Workgroups and Domains

When two or more computers are connected together in a single location, such as an office, it's referred to as a Local Area Network (LAN). When a LAN supports ten or less computers, it's usually configured as a workgroup. A workgroup may have a server on which files are stored so that anyone on the LAN can access them.

In a workgroup a user's login account is located on their individual computer. A user can use a different computer, but they have to either login using the account of the individual that uses that computer, or have a separate account on that computer. When a LAN supports more than ten computers, it's usually set up as a domain.

LAN with domain servers

A domain has a server which is setup as a domain controller, which means it runs the domain service. In a domain, a user's login account is located on the domain controller. A user can use any computer on the LAN that's in the same domain as their login account. When a LAN has a domain, it can still act as a file server, but the rights to any asset on the server are controlled by the domain service.

In addition to the advantage of a user being able to login to any computer using a single domain user account, a domain has the advantage of centralized administration. An administrator can configure any resource in the domain after logging into their domain administrator account. One of the most powerful things a domain administrator can configure is group policy. Group policy allows the administer to configure a single setting for multiple or all accounts in the domain.

Another service setup to run on a domain server is Dynamic Host Configuration Protocol (DHCP). DHCP automatically assigns IP addresses to all devices in the domain. In a large organization, possibly with hundreds of devices on its LAN, it's desirable to have more than one domain controller. But having more than one domain controller on the same LAN makes it more complicated for DHCP to assign IP addresses.

For this reason, large LANs are divided into subnets (subnetworks). In a LAN with subnets, devices on each subnet use a separate range of IP addresses. Traffic is guided between the subnets by a device called a router.

In a LAN with subnets, each subnet may have its own domain controller. That way the DHCP service running on each domain can be configured to assign only IP addresses within specific ranges to the devices in its domain.

You are probably familiar with domain names on the Internet. Domain names on the Internet also use IP addresses, but Internet IP addresses usually not directly related to the IP addresses on a LAN.

A router determines if a specific IP address is located on the LAN or outside the LAN. The router uses a service called Network Address Translation (NAT) to translate between LAN addresses and Internet addresses. NAT allows the router to hide internal LAN devices from the public Internet for better security.

Learn more at

More Networking Basics:
• Packet Switching Store-and-Forward Transmission
• Network+ Certification Exam Tutorial - DHCP And RARP
• What is Cloud Computing?
• Wireshark and Ethereal Network Protocol Analyzer Toolkit
• What is a Proxy Server?
• Media Access Control (MAC) Sublayer of the OSI Data Link Layer
• Cable Broadband Internet Service
• Web Server
• Network Administrator Street Smarts: A Real World Guide to CompTIA Network+ Skills
• What is the Internet of Things?