch. The greater the number of dots per inch, the better the resolution. double-byte characters A set of characters in which each character is represented by two bytes. Some languages, such as Japanese, Chinese, and Korean, require double-byte character sets. downloadable fonts A set of characters stored on disk and sent (downloaded) to a printer's memory when needed for printing a document. Downloadable fonts are most commonly used with laser printers and other page printers, although many dot-matrix printers can accept some of them. Downloadable fonts are also called soft fonts. See also: font; font cartridge; PostScript fonts drag To move an item on the screen by selecting the item and then pressing and holding down the mouse button while moving the mouse. For example, you can move a window to another location on the screen by dragging its title bar. drain For Network Load Balancing, a command that disables new traffic handling for the rule whose port range contains the specified port. All ports specified by the port rule are affected. See also: cluster; drainstop; port; port rule drainstop For Network Load Balancing, a command that disables all new traffic handling on the specified hosts. The hosts then enter draining mode to complete existing connections. While draining, hosts remain in the cluster and stop their cluster operations when there are no more active connections. To terminate draining mode, explicitly stop cluster mode with the stop command, or restart new traffic handling with the start command. To drain connections from a specific port, use the drain command. See also: drain; host drive An area of storage that is formatted with a file system and has a drive letter. The storage can be a floppy disk, a CD, a hard disk, or another type of disk. You can view the contents of a drive by clicking its icon in Windows Explorer or My Computer. See also: drive letter; file system; volume drive letter The naming convention for disk drives on IBM and compatible computers. Drives are named by letter, beginning with A, followed by a colon. See also: drive drop folder

In the Macintosh environment, a folder for which you have the Make Changes permission but not the See Files or See Folders permission. You can copy files into a drop folder, but you cannot see what files and subfolders the drop folder contains. See also: Make Changes dual boot A computer configuration that can start two different operating systems. See also: boot; multiple boot; startup environment duplex A system capable of transmitting information in both directions over a communications channel. See also: full-duplex; half-duplex DVD decoder A hardware or software component that allows a digital video disc (DVD) drive to display movies on your computer screen. See also: digital video disc (DVD); DVD drive; hardware decoder; software decoder DVD drive A disk storage device that uses digital video disc (DVD) technology. A DVD drive reads both CD-ROM and DVDs; however, you must have a DVD decoder to display DVD movies on your computer screen. See also: DVD decoder; digital video disc (DVD) DWORD A data type composed of hexadecimal data with a maximum allotted space of 4 bytes. dynamic data exchange (DDE) A form of interprocess communication (IPC) implemented in the Microsoft Windows family of operating systems. Two or more programs that support dynamic data exchange (DDE) can exchange information and commands. See also: Network DDE service dynamic disk A physical disk that can be accessed only by Windows 2000 and Windows XP. Dynamic disks provide features that basic disks do not, such as support for volumes that span multiple disks. Dynamic disks use a hidden database to track information about dynamic volumes on the disk and other dynamic disks in the computer. You convert basic disks to dynamic by using the Disk Management snap-in or the DiskPart command line utility. When you convert a basic disk to dynamic, all existing basic volumes become dynamic volumes. See also: active volume; basic disk; basic volume; dynamic volume; volume Dynamic Host Configuration Protocol (DHCP) A TCP/IP service protocol that offers dynamic leased configuration of host IP addresses and distributes other configuration parameters to eligible network clients. DHCP provides safe, reliable, and simple TCP/IP network configuration, prevents address conflicts, and helps conserve the use of client IP addresses on the network. DHCP uses a client/server model where the DHCP server maintains centralized management of IP addresses that are used on the network. DHCP-supporting clients can then request and obtain lease of an IP address from a DHCP server as part of their network boot process. See also: IP address; service; Transmission Control Protocol/Internet Protocol (TCP/IP); lease dynamic storage A storage method in Windows that allows disk and volume management without requiring operating system restart. See also: basic storage dynamic update An updated specification to the Domain Name System (DNS) standard that permits hosts that store name information in DNS to dynamically register and update their records in zones maintained by DNS servers that can accept and process dynamic update messages. See also: DNS Server; Domain Name System (DNS); host; zone

dynamic volume A volume that resides on a dynamic disk. Windows supports five types of dynamic volumes: simple, spanned, striped, mirrored, and RAID-5. A dynamic volume is formatted by using a file system, such as FAT or NTFS, and it has a drive letter assigned to it. See also: basic disk; basic volume; dynamic disk; mirrored volume; RAID-5 volume; simple volume; spanned volume; volume dynamic-link library (DLL) An operating system feature that allows executable routines (generally serving a specific function or set of functions) to be stored separately as files with .dll extensions. These routines are loaded only when needed by the program that calls them. See also: Resource DLL

E
EFI See definition for: Extensible Firmware Interface (EFI) EFI system partition On Itanium-based computers, a portion on a GUID partition table (GPT) disk that is formatted with the FAT file system and contains the files necessary to start the computer. Every Itanium-based computer must have at least one GPT disk with an EFI system partition. The EFI system partition serves the same purpose as the system volume found on x86-based computers. See also: Extensible Firmware Interface (EFI); GUID partition table (GPT); Microsoft Reserved (MSR) partition; Itanium; x86 embedded object Information created in another program that has been pasted inside your document. When information is embedded, you can edit the information in the new document using toolbars and menus from the original program. To edit the embedded information, double-click it and the toolbars and menus from the program used to create the information appear. Embedded information is not linked to the original source. If you change information in one place, it is not updated in the other. See also: OLE; package; source document emulated local area network (ELAN) A logical ATM network that emulates the services of an Ethernet or Token Ring LAN. See also: local area network (LAN) enable To make a device functional. For example, if a device in your hardware configuration settings is enabled, the device is available for use when your computer uses that hardware configuration. See also: disable; hardware configuration encapsulated PostScript (EPS) file A file that prints at the highest possible resolution for your printer. An EPS file may print faster than other graphical representations. Some Windows-based and non-Windows-based graphical programs can import EPS files. See also: PostScript encrypted password A password that is scrambled. Encrypted passwords are more secure than plaintext passwords, which are susceptible to network sniffers. See also: encryption Encrypting File System (EFS) A feature in this version of Windows that enables users to encrypt files and folders on an NTFS volume disk to keep them safe from access by intruders.

See also: NTFS file system; recovery agent encryption The process of disguising a message or data in such a way as to hide its substance. See also: public key encryption; symmetric encryption enhanced small device interface (ESDI) A standard that can be used with high-capacity hard disks, floppy disk drives, and tape drives to allow these devices to communicate with a computer at high speeds. environment variable A string consisting of environment information, such as a drive, path, or file name, associated with a symbolic name that can be used by Windows. You use System in Control Panel or the set command from the command prompt to define environment variables. See also: string; variable error detection A technique for detecting when data is lost during transmission. This allows the software to recover lost data by notifying the transmitting computer that it needs to retransmit the data. Ethernet An IEEE 802.3 standard for contention networks. Ethernet uses a bus or star topology and relies on the form of access known as Carrier Sense Multiple Access with Collision Detection (CSMA/DC) to regulate communication line traffic. Network nodes are linked by coaxial cable, fiber-optic cable, or by twisted-pair wiring. Data is transmitted in variable-length frames containing delivery and control information and up to 1,500 bytes of data. The Ethernet standard provides for baseband transmission at 10 megabits (10 million bits) per second. event Any significant occurrence in the system or an application that requires users to be notified or an entry to be added to a log. Event Log service A service that records events in the system, security, and application logs. The Event Log service is located in Event Viewer. See also: Event Viewer; event; service event logging The process of recording an audit entry in the audit trail whenever certain events occur, such as services starting and stopping, or users logging on and off and accessing resources. You can use Event Viewer to review AppleTalk network integration events as well as Windows events. See also: event; service Event Viewer A component you can use to view and manage event logs, gather information about hardware and software problems, and monitor security events. Event Viewer maintains logs about program, security, and system events. See also: event; event logging everyone category In the Macintosh environment, one of the user categories to which you assign permissions for a folder. Permissions granted to everyone apply to all users who use the server, including guests. See also: permission expanded memory Type of memory that can be added to IBM personal computers. The use of expanded memory is defined by the Expanded Memory Specification (EMS), which supports memory boards containing RAM that can be enabled or disabled by software. See also: extended memory expansion slot A socket in a computer, designed to hold expansion boards and connect them to the system bus.

See also: bus expire interval For DNS, the number of seconds that DNS servers operating as secondary masters for a zone will use to determine if zone data should be expired when the zone is not refreshed and renewed. See also: DNS Server; Domain Name System (DNS); secondary master; zone explicit permissions Permissions on an object that are automatically assigned when the object is created, or specifically assigned or changed by the owner of the object. See also: permission; object express message For Message Queuing, a message that uses fewer resources and is faster than a recoverable message. However, because express messages are mapped to memory, they are lost if the computer storing them fails. See also: recoverable message extended characters Any of the 128 additional characters in the extended ASCII (8-bit) character set. These characters include those in several non-English languages, such as accent marks, and special symbols used for creating pictures. extended memory Memory beyond one megabyte in 80286, 80386, 80486, and Pentium computers. See also: expanded memory extended partition A type of partition that you can create only on basic master boot record (MBR) disks. Extended partitions are useful if you want to create more than four volumes on a basic MBR disk. Unlike primary partitions, you do not format an extended partition with a file system and then assign a drive letter to it. Instead, you create one or more logical drives within the extended partition. After you create a logical drive, you format it and assign it a drive letter. An MBR disk can have up to four primary partitions, or three primary partitions, one extended partition, and multiple logical drives. See also: basic disk; drive letter; logical drive; master boot record (MBR); partition; primary partition; volume Extensible Authentication Protocol (EAP) An extension to the Point-to-Point Protocol (PPP) that allows for arbitrary authentication mechanisms to be employed for the validation of a PPP connection. See also: CHAP (Challenge Handshake Authentication Protocol); Point-to-Point Protocol (PPP) Extensible Firmware Interface (EFI) In computers with the Intel Itanium processor, the interface between a computer's firmware, hardware, and the operating system. The Extensible Firmware Interface (EFI) defines a new partition style called GUID partition table (GPT). EFI serves the same purpose for Itanium-based computers as the BIOS found in x86based computers. However, it has expanded capabilities that provide a consistent way to start any compatible operating system and an easy way to add EFI drivers for new bootable devices without the need to update the computer's firmware. See also: basic input/output system (BIOS); GUID partition table (GPT); Itanium; x86 Extensible Markup Language (XML) A meta-markup language that provides a format for describing structured data. This facilitates more precise declarations of content and more meaningful search results across multiple platforms. In addition, XML will enable a new generation of Web-based data viewing and manipulation applications. external network number A 4-byte hexadecimal number used for addressing and routing purposes. The external network number is associated with physical network adapters and networks. To communicate with each other, all computers on the same network that use a specific frame type must have the same external network number. All external network numbers must be unique to the IPX internetwork.

See also: frame type; internal network number; Internetwork Packet Exchange (IPX) extract When you extract a file, an uncompressed copy of the file that is created in a folder you specify. The original file remains in the compressed folder.

F
failback The process of moving resources, either individually or in a group, back to their preferred node after the node has failed and come back online. See also: failback policy; resource failback policy Parameters that an administrator can set using Cluster Administrator that affect failback operations. See also: Cluster Administrator; failback failed A state that applies to a resource or a node in a cluster. A resource or a node is placed in the failed state after an unsuccessful attempt has been made to bring it online. See also: cluster; resource failover The process of taking resource groups offline on one node and bringing them back online on another node. When a resource group goes offline, all resources belonging to that group go offline. The offline and online transitions occur in a predefined order, with resources that are dependent on other resources taken offline before and brought online after the resources upon which they depend. See also: failover policy; failover time; IIS Server Instance resource; offline; possible owners; resource failover policy Parameters that an administrator can set, using Cluster Administrator, that affect failover operations. See also: Cluster Administrator; failover failover time The amount of time it takes a resource, either individually or in a group, to complete the failover process. See also: failover; resource FAT See definition for: file allocation table (FAT) FAT32 A derivative of the file allocation table (FAT) file system. FAT32 supports smaller cluster sizes and larger volumes than FAT, which results in more efficient space allocation on FAT32 volumes. See also: file allocation table (FAT); NTFS file system; volume fault tolerance The ability of computer hardware or software to ensure data integrity when hardware failures occur. Fault tolerant features appear in many server operating systems and include mirrored volumes, RAID-5 volumes, and server clusters. See also: cluster; mirrored volume; RAID-5 volume Fax Service A system service that provides fax services to local and remote network clients. Fax services include receiving faxes and faxing documents, fax wizard messages, and e-mail messages. See also: service Federal Information Processing Standard 140-1 (FIPS 140-1) A standard entitled Security Requirements for Cryptographic Modules. FIPS 140-1 describes government requirements that hardware and software cryptomodules should meet for Sensitive but Unclassified (SBU) use. file allocation table (FAT)

A file system used by MS-DOS and other Windows-based operating systems to organize and manage files. The file allocation table (FAT) is a data structure that Windows creates when you format a volume by using the FAT or FAT32 file systems. Windows stores information about each file in the FAT so that it can retrieve the file later. See also: FAT32; file system; NTFS file system File and Print Servers for Macintosh A software component that allows Macintosh users access to a computer running any version of the Windows Server family. The services provided with this component allow personal computer and Macintosh users to share files and resources, such as printers on the AppleTalk network or printers attached to the Windows server. file control block (FCB) A small block of memory temporarily assigned by a computer's operating system to hold information about a file that has been opened for use. An FCB typically contains such information as the file's identification, its location on disk, and a pointer that marks the user's current (or last) position in the file. File Server for Macintosh An AppleTalk network integration service that allows Macintosh clients and personal computer clients to share files. File Server for Macintosh is also called MacFile. See also: service File Share resource A file share accessible by a network path that is supported as a cluster resource by a Resource DLL. See also: Resource DLL file system In an operating system, the overall structure in which files are named, stored, and organized. NTFS, FAT, and FAT32 are types of file systems. See also: FAT32; NTFS file system; FAT File Transfer Protocol (FTP) A member of the TCP/IP suite of protocols, used to copy files between two computers on the Internet. Both computers must support their respective FTP roles: one must be an FTP client and the other an FTP server. See also: Transmission Control Protocol/Internet Protocol (TCP/IP) file type In the Windows environment, a designation of the operational or structural characteristics of a file. The file type identifies the program, such as Microsoft Word, that is used to open the file. File types are associated with a file name extension. For example, files that have the .txt or .log extension are of the Text Document type and can be opened using any text editor. In the Macintosh environment, a four-character sequence that identifies the type of a Macintosh file. The Macintosh Finder uses the file type and file creator to determine the appropriate desktop icon for that file. filter For Indexing Service, software that extracts content and property values from a document in order to index them. For IPSec, a specification of IP traffic that provides the ability to trigger security negotiations for a communication based on the source, destination, and type of IP traffic. See also: document; property value filtering mode For Network Load Balancing, the method by which network traffic inbound to a cluster is handled by the hosts within the cluster. Traffic can either be handled by a single server, load balanced among the hosts within the cluster, or disabled completely. See also: cluster; host; load balancing FilterKeys

A keyboard feature that instructs your keyboard to ignore brief or repeated keystrokes. You can also adjust the keyboard repeat rate, which is the rate at which a key repeats when you hold it down. See also: StickyKeys; ToggleKeys; MouseKeys firewall A combination of hardware and software that provides a security system, usually to prevent unauthorized access from outside to an internal network or intranet. A firewall prevents direct communication between network and external computers by routing communication through a proxy server outside of the network. The proxy server determines whether it is safe to let a file pass through to the network. A firewall is also called a security-edge gateway. folder A container for programs and files in graphical user interfaces, symbolized on the screen by a graphical image (icon) of a file folder. A folder is a means of organizing programs and documents on a disk and can hold both files and additional folders. font A graphic design applied to a collection of numbers, symbols, and characters. A font describes a certain typeface, along with other qualities such as size, spacing, and pitch. See also: OpenType fonts; PostScript fonts; screen fonts; Type 1 fonts font cartridge A plug-in unit available for some printers that contains fonts in several styles and sizes. As with downloadable fonts, printers using font cartridges can produce characters in sizes and styles other than those created by the fonts built into it. See also: downloadable fonts; font foreground program The program that runs in the active window (the uppermost window with the highlighted title bar). The foreground program responds to commands issued by the user. See also: background program; title bar foreign computer A computer that uses another message queuing system but, through a connector application, can exchange messages with computers that run Message Queuing. See also: connector application; Message Queuing forest A collection of one or more Windows domains that share a common schema, configuration, and global catalog and are linked with two-way transitive trusts. See also: domain; domain tree; global catalog; schema; transitive trust; two-way trust form The specification of physical characteristics such as paper size (that is, letter or legal) and printer area margins of paper or other print media. For example, by default, the Letter form has a paper size of 8.5 inches by 11 inches and does not reserve space for margins. format The structure of a file that defines the way it is stored and laid out on the screen or in print. The format of a file is usually indicated by its extension. For example, .txt after a file name indicates the file is a text document, and .doc after a file name indicates it is a Word document. FORTEZZA A family of security products, including PCMCIA-based cards, compatible serial port devices, combination cards (such as FORTEZZA/Modem and FORTEZZA/Ethernet), server boards, and others. FORTEZZA is a registered trademark held by the National Security Agency. fragmentation

The scattering of parts of the same disk file over different areas of the disk. Fragmentation occurs as files on a disk are deleted and new files are added. It slows disk access and degrades the overall performance of disk operations, although usually not severely. See also: defragmentation frame type The way in which a network type, such as Ethernet, formats data to be sent over a network. When multiple frame types are allowed for a particular network type, the packets are structured differently and are, therefore, incompatible. All computers on a network must use the same frame type to communicate. Frame type is also called frame format. See also: packet free media pool A logical collection of unused data-storage media that can be used by applications or other media pools. When media are no longer needed by an application, they are returned to a free media pool so that they can be used again. See also: media pool; Removable Storage free space Available space that you use to create logical drives within an extended partition. See also: extended partition; logical drive; unallocated space front-end processor (FEP) In communications, a computer that is located between communications lines and a main (host) computer and used to relieve the host of tasks related to communications; sometimes considered synonymous with communications controller. A front-end processor is dedicated entirely to handling transmitted information, including error detection and control; receipt, transmission, and possibly encoding of messages; and management of the lines running to and from other devices. FTP (File Transfer Protocol) See definition for: File Transfer Protocol (FTP) full name A user's complete name, usually consisting of the last name, first name, and middle initial. The full name is information that Local Users and Groups or Active Directory Users and Computers can maintain as part of the information identifying and defining a user account. See also: user account; Active Directory Users and Computers full zone transfer (AXFR) The standard query type supported by all DNS servers to update and synchronize zone data when the zone has been changed. When a DNS query is made using AXFR as the specified query type, the entire zone is transferred as the response. See also: DNS Server; zone full-duplex A system capable of simultaneously transmitting information in both directions over a communications channel. See also: half-duplex; duplex fully qualified domain name (FQDN) A DNS domain name that has been stated unambiguously so as to indicate with absolute certainty its location in the domain namespace tree. Fully qualified domain names differ from relative names in that they are typically stated with a trailing period (.) - for example, host.example.microsoft.com. - to qualify their position to the root of the namespace. See also: namespace; domain name; Domain Name System (DNS)

G
game port

An input/output connector to which you attach a joy stick or other game device to your computer. It is typically a 15-pin socket on the back of a PC. See also: serial port gateway A device connected to multiple physical TCP/IP networks capable of routing or delivering IP packets between them. A gateway translates between different transport protocols or data formats (for example, IPX and IP) and is generally added to a network primarily for its translation ability. In the context of interoperating with Novell NetWare networks, a gateway acts as a bridge between the server message block (SMB) protocol used by Windows networks and the NetWare core protocol (NCP) used by NetWare networks. A gateway is also called an IP router. GDI objects Objects from the Graphics Device Interface (GDI) library of application programming interfaces (APIs) for graphics output devices. In Task Manager, the number of GDI objects currently used by a process. See also: Task Manager Generic Service resource A Windows service that is supported as a cluster resource by a Resource DLL. See also: Resource DLL gigabyte (GB) 1,024 megabytes, though often interpreted as approximately one billion bytes. global account In an Active Directory network, a normal user account in a user's domain. Most user accounts are global accounts. If there are multiple domains in the network, it is best if each user in the network has only one user account in only one domain, and each user's access to other domains is accomplished through the establishment of domain trust relationships. See also: Active Directory; domain global catalog A domain controller that contains a partial replica of every domain in Active Directory. In other words, a global catalog holds a replica of every object in Active Directory, but with a limited number of each object's attributes. The global catalog stores those attributes most frequently used in search operations (such as a user's first and last names) and those attributes required to locate a full replica of the object. The Active Directory replication system builds the global catalog automatically. The attributes replicated into the global catalog include a base set defined by Microsoft. Administrators can specify additional properties to meet the needs of their installation. See also: Active Directory; attribute; domain controller; replication global group A security or distribution group that can have users, groups, and computers from its own domain as members. Global security groups can be granted rights and permissions on resources in any domain in the forest. Global groups cannot be created or maintained on computers running Windows XP Professional. However, for Windows XP Professional computers that participate in a domain, domain global groups can be granted rights and permissions at those workstations and can become members of local groups at those workstations. See also: permission; group; local group; user account glue chasing The follow-up queries or successive lookups that are made to resolve glue records in a zone to other remote DNS servers that are authoritative for a derivative zone. When glue chasing is performed, name server (NS) resource records for delegated DNS servers are chased, or followed, by using successive queries to resolve the servers named in NS records to their host address (A) resource records and to obtain server IP addresses. See also: A (address) resource record; delegation; DNS Server; glue record; name server (NS) resource record; zone glue record

A resource record for out-of-zone information used to provide helpful pointer information for locating DNS servers that have been delegated authority for specific subdomains derived from a zone's domain of origin. These records are used to glue zones together and provide an effective delegation and referral path for other DNS servers to follow when performing a recursive lookup to fully resolve a name. See also: delegation; DNS Server; domain of origin; glue chasing; resource record (RR); zone graphics mode A display mode in which lines and characters on the screen are drawn pixel by pixel. Graphics mode displays images by grouping individual dots into shapes, such as the arrowhead of a mouse pointer. It can also preview character formatting, such as boldface and italics, as it will appear in print. group A collection of users, computers, contacts, and other groups. Groups can be used as security or as e-mail distribution collections. Distribution groups are used only for e-mail. Security groups are used both to grant access to resources and as e-mail distribution lists. See also: domain; global group; local group group account A collection of user accounts. By making a user account a member of a group, you give the related user all the rights and permissions granted to the group. See also: group; user account group memberships The groups to which a user account belongs. Permissions and rights granted to a group are also provided to its members. In most cases, the actions a user can perform in Windows are determined by the group memberships of the user account to which the user is logged on. See also: group; user account group name A unique name identifying a local group or a global group to Windows. A group's name cannot be identical to any other group name or user name in its own domain or computer. See also: global group; local group Group Policy The Microsoft Management Console (MMC) snap-in that is used to edit Group Policy objects. See also: Group Policy object; Microsoft Management Console (MMC); policy; snap-in Group Policy object A collection of Group Policy settings. Group Policy objects are essentially the documents created by the Group Policy snap-in, a Windows utility. Group Policy objects are stored at the domain level, and they affect users and computers contained in sites, domains, and organizational units. In addition, each Windows computer has exactly one group of settings stored locally, called the local Group Policy object. See also: Group Policy; object; policy guest account A built-in account used to log on to a computer running Windows when a user does not have an account on the computer or domain, or in any of the domains trusted by the computer's domain. See also: domain GUID partition table (GPT) A disk-partitioning scheme that is used by the Extensible Firmware Interface (EFI) in Itanium-based computers. GPT offers more advantages than master boot record (MBR) partitioning because it allows up to 128 partitions per disk, provides support for volumes up to 18 exabytes in size, allows primary and backup partition tables for redundancy, and supports unique disk and partition IDs (GUIDs). See also: Itanium; Extensible Firmware Interface (EFI); master boot record (MBR)

H
half-duplex

A system capable of transmitting information in only one direction at a time over a communications channel. See also: duplex; full-duplex handle In the user interface, an interface added to an object that facilitates moving, sizing, reshaping, or other functions pertaining to an object. In programming, a pointer to a pointer, that is, a token that lets a program access an identified resource. handle count In Task Manager, the number of object handles in a process's object table. See also: Task Manager handshaking A series of signals acknowledging that communication can take place between computers or other devices. A hardware handshake is an exchange of signals over specific wires (other than the data wires), in which each device indicates its readiness to send or receive data. A software handshake consists of signals transmitted over the same wires used to transfer data, as in modem-to-modem communications over telephone lines. handwriting input device A tool, such as a digital pen and tablet, used to enter text by writing instead of typing. Along with writing tablets, you can use 3-D drawing or Computer Aided Drafting (CAD) tablets, or a tablet-PC. You can also write by moving your mouse on the mouse pad. handwriting recognition The ability to interpret handwritten text and convert it into computer-readable text. Handwriting recognition programs allow you to enter text using a pen stylus or other handwriting input device, rather than a keyboard. hard disk A device, also called hard disk drive, that contains one or more inflexible platters coated with material in which data can be recorded magnetically with read/write heads. The hard disk exists in a sealed case that protects it and allows the head to fly 10 millionths to 25 millionths of an inch above the surface of a platter. Data can both be stored and accessed much more quickly than on a floppy disk. hardware The physical components of a computer system, including any peripheral equipment such as printers, modems, and mouse devices. hardware compression A feature available on some tape devices that automatically compresses the data that is being stored on the device. This is usually an option that is turned on or off in a backup program. hardware configuration Resource settings that have been allocated for a specific device. Each device on your computer has a hardware configuration, which may consist of IRQ lines, DMA, an I/O port, or memory address settings. See also: device; direct memory access (DMA); input/output (I/O) port; interrupt request (IRQ) lines; memory address hardware decoder A type of digital video disc (DVD) decoder that allows a DVD drive to display movies on your computer screen. A hardware decoder uses both software and hardware to display movies. See also: DVD decoder; DVD drive; software decoder hardware profile Data that describes the configuration and characteristics of specific computer equipment. This information can be used to configure computers for using peripheral devices. See also: device hardware type A classification for similar devices. For example, Imaging Device is a hardware type for digital cameras and scanners. See also: device

hash A fixed-size result that is obtained by applying a one-way mathematical function (sometimes called a hash algorithm) to an arbitrary amount of data. If there is a change in the input data, the hash changes. The hash can be used in many operations, including authentication and digital signing. A hash is also called a message digest. See also: authentication; hash algorithm hash algorithm An algorithm used to produce a hash value of some piece of data, such as a message or session key. A good hash algorithm has a quality where changes in the input data can change every bit in the resulting hash value; for this reason, hashes are useful in detecting any modification in a large data object, such as a message. Furthermore, a good hash algorithm makes it computationally infeasible to construct two independent inputs that have the same hash. Typical hash algorithms include MD2, MD4, MD5, and SHA-1. Hash algorithm is also called a hash function. See also: Hash-based Message Authentication Mode (HMAC); MD2; MD4; MD5; message digest; Secure Hash Algorithm (SHA-1) Hash-based Message Authentication Mode (HMAC) A mechanism for message authentication using cryptographic hash functions. HMAC can be used with any iterative cryptographic hash function (for example, MD5 and SHA-1) in combination with a secret shared key. The cryptographic strength of HMAC depends on the properties of the underlying hash function. See also: hash algorithm; MD5; Secure Hash Algorithm (SHA-1) hexadecimal A base-16 number system represented by the digits 0 through 9 and the uppercase or lowercase letters A (equivalent to decimal 10) through F (equivalent to decimal 15). hibernation A state in which your computer shuts down after saving everything in memory on your hard disk. When you bring your computer out of hibernation, all programs and documents that were open are restored to your desktop. See also: standby High Contrast A display feature that instructs programs to change the color scheme to a high-contrast scheme and to increase legibility whenever possible. histogram A chart consisting of horizontal or vertical bars, the widths or heights of which represent the values of certain data. hive A section of the registry that appears as a file on your hard disk. The registry subtree is divided into hives (named for their resemblance to the cellular structure of a beehive). A hive is a discrete body of keys, subkeys, and values that is rooted at the top of the registry hierarchy. A hive is backed by a single file and a .log file, which are in the systemroot\System32\Config or the systemroot\Profiles\username folders. By default, most hive files (Default, SAM, Security, and System) are stored in the systemroot\System32\Config folder. The systemroot\Profiles folder contains the user profile for each user of the computer. Because a hive is a file, it can be moved from one system to another. However, you must use the Registry Editor to edit the file. See also: registry; key; systemroot home folder A folder (usually on a file server) that administrators can assign to individual users or groups. Administrators use home folders to consolidate user files onto specific file servers for easy backup. Home folders are used by some programs as the default folder for the Open and Save As dialog boxes. Home folders are sometimes referred to as home directories.

See also: administrator; group host A Windows computer that runs a server program or service used by network or remote clients. For Network Load Balancing, a cluster consists of multiple hosts connected over a local area network (LAN). See also: client; cluster; local area network (LAN); server; service host name The DNS name of a device on a network. These names are used to locate computers on the network. To find another computer, its host name must either appear in the Hosts file or be known by a DNS server. For most Windows computers, the host name and the computer name are the same. See also: DNS Server; Domain Name System (DNS) host priority For Network Load Balancing, a host's precedence for handling default network traffic for TCP and UDP ports. It is used if a host within the cluster goes offline, and it determines which host within the cluster will assume responsibility for the traffic previously handled by the offline host. See also: cluster; host; User Datagram Protocol (UDP) Hosts file A local text file in the same format as the 4.3 Berkeley Software Distribution (BSD) UNIX /etc/hosts file. This file maps host names to IP addresses, and it is stored in the \%Systemroot%\System32\Drivers\Etc folder. See also: systemroot hot docking The process of attaching a laptop computer to a docking station while the computer is running, and automatically activating the docking station's video display and other functions. See also: dock; docking station; undock HTTP See definition for: Hypertext Transfer Protocol (HTTP) hub A common connection point for devices in a network. Typically used to connect segments of a local area network (LAN), a hub contains multiple ports. When data arrives at one port, it is copied to the other ports so that all segments of the LAN can see the data. See also: local area network (LAN); port; switching hub hubbed mode A mode in which the ARP/MARS provides ATM addresses to requesting clients in the form of a multicast server (MCS) list value. In this mode, the ARP/MARS acts as a multicast server, providing active forwarding of all multicast and broadcast traffic destined for IP addresses contained within the ranges specified in the list. See also: Address Resolution Protocol (ARP); Asynchronous Transfer Mode (ATM); multicast address resolution service (MARS); multicast server (MCS); nonhubbed mode; IP address hue The position of a color along the color spectrum. For example, green is between yellow and blue. This attribute can be set using Display in Control Panel. See also: saturation hyperlink Colored and underlined text or a graphic that you click to go to a file, a location in a file, an HTML page on the World Wide Web, or an HTML page on an intranet. Hyperlinks can also go to newsgroups and to Gopher, Telnet, and FTP sites. In Windows folders, hyperlinks are text links that appear in the folder's left pane. You can click these links to perform tasks, such as moving or copying a file, or to go to other places on your computer, such as the My Documents folder or Control Panel. Hypertext Markup Language (HTML)

A simple markup language used to create hypertext documents that are portable from one platform to another. HTML files are simple ASCII text files with codes embedded (indicated by markup tags) to denote formatting and hypertext links. See also: American Standard Code for Information Interchange (ASCII) Hypertext Transfer Protocol (HTTP) The protocol used to transfer information on the World Wide Web. An HTTP address (one kind of Uniform Resource Locator [URL]) takes the form: http://www.microsoft.com.

I
icon A small image displayed on the screen to represent an object that can be manipulated by the user. Icons serve as visual mnemonics and allow the user to control certain computer actions without having to remember commands or type them at the keyboard. IEEE 1394 A standard for high-speed serial devices such as digital video and digital audio editing equipment. See also: device IEEE 1394 connector A type of connector that enables you to connect and disconnect high-speed serial devices. An IEEE 1394 connector is usually on the back of your computer near the serial port or the parallel port. If a device is IEEE 1394 compatible, you can connect the device to the IEEE 1394 connector while the computer is running and Windows will detect the device and inform you when it is ready for use. Similarly, you can unplug the device while the computer is running, but you should use the Add Hardware Wizard to inform Windows that you are unplugging the device. Windows will then inform you when the device can be unplugged from the computer. The IEEE 1394 bus is used primarily to connect high-end digital video and digital audio devices to your computer; however, some hard disks, printers, scanners, and DVD drives can also be connected to your computer using the IEEE 1394 connector. IIS Server Instance resource A server-instance designation used with Internet Information Services (IIS) that supports the WWW and FTP services. IIS server instances are supported as cluster resources by a Resource DLL. IIS Server Instance resources may have dependencies on IP Address resources, Network Name resources, and Physical Disk resources. Access information for server instances does not fail over. See also: dependency; failover; Resource DLL Image Name The name of a process as displayed in Task Manager. See also: Task Manager import media pool A logical collection of data-storage media that has not been cataloged by Removable Storage. Media in an import media pool should be cataloged as soon as possible so that they can be used by an application. See also: media pool; Removable Storage in-addr.arpa domain A special top-level DNS domain reserved for reverse mapping of IP addresses to DNS host names. See also: Domain Name System (DNS); reverse lookup; top-level domains incremental backup A backup that copies only those files created or changed since the last normal or incremental backup. It marks files as having been backed up (in other words, the archive attribute is cleared). If you use a combination of normal and incremental backups to restore your data, you will need to have the last normal backup and all incremental backup sets. See also: copy backup; daily backup; differential backup; normal backup

incremental zone transfer (IXFR) An alternate query type that can be used by some DNS servers to update and synchronize zone data when a zone is changed. When incremental zone transfer is supported between DNS servers, servers can keep track of and transfer only those incremental resource record changes between each version of the zone. See also: DNS Server; secondary master; zone; zone transfer independent client A computer with Message Queuing installed that can host queues and store messages locally. Independent clients do not require synchronous access to a Message Queuing server to send and receive messages, but they can use Message Queuing servers with routing enabled for efficient message routing. See also: dependent client; Message Queuing server; routing services infrared (IR) Light that is beyond red in the color spectrum. While the light is not visible to the human eye, infrared transmitters and receivers can send and receive infrared signals. See also: Infrared Data Association (IrDA); infrared device; infrared port Infrared Data Association (IrDA) The industry organization of computer, component, and telecommunications vendors who establish the standards for infrared communication between computers and peripheral devices, such as printers. See also: infrared (IR) infrared device A computer, or a computer peripheral such as a printer, that can communicate using infrared light. See also: infrared (IR) infrared file transfer Wireless file transfer between a computer and another computer or device using infrared light. See also: infrared (IR) infrared network connection A direct or incoming network connection to a remote access server using an infrared port. See also: infrared port infrared port An optical port on a computer that enables communication with other computers or devices by using infrared light, without cables. Infrared ports can be found on some portable computers, printers, and cameras. See also: infrared (IR); infrared device; port infrastructure master The domain controller assigned to update group-to-user references whenever group memberships are changed, and to replicate these changes to any other domain controllers in the domain. At any time, there can be only one infrastructure master in a particular domain. See also: domain controller; multimaster replication; operations master inheritance A mechanism that allows a given access control entry (ACE) to be copied from the container where it was applied to all children of the container. Inheritance can be combined with delegation to grant administrative rights to a whole subtree of the directory in a single update operation. See also: access control entry (ACE); delegation inherited permissions Permissions on an object that are automatically inherited from its parent object. Inherited permissions cannot be modified. See also: permission; object; parent object Initial master A shared folder whose existing files and folders are replicated to other shared folders when replication is initially configured. After replication is complete, there is no initial master, since any of the replicas can accept changes and propagate them to the other replicas. The initial master then becomes another replica.

See also: shared folder; replica; replication initialize In Disk Management, the process of detecting a disk or volume and assigning it a status (for example, healthy) and a type (for example, dynamic). See also: basic disk; basic volume; dynamic disk; dynamic volume Initiate to Application Enable When checked, new connections to the DDE share are allowed. When cleared, only current DDE conversations are allowed. Ink An option that allows you to enter text in handwritten form. Instead of converting your handwritten text to typed text, the text is converted to an object and displayed exactly as you wrote it. For example: . input language The specification of the language you want to type in. Some programs that are designed for Windows recognize this setting. When you add a new input language, a keyboard layout for that language is also added. Input Method Editor (IME) Programs used to enter the thousands of different characters in written Asian languages with a standard 101key keyboard. An IME consists of both an engine that converts keystrokes into phonetic and ideographic characters and a dictionary of commonly used ideographic words. As the user enters keystrokes, the IME engine attempts to identify which character or characters the keystrokes should be converted into. input/output (I/O) port A channel through which data is transferred between a device and the microprocessor. The port appears to the microprocessor as one or more memory addresses that it can use to send or receive data. See also: device; memory address; port insertion point The place where text will be inserted when typed. The insertion point usually appears as a flashing vertical bar in an application's window or in a dialog box. install When referring to software, to add program files and folders to your hard disk and related data to your registry so that the software runs properly. Installing contrasts with upgrading, where existing program files, folders, and registry entries are updated to a more recent version. When referring to hardware, to physically connect the device to your computer, to load device drivers onto your computer, and to configure device properties and settings. See also: device driver; registry; uninstall integrated device electronics (IDE) A type of disk-drive interface in which the controller electronics reside on the drive itself, eliminating the need for a separate adapter card. IDE offers advantages such as look-ahead caching to increase overall performance. Integrated Services Digital Network (ISDN) A digital phone line used to provide higher bandwidth. ISDN in North America is typically available in two forms: Basic Rate Interface (BRI) consists of 2 B-channels at 64 kilobits per second (Kbps) and a D-channel at 16 Kbps; Primary Rate Interface (PRI) consists of 23 B-channels at 64 Kbps and a D-channel at 64 Kbps. An ISDN line must be installed by the phone company at both the calling site and the called site. See also: B-channel; D-channel; multilink dialing; Service Profile Identifier (SPID); switch type interactive dialog box A dialog box that requires a response from the user. Intermediary devices such as a security host require such a dialog box as an added layer of security between the client and the remote access server. In such dialog boxes, the user types an access code or a user name and password on the remote access terminal screen. See also: dialog box; intermediary device; remote access server; static dialog box

interactive logon A network logon from a computer keyboard, when the user types information in the Logon Information dialog box displayed by the computer's operating system. interconnect A private network that connects nodes in a cluster. See also: cluster intermediary device A device other than a modem or X.25 PAD, located between a network connection and the remote access server. This device is typically a modem-pool switch or security host and requires either a static or interactive dialog box between the client and itself. See also: remote access server; static dialog box; interactive dialog box; PAD (packet assembler/disassembler) internal network number A 4-byte hexadecimal number used for addressing and routing purposes. The internal network number identifies a virtual network inside a computer. The internal network number must be unique to the IPX internetwork. Internal network number is also called virtual network number. See also: external network number; Internetwork Packet Exchange (IPX) international prefix Digits dialed before the country code to access the international phone service. The actual digits depend on the country or region in which you are dialing an international number. For example, in the United States of America, the prefix for international dialing is 011. To dial from the United States of America to Honduras, which has the country code 504, you would dial: (011) (504) (000) 000-0000 International Telecommunication Union - Telecommunication [Standardization Sector] (ITU-T) The sector of the International Telecommunication Union (ITU) responsible for telecommunication standards. ITU-T replaces the Comite Consultatif International Telegraphique et Telephonique (CCITT). Its responsibilities include standardizing modem design and operations, and standardizing protocols for networks and facsimile transmission. ITU is an international organization within which governments and the private sector coordinate global telecom networks and services. internet internet. Two or more network segments connected by routers. Another term for internetwork. Internet. A worldwide network of computers. If you have access to the Internet, you can retrieve information from millions of sources, including schools, governments, businesses, and individuals. See also: World Wide Web Internet address An address for a resource on the Internet that is used by Web browsers to locate Internet resources. An Internet address typically starts with a protocol name, followed by the name of the organization that maintains the site; the suffix identifies the kind of organization it is. For example, the address http://www.yale.edu/ provides the following information: http: This Web server uses the Hypertext Transfer Protocol. www: This site is on the World Wide Web. edu: This is an educational institution. Internet address is also called Uniform Resource Locator (URL). See also: Web server; protocol Internet Control Message Protocol (ICMP) A required maintenance protocol in the TCP/IP suite that reports errors and allows simple connectivity. ICMP is used by the Ping tool to perform TCP/IP troubleshooting. See also: Internet Protocol (IP); protocol; Transmission Control Protocol/Internet Protocol (TCP/IP) Internet Engineering Task Force (IETF)

An open community of network designers, operators, vendors, and researchers concerned with the evolution of Internet architecture and the smooth operation of the Internet. Technical work is performed by working groups organized by topic areas (such as routing, transport, and security) and through mailing lists. Internet standards are developed in IETF Requests for Comments (RFCs), which are a series of notes that discuss many aspects of computing and computer communication, focusing on networking protocols, programs, and concepts. See also: subnet bandwidth management (SBM); Session Description Protocol (SDP) Internet Group Management Protocol (IGMP) A protocol used by IP hosts to report their multicast group memberships to any immediately neighboring multicast routers. See also: Internet Protocol multicasting; protocol Internet Information Services (IIS) Software services that support Web site creation, configuration, and management, along with other Internet functions. Internet Information Services include Network News Transfer Protocol (NNTP), File Transfer Protocol (FTP), and Simple Mail Transfer Protocol (SMTP). See also: Simple Mail Transfer Protocol (SMTP); File Transfer Protocol (FTP); Network News Transfer Protocol (NNTP) Internet Protocol (IP) A routable protocol in the TCP/IP protocol suite that is responsible for IP addressing, routing, and the fragmentation and reassembly of IP packets. See also: Compression Control Protocol (CCP); packet; Transmission Control Protocol/Internet Protocol (TCP/IP); voluntary tunnel Internet Protocol multicasting The extension of local area network multicasting technology to a TCP/IP network. Hosts send and receive multicast datagrams, the destination fields of which specify IP host group addresses rather than individual IP addresses. A host indicates that it is a member of a group by means of the Internet Group Management Protocol (IGMP). See also: Internet Group Management Protocol (IGMP); Transmission Control Protocol/Internet Protocol (TCP/IP) Internet Protocol security (IPSec) A set of industry-standard, cryptography-based protection services and protocols. IPSec protects all protocols in the TCP/IP protocol suite and Internet communications using L2TP. Internet service provider (ISP) A company that provides individuals or companies access to the Internet and the World Wide Web. An ISP provides a telephone number, a user name, a password, and other connection information so users can connect their computers to the ISP's computers. An ISP typically charges a monthly or hourly connection fee. See also: Web server Internetwork Packet Exchange (IPX) A network protocol native to NetWare that controls addressing and routing of packets within and between LANs. IPX does not guarantee that a message will be complete (no lost packets). See also: Compression Control Protocol (CCP); IPX/SPX; local area network (LAN); Routing Information Protocol over IPX (RIPX) interrupt A request for attention from the processor. When the processor receives an interrupt, it suspends its current operations, saves the status of its work, and transfers control to a special routine known as an interrupt handler, which contains the instructions for dealing with the particular situation that caused the interrupt. interrupt request (IRQ) lines Hardware lines over which devices can send signals to get the attention of the processor when the device is ready to accept or send information. Each device must have a unique IRQ line.

See also: device intersite messaging service (ISM) A service that supports transports for asynchronous, site-to-site messaging. Each transport serves two major roles: send/receive and topology queries (such as, what are the various sites connected by this transport, and at what cost?). The intersite messaging services shipped in Windows are RPC and SMTP (mail). See also: remote procedure call (RPC); service; Simple Mail Transfer Protocol (SMTP) intranet A network within an organization that uses Internet technologies and protocols, but is available only to certain people, such as employees of a company. An intranet is also called a private network. IP address A 32-bit address used to identify a node on an IP internetwork. Each node on the IP internetwork must be assigned a unique IP address, which is made up of the network ID, plus a unique host ID. This address is typically represented with the decimal value of each octet separated by a period (for example, 192.168.7.27). In this version of Windows, you can configure the IP address statically or dynamically through DHCP. See also: Dynamic Host Configuration Protocol (DHCP); IP Address resource; scope IP Address resource A 32-bit number in dotted decimal format that represents an Internet Protocol (IP) address and is supported as a cluster resource by a Resource DLL provided with Windows. See also: IP address; Resource DLL IPX/SPX Transport protocols used in Novell NetWare networks, which together correspond to the combination of TCP and IP in the TCP/IP protocol suite. Windows implements IPX through NWLink. See also: NWLink; Transmission Control Protocol/Internet Protocol (TCP/IP); Internetwork Packet Exchange (IPX) ISA expansion slot A connection socket for a peripheral designed to the Industry Standard Architecture (ISA) on a computer motherboard. ISDN (Integrated Services Digital Network) A high-speed digital telephone service that can dramatically increase the speed at which you connect to the Internet or to your corporate LAN (local area network). ISDN can operate at 128 kilobytes per second (Kbps), which is five or more times faster than many analog modems. ISP (Internet service provider) See definition for: Internet service provider (ISP) Itanium An Intel microprocessor that uses explicitly parallel instruction set computing and 64-bit memory addressing.

J
job object A system-level structure that allows processes to be grouped together and managed as a single unit. See also: process journal queue For Message Queuing, a queue where journal messages are stored. See also: journal quota; Message Queuing; source journaling; target journaling journal quota For Message Queuing, a property that specifies the cumulative limit for journal messages in a journal queue. The limit is based on cumulative journal message size. When a journal queue's quota is reached, messages are no longer stored. See also: journal queue; Message Queuing junction point

A physical location on a hard disk that points to data located at another location on your hard disk or another storage device. Junction points are created when you create a mounted drive. You can also create a junction point using the linkd command. See also: mounted drive

K
KerberosV5 authentication protocol An authentication mechanism used to verify user or host identity. The Kerberos V5 authentication protocol is the default authentication service for Windows 2000. Internet Protocol security (IPSec) and the QoS Admission Control Service use the Kerberos protocol for authentication. See also: Key Distribution Center (KDC); realm; service ticket; ticket-granting service (TGS); ticket-granting ticket (TGT) kernel The core of layered architecture that manages the most basic operations of the operating system and the computer's processor. The kernel schedules different blocks of executing code, called threads, for the processor to keep it as busy as possible and coordinates multiple processors to optimize performance. The kernel also synchronizes activities among Executive-level subcomponents, such as I/O Manager and Process Manager, and handles hardware exceptions and other hardware-dependent functions. The kernel works closely with the hardware abstraction layer. key In Registry Editor, a folder that appears in the left pane of the Registry Editor window. A key can contain subkeys and value entries. For example, Environment is a key of HKEY_CURRENT_USER. In IP security (IPSec), a value used in combination with an algorithm to encrypt or decrypt data. Key settings for IP security are configurable to provide greater security. See also: registry; subkey Key Distribution Center (KDC) A network service that supplies session tickets and temporary session keys used in the Kerberos V5 authentication protocol. In Windows 2000 and Windows XP, the KDC runs as a privileged process on all domain controllers. See also: ticket-granting ticket (TGT); KerberosV5 authentication protocol; ticket-granting service (TGS) keyboard language The language you want to use when you type. Some programs that are designed for the Windows platform recognize this setting. When you add a new keyboard language, a keyboard layout for that language is also added. keyboard layout The arrangement that accommodates the special characters and symbols used in different languages. Keyboard layouts affect which characters appear when you press the keys on your keyboard. After you change your keyboard layout, the characters that appear on your screen may no longer correspond to the characters that are printed on your keyboard keys.

L
L2TP (Layer 2 Tunneling Protocol) An industry-standard Internet tunneling protocol. Unlike Point-to-Point Tunneling Protocol (PPTP), L2TP does not require IP connectivity between the client workstation and the server. L2TP requires only that the tunnel medium provide packet-oriented point-to-point connectivity. The protocol can be used over media such as ATM, Frame Relay, and X.25. L2TP provides the same functionality as PPTP. Based on Layer 2 Forwarding (L2F) and PPTP specifications, L2TP allows clients to set up tunnels across intervening networks.

See also: Asynchronous Transfer Mode (ATM); Internet Protocol (IP); Point-to-Point Tunneling Protocol (PPTP); tunnel label Each part of a full DNS domain name that represents a node in the domain namespace tree. Domain names are made up of a sequence of labels, such as the three labels (example, microsoft, and com) that make up the DNS domain name example.microsoft.com. Each label used in a DNS name must be 63 bytes or less in character length. See also: domain name; Domain Name System (DNS) LAN emulation (LANE) A set of protocols that allow existing Ethernet and Token Ring LAN services to overlie an ATM network. LANE allows connectivity among LAN- and ATM-attached stations. See also: Asynchronous Transfer Mode (ATM); local area network (LAN); protocol LAN emulation client (LEC) The client on an ELAN that performs data forwarding, address resolution, and other control functions. The LEC resides on end stations in an ELAN. See also: client; emulated local area network (ELAN); LAN emulation (LANE) LAN emulation configuration server The service that assigns individual local area network emulation (LANE) clients to particular emulated local area networks (ELANs) by directing them to the LAN emulation server (LES). See also: emulated local area network (ELAN); LAN emulation (LANE); LAN emulation server (LES); service LAN emulation server (LES) The central control point for an emulated local area network (ELAN). Enables LAN emulation clients to join the ELAN and resolves LAN addresses to ATM addresses. See also: Asynchronous Transfer Mode (ATM); emulated local area network (ELAN); LAN emulation (LANE) latency In Active Directory replication, the delay between the time an update is applied to a given replica and the time it is applied to some other replica. Latency is sometimes referred to as propagation delay. See also: replication; Active Directory; replica LCD (Liquid Crystal Display) See definition for: liquid crystal display (LCD) LDAP Data Interchange Format (LDIF) Files that contain LDAP instructions that manipulate directory information. Before the LDAP commands in an LDIF file are carried out, they can be read or modified, providing an opportunity for fine-tuning. See also: Lightweight Directory Access Protocol (LDAP) lease The length of time for which a DHCP client can use a dynamically assigned IP address configuration. Before the lease time expires, the client must either renew or obtain a new lease with DHCP. See also: Dynamic Host Configuration Protocol (DHCP); IP address library A data-storage system, usually managed by Removable Storage. A library consists of removable media (such as tapes or discs) and a hardware device that can read from or write to the media. There are two major types of libraries: robotic libraries (automated multiple-media, multidrive devices) and stand-alone drive libraries (manually operated, single-drive devices). A robotic library is also called a jukebox or changer. See also: Removable Storage Lightweight Directory Access Protocol (LDAP) The primary access protocol for Active Directory. Lightweight Directory Access Protocol (LDAP) version 3 is defined by a set of Proposed Standard documents in Internet Engineering Task Force (IETF) RFC 2251. See also: Active Directory; Internet Engineering Task Force (IETF); protocol Line Printer Daemon (LPD)

A service on the print server that receives documents (print jobs) from Line Printer Remote (LPR) utilities running on client systems. See also: Line Printer Remote (LPR); print job; print server; service Line Printer Remote (LPR) A connectivity utility that runs on client systems and is used to print files to a computer running an LPD server. See also: Line Printer Daemon (LPD) Link Control Protocol (LCP) A PPP control protocol that negotiates link and PPP parameters to dynamically configure the data-link layer of a PPP connection. linked object An object that is inserted into a document but still exists in the source file. When information is linked, the new document is updated automatically if the information in the original document changes. If you want to edit the linked information, double-click it. The toolbars and menus from the original program will appear. If the original document is on your computer, changes that you make to the linked information will also appear in the original document. See also: embedded object; OLE; package; source document liquid crystal display (LCD) A type of display used in digital watches and many portable computers. LCD displays utilize two sheets of polarizing material with a liquid crystal solution between them. An electric current passed through the liquid causes the crystals to align so that light cannot pass through them. Each crystal, therefore, is like a shutter, either allowing light to pass through or blocking the light. Lmhosts file A local text file that maps NetBIOS names (commonly used for computer names) to IP addresses for hosts that are not located on the local subnet. In this version of Windows, the file is stored in the systemroot\System32\Drivers\Etc folder. See also: systemroot; IP address load balancing A technique used by Windows Clustering to scale the performance of a server-based program (such as a Web server) by distributing its client requests across multiple servers within the cluster. Each host can specify the load percentage that it will handle, or the load can be equally distributed across all the hosts. If a host fails, Windows Clustering dynamically redistributes the load among the remaining hosts. See also: cluster; host local area network (LAN) A communications network connecting a group of computers, printers, and other devices located within a relatively limited area (for example, a building). A LAN allows any connected device to interact with any other on the network. See also: NetBIOS Extended User Interface (NetBEUI); network basic input/output system (NetBIOS); virtual local area network (VLAN); workgroup local computer The computer that you are currently logged on to as a user. More generally, a local computer is a computer that you can access directly without using a communications line or a communications device, such as a network adapter or a modem. local group For computers running Windows and member servers, a group that can be granted permissions and rights from its own computer and (if the computer participates in a domain) user accounts and global groups both from its own domain and from trusted domains. See also: global group; user account local printer A printer that is directly connected to one of the ports on your computer.

local user A person who uses a computer that is not connected to a network. A local user is most likely someone using a computer at home. local user profile A computer-based record about an authorized user that is created automatically on the computer the first time a user logs on to a workstation or server computer. log file A file that stores messages generated by an application, service, or operating system. These messages are used to track the operations performed. For example, Web servers maintain log files listing every request made to the server. Log files are usually plain text (ASCII) files and often have a .log extension. In Backup, a file that contains a record of the date the tapes were created and the names of files and directories successfully backed up and restored. The Performance Logs and Alerts service also creates log files. See also: American Standard Code for Information Interchange (ASCII); service log on To begin using a network by providing a user name and password that identifies a user to the network. logical drive A volume that you create within an extended partition on a basic master boot record (MBR) disk. Logical drives are similar to primary partitions, except that you are limited to four primary partitions per disk, whereas you can create an unlimited number of logical drives per disk. A logical drive can be formatted and assigned a drive letter. See also: basic disk; basic volume; drive letter; extended partition; master boot record (MBR); primary partition; volume logical printer The software interface between the operating system and the printer in Windows. While a printer is the device that does the actual printing, a logical printer is its software interface on the print server. This software interface determines how a print job is processed and how it is routed to its destination (to a local or network port, to a file, or to a remote print share). When you print a document, it is spooled (or stored) on the logical printer before it is sent to the printer itself. See also: printer; spooling logon right A user right that is assigned to a user and that specifies the ways in which a user can log on to a system. An example of a logon right is the right to log on to a system remotely. logon script Files that can be assigned to user accounts. Typically a batch file, a logon script runs automatically every time the user logs on. It can be used to configure a user's working environment at every logon, and it allows an administrator to influence a user's environment without managing all aspects of it. A logon script can be assigned to one or more user accounts. See also: logon script path; user account logon script path A sequence of directory names that specifies the location of the logon script. When a user logs on, the authenticating computer locates the specified logon script (if one has been assigned to that user account) by following that computer's local logon script path (usually systemroot\System32\Repl\Import\Scripts). See also: logon script; systemroot; user account long distance operator Digits dialed before the area or city code to access a long distance phone service. For example, in the United States of America, you dial a 1 before the area or city code: (1) (206) 000-0000. The actual digits depend on the country/region or phone service. Area codes and long distance operators are not used in all countries/regions. long name

A folder name or file name longer than the 8.3 file name standard (up to eight characters followed by a period and an extension of up to three characters) of the FAT file system. This version of Windows supports long file names up to 255 characters. In a Macintosh environment, users can assign long names to files and folders on the server and, using AppleTalk network integration, you can assign long names to Macintosh-accessible volumes when you create them. This version of Windows automatically translates long names of files and folders to 8.3 names for MSDOS and Windows 3.x users. See also: file allocation table (FAT); MS-DOS (Microsoft Disk Operating System) loopback address The address of the local computer used for routing outgoing packets back to the source computer. This address is used primarily for testing. loose name checking A form of domain name checking DNS uses that examines characters in DNS names for valid ANSI character compliance. However, loose name checking does not check for compliance with DNS naming requirements and valid character usage for Internet host names, as specified in RFC 1123, Requirements for Internet Hosts Applications and Support. For RFC compliance, DNS domain names will use name labels made up only of valid uppercase and lowercase letters, number characters, and hyphens (A through Z, a through z, 0 through 9, and -) separated by periods. See also: domain name; Domain Name System (DNS); label luminosity The brightness of a color based on a scale from black to white on your monitor.

M
Make Changes The Macintosh-style permission that gives users the right to make changes to a folder's contents; for example, modifying, renaming, moving, creating, and deleting files. When AppleTalk network integration translates access privileges into permissions, a user who has the Make Changes privilege is given Write and Delete permissions. See also: permission Management and Monitoring Tools Software components that include utilities for network management and monitoring, along with services that support client dialing and the updating of client phone books. Also included is the Simple Network Management Protocol (SNMP). See also: Simple Network Management Protocol (SNMP) Management Information Base (MIB) A set of objects that represent various types of information about a device, used by Simple Network Management Protocol (SNMP) to manage the device. Because different network management services are used for different types of devices and protocols, each service has its own set of objects. See also: Simple Network Management Protocol (SNMP); service management system A network-enabled host running Simple Network Management Protocol (SNMP) management software. This software requests information from SNMP agents. Management system is also called a management console. mandatory user profile A user profile that is not updated when the user logs off. It is downloaded to the user's desktop each time the user logs on, and is created by an administrator and assigned to one or more users to create consistent or jobspecific user profiles. Only members of the Administrators group can change profiles. See also: roaming user profile; user profile map

To translate one value into another. In virtual memory systems, a computer might map a virtual address into a physical address. master boot record (MBR) The first sector on a hard disk, which starts the process of booting the computer. The MBR contains the partition table for the disk and a small amount of executable code called the master boot code. See also: Recovery Console; partition boot sector master domain A Windows NT 4.0 domain that is used for managing user and group accounts in a multidomain network. See also: domain; group account; user account Master File Table (MFT) An NTFS system file on NTFS-formatted volumes that contains information about each file and folder on the volume. The MFT is the first file on an NTFS volume. See also: file allocation table (FAT); NTFS file system; volume master server An authoritative DNS server for a zone. Master servers can vary and are one of two types (either primary or secondary masters), depending on how the server obtains its zone data. See also: DNS Server; primary master; secondary master; zone; zone transfer maximize To enlarge a window to its largest size by clicking the Maximize button (at the right of the title bar), or by pressing ALT+SPACEBAR and then pressing X. See also: minimize; title bar MD2 A hash algorithm that creates a 128-bit hash value and was developed by RSA Data Security, Inc. See also: hash algorithm MD4 A hash algorithm that creates a 128-bit hash value and was developed by RSA Data Security, Inc. See also: hash algorithm MD5 An industry-standard one-way, 128-bit hashing scheme, developed by RSA Data Security, Inc., and used by various Point-to-Point Protocol (PPP) vendors for encrypted authentication. A hashing scheme is a method for transforming data (for example, a password) in such a way that the result is unique and cannot be changed back to its original form. The CHAP authentication protocol uses challenge-response with one-way MD5 hashing on the response. In this way, you can prove to the server that you know your password without actually sending the password over the network. See also: CHAP (Challenge Handshake Authentication Protocol); hash algorithm; message digest media Any fixed or removable objects that store computer data. Examples include hard disks, floppy disks, tapes, and compact discs. media pool A logical collection of removable media that have the same management policies. Media pools are used by applications to control access to specific tapes or discs within libraries managed by Removable Storage. There are four media pools: unrecognized, import, free, and application-specific. Each media pool can only hold either media or other media pools. See also: free media pool; import media pool; backup media pool; Removable Storage media sensing A feature that, when it detects a network cable connection failure, removes the bound protocols from the failed network adapter until the cable connection is reestablished. Without these bound protocols, the network interface connected through the failed network adapter is not available for cluster communication. mediator

For Process Control, a process used to preserve information when a service stops or starts. memory address A portion of computer memory that can be allocated to a device or used by a program or the operating system. Devices are usually allocated a range of memory addresses. See also: device Memory Usage In Task Manager, the current working set of a process, in kilobytes. The current working set is the number of pages currently resident in memory. On the Task Manager Processes tab, the column heading is Mem Usage. See also: Task Manager Memory Usage Delta In Task Manager, the change in memory, in kilobytes, used since the last update. See also: Task Manager message For Message Queuing, a unit of information sent between computers running Message Queuing. The message can contain text or binary data as defined by the sending application. All messages, including status messages, are stored in queues on Message Queuing computers. See also: Message Queuing Message Authentication Code (MAC) An algorithm that ensures the quality of a block of data. message digest See definition for: hash Message Queuing A message queuing and routing system for Windows that enables distributed applications running at different times to communicate across heterogeneous networks and with computers that may be offline. Message Queuing provides guaranteed message delivery, efficient routing, security, and priority-based messaging. Message Queuing was formerly known as MSMQ. See also: Microsoft Distributed Transaction Coordinator (MS DTC) Message Queuing server For Message Queuing (also known as MSMQ), a computer that can provide message queuing, routing, and directory services to client computers. Message Queuing servers can be used to: Provide message routing and session concentration for independent clients. Provide message routing between sites over routing links. Create queues and store messages for dependent clients. Access information in Active Directory (if installed on a Windows domain controller). See also: Active Directory; dependent client; independent client; routing link; routing services; session concentration Messenger service A service that sends and receives messages sent by administrators or by the Alerter service. See also: service; Alerter service; performance alert metadata Data about data. For example, the title, subject, author, and size of a file constitute the file's metadata. metric A number used to indicate the cost of a route in the IP routing table that enables the selection of the best route among possible multiple routes to the same destination. Microcom Networking Protocol Five (MNP5) A data-compression standard that allows modems to increase throughput by compressing data before transmission. Data can be compressed with a ratio of up to 2:1. MNP5 sometimes expands data that has already been compressed, resulting in poorer performance in those cases. If you have an MNP5 modem, do

not turn on modem compression and software compression at the same time. To turn on MNP5 compression, you must also turn on MNP4 error control. See also: Microcom Networking Protocol Four (MNP4) Microcom Networking Protocol Four (MNP4) An industry-standard communication protocol that allows modems to automatically retransmit corrupted data, assuring that only error-free data passes through the modem. MNP2 and MNP3 standards are included in MNP4. See also: Microcom Networking Protocol Five (MNP5) Microsoft Distributed Transaction Coordinator (MS DTC) A transaction manager that coordinates transactions that span multiple resource managers, such as Message Queuing and Microsoft SQL Server. MS DTC is automatically installed when Message Queuing is installed. See also: Message Queuing; transaction Microsoft Management Console (MMC) A framework for hosting administrative tools, called consoles. A console may contain tools, folders or other containers, World Wide Web pages, and other administrative items. These items are displayed in the left pane of the console, called a console tree. A console has one or more windows that can provide views of the console tree. The main MMC window provides commands and tools for authoring consoles. The authoring features of MMC and the console tree itself may be hidden when a console is in User Mode. See also: snap-in; console tree Microsoft Point-to-Point Encryption (MPPE) A 128-bit key or 40-bit key encryption algorithm using RSA RC4. MPPE provides for packet confidentiality between the remote access client and the remote access or tunnel server and is useful where IP security (IPSec) is not available. MPPE 40-bit keys are used to satisfy current North American export restrictions. MPPE is compatible with Network Address Translation. See also: remote access server; tunnel server Microsoft Reserved (MSR) partition A required partition on every GUID partition table (GPT) disk. System components can allocate portions of the MSR partition into new partitions for their own use. For example, when you convert a basic GPT disk to dynamic, the system allocates a portion of the MSR partition to be used as the Logical Disk Manager (LDM) metadata partition. The MSR partition varies in size based on the size of the GPT disk. For disks smaller than 16 GB, the MSR partition is 32 MB. For disks larger than 16 GB, the MSR partition is 128 MB. The MSR partition is not visible in Disk Management, and you cannot store data on the MSR partition or delete it. See also: GUID partition table (GPT); partition MIDI setup The setup that specifies the type of MIDI device you are using, the channel and patch settings needed to play MIDI files, and the port your device is using. See also: Musical Instrument Digital Interface (MIDI) minimize To reduce a window to a button on the taskbar by clicking the Minimize button (at the right of the title bar), or by pressing ALT+SPACEBAR and then pressing N. See also: maximize; title bar minimum TTL A default Time to Live (TTL) value set in seconds for use with all resource records in a zone. This value is set in the start of authority (SOA) resource record for each zone. By default, the DNS server includes this value in query answers to inform recipients how long it can store and use resource records provided in the query answer before they must expire the stored records data. When TTL values are set for individual resource records, those values will override the minimum TTL. See also: DNS Server; start-of-authority (SOA) resource record; Time to Live (TTL); zone

mirror One of the two volumes that make up a mirrored volume. Each mirror of a mirrored volume resides on a different disk. If one mirror becomes unavailable (due to a disk failure, for example), Windows can use the remaining mirror to gain access to the volume's data. See also: fault tolerance; mirrored volume; volume mirror set A fault-tolerant partition created with Windows NT 4.0 or earlier that duplicates data on two physical disks. You can only repair, resynchronize, break, or delete mirror sets in Windows 2000. To create new volumes that are mirrored, use mirrored volumes on dynamic disks. See also: basic disk; dynamic disk; fault tolerance; mirrored volume mirrored volume A fault-tolerant volume that duplicates data on two physical disks. A mirrored volume provides data redundancy by using two identical volumes, which are called mirrors, to duplicate the information contained on the volume. A mirror is always located on a different disk. If one of the physical disks fails, the data on the failed disk becomes unavailable, but the system continues to operate in the mirror on the remaining disk. You can create mirrored volumes only on dynamic disks. See also: volume; dynamic disk; dynamic volume; fault tolerance; RAID-5 volume modem (modulator/demodulator) A device that allows computer information to be transmitted and received over a telephone line. The transmitting modem translates digital computer data into analog signals that can be carried over a phone line. The receiving modem translates the analog signals back to digital form. See also: modem compression; null modem cable; port; Telephony API (TAPI); Waiting for Call modem compression A technique used to reduce the number of characters transmitted without losing data content. The transmitting modem compresses the data and the receiving computer or modem decompresses the data back to its original state. See also: modem (modulator/demodulator) modulation standards Protocols that determine how modems convert digital data into analog signals that can be transmitted over telephone lines. Initially, Bell created modulation standards used in the United States, and the CCITT created international recommendations. The ITU-T (formerly called the CCITT) now makes recommendations generally adopted by modem manufacturers both internationally and in the United States. The ITU-T V series recommendations (such as V.34 and V.90) define data communication over the telephone network. The suffixes -bis and -ter (for example, V.32bis) indicate later versions. See also: International Telecommunication Union - Telecommunication [Standardization Sector] (ITU-T); V.34; V.90 mount To place a removable tape or disc into a drive. See also: dismount; library; mounted drive mounted drive A drive attached to an empty folder on an NTFS volume. Mounted drives function the same as any other drive, but are assigned a label or name instead of a drive letter. The mounted drive's name is resolved to a full file system path instead of just a drive letter. Members of the Administrators group can use Disk Management to create mounted drives or reassign drive letters. See also: drive; mount; NTFS file system; volume MouseKeys A keyboard feature that enables you to use the numeric keypad to move the mouse pointer and to click, double-click, and drag.

See also: ToggleKeys; FilterKeys; StickyKeys MS-DOS (Microsoft Disk Operating System) An operating system used on all personal computers and compatibles. As with other operating systems, such as OS/2, it translates user keyboard input into operations the computer can perform. MS-DOS can be easily accessed by using the command prompt, while MS-DOS-based programs can be accessed through the use of shortcuts on the desktop. See also: OS/2; command prompt window; MS-DOS-based program MS-DOS-based program A program that is designed to run with MS-DOS and therefore may not be able to take full advantage of all Windows features. See also: MS-DOS (Microsoft Disk Operating System); program information file (PIF) multicast Network traffic destined for a set of hosts that belong to a multicast group. Multicast Address Dynamic Client Allocation Protocol (MADCAP) An extension to the DHCP protocol standard used to support dynamic assignment and configuration of IP multicast addresses on TCP/IP-based networks. See also: Dynamic Host Configuration Protocol (DHCP); Transmission Control Protocol/Internet Protocol (TCP/IP) multicast address resolution service (MARS) A service for resolving multicast IP addresses to the ATM addresses of the clients that have joined that multicast group. The MARS can work in conjunction with the MCS and clients to distribute multicast data through point-to-multipoint connections. See also: Asynchronous Transfer Mode (ATM); multicast server (MCS); IP address multicast scope A range of multicast group IP addresses in the Class D address range that are available to be leased or assigned to multicast DHCP clients by DHCP. See also: address classes; Dynamic Host Configuration Protocol (DHCP); lease multicast server (MCS) A service that manages zero or more multicast groups and distributes multicast data sent to it by clients of those multicast groups through point-to-multipoint connections. See also: nonhubbed mode; service multicasting The process of sending a message simultaneously to more than one destination on a network. multihomed computer A computer that has multiple network adapters or that has been configured with multiple IP addresses for a single network adapter. See also: virtual IP address; IP address; network adapter multilink dialing The combination of two or more physical communications links' bandwidth into a single logical link to increase your remote access bandwidth and throughput by using remote access Multilink. Based on the Internet Engineering Task Force (IETF) standard RFC 1990, Multilink combines analog modem paths, ISDN B-channels, and mixed analog and digital communications links on both your client and server computers. This increases your Internet and intranet access speed and decreases the amount of time you are connected to a remote computer. See also: B-channel; bandwidth; Integrated Services Digital Network (ISDN) multimaster replication A replication model in which any domain controller accepts and replicates directory changes to any other domain controller. This differs from other replication models in which one computer stores the single modifiable copy of the directory and other computers store backup copies.

See also: domain controller; replication multiple boot A computer configuration that runs two or more operating systems. See also: dual boot; startup environment Musical Instrument Digital Interface (MIDI) A serial interface standard that allows for the connection of music synthesizers, musical instruments, and computers. The MIDI standard is based partly on hardware and partly on a description of the way in which music and sound are encoded and communicated between MIDI devices. The information transmitted between MIDI devices is in a form called a MIDI message, which encodes aspects of sound, such as pitch and volume, as 8-bit bytes of digital information. MIDI devices can be used for creating, recording, and playing back music. Using MIDI, computers, synthesizers, and sequencers can communicate with each other, either keeping time or actually controlling the music created by other connected equipment. See also: MIDI setup My Documents A folder that provides you with a convenient place to store documents, graphics, or other files you want to access quickly. When you save a file in a program such as WordPad or Paint, the file is automatically saved in My Documents, unless you choose a different folder. See also: home folder

N
name The identifier of your computer on the network. name resolution The process of having software translate between names that are easy for users to work with and numerical IP addresses, which are difficult for users but necessary for TCP/IP communications. Name resolution can be provided by software components such as DNS or WINS. See also: Domain Name System (DNS); Transmission Control Protocol/Internet Protocol (TCP/IP); Windows Internet Name Service (WINS) name server (NS) resource record A resource record used in a zone to designate the DNS domain names for authoritative DNS servers for the zone. See also: DNS Server; Domain Name System (DNS); resource record (RR); zone named pipe A portion of memory that can be used by one process to pass information to another process, so that the output of one is the input of the other. The second process can be local (on the same computer as the first) or remote (on a networked computer). namespace A set of unique names for resources or items used in a shared computing environment. For Microsoft Management Console (MMC), the namespace is represented by the console tree, which displays all of the snap-ins and resources that are accessible to a console. For Domain Name System (DNS), namespace is the vertical or hierarchical structure of the domain name tree. For example, each domain label, such as host1 or example, used in a fully qualified domain name, such as host1.example.microsoft.com, indicates a branch in the domain namespace tree. See also: console tree; Domain Name System (DNS); label; resource; snap-in naming context See definition for: directory partition native mode

The condition in which all domain controllers in the domain have been upgraded to Windows 2000 and an administrator has enabled native mode operation (through Active Directory Users and Computers). See also: Active Directory Users and Computers NetBIOS Extended User Interface (NetBEUI) A network protocol native to Microsoft Networking. It is usually used in small, department-size local area networks (LANs) of 1 to 200 clients. It can use Token Ring source routing as its only method of routing. It is the Microsoft implementation of the NetBIOS standard. See also: Compression Control Protocol (CCP); local area network (LAN); network basic input/output system (NetBIOS); protocol NetWare Core Protocol (NCP) The file-sharing protocol that governs communications about resource (such as disk and printer), bindery, and NDS operations between server and client computers on a Novell NetWare network. Requests from client computers are transmitted by the IPX protocol. Servers respond according to NCP guidelines. See also: bindery; Internetwork Packet Exchange (IPX); Novell Directory Services (NDS) network A group of computers and other devices, such as printers and scanners, connected by a communications link, enabling all the devices to interact with each other. Networks can be small or large, permanently connected through wires or cables, or temporarily connected through phone lines or wireless transmissions. The largest network is the Internet, which is a worldwide group of networks. See also: network adapter network adapter A device that connects your computer to a network. This device is sometimes called an adapter card or network interface card. network administrator A person responsible for planning, configuring, and managing the day-to-day operation of the network. Network administrator is also called a system administrator. network basic input/output system (NetBIOS) An application programming interface (API) that can be used by programs on a local area network (LAN). NetBIOS provides programs with a uniform set of commands for requesting the lower-level services required to manage names, conduct sessions, and send datagrams between nodes on a network. See also: application programming interface (API); basic input/output system (BIOS); local area network (LAN); service network card driver A device driver that works directly with the network card, acting as an intermediary between the card and the protocol driver. With AppleTalk network integration, the AppleTalk Protocol stack on the server is implemented as a protocol driver and is bound to one or more network card drivers. See also: device driver Network Connections A component you can use to gain access to network resources and functionality, whether you are physically at the network location or in a remote location. By using the Network Connections folder you can create, configure, store, and monitor connections. Network DDE service A service that provides network transport and security for DDE conversations. See also: dynamic data exchange (DDE); service network media The type of physical wiring and lower-layer protocols used for transmitting and receiving packets; for example, Ethernet, FDDI, and Token Ring. Network Name resource

The name of a device that exists on a network and is supported as a cluster resource by a Resource DLL provided with Windows. See also: Resource DLL Network News Transfer Protocol (NNTP) A member of the TCP/IP suite of protocols used to distribute network news messages to NNTP servers and clients (newsreaders) on the Internet. NNTP is designed so that news articles are stored on a server in a central database, thus enabling a user to select specific items to read. See also: Transmission Control Protocol/Internet Protocol (TCP/IP) network number In the Macintosh environment, the routing address or range of addresses assigned to the physical network that AppleTalk Phase 2 routers use to direct information to the appropriate network. Network number is also called network range and cable range. network partition A state in which one or more of the nodes in a cluster cannot communicate with the other cluster nodes. network place A folder on a Web server. You can view files and folders on Web servers just as you would view files and folders on network servers. However, when you save a file to a network place, the file is saved on a Web server, not on your computer's hard disk. You can create network places by using the Add Network Place Wizard, which is located in My Network Places. Network places are available only on Web servers that support Web Extender Client (WEC), FrontPage extensions, and Distributed Authoring and Versioning (DAV) protocols. non-Plug and Play A device, such as a printer, modem, or game controller, that requires manual configuration of hardware settings before it can be used. Non-Plug and Play devices are becoming increasingly rare as manufacturers stop producing them in favor of Plug and Play devices. Non-Plug and Play typically applies to older pieces of equipment. See also: device; Plug and Play nonauthoritative restore A restore of a backup copy of a Windows domain controller in which the objects in the restored directory are not treated as authoritative. The restored objects are updated with changes held in other replicas of the restored domain. See also: authoritative restore noncontainer object An object that cannot logically contain other objects. For example, a file is a noncontainer object. See also: container object; object nonhubbed mode A mode in which the ATM ARP/MARS does not forward multicast and broadcast traffic for multicast group clients. In this mode, the service returns a dynamic listing of ATM hosts currently registered for the multicast group address to requesting clients. Clients then use this list to initiate and establish their own point-tomultipoint virtual connections with each of the members in the multicast list. See also: hubbed mode; multicast address resolution service (MARS); multicast server (MCS) nonpaged memory Memory that cannot be paged to disk. Paging is the moving of infrequently used parts of a program's working memory from RAM to another storage medium, usually the hard disk. See also: paging file nonpaged pool Operating system memory that is never paged to disk. Paging is the moving of infrequently used parts of a program's working memory from RAM to another storage medium, usually the hard disk. In Task Manager, the amount of memory used by a process, in kilobytes. See also: paging file

normal backup A backup that copies all selected files and marks each file as having been backed up (in other words, the archive attribute is cleared). With normal backups, you need only the most recent copy of the backup file or tape to restore all of the files. You usually perform a normal backup the first time you create a backup set. See also: copy backup; daily backup; differential backup; incremental backup notification area The area on the taskbar to the right of the taskbar buttons. The notification area displays the time and can also contain shortcuts that provide quick access to programs, such as Volume Control and Power Options. Other shortcuts can appear temporarily, providing information about the status of activities. For example, the printer shortcut icon appears after a document has been sent to the printer and disappears when printing is complete. notify list A list maintained by the primary master for a zone of other DNS servers that should be notified when zone changes occur. The notify list is made up of IP addresses for DNS servers configured as secondary masters for the zone. When the listed servers are notified of a change to the zone, they will initiate a zone transfer with another DNS server and update the zone. See also: DNS Server; primary master; zone transfer; secondary master; zone Novell Directory Services (NDS) On networks running Novell NetWare 4.0, a distributed database that maintains information about every resource on the network and provides access to these resources. Nslookup A command-line tool used to diagnose Domain Name System (DNS) infrastructure. See also: Domain Name System (DNS) NTDS-DSA object An object that represents the configuration of the Active Directory service running on a specific domain controller. For example, the NTDS-DSA object holds the setting that determines whether or not the Active Directory service provides global catalog services. NTDS-DSA objects are created and deleted in the course of running the Active Directory Installation Wizard (dcpromo.exe). An NTDS-DSA object is stored in the Configuration directory partition and is always a child of the Server object representing the domain controller where this particular Active Directory service is running. For example, if the distinguished name of an NTDS-DSA object is: CN=NTDS Settings,CN=RESKIT1,CN=Servers, CN=Washington,CN=Sites,CN=Configuration,DC=reskit,DC=com then the distinguished name of the corresponding Server object is: CN=RESKIT1,CN=Servers,CN=Washington,CN=Sites, CN=Configuration,DC=reskit,DC=com See also: Active Directory; domain controller; global catalog NTFS file system An advanced file system that provides performance, security, reliability, and advanced features that are not found in any version of FAT. For example, NTFS guarantees volume consistency by using standard transaction logging and recovery techniques. If a system fails, NTFS uses its log file and checkpoint information to restore the consistency of the file system. In Windows 2000 and Windows XP, NTFS also provides advanced features such as file and folder permissions, encryption, disk quotas, and compression. See also: FAT32; file allocation table (FAT); file system NTLM A security package that provides authentication between clients and servers. NTLM authentication protocol

A challenge/response authentication protocol. The NTLM authentication protocol was the default for network authentication in Windows NT version 4.0 and earlier. The protocol continues to be supported in Windows 2000 but no longer is the default. null modem cable Special cabling that eliminates the modem's need for asynchronous communications between two computers over short distances. A null modem cable emulates modem communication. See also: modem (modulator/demodulator) NWLink An implementation of the Internetwork Packet Exchange (IPX), Sequenced Packet Exchange (SPX), and NetBIOS protocols used in Novell networks. NWLink is a standard network protocol that supports routing and can support NetWare client-server applications, where NetWare-aware Sockets-based applications communicate with IPX/SPX Sockets-based applications. See also: Routing Information Protocol over IPX (RIPX); IPX/SPX; network basic input/output system (NetBIOS)

O
object An entity, such as a file, folder, shared folder, printer, or Active Directory object, described by a distinct, named set of attributes. For example, the attributes of a File object include its name, location, and size; the attributes of an Active Directory User object might include the user's first name, last name, and e-mail address. For OLE and ActiveX, an object can also be any piece of information that can be linked to, or embedded into, another object. See also: attribute; child object; OLE; parent object offline A state that marks a component in a cluster as unavailable. A node in an offline state is either inactive or not running. Resources and groups also have an offline state. See also: group; online; pending; resource OLE A way to transfer and share information between applications by pasting information created in one application into a document created in another application, such as a spreadsheet or word processing file. See also: embedded object; linked object; package on-disk catalog Information stored on a local disk drive. The on-disk catalog contains a list of files and folders that have been backed up in a backup set. See also: backup set; on-media catalog on-media catalog Information stored on backup storage media. The on-media catalog contains a list of files and folders that have been backed up in a backup set. See also: backup set; on-disk catalog one-way trust A type of trust relationship in which only one of the two domains trusts the other domain. For example, domain A trusts domain B and domain B does not trust domain A. All one-way trusts are nontransitive. See also: transitive trust; two-way trust online A state that marks a component in a cluster as available. When a node is online, it is an active member of the cluster and can own and run groups as well as honor cluster database updates, contribute votes to the quorum algorithm, and maintain heartbeats. Resources and groups also have an online state. See also: group; offline; pending; resource

Open Systems Interconnection (OSI) reference model A networking model introduced by the International Organization for Standardization (ISO) to promote multivendor interoperability. Open Systems Interconnection (OSI) is a seven-layered conceptual model consisting of the application, presentation, session, transport, network, data-link, and physical layers. See also: Transmission Control Protocol/Internet Protocol (TCP/IP) OpenType fonts Outline fonts that are rendered from line and curve commands, and can be scaled and rotated. OpenType fonts are clear and readable in all sizes and on all output devices supported by Windows. OpenType is an extension of TrueType font technology. See also: font; TrueType fonts operations master A domain controller that has been assigned one or more special roles in an Active Directory domain. The domain controllers assigned these roles perform operations that are single-master (not permitted to occur at different places on the network at the same time). Examples of these operations include resource identifier allocation, schema modification, PDC election, and certain infrastructure changes. The domain controller that controls the particular operation owns the operations master role for that operation. The ownership of these operations master roles can be transferred to other domain controllers. See also: Active Directory; domain controller; domain naming master; infrastructure master; schema master operator In mathematics and in programming and computer applications, a symbol or other character indicating an operation that acts on one or more elements. You can use the following four operators in standard calculations: / divide * multiply - subtract + add For Indexing Service, a word or character that specifies a relationship in a query. organizational unit An Active Directory container object used within domains. An organizational unit is a logical container into which users, groups, computers, and other organizational units are placed. It can contain objects only from its parent domain. An organizational unit is the smallest scope to which a Group Policy object can be linked, or over which administrative authority can be delegated. See also: Active Directory; container object; Group Policy object; parent domain orphan A member of a mirrored volume or a RAID-5 volume that has failed due to a severe cause, such as a loss of power or a complete hard-disk head failure. When this happens, the fault-tolerant driver determines that it can no longer use the orphaned member and directs all new reads and writes to the remaining members of the fault-tolerant volume. See also: fault tolerance; mirrored volume; RAID-5 volume orphan file A file that is stored inside My Briefcase and not linked to any file outside My Briefcase. When you update files, the orphan file is not synchronized with any other file. OS/2 A protected-mode, virtual memory, multitasking operating system for personal computers based on the Intel 80286, 80386, i486, and Pentium processors. OS/2 can run most MS-DOS-based programs and can read all MSDOS disks. See also: MS-DOS-based program owner

In a Windows environment, the person who controls how permissions are set on objects and can grant permissions to others. In the Macintosh environment, an owner is the user responsible for setting permissions for a folder on a server. A Macintosh user who creates a folder on the server automatically becomes the owner of the folder, and can then transfer ownership to someone else. Each Macintosh-accessible volume on the server also has an owner. owner category In the Macintosh environment, the user category to which you assign permissions for the owner of a folder or a Macintosh volume.

P
package An icon that represents embedded or linked information. That information may consist of a complete file, such as a Paint bitmap, or part of a file, such as a spreadsheet cell. When you choose the package, the application used to create the object either plays the object (for example, a sound file) or opens and displays the object. If you change the original information, linked information is automatically updated. However, you must manually update embedded information. See also: embedded object; linked object; OLE packet An Open Systems Interconnection (OSI) network layer transmission unit that consists of binary information representing both data and a header containing an identification number, source and destination addresses, and error-control data. See also: Internet Protocol (IP); packet header; packet switching; switching hub packet header In network protocol communications, a specially reserved field of a defined bit length that is attached to the front of a packet for carry and transfer of control information. When the packet arrives at its destination, the field is then detached and discarded as the packet is processed and disassembled in a corresponding reverse order for each protocol layer. See also: packet packet switching A technology for breaking data into packets and then sending the packets over a network. Each packet has a header containing its source and destination, a sequence number to reassemble the information, a block of data content, and an error-checking code. The data packets may take different routes to their destination, where the original information is reassembled after the packets arrive. The international standard for packet switching networks is X.25. See also: packet PAD (packet assembler/disassembler) A device that connects a non-X.25 device such as a modem to an X.25 packet switching network. page In virtual memory systems, a unit of data storage that is brought into random access memory (RAM), typically from a hard drive, when a requested item of data is not already in RAM. See also: virtual memory page fault The interrupt that occurs when software attempts to read from or write to a virtual memory location that is marked not present. In Task Manager, page fault is the number of times data has to be retrieved from disk for a process because it was not found in memory. The page fault value accumulates from the time the process started. See also: Page Faults Delta; Task Manager; virtual memory Page Faults Delta

In Task Manager, the change in the number of page faults since the last update. See also: Task Manager page-description language (PDL) A computer language that describes the arrangement of text and graphics on a printed page. See also: Printer Control Language (PCL); Printer Job Language (PJL); PostScript; PostScript fonts paged pool The system-allocated virtual memory that has been charged to a process and that can be paged. Paging is the moving of infrequently-used parts of a program's working memory from RAM to another storage medium, usually the hard disk. In Task Manager, the amount of system-allocated virtual memory, in kilobytes, used by a process. See also: registry size limit (RSL); virtual memory paging file A hidden file on the hard disk that Windows uses to hold parts of programs and data files that do not fit in memory. The paging file and physical memory, or RAM, comprise virtual memory. Windows moves data from the paging file to memory as needed and moves data from memory to the paging file to make room for new data. Paging file is also called a swap file. See also: Peak Memory Usage; registry size limit (RSL); virtual memory Panose A font-classification method that measures values, such as serifs, weight, and stroke variations, for a TrueType font. These values are represented by a Panose number. The Panose number is then used to associate the font with other fonts of similar appearance but different names. The closer the Panose number of two fonts, the more similar they are. paper source The location (such as Upper Paper Tray or Envelope Feeder) of the paper at the printer. parallel port The input/output connector for a parallel interface device. Printers are generally plugged into a parallel port. See also: serial port parent domain For DNS and Active Directory, domains that are located in the namespace tree directly above other derivative domain names (child domains). For example, microsoft.com would be the parent domain for example.microsoft.com, a child domain. See also: domain; Domain Name System (DNS) parent object The object in which another object resides. A parent object implies relation. For example, a folder is a parent object in which a file, or child object, resides. An object can be both a parent and a child object. For example, a subfolder that contains files is both the child of the parent folder and the parent folder of the files. See also: child object; object parity A calculated value that is used to reconstruct data after a failure. RAID-5 volumes stripe data and parity intermittently across a set of disks. When a disk fails, some server operating systems use the parity information together with the data on good disks to recreate the data on the failed disk. See also: fault tolerance; RAID-5 volume parity bit In asynchronous communications, an extra bit used in checking for errors in groups of data bits transferred within or between computer systems. In modem-to-modem communications, a parity bit is often used to check the accuracy with which each character is transmitted. See also: parity partition

A portion of a physical disk that functions as though it were a physically separate disk. After you create a partition, you must format it and assign it a drive letter before you can store data on it. On basic disks, partitions are known as basic volumes, which include primary partitions and logical drives. On dynamic disks, partitions are known as dynamic volumes, which include simple, striped, spanned, mirrored, and RAID-5 volumes. See also: basic disk; basic volume; drive letter; dynamic volume; extended partition; primary partition; system partition partition boot sector A portion of a hard disk partition that contains information about the disk's file system and a short machine language program that loads the Windows operating system. See also: partition password A security measure used to restrict logon names to user accounts and access to computer systems and resources. A password is a string of characters that must be provided before a logon name or an access is authorized. A password can be made up of letters, numbers, and symbols, and it is case sensitive. See also: user account Password Authentication Protocol (PAP) A simple, plaintext authentication scheme for authenticating PPP connections. The user name and password are requested by the remote access server and returned by the remote access client in plaintext. See also: Point-to-Point Protocol (PPP); remote access; password paused A state that applies to a node in a cluster. The node is a fully active member in the cluster but cannot accept new resource groups (for example, a resource group cannot fail over or fail back to a paused node). You can administer and maintain a paused node. See also: cluster; failback; failover; offline PC Card A removable device, approximately the size of a credit card, that can be plugged into a Personal Computer Memory Card International Association (PCMCIA) slot in a portable computer. PCMCIA devices can include modems, network cards, and hard disk drives. See also: modem (modulator/demodulator) PCI expansion slot A connection socket for a peripheral designed for the Peripheral Component Interconnect (PCI) local bus on a computer motherboard. PDC emulator master The domain controller assigned to act as a Windows NT 4.0 primary domain controller (PDC) to service network clients that do not have Active Directory client software installed, and to replicate directory changes to any Windows NT backup domain controllers (BDCs) in the domain. The PDC emulator master receives preferential replication of password changes performed by other domain controllers in the domain and handles any password authentication requests that fail at the local domain controller. At any time, there can be only one PDC emulator master in a particular domain. See also: Active Directory; primary domain controller (PDC); replication; backup domain controller (BDC); domain controller; multimaster replication; operations master Peak Memory Usage In Task Manager, the peak amount of physical memory resident in a process since it started. See also: Task Manager pending A state that refers to a resource in a cluster when the resource is in the process of being brought online or taken offline. See also: offline; online; resource

Per Seat Licensing A licensing mode that requires a separate Client Access License for each client computer, regardless of whether all the clients access the server at the same time. See also: client; Per Server Licensing Per Server Licensing A licensing mode that requires a separate Client Access License for each concurrent connection to the server, regardless of whether there are other client computers on the network that do not happen to connect concurrently. See also: client; Per Seat Licensing performance alert A feature that detects when a predefined counter value rises above or falls below the configured threshold and notifies a user by means of the Messenger service. See also: Messenger service performance counter In System Monitor, a data item that is associated with a performance object. For each counter selected, System Monitor presents a value corresponding to a particular aspect of the performance that is defined for the performance object. See also: performance object performance object In System Monitor, a logical collection of counters that is associated with a resource or service that can be monitored. See also: performance counter performance object instance In System Monitor, a term used to distinguish between multiple performance objects of the same type on a computer. See also: performance object peripheral A device, such as a disk drive, printer, modem, or joystick, that is connected to a computer and is controlled by the computer's microprocessor. See also: device peripheral component interconnect (PCI) A specification introduced by Intel Corporation that defines a local bus system that allows up to 10 PCIcompliant expansion cards to be installed in the computer. permission A rule associated with an object to regulate which users can gain access to the object and in what manner. Permissions are granted or denied by the object's owner. See also: object; printer permissions; security descriptor; shared folder permissions; special access permissions Physical Disk resource A disk on a cluster storage device. Physical disks are supported as cluster resources by a Resource DLL. See also: Resource DLL ping A utility that verifies connections to one or more remote hosts. The ping command uses the ICMP echo request and echo reply packets to determine whether a particular IP system on a network is functional. Ping is useful for diagnosing IP network or router failures. See also: Internet Control Message Protocol (ICMP) pixel

Short for picture element, one spot in a rectilinear grid of thousands of such spots that form an image produced on the screen by a computer or on paper by a printer. A pixel is the smallest element that display or print hardware and software can manipulate to create letters, numbers, or graphics. A pixel is also called a pel. See also: screen resolution PKCS #10 The Certification Request Syntax Standard, developed and maintained by RSA Data Security, Inc. A syntax for certificate requests. See also: certificate; Public Key Cryptography Standards (PKCS) PKCS #12 The Personal Information Exchange Syntax Standard, developed and maintained by RSA Data Security, Inc. This syntax standard specifies a portable format for storing or transporting a user's private keys, certificates, and miscellaneous secrets. See also: certificate; Public Key Cryptography Standards (PKCS) PKCS #7 The Cryptographic Message Syntax Standard. It is a general syntax, developed and maintained by RSA Data Security, Inc., for data to which cryptography may be applied, such as digital signatures and encryption. It also provides a syntax for disseminating certificates or certificate revocation lists. See also: certificate; certificate revocation list (CRL); encryption; Public Key Cryptography Standards (PKCS) plaintext Data that is not encrypted. Sometimes also called cleartext. plotter Any device used to draw charts, diagrams, and other line-based graphics. plotter font A font created by a series of dots connected by lines. Plotter fonts can be scaled to any size and are most often printed on plotters. Some dot-matrix printers also support plotter fonts. See also: font Plug and Play A set of specifications developed by Intel that allows a computer to automatically detect and configure a device and install the appropriate device drivers. See also: universal serial bus (USB); non-Plug and Play point of termination station (POTS) Basic dial telephone connections to the public switched network, without any added features or functions. Plain old telephone service and point of termination station is also called POTS. Point-to-Point Protocol (PPP) An industry standard suite of protocols for the use of point-to-point links to transport multiprotocol datagrams. PPP is documented in RFC 1661. See also: Compression Control Protocol (CCP); remote access; Transmission Control Protocol/Internet Protocol (TCP/IP); voluntary tunnel Point-to-Point Protocol over Ethernet (PPPoE) A specification for connecting users on an Ethernet network to the Internet through a broadband connection, such as a single DSL line, wireless device, or cable modem. Using PPPoE and a broadband modem, LAN users can gain individual authenticated access to high-speed data networks. By combining Ethernet and Point-toPoint Protocol (PPP), PPPoE provides an efficient way to create a separate connection for each user to a remote server. Point-to-Point Tunneling Protocol (PPTP) Networking technology that supports multiprotocol virtual private networks (VPNs), enabling remote users to access corporate networks securely across the Internet or other networks by dialing into an Internet service provider (ISP) or by connecting directly to the Internet. The Point-to-Point Tunneling Protocol (PPTP) tunnels,

or encapsulates, IP, IPX, or NetBEUI traffic inside of IP packets. This means that users can remotely run applications that are dependent upon particular network protocols. See also: Internet Protocol (IP); Internetwork Packet Exchange (IPX); NetBIOS Extended User Interface (NetBEUI); packet; tunnel; virtual private network (VPN) pointer (PTR) resource record A resource record used in a reverse lookup zone created within the in-addr.arpa domain to designate a reverse mapping of a host IP address to a host DNS domain name. See also: in-addr.arpa domain; reverse lookup; resource record (RR) policy The mechanism by which desktop settings are configured automatically, as defined by the administrator. Depending on context, this can refer to Group Policy, Windows NT 4.0 System Policy, or a specific setting in a Group Policy object. See also: Group Policy; Group Policy object; System Policy polling intervals The frequency the Resource Monitor checks that the resource is available and operating. There are two levels of polling: Looks Alive and Is Alive. The server cluster requests a more thorough check of the resource's state at each Is Alive interval than it does at each Looks Alive interval; therefore, the Is Alive polling interval is typically longer than the Looks Alive polling interval. You can specify the two polling intervals and a time-out value for resources. See also: resource POP3 (Post Office Protocol 3) A popular protocol used for receiving e-mail messages. This protocol is often used by ISPs. POP3 servers allow access to a single Inbox in contrast to IMAP servers, which provide access to multiple server-side folders. port A connection point on your computer where you can connect devices that pass data into and out of a computer. For example, a printer is typically connected to a parallel port (also called an LPT port), and a modem is typically connected to a serial port (also called a COM port). See also: serial port; universal serial bus (USB) port rule For Network Load Balancing, a set of configuration parameters that determine the filtering mode to be applied to a range of ports. See also: filtering mode; port Portable Operating System Interface for UNIX (POSIX) An Institute of Electrical and Electronics Engineers (IEEE) standard that defines a set of operating-system services. Programs that adhere to the POSIX standard can be easily ported from one system to another. POSIX was based on UNIX system services, but it was created in a way that allows it to be implemented by other operating systems. See also: service possible owners A list that specifies which nodes in the cluster are capable of running that resource. By default, both nodes appear as possible owners, so the resource can run on either node. In most cases, it is appropriate to use this default setting. If you want the resource to be able to fail over, both nodes must be designated as possible owners. See also: failover; resource PostScript A page-description language (PDL), developed by Adobe Systems for printing on laser printers. PostScript offers flexible font capability and high-quality graphics. It is the standard for desktop publishing because it is supported by imagesetters, the high-resolution printers used by printing services for commercial typesetting.

See also: Printer Control Language (PCL); page-description language (PDL); Printer Job Language (PJL); PostScript fonts; PostScript printer; service; Type 1 fonts PostScript fonts Fonts that are defined in terms of the PostScript page-description language (PDL) rules and are intended to be printed on a PostScript-compatible printer. When a document displayed in a screen font is sent to a PostScript printer, the printer uses the PostScript version if the font exists. If the font doesn't exist but a version is installed on the computer, that font is downloaded to the printer. If there is no PostScript font installed in either the printer or the computer, the bit-mapped (raster) font is translated into PostScript and the printer produces text using the bit-mapped font. PostScript fonts are distinguished from bit-mapped fonts by their smoothness, detail, and faithfulness to standards of quality established in the typographic industry. See also: downloadable fonts; font; page-description language (PDL); PostScript; raster fonts PostScript printer A printer that uses the PostScript page-description language (PDL) to create text and graphics on the output medium, such as paper or overhead transparency. Examples of PostScript printers include the Apple LaserWriter, the NEC LC-890, and the QMS PS-810. See also: page-description language (PDL); PostScript; virtual printer memory power conditioning A feature of an uninterruptible power supply (UPS) that removes spikes, surges, sags, and noise from the power supply. See also: uninterruptible power supply (UPS) power scheme A group of preset power-management options. For example, you can set elapsed times for putting your computer on standby and for turning off your monitor and hard disk. You save these settings as a named power scheme. PPP (Point-to-Point Protocol) See definition for: Point-to-Point Protocol (PPP) predefined key A key that represents one of the main divisions of the registry. Each predefined key is displayed in a separate Registry Editor window, with the key's name appearing in the window's title bar. For example, HKEY_CLASSES_ROOT is a predefined key. See also: registry; hive; key preferred owner The node on which you prefer each group to run. For example, the static load balancing model performs best when groups are appropriately balanced between two nodes. When a node fails, the remaining node takes over the groups from the failed node, but performance is diminished. By setting those groups to fail back to their preferred server (the failed node), you automatically restore maximum performance when failback occurs. A group does not fail back if a preferred owner is not selected. You will not always choose a preferred owner because it may not matter where the group resides; all that matters is that the group is still running on one of the two nodes. Or, the nodes may be equally capable of handling the load required to use some or all of the resources. See also: group; resource; failback preferred server The NetWare server that you connect to by default when you log on to your computer. The preferred server validates your user credentials and is queried when you request information about resources available on the NetWare network. preset-to callback A form of security in which a remote access server verifies users by calling them back at numbers supplied by the network administrator at the time user privileges are granted. Only a network administrator can change a

preset callback number. This ensures that no one can borrow a user's password and connect to the server from a location other than the user's normal one. See also: callback number; remote access server; connected, user authenticated Primary disk The hard disk drive that contains the system and boot partitions used to start Windows. See also: boot partition; system partition primary domain controller (PDC) In a Windows NT Server 4.0 or earlier domain, the computer running Windows NT Server that authenticates domain logons and maintains the directory database for a domain. The PDC tracks changes made to accounts of all computers on a domain. It is the only computer to receive these changes directly. A domain has only one PDC. In this version of Windows, one of the domain controllers in each domain is identified as the PDC for compatibility with Windows NT 4.0 and earlier versions of Windows NT. See also: backup domain controller (BDC) primary master An authoritative DNS server for a zone that can be used as a point of update for the zone. Only primary masters have the ability to be updated directly to process zone updates, which include adding, removing, or modifying resource records that are stored as zone data. Primary masters are also used as the first sources for replicating the zone to other DNS servers. See also: DNS Server; replication; resource record (RR); secondary master; zone primary mouse button The button you use most often for clicking and double-clicking. The primary mouse button is the left button on most mice and trackball devices, and the lower button on some trackball devices, but you can switch the function of the buttons by using the Mouse Properties dialog box in Control Panel. primary partition A type of partition that you can create on basic disks. A primary partition is a portion of a physical disk that functions as though it were a physically separate disk. On basic master boot record (MBR) disks, you can create up to four primary partitions on a basic disk, or three primary partitions and an extended partition with multiple logical drives. On basic GPT disks, you can create up to 128 primary partitions. Primary partitions are also known as volumes. See also: basic disk; extended partition; GUID partition table (GPT); logical drive; master boot record (MBR); partition; volume print job The source code that contains both the data to be printed and the commands for print. Print jobs are classified into data types based on what modifications, if any, the spooler must make to the job for it to print correctly. See also: print spooler; Printer window; printing pool print processor The component that, working in conjunction with the printer driver, receives and alters print jobs, as necessary, according to their data type to ensure that the jobs print correctly. See also: print job; printer driver print queue A print queue is a list of documents waiting to be printed on the printer. In the print queue, you can see information such as the size of the document, who sent the document, and status information for printing. print server A computer that is dedicated to managing the printers on a network. The print server can be any computer on the network. print spooler Software that accepts a document sent to a printer and then stores it on disk or in memory until the printer is ready for it. This collection of dynamic-link libraries (DLLs) receives, processes, schedules, and distributes documents for printing. The term spooler is an acronym created from simultaneous print operations on line.

See also: dynamic-link library (DLL); printer; spooling Print Spooler resource Printer queues providing access to a network printer connected to the network by an IP address rather than by an individual name. Print spoolers are supported as cluster resources by a Resource DLL. See also: print spooler; Resource DLL; IP address printer A device that puts text or images on paper or other print media. Examples are laser printers or dot-matrix printers. See also: logical printer; print spooler; printing pool Printer Control Language (PCL) The page-description language (PDL) developed by Hewlett Packard for their laser and inkjet printers. Because of the widespread use of laser printers, this command language has become a standard in many printers. See also: Printer Job Language (PJL); PostScript; page-description language (PDL) printer driver A program designed to allow other programs to work with a particular printer without concerning themselves with the specifics of the printer's hardware and internal language. By using printer drivers that handle the subtleties of each printer, programs can communicate properly with a variety of printers. See also: device driver printer fonts Fonts residing in or intended for a printer. A printer font, usually located in the printer's read-only memory (ROM), can be internal, downloaded, or on a font cartridge. See also: device fonts; downloadable fonts; font; font cartridge Printer Job Language (PJL) The printer command language developed by Hewlett Packard that provides printer control at the print-job level. Using PJL commands, you can change default printer settings such as number of copies to print. PJL commands also permit switching printer languages between print jobs without action by the user. If bidirectional communication is supported, a PJL-compatible printer can send information such as printer model and job status to the print server. See also: Printer Control Language (PCL); page-description language (PDL); PostScript printer permissions Permissions that specify the type of access that a user or group has to a printer. The printer permissions are Print, Manage Printers, and Manage Documents. See also: permission Printer window Also called the queue view, the Printer window shows information about any pending print jobs for the printer. For each printer you have installed or to which you are connected, you can such information as see how many documents are waiting to be printed, who owns them, and how large they are. See also: print job Printers and Faxes The folder in Control Panel that contains the Add Printer Wizard and icons for all the printers installed on your computer. See also: printer printing pool Two or more identical printers that are connected to one print server and act as a single printer. In this case, when you print a document, the print job will be sent to the first available printer in the pool. See also: print job; printer priority For Process Control, the relative ranking of a process or process group with respect to the use of CPU and system resources. You can configure this in the Process Control snap-in.

private branch exchange (PBX) An automatic telephone switching system that enables users within an organization to place calls to each other without going through the public telephone network. Users can also place calls to outside numbers. private key The secret half of a cryptographic key pair that is used with a public key algorithm. Private keys are typically used to decrypt a symmetric session key, digitally sign data, or decrypt data that has been encrypted with the corresponding public key. See also: public key; public key encryption private network A cluster network that supports only node-to-node communication. See also: cluster private queue For Message Queuing, a queue that is not published in Active Directory and can be accessed only by applications that have access to the full format name of the queue. See also: Active Directory; Message Queuing; public queue; system queue privilege A user's right to perform a specific task, usually one that affects an entire computer system rather than a particular object. Privileges are assigned by administrators to individual users or groups of users as part of the security settings for the computer. Pro Windows XP Professional process The virtual address space and the control information necessary for the execution of a program. See also: socket process identifier (PID) A numerical identifier that uniquely distinguishes a process while it runs. Use Task Manager to view PIDs. See also: Task Manager; process program A complete, self-contained set of computer instructions that you use to perform a specific task, such as word processing, accounting, or data management. Program is also called application. program information file (PIF) A file that provides information to Windows about how best to run MS-DOS-based programs. When you start an MS-DOS-based program, Windows looks for a PIF to use with it. PIFs contain such items as the name of the file, a start-up directory, and multitasking options. See also: MS-DOS-based program property A characteristic or parameter of a class of objects or devices. For example, properties of Microsoft Word files include Size, Created, and Characters. See also: property cache; property value; tag property cache For Indexing Service, a file that stores values for document properties. See also: document; property property value A specific characteristic or parameter that defines a property. For example, property values of a specific Microsoft Word document could include Size = 10,000 bytes, Created = Jan 2, 1999, and Characters = 5,250. See also: property Protective MBR

The first sector of a GUID partition table (GPT) disk that is structured like the first sector of a master boot record (MBR) disk to prevent x86-based disk utilities from destroying GPT partitions. The Protective MBR contains one partition that reserves the entire space used on the disk by GPT partitions. See also: Extensible Firmware Interface (EFI); GUID partition table (GPT); master boot record (MBR); x86 protocol A set of rules and conventions for sending information over a network. These rules govern the content, format, timing, sequencing, and error control of messages exchanged among network devices. See also: static routes; Transmission Control Protocol/Internet Protocol (TCP/IP) public key The nonsecret half of a cryptographic key pair that is used with a public key algorithm. Public keys are typically used when encrypting a session key, verifying a digital signature, or encrypting data that can be decrypted with the corresponding private key. See also: Public Key Cryptography Standards (PKCS); private key; public key encryption; recovery agent; key public key cryptography A method of cryptography in which two different keys are used: a public key for encrypting data and a private key for decrypting data. Public key cryptography is also called asymmetric cryptography. See also: cryptography; Public Key Cryptography Standards (PKCS); private key; public key Public Key Cryptography Standards (PKCS) A family of standards for public key cryptography that includes RSA encryption, Diffie-Hellman key agreement, password-based encryption, extended-syntax, cryptographic message syntax, private key information syntax, and certificate request syntax, as well as selected attributes. Developed, owned, and maintained by RSA Data Security, Inc. See also: certificate; public key cryptography public key encryption A method of encryption that uses two encryption keys that are mathematically related. One key is called the private key and is kept confidential. The other is called the public key and is freely given out to all potential correspondents. In a typical scenario, a sender uses the receiver's public key to encrypt a message. Only the receiver has the related private key to decrypt the message. The complexity of the relationship between the public key and the private key means that, provided the keys are long enough, it is computationally infeasible to determine one from the other. Public key encryption is also called asymmetric encryption. See also: encryption; private key; public key; symmetric encryption public key infrastructure (PKI) The term generally used to describe the laws, policies, standards, and software that regulate or manipulate certificates and public and private keys. In practice, it is a system of digital certificates, certification authorities, and other registration authorities that verify and authenticate the validity of each party involved in an electronic transaction. Standards for PKI are still evolving, even though they are being widely implemented as a necessary element of electronic commerce. See also: certificate; certification authority (CA); public key public network A cluster network that supports client-to-cluster communication (either with or without supporting node-tonode communication). See also: cluster public queue For Message Queuing, a queue that is published in Active Directory and replicated throughout a Windows enterprise. Public queues can, therefore, be located by any computer running Message Queuing within the enterprise. See also: Active Directory; Message Queuing; private queue; queue Public Switched Telephone Network (PSTN) Standard analog telephone lines, available worldwide.

puff and sip device An assistive computer technology for people with mobility impairments. A puff and sip device is a headmounted alternative to using the mouse. The device allows a user to move the mouse pointer without using his or her hands by puffing air into a tube. pulse dialing A form of dialing that enters a phone number by means of pulse frequencies. The user typically hears a series of clicking sounds when dialing. Old-fashioned rotary dial phones use pulse dialing. See also: touch-tone dialing

Q
query For Indexing Service, a structured statement that specifies the documents you want to find. The simplest query is a single word. See also: tag; vector; wildcard character queue A list of programs or tasks waiting for execution. In Windows printing terminology, a queue refers to a group of documents waiting to be printed. In NetWare and OS/2 environments, queues are the primary software interface between the application and print device; users submit documents to a queue. With Windows, however, the printer is that interface; the document is sent to a printer, not a queue. See also: transactional message; printer queue quota For Message Queuing, the storage size limit for messages in public queues. When a queue quota is reached, Message Queuing can no longer send messages to that queue until one or more messages are removed from the queue. Message Queuing enforces the computer quota before it enforces the queue quota on a computer. See also: computer quota; Message Queuing; queue queue type For Message Queuing, a globally unique identifier (GUID) specified by the application that created the queue. See also: Message Queuing; queue Quick Launch A customizable toolbar that lets you display the Windows desktop or start a program (for example, Internet Explorer) with a single click. You can add buttons to start your favorite programs from the Quick Launch location on the taskbar. quiet answer A telephone-answering protocol in which incoming calls are answered with silence instead of a tone signal. Some telephone-switching systems use quiet answering. These switching systems expect the caller to provide another phone number, code, or extension after the quiet answer. quorum disk The cluster disk on which configuration data is maintained in the quorum log, cluster database checkpoint, and resource checkpoints. The quorum disk is managed by the Quorum resource, which is usually a special kind of Physical Disk resource. quorum log The log where the quorum resource stores data. This data is maintained by the clustering software. Also known as the recovery log or change log. See also: quorum resource; server cluster quorum resource The quorum-capable resource selected to maintain the configuration data necessary for recovery of the cluster. This data contains details of all of the changes that have been applied to the cluster database. The quorum resource is generally accessible to other cluster resources so that any cluster node has access to the most recent database changes. By default there is only one quorum resource per cluster.

See also: server cluster quota limit The amount of disk space available to a user. See also: warning level

R
RAID-5 volume A fault-tolerant volume with data and parity striped intermittently across three or more physical disks. Parity is a calculated value that is used to reconstruct data after a failure. If a portion of a physical disk fails, Windows recreates the data that was on the failed portion from the remaining data and parity. You can create RAID-5 volumes only on dynamic disks, and you cannot mirror or extend RAID-5 volumes. See also: dynamic disk; dynamic volume; fault tolerance; parity; volume RAM See definition for: random access memory (RAM) random access memory (RAM) Memory that can be read from or written to by a computer or other devices. Information stored in RAM is lost when the computer is turned off. See also: virtual memory raster fonts Fonts that are stored as bitmaps. Raster fonts are designed with a specific size and resolution for a specific printer and cannot be scaled or rotated. If a printer does not support raster fonts, it will not print them. The five raster fonts are Courier, MS Sans Serif, MS Serif, Small, and Symbol. Raster fonts are also called bitmapped fonts. See also: font; printer raw socket A socket that provides direct access to lower-level network protocols. See also: socket read-only memory (ROM) A semiconductor circuit that contains information that cannot be modified. realm A set of security principles, in a non-Windows networked environment, that are subject to Kerberos authentication. See also: KerberosV5 authentication protocol realm name An identifying prefix or suffix appended to a user name to enable appropriate routing and authentication during a remote logon process. See also: authentication; routing; user name rebinding state A state used by DHCP clients to extend and renew their address lease when the current lease is close to expiring. In this state, the client broadcasts to the network to locate any DHCP server that can either renew or replace its currently leased configuration. The rebinding state begins when 87.5 percent of the client's lease time has elapsed. See also: Dynamic Host Configuration Protocol (DHCP); lease recoverable message For Message Queuing, a message that can be recovered no matter which computer fails, but that uses more resources and is slower than an express message. See also: express message; Message Queuing recovery agent

A person who is issued a public key certificate for the purpose of recovering user data that is encrypted with Encrypting File System (EFS). See also: certificate; Encrypting File System (EFS); public key Recovery Console A command-line interface that provides a limited set of administrative commands that are useful for repairing a computer. See also: NTFS file system recovery policy A type of public key Group Policy object used by Encrypting File System (EFS) that provides for one or more user accounts to be designated as recovery agents. See also: Encrypting File System (EFS); Group Policy object; public key; recovery agent; user account Recycle Bin The place in which Windows stores deleted files. You can retrieve files you deleted in error, or you can empty the Recycle Bin to create more disk space. Redundant Array of Independent Disks (RAID) A method used to standardize and categorize fault-tolerant disk systems. RAID levels provide various mixes of performance, reliability, and cost. Some servers provide three of the RAID levels: Level 0 (striping), Level 1 (mirroring), and Level 5 (RAID-5). See also: RAID-5 volume; fault tolerance; mirrored volume refresh To update displayed information with current data. See also: refresh rate refresh interval An interval of time used by secondary masters of a zone to determine how often to check if their zone data needs to be refreshed. When the refresh interval expires, the secondary master checks with its source for the zone to see if its zone data is still current or if it needs to be updated using a zone transfer. This interval is set in the SOA (start-of-authority) resource record for each zone. See also: secondary master; start-of-authority (SOA) resource record; zone; zone transfer refresh rate The frequency with which the video screen is retraced to prevent the image from flickering. The entire image area of most monitors is refreshed approximately 60 times per second. See also: refresh region Contiguous chunks of storage on a disk. registered file type File types that are tracked by the system registry and are recognized by the programs you have installed on your computer. See also: file type registry A database repository for information about a computer's configuration. The registry contains information that Windows continually references during operation, such as: Profiles for each user. The programs installed on the computer and the types of documents each can create. Property settings for folders and program icons. What hardware exists on the system. Which ports are being used. The registry is organized hierarchically as a tree and is made up of keys and their subkeys, hives, and value entries. See also: hive; key; registry size limit (RSL); subtree; value entry

registry boot The default boot option used by most Windows DNS servers. When registry boot is used, DNS is started and initialized using DNS parameters and their values as they are stored in the Windows registry. You can use a Berkeley Internet Name Domain (BIND) boot file as an alternative to this method of boot configuration for DNS. See also: BIND boot file; DNS Server; Domain Name System (DNS) registry size limit (RSL) A universal maximum for registry space that prevents an application from filling the paged pool with registry data. The total amount of space that can be consumed by registry data (hives) is restricted by the registry size limit. See also: paged pool; registry; hive relative distinguished name The part of an object's distinguished name that is an attribute of the object itself. For most objects this is the Common Name attribute. For security principals, the default common name is the security principal name, also referred to as the SAM account name. For the distinguished name CN=MyName,CN=Users,DC=Microsoft,DC=Com the relative distinguished name of the MyName user object is CN=MyName. The relative distinguished name of the parent object is CN=Users. See also: object; distinguished name relative ID (RID) The part of a security ID (SID) that uniquely identifies an account or group within a domain. See also: domain; forest; group; security ID (SID) relative ID master The domain controller assigned to allocate sequences of relative IDs to each domain controller in its domain. Whenever a domain controller creates a security principal (user, group, or computer object), the domain controller assigns the object a unique security ID. The security ID consists of a domain security ID that is the same for all security IDs created in a particular domain, and a relative ID that is unique for each security ID created in the domain. At any time, there can be only one relative ID master in a particular domain. See also: domain controller; relative ID (RID); security ID (SID); security principal relative name The partial DNS domain name configured in individual resource records to locate and qualify the record within a zone. The relative name is joined to the front of the parent domain (domain of origin) for each resource record to form a fully qualified domain name (FQDN) within the zone. In DNS Manager, the relative name will correspond to fields that use record-specific name properties, such as the Host computer name field used in an address (A) resource record. See also: A (address) resource record; Domain Name System (DNS); fully qualified domain name (FQDN); resource record (RR); zone remote access Part of the integrated Routing and Remote Access service that provides remote networking for telecommuters, mobile workers, and system administrators who monitor and manage servers at multiple branch offices. Users with a computer running Windows and Network Connections can dial in to remotely access their networks for services such as file and printer sharing, electronic mail, scheduling, and SQL database access. See also: remote access server; response; Serial Line Internet Protocol (SLIP); service remote access server A Windows-based computer running the Routing and Remote Access service and configured to provide remote access. See also: set-by-caller callback; remote access

remote administration The management of one computer by an administrator working at another computer connected to the first computer across a network. Remote Authentication Dial-In User Service (RADIUS) A security authentication protocol based on clients and servers and widely used by Internet service providers (ISPs) on remote servers in non-Windows-brand operating systems. RADIUS is the most popular means of authenticating and authorizing dial-up and tunneled network users today. See also: authentication; tunnel remote computer A computer that you can access only by using a communications line or a communications device, such as a network card or a modem. Remote Installation Services Software services that allow an administrator to set up new client computers remotely, without having to visit each client. The target clients must support remote booting. See also: Single Instance Store (SIS) remote procedure call (RPC) A message-passing facility that allows a distributed application to call services that are available on various computers on a network. Used during remote administration of computers. See also: service Remote Storage A data management service used to migrate infrequently accessed files from local storage to remote storage. Migrated files are recalled automatically and transparently upon user request when the file is opened. Removable Storage A service used for managing removable media (such as tapes and discs) and storage devices (libraries). Removable Storage allows applications to access and share the same media resources. See also: library; service rendering intent In color management, the approach used to map the colors specified in an image file to the color gamut of your monitor or printer. The color gamut is the range of color that a device can produce. See also: color gamut replica A folder within a replica set. See also: replica set; replication topology replica set One or more shared folders that participates in replication. See also: replication replication The process of copying data from a data store or file system to multiple computers to synchronize the data. Active Directory provides multimaster replication of the directory between domain controllers within a given domain. The replicas of the directory on each domain controller are writable. This allows updates to be applied to any replica of a given domain. The replication service automatically copies the changes from a given replica to all other replicas. See also: Active Directory; replica; replication policy; topology replication policy Rules that define how and when replication is performed. See also: replication replication topology A description of the physical connections between replicas and sites. In contrast, DFS topologies describe the logical connections.

See also: replica report message For Message Queuing, a message that contains status information and is sent to report queues on the source computer. Examples include test messages and route tracking messages. See also: Message Queuing; report queue report queue For Message Queuing, a queue on the source computer that contains report messages. Report queues can be used when sending test messages and tracking message routes. See also: Message Queuing; report message Request for Comments (RFC) An official document of the Internet Engineering Task Force (IETF) that specifies the details for protocols included in the TCP/IP family. See also: Internet Engineering Task Force (IETF); protocol; Transmission Control Protocol/Internet Protocol (TCP/IP) reservation A specific IP address within a scope permanently reserved for leased use to a specific DHCP client. Client reservations are made in the DHCP database using DHCP Manager and based on a unique client device identifier for each reserved entry. In Admission Control Service, an allocation of network resources, contained in a Resource Reservation Protocol (RSVP) reservation request administered by the Admission Control Service. See also: Dynamic Host Configuration Protocol (DHCP); lease; Resource Reservation Protocol (RSVP); scope; IP address resolver DNS client programs used to look up DNS name information. Resolvers can be either a small stub (a limited set of programming routines that provide basic query functionality) or larger programs that provide additional lookup DNS client functions, such as caching. See also: caching; caching resolver; Domain Name System (DNS) resource Generally, any part of a computer system or network, such as a disk drive, printer, or memory, that can be allotted to a running program or a process. For Device Manager, any of four system components that control how the devices on a computer work. These four system resources are interrupt request (IRQ) lines, direct memory access (DMA) channels, input/output (I/O) ports, and memory addresses. For server clusters, a physical or logical entity that is capable of being managed by a cluster, brought online and taken offline, and moved between nodes. A resource can be owned only by a single node at any point in time. See also: direct memory access (DMA); input/output (I/O) port; interrupt request (IRQ) lines; memory address; offline; online; resource; server cluster resource allocation The process of distributing a computer system's facilities to different components of a job in order to perform the job. Resource DLL A dynamic-link library (DLL) containing an implementation of the Resource application programming interface (API) for a specific type of resource. The Resource DLL is loaded into the address space of its Resource Monitor. See also: application programming interface (API); dynamic-link library (DLL) resource domain A Windows NT 4.0 domain that is used for hosting file, print, and other application services. See also: domain; service

Resource Monitor A cluster software component that facilitates communication between a node's server cluster and one or more of its resources. See also: resource; server cluster resource record (RR) Standard DNS database structure containing information used to process DNS queries. For example, an address (A) type resource record contains IP address corresponding to a host name. Most of the basic resource record types are defined in RFC 1035, but additional RR types have been defined in other RFCs and approved for use with DNS. See also: Domain Name System (DNS); Request for Comments (RFC); retry interval; zone resource record set (RRset) A collection of more than one resource record returned in a query response by a DNS server. Resource record sets (RRsets) are used in responses where more than one record is part of the answer. See also: DNS Server; resource record (RR) Resource Reservation Protocol (RSVP) A signaling protocol that allows the sender and receiver in a communication to set up a reserved highway for data transmission with a specified quality of service. See also: protocol response In Windows remote access, strings expected from the device, which can contain macros. See also: string; remote access response message For Message Queuing, a message sent by a receiving application to the response queue specified by a sending application. Any available queue can be specified as a response queue. See also: Message Queuing; response queue; queue response queue For Message Queuing, a queue that is created by the sending application and used by the receiving application to reply to messages. For example, an application might send a response message to a response queue every time the application receives a message. See also: Message Queuing; response message; queue Restore Point A representation of a stored state of your computer. Restore point is created by System Restore at specific intervals and when System Restore detects the beginning of a change to your computer. Also, restore point can be created by you manually at any time. retry interval The time, in seconds after the refresh interval expires, used by secondary masters of a zone to determine how often to try and retry contacting its source for zone data to see if its replicated zone data needs to be refreshed. This interval is set in the SOA (start-of-authority) resource record for each zone. See also: refresh interval; replication; secondary master; start-of-authority (SOA) resource record; zone reverse lookup In DNS, a query process by which the IP address of a host computer is searched to find its friendly DNS domain name. In DNS Manager, reverse lookup zones are based on the in-addr.arpa domain name and typically hold pointer (PTR) resource records. See also: Domain Name System (DNS); in-addr.arpa domain; pointer (PTR) resource record; zone RGB color space Multidimensional color space consisting of the red, green, and blue intensities that make up a given color. This system is typically used in scanners, digital cameras, computer monitors, and computer printers. See also: color management; color space right-click

To position the mouse over an object, and then press and release the secondary (right) mouse button. Rightclicking opens a shortcut menu that contains useful commands, which change depending on where you click. roaming user profile A server-based user profile that is downloaded to the local computer when a user logs on and that is updated both locally and on the server when the user logs off. A roaming user profile is available from the server when logging on to a workstation or server computer. When logging on, the user can use the local user profile if it is more current than the copy on the server. See also: local user profile; mandatory user profile; user profile rolling upgrade In a cluster, the process of upgrading cluster nodes by turns while the other nodes continue to provide service. See also: cluster ROM An acronym for Read-Only Memory, a semiconductor circuit into which code or data is permanently installed by the manufacturing process. ROM contains instructions or data that can be read but not modified. root The highest or uppermost level in a hierarchically organized set of information. The root is the point from which further subsets are branched in a logical sequence that moves from a broad or general focus to narrower perspectives. root authority The certification authority (CA) at the top of a certification hierarchy. The root CA has a self-signed certificate. Also called the root certification authority. See also: certification authority (CA); certification hierarchy; root root certificate A self-signed certification authority certificate. It is called a root certificate because it is the certificate for the root authority. The root authority must sign its own certificate because by definition there is no higher certifying authority in the certification hierarchy. See also: certificate; certification authority (CA); certification hierarchy; root authority root domain The beginning of the Domain Name System (DNS) namespace. In Active Directory, the initial domain in an Active Directory tree. Also the initial domain of a forest. root hints Local information stored on a DNS server that provides helping resource records to direct the server to its root servers. For DNS, the root hints are stored in the file Cache.dns, located in the Systemroot\System32\Dns folder. Root hints are also called cache hints. See also: authoritative; DNS Server; Domain Name System (DNS); namespace; root servers; systemroot root servers DNS servers that are authoritative for the root of the namespace. See also: authoritative; DNS Server; namespace; root round robin A simple mechanism used by DNS servers to share and distribute loads for network resources. Round robin is used to rotate the order of resource records (RRs) returned in a response to a query when multiple RRs of the same type exist for a queried DNS domain name. See also: DNS Server; resource record (RR) router In a Windows environment, hardware that helps LANs and WANs achieve interoperability and connectivity, and can link LANs that have different network topologies (such as Ethernet and Token Ring). Routers match packet headers to a LAN segment and choose the best path for the packet, optimizing network performance. In the Macintosh environment, routers are necessary for computers on different physical networks to communicate with each other. Routers maintain a map of the physical networks on a Macintosh internet

(network) and forward data received from one physical network to other physical networks. Computers running the Server version of Windows with AppleTalk network integration can act as routers, and you can also use other routing hardware on a network with AppleTalk network integration. See also: local area network (LAN); packet header; Routing Information Protocol over IPX (RIPX); routing; static routes; wide area network (WAN) routing The process of forwarding a packet through an internetwork from a source host to a destination host. See also: host; packet Routing Information Protocol over IPX (RIPX) A protocol used by routers to exchange information between routers on an IPX network and by hosts to determine the best router to use when forwarding IPX traffic to a remote IPX network. See also: protocol; router; Internetwork Packet Exchange (IPX); NWLink routing link For Message Queuing, a communications link established between Windows sites for routing messages. Specially configured Message Queuing servers with routing services enabled are used to create a routing link between sites. See also: Message Queuing; routing-link cost; routing services routing services For Message Queuing, a service on a Message Queuing server that provides message routing services. If so configured, this feature can be used on a Message Queuing server to: Enable computers that use different network protocols to communicate. Reduce the number of sessions by acting as a gateway for all incoming or outgoing messages for independent clients. Route messages between sites over a routing link. See also: session concentration; service; independent client; Message Queuing; Message Queuing server; routing link routing-link cost For Message Queuing, a number used to determine the route messages can take between two sites. This number represents the relative monetary cost of communication over a link. A routing link has a default routing-link cost of 1 and should not be changed unless you have multiple routing links between two sites and you want to enforce message routing over a specific routing link. See also: Message Queuing; routing link RS-232-C standard An accepted industry standard for serial communication connections. Adopted by the Electric Industries Association, this Recommended Standard (RS) defines the specific lines and signal characteristics used by serial communications controllers to standardize the transmission of serial data between devices. The letter C signifies the third in a series. RSA A widely used public/private key algorithm. It is the default cryptographic service provider (CSP) for Microsoft Windows. It was patented by RSA Data Security, Inc. in 1977. See also: cryptographic service provider (CSP)

S
saturation In color management, the purity of a color's hue, moving from gray to the pure color. See also: hue scalability

A measure of how well a computer, service, or application can grow to meet increasing performance demands. For server clusters, the ability to incrementally add one or more systems to an existing cluster when the overall load of the cluster exceeds its capabilities. See also: server cluster scan interval For Process Control, the time between successive checks for new processes started on the server. You can configure this in the Process Control snap-in. schema A description of the object classes and attributes stored in Active Directory. For each object class, the schema defines the attributes an object class must have, the additional attributes it may have, and the object class that can be its parent. The Active Directory schema can be updated dynamically. For example, an application can extend the schema with new attributes and classes and use the extensions immediately. Schema updates are accomplished by creating or modifying the schema objects stored in Active Directory. Like every object in Active Directory, schema objects have an access control list, so only authorized users may alter the schema. See also: Active Directory; attribute; object; parent object schema master The domain controller assigned to control all updates to the schema within a forest. At any time, there can be only one schema master in the forest. See also: domain controller; forest; schema scope A range of IP addresses that are available to be leased or assigned to DHCP clients by the DHCP service. See also: Dynamic Host Configuration Protocol (DHCP); lease; IP address scope of influence In a domain environment, a site, domain, or organizational unit; in a workgroup environment, the local disk. See also: domain; organizational unit scrap A file that is created when you drag part of a document to the desktop. screen fonts A typeface designed for display on a computer monitor screen. Screen fonts often have accompanying PostScript fonts for printing to PostScript-compatible printers. See also: font; PostScript screen resolution The setting that determines the amount of information that appears on your screen, measured in pixels. Low resolution, such as 640 x 480, makes items on the screen appear large, although the screen area is small. High resolution, such as 1024 x 768, makes the overall screen area large, although individual items appear small. See also: pixel screen saver A moving picture or pattern that appears on your screen when you have not used the mouse or keyboard for a specified period of time. script A type of program consisting of a set of instructions to an application or tool program. A script usually expresses instructions by using the application's or tool's rules and syntax, combined with simple control structures such as loops and if/then expressions. "Batch program" is often used interchangeably with "script" in the Windows environment. second-level domains Domain names that are rooted hierarchically at the second tier of the domain namespace directly beneath the top-level domain names such as .com and .org. When DNS is used on the Internet, second-level domains are names such as microsoft.com that are registered and delegated to individual organizations and businesses

according to their top-level classification. The organization then assumes further responsibility for parenting management and growth of its name into additional subdomains. See also: domain name; Domain Name System (DNS); namespace; parent domain; top-level domains secondary master An authoritative DNS server for a zone that is used as a source for replication of the zone to other servers. Secondary masters update their zone data only by transferring zone data from other DNS servers. They do not have the ability to perform zone updates. See also: authoritative; DNS Server; master server; primary master; zone; zone transfer secondary mouse button The button that you use to display shortcut menus or other program-specific features. The secondary mouse button is the right button on most mice and trackball devices, and the upper button on other trackball devices, but you can switch the function of the buttons in the Mouse Control Panel. Secure Hash Algorithm (SHA-1) A message digest hash algorithm that generates a 160-bit hash value. SHA-1 is used with the Digital Signature Algorithm (DSA) in the Digital Signature Standard (DSS), among other places. See also: Digital Signature Standard (DSS); hash algorithm; message digest Secure Sockets Layer (SSL) A proposed open standard for establishing a secure communications channel to prevent the interception of critical information, such as credit card numbers. Primarily, it enables secure electronic financial transactions on the World Wide Web, although it is designed to work on other Internet services as well. Secure/Multipurpose Internet Mail Extensions (S/MIME) A protocol for secure electronic mail over the Internet. See also: protocol security On a network, protection of a computer system and its data from harm or loss, implemented especially so that only authorized users can gain access to shared files. security descriptor A data structure that contains security information associated with a protected object. Security descriptors include information about who owns the object, who can access it and in what way, and what types of access will be audited. See also: permission; discretionary access control list (DACL); group; object; system access control list (SACL) security group A group that can be listed in discretionary access control lists (DACLs) used to define permissions on resources and objects. A security group can also be used as an e-mail entity. Sending an e-mail message to the group sends the message to all the members of the group. See also: discretionary access control list (DACL) security host An authentication device, supplemental to standard Windows and remote access server security, that verifies whether a caller from a remote client is authorized to connect to the remote access server. See also: authentication; remote access server; remote access security ID (SID) A data structure of variable length that identifies user, group, and computer accounts. Every account on a network is issued a unique SID when the account is first created. Internal processes in Windows refer to an account's SID rather than the account's user or group name. See also: group account; group name; user account; user name security log An event log containing information on security events that are specified in the audit policy. security principal

An account holder that is automatically assigned a security identifier for access to resources. A security principal can be a user, group, service, or computer. See also: group; security principal name; service security principal name A name that uniquely identifies a user, group, or computer within a single domain. This name is not guaranteed to be unique across domains. See also: domain; group; security principal select To specify a block of data or text on screen by highlighting it or otherwise marking it, with the intent of performing some operation on it. Serial Line Internet Protocol (SLIP) An older industry standard that is part of Windows remote access client to ensure interoperability with other remote access software. See also: remote access serial port An interface on the computer that allows asynchronous transmission of data characters one bit at a time. Also called a communication or COM port. See also: communication port; port SerialKey device Enables you to attach an alternate input device (also called an augmentative communication device) to your computer's serial port. This feature is designed for people who are unable to use the computer's standard keyboard and mouse. server In general, a computer that provides shared resources to network users. See also: client; shared resource server cluster A group of independent computer systems, known as nodes, working together as a single system to ensure that mission-critical applications and resources remain available to clients. A server cluster is the type of cluster that Cluster service implements. See also: cluster Server Message Block (SMB) A file-sharing protocol designed to allow networked computers to transparently access files that reside on remote systems over a variety of networks. The SMB protocol defines a series of commands that pass information between computers. SMB uses four message types: session control, file, printer, and message. server zone The AppleTalk zone on which a server appears. On a Phase 2 network, a server appears in the default zone of the server's default network. See also: server; zone service A program, routine, or process that performs a specific system function to support other programs, particularly at a low (close to the hardware) level. When services are provided over a network, they can be published in Active Directory, facilitating service-centric administration and usage. Some examples of services are the Security Accounts Manager service, File Replication service, and Routing and Remote Access service. See also: Active Directory; Dynamic Host Configuration Protocol (DHCP); Service Profile Identifier (SPID) service (SRV) resource record A resource record used in a zone to register and locate well-known TCP/IP services. The SRV resource record is specified in RFC 2782, and it is used to locate domain controllers for Active Directory. See also: Active Directory; resource record (RR); Transmission Control Protocol/Internet Protocol (TCP/IP) Service Profile Identifier (SPID)

An 8-digit to 14-digit number that identifies the services that you ordered for each B-channel. For example, when you order Primary Rate ISDN, you obtain two phone numbers and two SPIDs from your ISDN provider. Typical ISDN adapters cannot operate without configuring SPIDs. See also: Integrated Services Digital Network (ISDN); service; B-channel Service Provider Interface Calling conventions that back-end services use to make themselves accessible to front-end applications. See also: service service ticket A ticket issued by the Kerberos V5 ticket-granting service (TGS) that allows a user to authenticate to a specific service in the domain. See also: KerberosV5 authentication protocol; ticket; ticket-granting service (TGS) session A logical connection created between two hosts to exchange data. Typically, sessions use sequencing and acknowledgments to send data reliably. In the context of load balancing TCP/IP traffic, a set of client requests directed to a server. These requests can be invoked with multiple, possibly concurrent, TCP connections. The server program sometimes maintains state information between requests. To preserve access to the server state, Network Load Balancing needs to direct all requests within a session to the same cluster host when load balancing. See also: client request; load balancing; server; Transmission Control Protocol/Internet Protocol (TCP/IP) session concentration For Message Queuing, a feature that typically reduces network bandwidth within a site and the number of sessions between sites. Specially configured Message Queuing servers with routing services provide session concentration. See also: bandwidth; Message Queuing; Message Queuing server; routing services; session; site Session Description Protocol (SDP) A protocol that TAPI uses to advertise IP multicast conferences. This protocol describes multimedia sessions for the purposes of session announcement, session invitation, and other forms of session initiation. SDP descriptors are stored in Active Directory. SDP is described in RFC 2327 of the IETF. See also: Telephony API (TAPI); multicast; Active Directory; Internet Engineering Task Force (IETF); protocol Set Applies any changes you have made without closing the dialog box. set-by-caller callback In Network Connections, a form of callback in which the user supplies the telephone number that the remote access server uses for callback. This setting spares the user any long-distance telephone charges. See also: remote access server; connected, user authenticated share To make resources, such as folders and printers, available to others. See also: resource share name A name that refers to a shared resource on a server. Each shared folder on a server has a share name used by personal computer users to refer to the folder. Users of Macintosh computers use the name of the Macintoshaccessible volume that corresponds to a folder, which may be the same as the share name. shared folder A folder on another computer that has been made available for other people to use on the network. shared folder permissions Permissions that restrict a shared resource's availability over the network to only certain users. See also: permission shared printer

A printer that receives input from more than one computer. For example, a printer attached to another computer on the network can be shared so that it is available for you to use. Shared printer is also called a network printer. See also: printer shared resource Any device, data, or program that is used by more than one other device or program. For Windows, shared resources refer to any resource that is made available to network users, such as folders, files, printers, and named pipes. A shared resource can also refer to a resource on a server that is available to network users. See also: device; resource; server shortcut A link to any item accessible on your computer or on a network, such as a program, file, folder, disk drive, Web page, printer, or another computer. You can put shortcuts in various areas, such as on the desktop, on the Start menu, or in specific folders. See also: desktop ShowSounds A feature that instructs programs that usually convey information only by sound to also provide all information visually, such as by displaying text captions or informative icons. Simple Mail Transfer Protocol (SMTP) A member of the TCP/IP suite of protocols that governs the exchange of electronic mail between message transfer agents. See also: protocol; Transmission Control Protocol/Internet Protocol (TCP/IP) Simple Network Management Protocol (SNMP) A network protocol used to manage TCP/IP networks. In Windows, the SNMP service is used to provide status information about a host on a TCP/IP network. See also: agent; protocol; service; Transmission Control Protocol/Internet Protocol (TCP/IP) Simple Network Time Protocol (SNTP) A protocol used to synchronize clocks over the Internet. SNTP enables client computers to synchronize their clocks with a time server over the Internet. Simple TCP/IP Services Four TCP/IP services: Character Generator, Daytime Discard, Echo, and Quote of the Day. See also: service; Transmission Control Protocol/Internet Protocol (TCP/IP) simple volume A dynamic volume made up of disk space from a single dynamic disk. A simple volume can consist of a single region on a disk or multiple regions of the same disk that are linked together. You can extend a simple volume within the same disk or onto additional disks. If you extend a simple volume across multiple disks, it becomes a spanned volume. You can create simple volumes only on dynamic disks. Simple volumes are not fault tolerant, but you can mirror them to create mirrored volumes. See also: dynamic disk; dynamic volume; fault tolerance; mirrored volume; spanned volume; volume Single Instance Store (SIS) A component that saves disk space on the server by maintaining a single physical copy of all identical files found. If SIS finds a duplicate file on the server, it copies the original file into the SIS store and leaves a link where the original resided. This technology is used only with Remote Installation Services. See also: Remote Installation Services single sign-on A process that allows a user with a domain account to log on to a network once, using a password or smart card, and to gain access to any computer in the domain. See also: domain; smart card single switch device

An assistive computer technology for people with mobility impairments. A single switch device allows users to interact with a computer by using slight body movements. site One or more well connected (highly reliable and fast) TCP/IP subnets. A site allows administrators to configure Active Directory access and replication topology quickly and easily to take advantage of the physical network. When users log on, Active Directory clients locate Active Directory servers in the same site as the user. See also: subnet; Active Directory; replication topology; Transmission Control Protocol/Internet Protocol (TCP/IP) SLIP (Serial Line Internet Protocol) See definition for: Serial Line Internet Protocol (SLIP) small computer system interface (SCSI) A standard high-speed parallel interface defined by the American National Standards Institute (ANSI). A SCSI interface is used for connecting microcomputers to peripheral devices such as hard disks and printers, and to other computers and local area networks (LANs). See also: device; local area network (LAN) smart card A credit card-sized device that is used with an access code to enable certificate-based authentication and single sign-on to the enterprise. Smart cards securely store certificates, public and private keys, passwords, and other types of personal information. A smart card reader attached to the computer reads the smart card. See also: authentication; single sign-on; smart card reader smart card reader A device that is installed in computers to enable the use of smart cards for enhanced security features. See also: smart card snap-in A type of tool you can add to a console supported by Microsoft Management Console (MMC). A stand-alone snap-in can be added by itself; an extension snap-in can only be added to extend the function of another snapin. See also: Microsoft Management Console (MMC) socket An identifier for a particular service on a particular node on a network. The socket consists of a node address and a port number, which identifies the service. For example, port 80 on an Internet node indicates a Web server. There are two kinds of sockets: streams (bidirectional) and datagrams. See also: datagram; process; raw socket; port software decoder A type of digital video disc (DVD) decoder that allows a DVD drive to display movies on your computer screen. A software decoder uses only software to display movies. See also: DVD decoder; DVD drive; hardware decoder Sound card Accessory expansion board for personal computers that permits recording and playing back sound. sound file A sound file contains information that Windows uses to play sounds on your computer. Sound files have the file name extension .wav. SoundSentry A Windows feature that produces a visual cue, such as a screen flash or a blinking title bar, whenever the computer plays a system sound. source document The document where a linked or embedded object was originally created. See also: embedded object; linked object source journaling

For Message Queuing, the process of storing a copy of an outgoing message. Source journaling is configured on a message basis and is set by the sending application. When source journaling is enabled, a copy of the message is put in the source journal queue of the source computer when the message arrives at the destination (target) queue. See also: journal queue; Message Queuing; target journaling spanned volume A dynamic volume consisting of disk space on more than one physical disk. You can increase the size of a spanned volume by extending it onto additional dynamic disks. You can create spanned volumes only on dynamic disks. Spanned volumes are not fault tolerant and cannot be mirrored. See also: dynamic disk; dynamic volume; fault tolerance; mirrored volume; simple volume; volume special access permissions On NTFS volumes, a custom set of permissions. You can customize permissions on files and directories by selecting the individual components of the standard sets of permissions. See also: volume; permission; NTFS file system speech recognition The ability to interpret spoken words and convert them into computer-readable text. Speech recognition programs allow you to enter text by speaking into a microphone, rather than using a keyboard. splitting A Briefcase command that separates the copy of the file inside Briefcase from the copy outside Briefcase. spooling A process on a server in which print documents are stored on a disk until a printer is ready to process them. A spooler accepts each document from each client, stores it, then sends it to a printer when the printer is ready. See also: print spooler standby A state in which your computer consumes less power when it is idle, but remains available for immediate use. While your computer is on standby, information in computer memory is not saved on your hard disk. If there is an interruption in power, the information in memory is lost. Start Application Enable When checked, the server DDE application automatically starts when a client DDE application attempts to initiate a DDE conversation. When cleared, attempts to open a DDE conversation succeed only if the server DDE application is already running. start-of-authority (SOA) resource record A record that indicates the starting point or original point of authority for information stored in a zone. The SOA resource record (RR) is the first RR created when adding a new zone. It also contains several parameters used by other computers that use DNS to determine how long they will use information for the zone and how often updates are required. See also: zone; authoritative; Domain Name System (DNS); resource record (RR) startup environment In dual-boot or multiple-boot systems, the configuration settings that specify which system to start and how each system should be started. See also: dual boot; multiple boot static dialog box A scripted dialog box between the client computer and an intermediary device. This kind of dialog box requires no response from the user. See also: client static routes Routes in the routing table that are permanent. Static routes are manually configured by a network administrator. They change only if the network administrator changes them. If the routing protocol is configured to support auto-static routes (automatically added static routes), then the router can issue a

request to a protocol to get an update of routing information on a specific interface. The results of such an update are then converted and kept as static routes. See also: routing; protocol; router status area See definition for: notification area status bar A line of information related to the current program. The status bar is usually located at the bottom of a window. Not all windows have a status bar. StickyKeys A keyboard feature that enables you to press a modifier key (CTRL, ALT, or SHIFT), or the Windows logo key, and have it remain active until a non-modifier key is pressed. This is useful for people who have difficulty pressing two keys simultaneously. See also: ToggleKeys; FilterKeys; MouseKeys Stop error A serious error that affects the operating system and that could place data at risk. The operating system generates an obvious message, a screen with the Stop error, rather than continuing on and possibly corrupting data. Stop error is also called a fatal system error. strict RFC checking For DNS, a form of domain name checking that examines characters used in DNS names for compliance with DNS naming requirements and valid character usage as specified in RFC 1123, Requirements for Internet Hosts - Applications and Support. For strict RFC compliance, DNS domain names will use name labels made up only of valid uppercase and lowercase letters, number characters, and hyphens (A through Z, a through z, 0 through 9, -), separated by periods. See also: domain name; Domain Name System (DNS); label; loose name checking; Request for Comments (RFC) string A group of characters or character bytes handled as a single entity. Computer programs use strings to store and transmit data and commands. Most programming languages consider strings (such as 2674:gstmn) as distinct from numeric values (such as 470924). See also: transmitting station ID (TSID) string subkey A key within a key. In the registry structure, subkeys are subordinate to subtrees and keys. Keys and subkeys are similar to the section header in .ini files; however, subkeys can carry out functions. See also: registry; descendent key; key; subkey subnet A subdivision of an IP network. Each subnet has its own unique subnetted network ID. subnet bandwidth management (SBM) An IETF standard that enables administrative control at the subnet level. subnet mask A 32-bit value that enables the recipient of IP packets to distinguish the network ID and host ID portions of the IP address. Typically, subnet masks use the format 255.x.x.x. subtree Any node within a tree, along with any selection of connected descendant nodes. In the registry structure, subtrees are the primary nodes that contain keys, subkeys, and value entries. See also: registry; key; subkey; value entry switch type The type of interface to which your ISDN device is being attached. Switch type is also called switch. See also: B-channel; D-channel; Integrated Services Digital Network (ISDN) switching hub

A central network device (multiport hub) that forwards packets to specific ports rather than, as in conventional hubs, broadcasting every packet to every port. In this way, the connections between ports deliver the full bandwidth available. See also: hub; packet symmetric encryption An encryption algorithm that requires the same secret key to be used for both encryption and decryption. Because of its speed, symmetric encryption is typically used when a message sender needs to encrypt large amounts of data. Symmetric encryption is also called secret key encryption. See also: public key encryption synchronize To reconcile the differences between files stored on one computer and versions of the same files on another computer. Once the differences are determined, both sets of files are updated. system access control list (SACL) The part of an object's security descriptor that specifies which events are to be audited per user or group. Examples of auditing events are file access, logon attempts, and system shutdowns. See also: discretionary access control list (DACL); event; object; security descriptor system area network A network configuration, usually on a separate Internet Protocol (IP) subnet, that gives data a direct path to system hardware. See also: subnet system disk A disk that contains the MS-DOS system files necessary to start MS-DOS. See also: MS-DOS (Microsoft Disk Operating System) system files Files used by Windows to load, configure, and run the operating system. Generally, system files must never be deleted or moved. System menu A menu that contains commands you can use to manipulate a window or close a program. You click the program icon at the left of the title bar to open the System menu. system partition The partition that contains the hardware-specific files needed to load Windows (for example, Ntldr, Osloader, Boot.ini, Ntdetect.com). The system partition can be, but does not have to be, the same as the boot partition. See also: boot partition; partition System Policy A Windows NT 4.0-style policy based on registry settings made using Poledit.exe, the System Policy Editor. See also: policy; registry system queue For Message Queuing, a queue that stores various types of administrative messages. Message Queuing uses up to five system queues, all of which are private queues. System queues cannot be deleted. See also: Message Queuing; queue; private queue; system queue System Restore A tool that tracks changes to your computer and creates a restore point when it detects the beginning of a change. You can use the System Restore Wizard to select a restore point to restore your computer to an earlier state when your computer was functioning the way you like. system volume The volume that contains the hardware-specific files that are needed to load Windows on x86-based computers with a BIOS. The system volume can be, but does not have to be, the same volume as the boot volume. See also: basic input/output system (BIOS); boot volume; volume; x86

systemroot The path and folder name where the Windows system files are located. Typically, this is C:\Windows, although you can designate a different drive or folder when you install Windows. You can use the value %systemroot% to replace the actual location of the folder that contains the Window system files. To identify your systemroot folder, click Start, click Run, type %systemroot%, and then click OK. SYSVOL A shared directory that stores the server copy of the domain's public files, which are replicated among all domain controllers in the domain. See also: domain; domain controller

T
tag For Indexing Service, one or more terms that identify an element in a query, such as weight, phrase, property, or regular expression. For example, the tag {prop name=created} specifies the Created property in a query. See also: property; query target The mapping destination of a DFS root or link, which corresponds to a physical folder that has been shared on the network. target journaling For Message Queuing, the process of storing a copy of incoming messages. Target journaling is configured on a queue basis. When target journaling is enabled, a copy of each incoming message is placed in the target journal queue when the message is retrieved (read) from the destination queue. See also: journal queue; Message Queuing; source journaling Task Manager A utility that provides information about programs and processes running on the computer. Using Task Manager, you can end or run programs and end processes, and display a dynamic overview of your computer's performance. taskbar The bar that contains the Start button and appears by default at the bottom of the desktop. You can click the taskbar buttons to switch between programs. You can also hide the taskbar, move it to the sides or top of the desktop, and customize it in other ways. See also: desktop; taskbar button; notification area taskbar button A button that appears on the taskbar and corresponds to a running application. See also: taskbar TCP Transmission Control Protocol. TCP/IP See definition for: Transmission Control Protocol/Internet Protocol (TCP/IP) Telephony API (TAPI) An application programming interface (API) used by communications programs to work with telephony and network services. Communications programs like HyperTerminal and Phone Dialer use TAPI to dial, answer, and route telephone calls on conventional telephony devices, including PBXs, modems, and fax machines. TAPI 3.0 also provides Internet Protocol (IP) telephony support, which Phone Dialer and other programs use to transmit, route, and control real-time audio and video signals over IP-based networks such as the Internet. See also: service; Internet Protocol (IP); modem (modulator/demodulator); application programming interface (API) Telnet

A terminal-emulation protocol that is widely used on the Internet to log on to network computers. Telnet also refers to the application that uses the Telnet protocol for users who log on from remote locations. See also: protocol terminal A device consisting of a display screen and a keyboard that is used to communicate with a computer. terminate-and-stay-resident (TSR) program A program running under MS-DOS that remains loaded in memory even when it is not running, so that it can be quickly invoked for a specific task performed while any other application is operating. See also: MS-DOS (Microsoft Disk Operating System) test queue For Message Queuing, a queue that stores sent test messages. See also: Message Queuing; queue text box In a dialog box, a box in which you type information needed to carry out a command. The text box may be blank or may contain text when the dialog box opens. text service A program that enables a user to enter or edit text. Text services include keyboard layouts, handwriting and speech recognition programs, and Input Method Editors (IMEs). IMEs are used to enter East Asian language characters with a keyboard. theme A set of visual elements that provide a unified look for your computer desktop. A theme determines the look of the various graphic elements of your desktop, such as the windows, icons, fonts, colors, and the background and screen saver pictures. It can also define sounds associated with events such as opening or closing a program. Thread Count In Task Manager, the number of threads running in a process. See also: Task Manager thumbnail A miniature version of an image that is often used for quick browsing through multiple images. ticket A set of identification data for a security principle, issued by a domain controller for purposes of user authentication. Two forms of tickets in Windows are ticket-granting tickets (TGTs) and service tickets. See also: authentication; domain controller; service ticket; ticket-granting ticket (TGT) ticket-granting service (TGS) A Kerberos V5 service provided by the Kerberos V5 Key Distribution Center (KDC) service that issues service tickets that allow users to authenticate to services in a domain. See also: KerberosV5 authentication protocol; Key Distribution Center (KDC); service ticket; ticketgranting ticket (TGT) ticket-granting ticket (TGT) A credential issued to a user by the Kerberos Key Distribution Center (KDC) when the user logs on. The user must present the TGT to the KDC when requesting session tickets for services. Because a TGT is normally valid for the life of the user's logon session, it is sometimes called a user ticket. See also: KerberosV5 authentication protocol; Key Distribution Center (KDC); ticket-granting service (TGS) time server A computer that periodically synchronizes the time on all computers within a network. This ensures that the time used by network services and local functions remains accurate. time slice

A brief period of time during which a particular task is given control of the microprocessor in a time-sharing multitasking environment. A computer's processor is allocated to an application, usually measured in milliseconds. Time slice is also called quantum. time stamp A certification by a trusted third party specifying that a particular message existed at a specific time and date. In a digital context, trusted third parties generate a trusted time stamp for a given message by having a time stamping service append a time value to a message and then digitally signing the result. See also: digital signature; service Time to Live (TTL) A timer value included in packets sent over TCP/IP-based networks that tells the recipients how long to hold or use the packet or any of its included data before expiring and discarding the packet or data. For DNS, TTL values are used in resource records within a zone to determine how long requesting clients should cache and use this information when it appears in a query response answered by a DNS server for the zone. See also: DNS Server; Domain Name System (DNS); packet; resource record (RR); Transmission Control Protocol/Internet Protocol (TCP/IP); zone time-out error A condition where an expected character is not received in time. When this condition occurs, the software assumes that the data has been lost and requests that it be resent. time-out interval For Process Control, the time the server waits, when a command cannot be successfully completed, before canceling the command. You can configure this in the Process Control snap-in. title bar The horizontal bar at the top of a window that contains the name of the window. On many windows, the title bar also contains the program icon, the Maximize, Minimize, and Close buttons, and the optional ? button for context-sensitive Help. To display a menu with commands such as Restore and Move, right-click the title bar. See also: maximize; minimize ToggleKeys A feature that sets your keyboard to beep when one of the locking keys (CAPS LOCK, NUM LOCK, or SCROLL LOCK) is turned on or off. See also: FilterKeys; MouseKeys; StickyKeys; ToggleKeys token Any nonreducible textual element in data that is being parsed. For example, the use in a program of a variable name, a reserved word, or an operator. Storing tokens as short codes shortens program files and speeds execution. For networking, a unique structured data object or message that circulates continuously among the nodes of a token ring and describes the current state of the network. Before any node can send a message on the network, it must first wait to control the token. See also token ring. toolbar In a program in a graphical user interface, a row, column, or block of on-screen buttons or icons. When clicked, these buttons or icons activate certain functions, or tasks, of the program. For example, the toolbar in Microsoft Word contains buttons for, among other actions, changing text to italic or boldface, and for saving or opening a document. Users can often customize toolbars and move them around on the screen. top-level domains Domain names that are rooted hierarchically at the first tier of the domain namespace directly beneath the root (.) of the DNS namespace. On the Internet, top-level domain names such as .com and .org are used to classify and assign second-level domain names (such as microsoft.com) to individual organizations and businesses according to their organizational purpose. See also: domain; domain name; domain namespace; Domain Name System (DNS); root; second-level domains

topology In Windows, the relationships among a set of network components. In the context of Active Directory replication, topology refers to the set of connections that domain controllers use to replicate information among themselves. See also: Active Directory; domain controller; replication touch-tone dialing A form of dialing that uses multiple-tone signaling. The user hears a series of tones (beeps) when dialing. Pushbutton telephones usually use touch-tone dialing. See also: pulse dialing trace log A type of log generated when the user selects a trace data provider using Performance. Trace logs differ sdff from counter-data logs in that they measure data continuously rather than take periodic samples. training The process of teaching the speech recognition engine to recognize your voice and manner of speaking. The speech engine looks for patterns in the way you speak, enabling it to provide better accuracy when you dictate text. You train the engine by reading text in the training wizard, and continue to train the engine as you dictate text while working. transaction For Message Queuing, the pairing of two or more actions that are performed together as a single action; the action succeeds or fails as a whole. Using Microsoft Distributed Transaction Coordinator (MS DTC) ensures that either both actions succeed or neither is executed. See also: Message Queuing; Microsoft Distributed Transaction Coordinator (MS DTC); transaction deadletter queue; transactional message transaction dead-letter queue For Message Queuing, a queue that stores transactional messages that cannot reach their destination queue. Transaction dead-letter queues store failed messages on the computer on which the message expired. Messages in these queues are written to disk and are therefore recoverable. See also: dead-letter queue; Message Queuing; transaction; queue transactional message For Message Queuing, a message that can be sent and received only from within a transaction. This type of message returns to its prior state when a transaction is terminated abruptly. A transactional message is removed from a queue only when the transaction is committed; otherwise, it remains in the queue and can be subsequently read during another transaction. See also: Message Queuing; transaction; queue transceiver A device that can both transmit and receive signals. On local area networks (LANs), a transceiver is the device that connects a computer to the network and that converts signals to and from parallel and serial form. transitive trust The standard type of trust relationship between Windows domains in a domain tree or forest. When a domain joins an existing forest or domain tree, a transitive trust is automatically established. Transitive trusts are always two-way relationships. This series of trusts, between parent and child domains in a domain tree and between root domains of domain trees in a forest, allows all domains in a forest to trust each other for the purposes of authentication. For example, if domain A trusts domain B and domain B trusts domain C, then domain A trusts domain C. See also: domain tree; forest; one-way trust; two-way trust Transmission Control Protocol/Internet Protocol (TCP/IP) A set of networking protocols widely used on the Internet that provides communications across interconnected networks of computers with diverse hardware architectures and various operating systems.

TCP/IP includes standards for how computers communicate and conventions for connecting networks and routing traffic. See also: protocol; Internet Protocol (IP) transmitting station ID (TSID) string A string that specifies the transmitter subscriber ID sent by the fax machine when sending a fax to a receiving machine. This string is usually a combination of the fax or telephone number and the name of the business. It is often the same as the called subscriber ID. See also: called subscriber ID (CSID) string; string Transport Driver Interface (TDI) A common set of routines for network layer components that communicate with the session layer of the Open Systems Interconnection (OSI) model. These routines allow software components above and below the transport layer to be mixed and matched without reprogramming. See also: Open Systems Interconnection (OSI) reference model Transport Layer Security (TLS) A standard protocol that is used to provide secure Web communications on the Internet or intranets. It enables clients to authenticate servers or, optionally, servers to authenticate clients. It also provides a secure channel by encrypting communications. TLS is the latest and a more secure version of the SSL protocol. See also: Secure Sockets Layer (SSL); authentication; protocol transport provider The driver and support files that provide transport services in a networking environment. trap In Simple Network Management Protocol (SNMP), a message sent by an agent to a management system indicating that an event has occurred on the host running the agent. See also: agent; event; host; Simple Network Management Protocol (SNMP) tree view A hierarchical representation of the folders, files, disk drives, and other resources connected to a computer or network. For example, Windows Explorer uses a tree view to display the resources that are attached to a computer or a network. See also: resource Trivial File Transfer Protocol (TFTP) A protocol used to download the initial files needed to begin the installation process. See also: protocol Trojan horse A program that masquerades as another common program in an attempt to receive information. An example of a Trojan horse is a program that behaves like a system logon to retrieve user names and password information that the writers of the Trojan horse can later use to break into the system. TrueType fonts Fonts that are scalable and sometimes generated as bitmaps or soft fonts, depending on the capabilities of your printer. TrueType fonts are device-independent fonts that are stored as outlines. They can be sized to any height, and they can be printed exactly as they appear on the screen. See also: font trust relationship A logical relationship established between domains to allow pass-through authentication, in which a trusting domain honors the logon authentications of a trusted domain. User accounts and global groups defined in a trusted domain can be given rights and permissions in a trusting domain, even though the user accounts or groups don't exist in the trusting domain's directory. See also: group; user account; permission; authentication; domain; global group tunnel

A logical connection over which data is encapsulated. Typically, both encapsulation and encryption are performed and the tunnel is a private, secure link between a remote user or host and a private network. See also: encryption; host; tunnel server; voluntary tunnel tunnel server A server or router that terminates tunnels and forwards traffic to the hosts on the target network. See also: host; router; server; tunnel two-way trust A type of trust relationship in which both of the domains in the relationship trust each other. In a two-way trust relationship, each domain has established a one-way trust with the other domain. For example, domain A trusts domain B and domain B trusts domain A. Two-way trusts can be transitive or nontransitive. All twoway trusts between Windows domains in the same domain tree or forest are transitive. See also: domain tree; forest; one-way trust; transitive trust Type 1 fonts Scalable fonts designed to work with PostScript devices. See also: font; PostScript

U
UDP socket A socket that transmits datagrams over the User Datagram Protocol (UDP). See also: datagram; socket; User Datagram Protocol (UDP) unallocated space Available disk space that is not allocated to any volume. The type of volume that you can create on unallocated space depends on the disk type. On basic disks, you can use unallocated space to create primary or extended partitions. On dynamic disks, you can use unallocated space to create dynamic volumes. See also: basic disk; dynamic disk; extended partition; logical drive; object; partition; primary partition; volume UNC (Universal Naming Convention) name The full name of a resource on a network. It conforms to the \\servername\sharename syntax, where servername is the name of the server and sharename is the name of the shared resource. UNC names of directories or files can also include the directory path under the share name, with the following syntax: \\servername\sharename\directory\filename See also: share name; resource undock To detach a laptop or other portable computer from a docking station. See also: dock; docking station; hot docking unicast In data communications networks, to transmit data from one terminal to another, such as from client to server, or from server to server. Unicode A character encoding standard developed by the Unicode Consortium that represents almost all of the written languages of the world. The Unicode character repertoire has multiple representation forms, including UTF-8, UTF-16, and UTF-32. Most Windows interfaces use the UTF-16 form. See also: American Standard Code for Information Interchange (ASCII); Unicode Character System (UCS); Unicode Transmission Format 8 (UTF-8) Unicode Character System (UCS) An international standard character set reference that is part of the Unicode standard. The most widely held existing version of the UCS standard is UCS-2, which specifies 16-bit character values currently accepted and recognized for use to encode most of the world's languages.

See also: Unicode Transmission Format 8 (UTF-8); American Standard Code for Information Interchange (ASCII); Unicode Unicode Transmission Format 8 (UTF-8) A character set for protocols evolving beyond the use of ASCII. The UTF-8 protocol provides for support of extended ASCII characters and translation of UCS-2, an international 16-bit Unicode character set. UTF-8 enables a far greater range of names than can be achieved using ASCII or extended ASCII encoding for character data. See also: American Standard Code for Information Interchange (ASCII); Unicode Character System (UCS); Unicode Uniform Resource Locator (URL) An address that uniquely identifies a location on the Internet. A URL for a World Wide Web site is preceded with http://, as in the fictitious URL http://www.example.microsoft.com/. A URL can contain more detail, such as the name of a page of hypertext, usually identified by the file name extension .html or .htm. uninstall When referring to software, the act of removing program files and folders from your hard disk and removing related data from your registry so the software is no longer available. When referring to a device, the act of removing the corresponding device drivers from your hard disk and physically removing the device from your computer. See also: device driver; install uninterruptible power supply (UPS) A device connected between a computer and a power source to ensure that electrical flow is not interrupted. UPS devices use batteries to keep the computer running for a period of time after a power failure. UPS devices usually provide protection against power surges and brownouts as well. universal group A security or distribution group that can be used anywhere in the domain tree or forest. A universal group can have members from any Windows domain in the domain tree or forest. It can also include other universal groups, global groups, and accounts from any domain in the domain tree or forest. Rights and permissions must be assigned on a per-domain basis, but can be assigned at any domain in the domain tree or forest. Universal groups can be members of domain local groups and other universal groups, but they cannot be members of global groups. Universal groups appear in the global catalog and should contain primarily global groups. See also: distribution group; domain; domain tree; domain local group; forest; global group; global catalog; security group Universal Naming Convention (UNC) A convention for naming files and other resources beginning with two backslashes (\), indicating that the resource exists on a network computer. UNC names conform to the \\SERVERNAME\SHARENAME syntax, where SERVERNAME is the server's name and SHARENAME is the name of the shared resource. The UNC name of a directory or file can also include the directory path after the share name, with the following syntax: \\SERVERNAME\SHARENAME\DIRECTORY\FILENAME. universal serial bus (USB) An external bus that supports Plug and Play installation. Using USB, you can connect and disconnect devices without shutting down or restarting your computer. You can use a single USB port to connect up to 127 peripheral devices, including speakers, telephones, CD-ROM drives, joysticks, tape drives, keyboards, scanners, and cameras. A USB port is usually located on the back of your computer near the serial port or parallel port. See also: port; bus; Plug and Play UNIX A powerful, multiuser, multitasking operating system initially developed at AT&T Bell Laboratories in 1969 for use on minicomputers. UNIX is considered more portable, that is, less computer-specific, than other operating

systems because it is written in C language. Newer versions of UNIX have been developed at the University of California at Berkeley and by AT&T. UPS service A service that manages an uninterruptible power supply (UPS) connected to a computer. See also: service URL See definition for: Uniform Resource Locator (URL) USB port An interface on the computer that enables you to connect a Universal Serial Bus (USB) device. USB is an external bus standard that enables data transfer rates of 12 Mbps (12 million bits per second). USB ports support a plug that is approximately 7 mm x 1 mm. See also: universal serial bus (USB) user A person who uses a computer. If the computer is connected to a network, a user can access the programs and files on the computer, as well as programs and files located on the network (depending on account restrictions determined by the network administrator). user account A record that consists of all the information that defines a user to Windows. This includes the user name and password required for the user to log on, the groups in which the user account has membership, and the rights and permissions the user has for using the computer and network, and accessing their resources. For Windows XP Professional and member servers, user accounts are managed with Local Users and Groups. For Windows Server domain controllers, user accounts are managed with Microsoft Active Directory Users and Computers. See also: permission; Active Directory Users and Computers; group; password; resource; user name User Datagram Protocol (UDP) A TCP complement that offers a connectionless datagram service that guarantees neither delivery nor correct sequencing of delivered packets (much like IP). See also: datagram; Internet Protocol (IP); packet; service user name A unique name identifying a user account to Windows. An account's user name must be unique among the other group names and user names within its own domain or workgroup. See also: domain; group name; user account; workgroup USER object An object from Window Manager, which includes windows, menus, cursors, icons, hooks, accelerators, monitors, keyboard layouts, and other internal objects. In Task Manager, the number of USER objects currently being used by a process. See also: Task Manager user password The password stored in each user's account. Each user generally has a unique user password and must type that password when logging on or accessing a server. See also: password; user account user principal name A user account name (sometimes referred to as the user logon name) and a domain name identifying the domain in which the user account is located. This is the standard usage for logging on to a Windows domain. The format is: user@domain.com (as for an e-mail address). See also: domain; domain name; user principal name suffix; user account user principal name suffix The UPN suffix is the part of the user principal name to the right of the @ character. The default UPN suffix for a user account is the DNS domain name of the domain that contains the user account. Alternative UPN

suffixes may be added to simplify administration and user logon processes by providing a single UPN suffix for all users. The UPN suffix is only used within the Active Directory forest and is not required to be a valid DNS domain name. See also: Active Directory; user account; domain; domain name; Domain Name System (DNS); user principal name user profile A file that contains configuration information for a specific user, such as desktop settings, persistent network connections, and application settings. Each user's preferences are saved to a user profile that Windows uses to configure the desktop each time a user logs on. user rights Tasks that a user is permitted to perform on a computer system or domain. There are two types of user rights: privileges and logon rights. An example of a privilege is the right to shut down the system. An example of a logon right is the right to log on to a computer locally. Both types are assigned by administrators to individual users or groups as part of the security settings for the computer. See also: administrator; domain; group; privilege Users A special group that contains all users who have user permissions on the server. When a Macintosh user assigns permissions to everyone, those permissions are given to the group's users and guests. See also: permission; group

V
V.34 Data transmission standard that provides for up to 33,600 bits per second (bps) communications over telephone lines. It defines a full-duplex (two-way) modulation technique and includes error-correcting and negotiation. See also: bits per second (bps); full-duplex; modulation standards; V.90 V.90 Data transmission standard that provides for up to 56,000 bits per second (bps) communications over telephone lines. The transmission speed from the client-side modem is 33,600 bps, the same as V.34. The transmission speed from the host-side modem, such as an Internet service provider (ISP) or corporate network, is up to 56,000 bps, with an average speed of 40,000 to 50,000 bps. When the host-side modem does not support this standard, the alternative is V.34. See also: bits per second (bps); client; host; Internet service provider (ISP); modem (modulator/demodulator); modulation standards; V.34 value entry The string of data that appears in the right pane of a registry window and that defines the value of the currently selected key. A value entry has three parts: name, data type, and the value itself. See also: registry; key variable In programming, a named storage location capable of containing a certain type of data that can be modified during program execution. System environment variables are defined by Windows 2000 Server and are the same no matter who is logged on to the computer. Administrator group members can add new variables or change the values, however. User environment variables can be different for each user of a particular computer. They include any environment variables you want to define or variables defined by your applications, such as the path where application files are located. See also: environment variable vector

For Indexing Service, an ordered series of words or numbers used in a query. For example, a single document can have (Scott Cooper; Don Hall; Amy Egert) as a vector of coauthors. See also: query vector font A font rendered from a mathematical model, in which each character is defined as a set of lines drawn between points. Vector fonts can be cleanly scaled to any size or aspect ratio. See also: font; plotter font video adapter An expansion board that plugs into a personal computer to give it display capabilities. A computer's display capabilities depend on both the logical circuitry (provided in the video adapter) and the monitor. Each adapter offers several different video modes. The two basic categories of video modes are text and graphics. Within the text and graphics modes, some monitors also offer a choice of resolutions. At lower resolutions a monitor can display more colors. Modern adapters contain memory, so that the computer's RAM is not used for storing displays. In addition, most adapters have their own graphics coprocessor for performing graphics calculations. These adapters are often called graphics accelerators. virtual address In a virtual memory system, the address the application uses to reference memory. The kernel and the memory management unit (MMU) translate this address into a physical address before the memory is actually read or written. See also: virtual memory virtual container A container that allows any LDAP-compliant directory to be accessed through Active Directory. See also: Active Directory; Lightweight Directory Access Protocol (LDAP) virtual IP address An IP address that is shared among the hosts of a Network Load Balancing cluster. A Network Load Balancing cluster might also use multiple virtual IP addresses, for example, in a cluster of multihomed Web servers. See also: host; multihomed computer; IP address virtual local area network (VLAN) A logical grouping of hosts on one or more LANs that allows communication to occur between hosts as if they were on the same physical LAN. See also: host; local area network (LAN) virtual memory Temporary storage used by a computer to run programs that need more memory than it has. For example, programs could have access to 4 gigabytes of virtual memory on a computer's hard drive, even if the computer has only 32 megabytes of RAM. The program data that does not currently fit in the computer's memory is saved into paging files. See also: virtual printer memory; paging file; Virtual Memory Size Virtual Memory Size In Task Manager, the amount of virtual memory, or address space, committed to a process. See also: Task Manager; virtual memory virtual printer memory In a PostScript printer, a part of memory that stores font information. The memory in PostScript printers is divided into two areas: banded memory and virtual memory. The banded memory contains graphics and pagelayout information needed to print your documents. The virtual memory contains any font information that is sent to your printer either when you print a document or when you download fonts. See also: PostScript printer; virtual memory virtual private network (VPN)

The extension of a private network that encompasses encapsulated, encrypted, and authenticated links across shared or public networks. VPN connections can provide remote access and routed connections to private networks over the Internet. See also: authentication; encryption; remote access; routing; tunnel virus A program that attempts to spread from computer to computer and either cause damage (by erasing or corrupting data) or annoy users (by printing messages or altering what is displayed on the screen). VoIP (Voice over Internet Protocol) A method for sending voice over a LAN, a WAN, or the Internet using TCP/IP packets. See also: local area network (LAN); Transmission Control Protocol/Internet Protocol (TCP/IP); wide area network (WAN) volume An area of storage on a hard disk. A volume is formatted by using a file system, such as FAT or NTFS, and has a drive letter assigned to it. You can view the contents of a volume by clicking its icon in Windows Explorer or in My Computer. A single hard disk can have multiple volumes, and volumes can also span multiple disks. See also: disk; drive letter; file allocation table (FAT); NTFS file system; simple volume; spanned volume volume set A partition consisting of disk space on one or more physical disks that was created with Windows NT 4.0 or earlier. You can delete volume sets only with Windows&nsbsp;2000 or Windows XP. To create new volumes that span multiple disks, use spanned volumes on dynamic disks. See also: basic disk; dynamic disk; partition; spanned volume; volume volume shadow copy A volume that represents a duplicate of the original volume taken at the time the copy began. See also: crash consistency; differential data; volume voluntary tunnel A tunnel that is initiated by the client. It tunnels PPP over IP from the client to the tunnel server, then the data is forwarded to the target host by the tunnel server. See also: client; host; Internet Protocol (IP); Point-to-Point Protocol (PPP); tunnel; tunnel server

W
Waiting for Call A telephony signal that Network Connections has put the modem in Listen mode and is waiting for incoming calls. See also: Network Connections; modem (modulator/demodulator) warning level The point at which users are nearing their quota limit. See also: quota limit Web Distributed Authoring and Versioning (WebDAV) An application protocol related to HTTP 1.1 that allows clients to transparently publish and manage resources on the World Wide Web. Web server A computer that is maintained by a system administrator or Internet service provider (ISP) and that responds to requests from a user's browser. See also: Internet service provider (ISP) WebDAV See definition for: Web Distributed Authoring and Versioning (WebDAV) well-connected Sufficient connectivity to make your network and Active Directory useful to clients on your network. The precise meaning of well-connected is determined by your particular needs.

See also: Active Directory wide area network (WAN) A communications network connecting geographically separated computers, printers, and other devices. A WAN allows any connected device to interact with any other on the network. See also: device; local area network (LAN) wildcard character A keyboard character that can be used to represent one or many characters when conducting a query. The question mark (?) represents a single character, and the asterisk (*) represents one or more characters. wildcarding In DNS, the supported use of wildcard characters such as the asterisk (*) in domain names for DNS queries that resolve to multiple names. When wildcarding is used, DNS servers must support resolving name queries that use wildcard characters, and resolvers must be able to parse multiple records from any resource record sets (RRsets) issued in wildcard query responses. See also: DNS Server; domain name; Domain Name System (DNS); resource record set (RRset); wildcard character window A portion of the screen where programs and processes can be run. You can open several windows at the same time. For example, you can open your e-mail in one window, work on a budget in a spreadsheet in another, download pictures from your digital camera in another window, and order your weekly groceries on the Web in another window. Windows can be closed, resized, moved, minimized to a button on the taskbar, or maximized to take up the whole screen. Windows Internet Name Service (WINS) A software service that dynamically maps IP addresses to computer names (NetBIOS names). This allows users to access resources by name instead of requiring them to use IP addresses that are difficult to recognize and remember. WINS servers support clients running Windows NT 4.0 and earlier versions of Microsoft operating systems. See also: Domain Name System (DNS); network basic input/output system (NetBIOS); WINS proxy; resource; service; WINS resource; IP address Windows Management Instrumentation (WMI) A management infrastructure in Windows that supports monitoring and controlling system resources through a common set of interfaces and provides a logically organized, consistent model of Windows operation, configuration, and status. See also: resource Windows Open Services Architecture (WOSA) A common set of interfaces that connect front-end applications with back-end services. See also: service WINS proxy A computer that listens to name query broadcasts and responds for those names not on the local subnet. The proxy communicates with a WINS server to resolve names and then caches them for a specific time period. See also: subnet; Windows Internet Name Service (WINS) WINS resource A resource type that provides Windows Internet Name Service (WINS) from a cluster. See also: cluster; resource types; Windows Internet Name Service (WINS) Winsock Windows Sockets. An application programming interface (API) standard for software that provides a TCP/IP interface under Windows. See also: application programming interface (API); Transmission Control Protocol/Internet Protocol (TCP/IP) wireless communication

Communication between a computer and another computer or device without wires. The form of wireless communication provided as part of the Windows operating system uses infrared light to transmit files. Radio frequencies, as used by cellular and cordless telephones, are another form of wireless communication. See also: infrared (IR); infrared device; infrared port workgroup A simple grouping of computers, intended only to help users find such things as printers and shared folders within that group. Workgroups in Windows do not offer the centralized user accounts and authentication offered by domains. See also: authentication; domain; user account working set For a process, the amount of physical memory assigned to a process by the operating system. World Wide Web A system for exploring the Internet by using hyperlinks. When you use a Web browser, the Web appears as a collection of text, pictures, sounds, and digital movies. See also: internet writable CD Recordable compact disc (CD-R) or rewritable compact disc (CD-RW). Data can be copied to the CD on more than one occasion. Rewritable compact discs can also be erased.

X
X.509v3 certificate Version 3 of the ITU-T recommendation X.509 for certificate syntax and format. This is the standard certificate format used by Windows XP certificate-based processes. An X.509 certificate includes the public key and information about the person or entity to whom the certificate is issued, information about the certificate, plus optional information about the certification authority (CA) issuing the certificate. See also: International Telecommunication Union - Telecommunication [Standardization Sector] (ITU-T); certificate; certification authority (CA); public key x86 Refers to microprocessors that have or emulate the 32-bit Intel processor architecture. XML (Extensible Markup Language) See definition for: Extensible Markup Language (XML)

Y
There are no glossary terms that begin with this letter.

Z
zone In the Macintosh environment, a logical grouping that simplifies browsing the network for resources, such as servers and printers. In a DNS database, a manageable unit of the DNS database that is administered by a DNS server. A zone stores the domain names and data of the domain with a corresponding name, except for domain names stored in delegated subdomains. See also: Domain Name System (DNS); partition; resource; DNS Server; domain zone list In the Macintosh environment, a list that includes all of the zones associated with a particular network. Zone list is not to be confused with Windows DNS zones. See also: Domain Name System (DNS); zone zone transfer

The synchronization of authoritative DNS data between DNS servers. A DNS server configured with a secondary zone periodically queries the master DNS servers to synchronize its zone data. See also: authoritative; DNS Server; secondary master; zone