Terms and Terminology's

Glossary of Terms

Quick Reference Guide

C	Chooser	Class	COM	D	DCOM
Default Gateway	Defrag	DHCP	Directory	Discovery	DNS

Click on the Corresponding Letters to Reference More

A - C

E- K

L- M

N - O

P - Q

T - Z

central site: In Systems Management Server, the primary site at the top of the Systems Management Server hierarchy, to which all other sites in the system report their inventory and events.
certificate: A digital document that is commonly used for authentication and secure exchange of information on open networks, such as the Internet, extranets, and intranets. A certificate securely binds a public key to the entity that holds the corresponding private key. Certificates are digitally signed by the issuing certification authority and can be issued for a user, a computer, or a service. The most widely accepted format for certificates is defined by the ITU-T X.509 version 3 international standard. See also certification authority; private key; public key.
certificate revocation list (CRL): A document maintained and published by a certification authority that lists certificates that have been revoked. A CRL is signed with the private key of the CA to ensure its integrity. See also certificate; certification authority.
Certificate Services: The Windows 2000 service that issues certificates for a particular CA. It provides customizable services for issuing and managing certificates for the enterprise. See also certificate; certification authority.
certificate stores: Windows 2000 stores public key objects, such as certificates and certificate revocation lists, in logical stores and physical stores. Logical stores group public key objects for users, computers, and services. Physical stores are where the public key objects are actually stored in the registry of local computers (or in Active Directory for some user certificates). Logical stores contain pointers to the public key objects in the physical stores. Users, computers, and services share many public key objects, so logical stores enable public key objects to be shared without requiring the storage of duplicates of the objects for each user, computer, or service.
certificate template: A Windows 2000 construct that profiles certificates (that is, it pre-specifies format and content) based on their intended usage. When requesting a certificate from a Windows 2000 enterprise certification authority (CA), certificate requesters are, depending on their access rights, able to select from a variety of certificate types that are based on certificate templates, such as "User" and "Code Signing". See also certificate; enterprise certification authority.
certificate trust list (CTL): A signed list of root certification authority certificates that an administrator considers reputable for designated purposes, such as client authentication or secure e-mail. See also certificate; certification authority; root certificate; root certification authority.
Certificates console: A snap-in to the MMC. This console is used to manage certificate stores for users, computers, and services. See also certificate; certificate stores.
certification authority (CA): An entity responsible for establishing and vouching for the authenticity of public keys belonging to users (end entities) or other certification authorities. Activities of a certification authority can include binding public keys to distinguished names through signed certificates, managing certificate serial numbers, and certificate revocation. See also certificate; public key.
Certification Authority console: A Snap-in to the MMC. This console is used to configure and manage Windows 2000 certification authorities. See also certification authority.
certification hierarchy: A model of trust for certificates in which certification paths are created through the establishment of parent-child relationships between certification authorities. See also certification authority; certification path.
certification path: An unbroken chain of trust from a certificate to the root certification authority in a certification hierarchy. See also certification hierarchy; certificate.
Certification Practices Statement (CPS): A formal statement that describes the certification policies and practices of a certification authority. See also certification authority.
Challenge Handshake Authentication Protocol (CHAP): A challenge-response authentication protocol for PPP connections documented in RFC 1994 that uses the industry-standard Message Digest 5 (MD5) one-way encryption scheme to hash the response to a challenge issued by the remote access server.
change journal: A feature new to Windows 2000 that tracks changes to NTFS volumes, including additions, deletions, and modifications. The change journal exists on the volume as a sparse file.
change log: See quorum log.
changer: The robotic element of an online library unit.
character stuffing: A technique used by PPP on asynchronous links, such as analog phone lines, to prevent the occurrence of the Flag character within the PPP frame.
checkpoint: In a server cluster node's registry, a snapshot of the registry cluster key or of an application key. The checkpoint is written to the quorum disk when certain events take place, such as a node failure. See also cluster database.
child domain: For DNS and Active Directory, a domain located in the namespace tree directly beneath another domain name (its parent domain). For example, "example.reskit.com" is a child domain of the parent domain, "reskit.com" Child domain is also called subdomain. See also directory partition; domain; parent domain.
child object: An object that is the immediate subordinate of another object in a hierarchy. A child object can have only one immediate superior, or parent, object. In Active Directory, the schema determines what classes of objects can be child objects of what other classes of objects. Depending on its class, a child object can also be the parent of other objects. See also object; parent object.
Chooser: The Macintosh desk accessory with which users select the network server and printers they want to use.
CIDR block: A block of IP addresses allocated using Classless Interdomain Routing (CIDR).
cipher: The method of forming a hidden message. The cipher is used to transform a readable message called plaintext (also sometimes called cleartext) into an unreadable, scrambled, or hidden message called ciphertext. Only someone with a secret decoding key can convert the ciphertext back into its original plaintext. See also ciphertext; plaintext; cryptography.
cipher block chaining (CBC): A process used to hide patterns of identical blocks of data within a packet. An Initialization Vector (an initial random number) is used as the first random block to encrypt and decrypt a block of data. Different random blocks are used in conjunction with the secret key to encrypt each block.
ciphertext: Text that has been encrypted using an encryption key. Ciphertext is meaningless to anyone who does not have the decryption key. See also decryption; encryption; encryption key; plaintext.
class: A category of objects that share a common set of characteristics. Each object in the directory is an instance of one or more classes in the schema.
Class A IP address: A unicast IP address that ranges from 1.0.0.1 to 126.255.255.254. The first octet indicates the network, and the last three octets indicate the host on the network. See also Class B IP address; Class C IP address; IP address.
Class B IP address: A unicast IP address that ranges from 128.0.0.1 to 191.255.255.254. The first two octets indicate the network, and the last two octets indicate the host on the network. See also Class A IP address; Class C IP address; IP address.
Class C IP address: A unicast IP address that ranges from 192.0.0.1 to 223.255.255.254. The first three octets indicate the network, and the last octet indicates the host on the network. Network Load Balancing provides optional session support for Class C IP addresses (in addition to support for single IP addresses) to accommodate clients that make use of multiple proxy servers at the client site. See also Class A IP address; Class B IP address; IP address.
Class D IP address: The Internet address class designed for IP multicast addresses. The value of the first octet for Class D IP addresses and networks varies from 224 to 239.
Class E IP address: The Internet address class designed for experimental use only. The value of the first octet for Class E IP addresses and networks starts at 240.
class-based: IP addressing or routing that is based on the internet address classes.
classical IP over ATM (CLIP): A proposed Internet standard, described in RFC 2225 and other related RFCs, that allows IP communication directly on the ATM layer. See also Asynchronous Transfer Mode; Internet Protocol.
Classless Interdomain Routing (CIDR): A method of allocating public IP addresses that is not based on the original internet address classes. Classless Interdomain Routing (CIDR) was developed to help prevent the depletion of public IP addresses and minimize the size of Internet routing tables.
clean installation: The process of installing an operating system on a clean or empty partition of a computer's hard disk.
cleartext: See plaintext.
client: Any computer or program connecting to, or requesting services of, another computer or program. See also server.
client access point: In Systems Management Server, a site system that provides a set of shared directories and files that create a common communication point between the site server and clients.
client request: A service request from a client to a server or, for Network Load Balancing, a cluster of computers. Network Load Balancing forwards each client request to a specific host within the cluster according to the system administrator's load-balancing policy. See also client; cluster; host; server.
Client Service for NetWare: A service included with Windows 2000 Professional that allows clients to make direct connections to resources on computers running NetWare 2.x, 3.x, 4.x, or 5.x server software.
client-side extensions: Group Policy components that, in certain cases, are responsible for implementing Group Policy on a client.
CLIP: See Classical IP over ATM.
ClonePrincipal: A tool that allows the incremental migration of users to a Windows 2000 environment without affecting the existing Windows NT production environment.
closed captioning: Alternative representation, usually text, of audio or graphics media that can be seen only on a specially equipped receiver.
CLUSDB: In a server cluster, the snapshot of the startup cluster registry key stored in the local disk.
cluster: A group of independent computer systems known as nodes or hosts, that work together as a single system to ensure that mission-critical applications and resources remain available to clients. A server cluster is the type of cluster that the Cluster service implements. Network Load Balancing provides a software solution for clustering multiple computers running Windows 2000 Server that provides networked services over the Internet and private intranets. In file systems a cluster is the smallest amount of disk space that can be allocated to hold a file. All file systems used by Windows 2000 organize hard disks based on clusters, also called allocation units. The smaller the cluster size, the more efficiently a disk stores information. If no cluster size is specified during formatting, Windows 2000 picks defaults based on the size of the volume and the file system used. These defaults are selected to reduce the amount of space lost and the amount of fragmentation on the volume.
Cluster Administrator: An application (Cluadmin.exe) used to configure a cluster and its nodes, groups, and resources. Cluster Administrator can run on any member of the trusted domain regardless of whether the computer is a cluster node. See also cluster; Cluster Administrator extension; Cluster.exe; node; resource.
Cluster Administrator extension: A dynamic-link library (DLL) that enables Cluster Administrator to manage a custom resource type. A Cluster Administrator extension uses the Cluster Administrator Extension API. See also cluster; Cluster Administrator; resource.
cluster API: A collection of functions implemented by the cluster software and used by a cluster-aware client or server application, a cluster management application, or a resource DLL. The cluster API is used to manage the cluster, cluster objects, and the cluster database. See also cluster; cluster-aware application; dynamic-link library; node; resource; resource DLL.
Cluster controller: An IBM Systems Network Architecture component that manages input/output operations for clusters of terminals or attached network devices.
cluster database: The database of configuration data (cluster objects and their settings) pertinent to the cluster. This database is the product of the cluster registry key checkpoint and the changes recorded in the quorum log. A local copy of this database is maintained by all the nodes of the cluster hive in the registry. See also checkpoint; cluster hive.
cluster disk: A disk on a shared bus connected to the cluster nodes, which all the cluster nodes can access (though not at the same time).
cluster hive: In the system registry of a server cluster node, the local copy of the cluster database; the portion of the system registry on each node that contains the configuration data of a cluster. When all the cluster nodes are up, changes to the cluster hive are synchronized on all cluster nodes, and the cluster hive is identical with the cluster database. While a node is down, that node's cluster hive is not updated with cluster configuration changes, but the changes are recorded on the quorum log. At startup, the local copy might have out-of-date information. If so, it is recreated using the last checkpoint and the change records in the quorum log. See also checkpoint; cluster database.
cluster log: An optionally enabled trace record of Cluster service events on a node. Not synonymous with quorum log.
cluster object: A physical or logical unit managed by the Cluster service. Cluster objects include nodes, networks, network interfaces (see network adapter), groups, resources, and resource types.
cluster registry key: The portion of the system registry on each node that contains the property and configuration data for the cluster, nodes, and specified resources. The cluster key is synchronized on all nodes in the cluster and on the quorum disk.
Cluster service: Clussvc.exe, the primary executable of the Windows Clustering component that creates a server cluster, controls all aspects of its operation, and manages the cluster database. Each node in a server cluster runs one instance of the Cluster service.
cluster-aware: The classification of an application or service that runs on a server cluster node, is managed as a cluster resource, and is designed to be aware of and interact with the server cluster environment. Cluster-aware applications use the Cluster API to receive status and notification information from the server cluster. See also Cluster API; cluster-unaware application; node; resource DLL.
cluster-aware application: An application or service that runs on a server cluster node and is managed as a cluster resource. Cluster-aware applications use the Cluster API to receive status and notification information from the server cluster. See also Cluster API; cluster-unaware application; node.
cluster-capable disk: A disk that can be accessed by all server cluster nodes.
cluster-unaware application: In a server cluster, the classification of an application or service that can run on a node and be managed as a cluster resource but does not support the Cluster API and therefore has no inherent knowledge of its environment. See also cluster-aware application; node.
Cluster.exe: An alternative to using Cluster Administrator to administer clusters from the Windows 2000 command prompt. Cluster.exe can be called from command scripts to automate many cluster administration tasks. See also Cluster Administrator.
cn (Common-Name): The descriptive relative distinguished name for the schema object.
CNAME: For Active Directory, an object's distinguished name presented with the root first and without the LDAP attribute tags (such as: CN= or DC=). The segments of the name are delimited with forward slashes (/). For example,CN=MyDocuments,OU=MyOU,DC=Microsoft,DC=Com is presented as microsoft.com/MyOU/MyDocuments in canonical form. For DNS, a type of resource record. See also distinguished name; Lightweight Directory Access Protocol (LDAP); canonical name (CNAME) resource record.
code signing: The process of digitally signing software code to ensure its integrity and provide assurance of its origin.
cognitive disabilities: Impairments resulting from perceptual anomalies, memory loss, and learning and developmental disabilities, such as dyslexia and Down syndrome.
collection: In Systems Management Server, a set of resources in a site defined by membership rules. Collections are used to distribute software, view inventory on clients, and access clients for remote tool sessions.
COM: See Component Object Model.
Comma Separated Value (CSV) scripts: Windows 2000 includes a command-line utility, CSVDE, to import directory objects using .csv files and export directory objects as .csv files. CSV scripts are targeted for ease-of-use. The first line in the script identifies the attributes in the lines that follow. Columns are separated by commas. The file format is compatible with the Microsoft Excel CSV format, so that files are easily created. Use Excel or any other tool that can read and write .csv files. A benefit of using CSVDE is that it supports Unicode.
Comma Separated Value Directory Exchange (CSVDE): A command--line utility that allows you to import and export objects to and from Active Directory. You can not create, modify, and delete directory objects using this utility. By using this utility, objects are stored in the Microsoft Comma-Separated Value (CSV) file format. The CSV file format is supported by many other applications, such as Microsoft Excel, that can read and save data in the CSV file format. Also, Microsoft Exchange Server administration tools can import and export data using the CSV format. CSVDE can be run on a Windows 2000 server or copied to a Windows 2000 workstation.
command control block (CCB): A specifically formatted information set used in the IBM Token Ring environment that is transmitted from the application program to the adapter support software to request an operation.
common gateway interface (CGI): A server-side interface for initiating software services. For example a set of interfaces that describe how a Web server communicates with software on the same computer. Any software can be a CGI program if it handles input and output according to the CGI standard.
Common Internet File System (CIFS): A protocol and a corresponding API used by application programs to request higher level application services. CIFS was formerly known as SMB (Server Message Block).
Common Programming Interface for Communications (CPIC): A platform-independent API developed by IBM to provide portability for APPC LU 6.2-based applications.
compaction: A process that reclaims space and defragments disks to improve WINS server performance.
complementary metal-oxide semiconductor (CMOS): The battery-packed memory that stores information, such as disk types and amount of memory, used to start the computer.
completed state: A state that indicates that media can no longer be used for write operations.
Component Object Model (COM): An object-based programming model designed to promote software interoperability; it allows two or more applications or components to easily cooperate with one another, even if they were written by different vendors, at different times, in different programming languages, or if they are running on different computers running different operating systems. COM is the foundation technology upon which broader technologies can be built. Object linking and embedding (OLE) technology and ActiveX are both built on top of COM.
computer account objects: Objects used to identify a specific computer account in Windows NT Server 4.0 or Windows 2000 Server.
computer name: A unique name of up to 15 uppercase characters that identifies a computer to the network. The name cannot be the same as any other computer or domain name in the network.
confidentiality: A basic security function of cryptography. Confidentiality provides assurance that only authorized users can read or use confidential or secret information. Without confidentiality, anyone with network access can use readily available tools to eavesdrop on network traffic and intercept valuable proprietary information. For example, an Internet Protocol security service that ensures a message is disclosed only to intended recipients by encrypting the data. See also cryptography; authentication; integrity; nonrepudiation.
connection agreement: A configurable section in the ADC user interface that holds information such as the server names to contact for synchronization, object classes to synchronize, target containers, and the synchronization schedule. See also Active Directory Connector (ADC).
connection establishment delay: The delay encountered when forwarding a packet across an on-demand demand-dial connection. The delay is due to the connection establishment process, consisting of creating a physical connection and/or a logical connection and a PPP connection.
connection object: An Active Directory object that represents a replication connection from one domain controller to another. The connection object is a child of the replication destination's NTDS Settings object and identifies the replication source server, contains a replication schedule, and specifies a replication transport. Connection objects are created automatically by the Knowledge Consistency Checker, but they can also be created manually. Automatically generated connections must not be modified by the user unless they are first converted into manual connections.
connection-oriented: A type of network protocol that requires an end-to-end virtual connection between the sender and receiver before communicating across the network.
connection-oriented communication: A network transmission service where a physical or logical link is negotiated and established prior to packet transmission.
Connection-Oriented NDIS (Co-NDIS): A Network Driver Interface Specification that supports connection-oriented data transfer.
connection-specific DNS suffix: A DNS suffix specific to an adapter, rather than global to the computer. During the name resolution process, it is appended to an incomplete name. An incomplete name might be a single-label name or a multiple-label name that is not dot-terminated and can not be resolved as an fully qualified domain name. Connection-specific DNS suffixes can also be used for registration of the computer's name.
connection-specific domain name: A domain name specific to an adapter, rather than global to the computer. See also domain name.
connectionless: A network protocol in which a sender broadcasts traffic on the network to an intended receiver without first establishing a connection to the receiver.
console: A framework for hosting administrative tools in the Microsoft Management Console (MMC). A console is defined by the items in its console tree, which might include folders or other containers, World Wide Web pages, and other administrative items. A console has windows that can provide views of the console tree, and the administrative properties, services, and events that are acted on by the items in the console tree.
console tree: The tree view pane in a Microsoft Management Console (MMC) that displays the hierarchical namespace. By default it is the left pane of the console window, but it can be hidden. The items in the console tree (for example, Web pages, folders, and controls) and their hierarchical organization determines the management capabilities of a console. See also Microsoft Management Console (MMC); namespace.
constant bit rate (CBR): An ATM service type that supports constant bandwidth allocation. This service type is used for voice and video transmissions that require little or no cell loss and rigorous timing controls during transmission.
container object: An object that can logically contain other objects. For example, a folder is a container object. See also noncontainer object; object.
context switch: An event that occurs when the kernel switches the processor from one thread to another, for example, when an I/O operation causes a thread to be blocked and the operating system selects another thread to run on the processor.
convergence: The process of stabilizing a system after changes occur in the network. For routing, if a route becomes unavailable, routers send update messages throughout the internetwork, reestablishing information about preferred routes. For Network Load Balancing, a process by which hosts exchange messages to determine a new, consistent state of the cluster and to elect the host with the highest host priority, known as the default host. During convergence, a new load distribution is determined for hosts that share the handling of network traffic for specific TCP or UDP ports. See also cluster; default host; host; User Datagram Protocol (UDP).
convergence time: The time it takes for the internetwork to achieve convergence. See convergence.
cost: A unitless metric configured on OSPF routers that indicates the preference of using a certain link.
cross-reference object: In Active Directory, an object that contains knowledge of one directory partition. Cross reference objects are used to generate referrals to other directory partitions and to foreign directories. On a specified domain controller, subject to replication latency, the combination of all cross references provides knowledge of all directory partitions in the forest, irrespective of location in the directory tree.
cryptanalysis: The art and science of breaking ciphertext. In contrast, the art and science of keeping messages secure is cryptography. See also ciphertext; cryptography; plaintext.
crypto-accelerator board: A hardware device that speeds up cryptographic operations by offloading operations to a special processor on the board.
CryptoAPI (CAPI): An application programming interface (API) that is provided as part of Windows 2000. CryptoAPI provides a set of functions that allow applications to encrypt or digitally sign data in a flexible manner while providing protection for private keys. Actual cryptographic operations are performed by independent modules known as cryptographic service providers (CSPs). See also cryptographic service provider; private key.
cryptographic key: See encryption key.
cryptographic service provider (CSP): An independent software module that performs cryptography operations such as secret key exchange, digital signing of data, and public key authentication. Any Windows 2000 service or application can request cryptography operations from a CSP. See also CryptoAPI.
cryptography: The art and science of information security. It provides four basic information security functions: confidentiality, integrity, authentication, and nonrepudiation. See also confidentiality; integrity; authentication; nonrepudiation.
cryptology: The science that encompasses both cryptography and cryptanalysis. See also cryptanalysis; cryptography.
CSVDE: See Comma-Separated Value Directory Exchange.
current directory: The directory being worked in currently. Also called current folder.
current working directory: The directory that a user is associated with at any given time.
custom resource type: A resource type defined by a third-party developer using the Cluster service API.
custom subnet mask: A subnet mask that is not based on the internet address classes. Custom subnet masks are commonly used when subnetting.
cyclical redundancy check (CRC): A procedure used in checking for errors in data transmission. CRC error checking uses a complex calculation to generate a number based on the data transmitted. The sending device performs the calculation before transmission and sends its result to the receiving device. The receiving device repeats the same calculation after transmission. If both devices obtain the same result, it is assumed that the transmission was error-free. The procedure is known as a redundancy check because each transmission includes not only data but extra (redundant) error-checking values. Communications protocols such as XMODEM and Kermit use cyclical redundancy checking.